Discussion:
USA ID card for federal employees and contractors
(too old to reply)
Roland Perry
2004-10-06 14:44:53 UTC
Permalink
They then invent wild conspiracy theories, in which BT is deliberately
hobbling ADSL for some reason, usually to protect their leased line
business.
If it was only as easy to debunk the "wild conspiracy theories" floating
about regarding the wicked forces of law and order [tm]. It's as clear
to me as what you say about BT (that such theories are nonsense and all
we really have are a lot of people trying to do an honest day's work). A
bit more difficult to express in terms of amps and volts, though.
--
Roland Perry
Roland Perry
2004-10-06 14:39:50 UTC
Permalink
The real issue is that we can never envisage what bandwidth is needed
for the next generation of (unknown) services so the bandwidth is never
available at the start of the market.
Up to a point. The stuff I was working on in 1998 very clearly envisaged
how much bandwidth was required (about 1MBit a user), and the only
available solution, had we persevered, was IP over DVB.
--
Roland Perry
Brian Morrison
2004-10-06 15:14:22 UTC
Permalink
On Wed, 6 Oct 2004 15:39:50 +0100 in
Post by Roland Perry
The real issue is that we can never envisage what bandwidth is needed
for the next generation of (unknown) services so the bandwidth is
never available at the start of the market.
Up to a point. The stuff I was working on in 1998 very clearly
envisaged how much bandwidth was required (about 1MBit a user), and
the only available solution, had we persevered, was IP over DVB.
The application you had was operating within the achievable bandwidth
for the era though. I was really referring to the interplay between what
is needed for a given task and whether anyone will develop a technology
when the infrastructure to support it is not widespread.

There are no easy answers of course, but it looks to me to make sense to
put in fibre to the home on new built properties even if the ends of
that cable are unterminated now. At least then there is a high bandwidth
local loop in place at the cost of a length of cable, because a lot of
the cost comes in digging things up. And the downside is that if it is
never used then the loss of cash on this investment is fairly small.
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
Roland Perry
2004-10-06 15:23:26 UTC
Permalink
Post by Brian Morrison
Post by Roland Perry
The real issue is that we can never envisage what bandwidth is needed
for the next generation of (unknown) services so the bandwidth is
never available at the start of the market.
Up to a point. The stuff I was working on in 1998 very clearly
envisaged how much bandwidth was required (about 1MBit a user), and
the only available solution, had we persevered, was IP over DVB.
The application you had was operating within the achievable bandwidth
for the era though.
Only by doing daft things like renting whole satellite transponders. It
was significantly outside the capability of narrowband, which was pretty
much all that was available at a mass market price.
Post by Brian Morrison
I was really referring to the interplay between what
is needed for a given task and whether anyone will develop a technology
when the infrastructure to support it is not widespread.
Well, my then employers came unstuck developing their bit of the product
mix, when the infrastructure to deliver it wasn't widespread :-(
Post by Brian Morrison
There are no easy answers of course, but it looks to me to make sense to
put in fibre to the home on new built properties even if the ends of
that cable are unterminated now. At least then there is a high bandwidth
local loop in place at the cost of a length of cable, because a lot of
the cost comes in digging things up. And the downside is that if it is
never used then the loss of cash on this investment is fairly small.
All new developments I've seen for at least 5 years have had "drainpipe"
sized conduit for BT and cable TV to every front door.
--
Roland Perry
Brian Morrison
2004-10-06 16:05:05 UTC
Permalink
On Wed, 6 Oct 2004 16:23:26 +0100 in
Post by Roland Perry
Post by Brian Morrison
The application you had was operating within the achievable
bandwidth for the era though.
Only by doing daft things like renting whole satellite transponders.
It was significantly outside the capability of narrowband, which was
pretty much all that was available at a mass market price.
ADSL appeared in the UK in 2000 IIRC, granted that availability has
taken 4 years to reach a high percentage of the market.
Post by Roland Perry
Post by Brian Morrison
I was really referring to the interplay between what
is needed for a given task and whether anyone will develop a
technology when the infrastructure to support it is not widespread.
Well, my then employers came unstuck developing their bit of the
product mix, when the infrastructure to deliver it wasn't widespread
:-(
Yes, but such things are not that widespread, so your employers of the
time sound quite 'visionary'in that respect. The price for that is often
commercial failure.
Post by Roland Perry
Post by Brian Morrison
There are no easy answers of course, but it looks to me to make
sense to put in fibre to the home on new built properties even if
the ends of that cable are unterminated now. At least then there is
a high bandwidth local loop in place at the cost of a length of
cable, because a lot of the cost comes in digging things up. And the
downside is that if it is never used then the loss of cash on this
investment is fairly small.
All new developments I've seen for at least 5 years have had
"drainpipe" sized conduit for BT and cable TV to every front door.
Empty drain-sized conduit is not that much use, if it has suitable
cabling in it then its value is much enhanced. It's a building block -
the incremental cost of such cabling is pretty small in comparison with
a street full of houses if it's done during the building and
sewerage/drainage work.
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
Roland Perry
2004-10-06 16:31:01 UTC
Permalink
Post by Brian Morrison
Post by Roland Perry
All new developments I've seen for at least 5 years have had
"drainpipe" sized conduit for BT and cable TV to every front door.
Empty drain-sized conduit is not that much use, if it has suitable
cabling in it then its value is much enhanced.
They have "puller" ropes, and often BT takes the risk of pulling POTS
cables to the whole lot as an economy of scale.
Post by Brian Morrison
It's a building block - the incremental cost of such cabling is pretty
small in comparison with a street full of houses if it's done during
the building and sewerage/drainage work.
Normally done at the same time as things like the kerbsides, pavements
and paths to the front doors. Several months after the gas, electric and
water, and longer still after the drains. But this is not
alt.building.critical-path !
--
Roland Perry
Brian Morrison
2004-10-06 14:53:20 UTC
Permalink
On Wed, 6 Oct 2004 11:56:02 +0100 in
available at the start of the market. Many places are leapfrogging
to higher local bandwidths (I think backhaul is easier in general,
it just
Local is the key word. Just because one block of flats in a country
has an STM-16 to every lavatory doesn't mean that rural paddy fields
are so equipped.
Indeed not, but how to predict whether said paddy fields will need 10x
that bandwidth in a decade or two?
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
Ian G Batten
2004-10-06 17:55:59 UTC
Permalink
Post by Brian Morrison
Local is the key word. Just because one block of flats in a country
has an STM-16 to every lavatory doesn't mean that rural paddy fields
are so equipped.
Indeed not, but how to predict whether said paddy fields will need 10x
that bandwidth in a decade or two?
Given the choice between investment in things that make a return now,
and things that might make a return in twenty years, which would a
business make?

ian
Brian Morrison
2004-10-06 18:53:04 UTC
Permalink
On Wed, 6 Oct 2004 18:55:59 +0100 in
Post by Ian G Batten
Post by Brian Morrison
Indeed not, but how to predict whether said paddy fields will need
10x that bandwidth in a decade or two?
Given the choice between investment in things that make a return now,
and things that might make a return in twenty years, which would a
business make?
They would bias their investment towards the current good bets of
course, but sometimes that leads to them missing the boat on a future
trend.

No one said this is easy.....
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
Brian Gladman
2004-10-06 14:53:55 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 00:03
Subject: Re: USA ID card for federal employees and contractors
[snip]
You are living in the past if you think that the functionality of modern
hardware is fundamentally more controllable than software.
You tilt at the wrong windmill. Technical capabilities can take
functionality where it will. Law constrains the commercial
production of,
trade in and sometimes the application of many if not most
artefacts. This
is, I think, beyond dispute.
About the most that can be said here is that the law is often used in
attempts to constrain trade. In practice however the human instinct to
trade is so strong that this is rarely fully successful and is very
often a complete failure. The drugs trade is just one example of this.
And that is why the regulation of trade is far more successful than outright
prohibition, I'd guess that the increase in success in in some direct ratio
to the common with for any specific item.
I am afraid not - many trade regulations are not worth the paper they
are written on and are very widely flouted. Moreover the very
governments who are supposed to police these regulations are frequently
very well aware that they are being breached and simply turn a blind eye
to this.

I was involved in conducting a survey during the 1990s of the extent to
which different countries enforced the then in force regulations on
cryptographic export. It turned out that there were a vary large number
of companies and countries who did not pay even the slightest regard to
these regulations. And when the evidence for this was presented to the
governments concerned - including the UK government - not even a single
prosecution followed.

Trade regulations are, in general, only succesful when the important
producer and consumer nations involved believe in them. Trade
regulations that are designed to control the export of non-military
cryptography are a complete farce precisely because those nations who
are their strongest advocates are very well known for their complete
duplicity in seeking such constraints.
And it is regulation one is considering here and not prohibition (other than
is a particularly narrow sense).
At very best laws only constrain trade when (a) there is worldwide
agreement among producer and/or consumer countries on the law (or laws)
in question, and (b) these countries all implement and apply any such
law(s) with the same degree of determination and success.
You might think so but there in no universal truth there. From personal
knowledge, the French exercise some particular controls on certain items
through a licencing system. Of course, the control is not complete but by
observation, it *is* largely effective.
I suspect that the French are worst than most countries when it comes to
the selective application of international trade laws. No doubt there
are regulations that they see as in their national interests and in
which they invest policing effort.

That one country has some success with a few selected trade regulations
in which they have a national interest does nothing to change my view of
the ineffectiveness of any such regulations that might seek to control
the export of low end commercial routers that contain cryptography.

I will leave you to wallow in this quagmire as I don't have even the
slightest concern about it having any impact whatsoever on the sort of
encrypted P2P services that I envisage. I would be amused and truly
delighted were the UK government to decide that this is a way of
rescuing RIPA.

[snip]
I would not claim that this thinking is original. Whether or not router
licencing coupled with a national regulation of some aspects of their design
comes to pass we shall find out in due course. You say you find such an idea
impossible. Me, well, I'd say it was odds-on. Of course regulations can be
flouted but not noticeably and within a legitimate mass market; it just does
not happen.
This is only true in the sense of a defintion.

Brian Gladman
Owen Lewis
2004-10-06 15:20:33 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 15:54
Subject: Re: USA ID card for federal employees and contractors
-----Original Message-----
Sent: 06 October 2004 00:03
Subject: Re: USA ID card for federal employees and contractors
..... Whether or not router
licencing coupled with a national regulation of some aspects of
their design
comes to pass we shall find out in due course. You say you find
such an idea
impossible. Me, well, I'd say it was odds-on. Of course
regulations can be
flouted but not noticeably and within a legitimate mass market;
it just does
not happen.
This is only true in the sense of a definition.
Then we shall see in due course, shall we not?

Owen
Brian Gladman
2004-10-06 19:22:16 UTC
Permalink
Owen Lewis wrote:

[snip]
Post by Owen Lewis
Of course regulations can be flouted but not noticeably and
within a legitimate mass market;
This is only true in the sense of a definition.
Then we shall see in due course, shall we not?
There is really no need to wait on this point Owen - a mass market in
which trade regulations are not observed is, by definition, not a
legitimate mass market.

Brian Gladman
Roland Perry
2004-10-06 14:53:21 UTC
Permalink
The Commissioner's report does specify the number of warrants (which are
in effect one per person). It's an exercise for the reader to estimate
whether or not crooks make more calls per day than non-crooks.
That does not tell the whole story though.
It tells you how many people's letters/phones are intercepted in a year,
and how many at one point in a year (from which you can estimate churn).
Also the average number of times these people change from one address or
phone number to another, requiring a modification to the warrant.

It doesn't say how many people have their letters *or* phones
intercepted, rather than letters *and* phones.
The many changes made with RIP all make it more difficult to work out
what is going on from such figures. I don't believe this was an
accident.
From what I see, it is regretted (not celebrated) that the number of
warrants for all types of communication have been merged.
--
Roland Perry
Ian Johnson
2004-10-06 14:59:03 UTC
Permalink
Post by Roland Perry
They then invent wild conspiracy theories, in which BT is deliberately
hobbling ADSL for some reason, usually to protect their leased line
business.
If it was only as easy to debunk the "wild conspiracy theories" floating
about regarding the wicked forces of law and order [tm]. It's as clear
to me as what you say about BT (that such theories are nonsense and all
we really have are a lot of people trying to do an honest day's work).
Sorry Roland, but we have a history of serious abuse of Police powers in
this country which hardly ever are prosecuted. Whether it was the
Birmingham 6, Criminal behaviour during the miners strike or shooting
naked unarmed men in their bedrooms. I could go on for ever :) The
evidence of the abuse of powers is widespread, the evidence of the lack
of prosecutions is also widespread.

What we have with interception powers etc., is the above people doing
something without public scrutiny. We know they're quite happy to abuse
the public and break the law when subject to scrutiny, why should anyone
believe they suddenly develop morals when no longer in the public view?

regards

Ian
Roland Perry
2004-10-06 15:15:10 UTC
Permalink
In article <1097074743.6410.8.camel-***@public.gmane.org>, Ian Johnson
<Ian.Johnson-yseewfJ6skFaa/***@public.gmane.org> writes:

... repeating some of the long standing conspiracy theories...
Post by Ian Johnson
Sorry Roland, but we have a history of serious abuse of Police powers in
this country which hardly ever are prosecuted. Whether it was the
Birmingham 6, Criminal behaviour during the miners strike or shooting
naked unarmed men in their bedrooms. I could go on for ever :) The
evidence of the abuse of powers is widespread, the evidence of the lack
of prosecutions is also widespread.
And I have as long a list of cock-ups by BT. The misdeeds and mistakes
of a few say nothing of the long term "corporate" integrity. I agree
that a bit more publicity regarding the fate of the few wouldn't go
amiss, though.
--
Roland Perry
Ian Johnson
2004-10-06 15:33:29 UTC
Permalink
Post by Roland Perry
... repeating some of the long standing conspiracy theories...
So which aren't accurate?
Post by Roland Perry
Post by Ian Johnson
Sorry Roland, but we have a history of serious abuse of Police powers in
this country which hardly ever are prosecuted. Whether it was the
Birmingham 6, Criminal behaviour during the miners strike or shooting
naked unarmed men in their bedrooms. I could go on for ever :) The
evidence of the abuse of powers is widespread, the evidence of the lack
of prosecutions is also widespread.
And I have as long a list of cock-ups by BT.
Which is not quite the same. I don't believe BT would get away with
pepper spraying a pensioner in a car...
Post by Roland Perry
The misdeeds and mistakes
of a few say nothing of the long term "corporate" integrity. I agree
that a bit more publicity regarding the fate of the few wouldn't go
amiss, though.
The misdeeds of the many seem to be supported by the "corporate" entity.

regards,

Ian
Roland Perry
2004-10-07 08:30:42 UTC
Permalink
Post by Ian Johnson
Post by Roland Perry
... repeating some of the long standing conspiracy theories...
So which aren't accurate?
That's the whole point; going back to Ian Batten's comments about the
long standing conspiracy theories about ADSL. But some long standing
conspiracy theories are easier to debunk than others.

Let's give BT the benefit of the doubt for now, and look at a couple of
long-standing conspiracy theories where perhaps folks may be able to see
a teensy bit of both sides of the fence.

1) There were lots of people [in police, govt etc] who subscribed to the
following conspiracy theory: Pubs exist to sell beer to people, strip
clubs exist to sell views of naked girls to people and ISPs exist to
distribute child porn. And that an "obvious" way of refuting these
accusations would be for the pubs to stop selling beer, strip clubs to
clothe the girls and ISPs not to distribute newsgroups with names like
alt.binaries.pictures.erotica.babies ; and as none of these happen, the
suppliers are clearly pandering to their customers and quite happy to
make a profit from the various activities.

2) Many of the same people also subscribe to the theory that ISPs
encourage spam. There's no obvious anti-spam initiative from ISPs, ISPs
get paid to shift emails around; "obviously" they get paid more, and
therefore make more money, to shift more emails around; spam is more
emails.

Now, you can refute the second one a little today, by saying "what about
Brightmail". Ah yes, but back in 1998, my correspondent says, The West
Midlands Serious Crime Squad's email server was down for over a week,
and we know that nothing will have changed today, either in the law, or
the ISPs attitude or handling of the issues.

I'm not mentioning any of these in order to spark a debate about the
particular issues I mention (clearly, they have been debated ad nauseam
before) but to demonstrate that there can be two sides to most of these
situations and that rather than a conspiracy there's a lack of insight
about what's really going on underneath - which again usually turns out
to be a blend of historical accident and cock-up. It's not the case that
"their" stuff is always a conspiracy and "my" stuff is always an
innocent misunderstanding, despite many wars having been started on that
premise.
--
Roland Perry
Brian Morrison
2004-10-06 15:59:05 UTC
Permalink
On Wed, 6 Oct 2004 16:15:10 +0100 in
The misdeeds and mistakes of a few say nothing of the long term
"corporate" integrity.
I disagree entirely. A corporate entity is nothing without the humans
that comprise it; their misdeeds *are* the public face of a corporation
just as much as their good deeds. Knowledge of these is necessary for an
informed judgement.
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
Roland Perry
2004-10-06 16:24:25 UTC
Permalink
Post by Brian Morrison
The misdeeds and mistakes of a few say nothing of the long term
"corporate" integrity.
I disagree entirely. A corporate entity is nothing without the humans
that comprise it; their misdeeds *are* the public face of a corporation
just as much as their good deeds. Knowledge of these is necessary for an
informed judgement.
OK, so your theory is that BT is corrupt. Jolly good.

All I said was that "I wish" I could debunk the "police are corrupt" as
easily as "BT is corrupt". I know I can't, and don't propose to waste
everyone's time with another fruitless attempt.
--
Roland Perry
Brian Morrison
2004-10-06 16:38:08 UTC
Permalink
On Wed, 6 Oct 2004 17:24:25 +0100 in
Post by Roland Perry
Post by Brian Morrison
I disagree entirely. A corporate entity is nothing without the
humans that comprise it; their misdeeds *are* the public face of a
corporation just as much as their good deeds. Knowledge of these is
necessary for an informed judgement.
OK, so your theory is that BT is corrupt. Jolly good.
You're putting words into my mouth.
Post by Roland Perry
All I said was that "I wish" I could debunk the "police are corrupt"
as easily as "BT is corrupt". I know I can't, and don't propose to
waste everyone's time with another fruitless attempt.
The information I'd like to know would allow me to make my own judgement
on whether I think that the police, or indeed BT, are corrupt in the
same way that each of us could then do for themselves. It is not easily
possible to do that when TPTB huff and puff and tell me that everything
is sweetness and light when in reality it is not like that.

Why does government want to spoon feed me?
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
Roland Perry
2004-10-06 16:48:37 UTC
Permalink
Post by Brian Morrison
On Wed, 6 Oct 2004 17:24:25 +0100 in
Post by Roland Perry
Post by Brian Morrison
I disagree entirely. A corporate entity is nothing without the
humans that comprise it; their misdeeds *are* the public face of a
corporation just as much as their good deeds. Knowledge of these is
necessary for an informed judgement.
OK, so your theory is that BT is corrupt. Jolly good.
You're putting words into my mouth.
Not at all, I have evidence of misdeeds by BT employees. Your theory is
that this *is* the public face of the company.
Post by Brian Morrison
Post by Roland Perry
All I said was that "I wish" I could debunk the "police are corrupt"
as easily as "BT is corrupt". I know I can't, and don't propose to
waste everyone's time with another fruitless attempt.
The information I'd like to know would allow me to make my own judgement
on whether I think that the police, or indeed BT, are corrupt in the
same way that each of us could then do for themselves.
You might be surprised how long it takes to get the full picture.
Meanwhile, have you also the time to check out every other corporate
baddy, or do you have a particular "thing" about the police? Of the 43+
police forces, which one would like to interview first?
--
Roland Perry
Brian Morrison
2004-10-06 18:52:01 UTC
Permalink
On Wed, 6 Oct 2004 17:48:37 +0100 in
Post by Roland Perry
Post by Brian Morrison
Post by Roland Perry
OK, so your theory is that BT is corrupt. Jolly good.
You're putting words into my mouth.
Not at all, I have evidence of misdeeds by BT employees. Your theory
is that this *is* the public face of the company.
And indeed it is, but only *part* of the public face of the company. I
need to be aware that there are BT employees that are capable of
misdeeds because then I will subject my dealings with their employer to
a suitable level of scrutiny. It won't make me automatically assume that
all BT employees act in the same way. If their internal processes are
good enough to ensure that the misdeeds are either prevented or that
they are detected and corrected, then I'm happy, but the latter
possibility tells me that there is a sensible policy internally only if
I know it has happened.
Post by Roland Perry
Post by Brian Morrison
Post by Roland Perry
All I said was that "I wish" I could debunk the "police are
corrupt"> as easily as "BT is corrupt". I know I can't, and don't
propose to> waste everyone's time with another fruitless attempt.
The information I'd like to know would allow me to make my own
judgement on whether I think that the police, or indeed BT, are
corrupt in the same way that each of us could then do for
themselves.
You might be surprised how long it takes to get the full picture.
I'd rather have a partial picture than no picture at all.
Post by Roland Perry
Meanwhile, have you also the time to check out every other corporate
baddy, or do you have a particular "thing" about the police? Of the
43+ police forces, which one would like to interview first?
I like to have a general awareness of which companies (and let's include
the police under that umbrella shall we?) are generally trustworthy and
which are not. I don't assume that all police officers are bad, but as I
see more and more legislation that I have little regard for I need to
remember that the police have the job of enforcing that bad law. Some of
that 'badness' will rub off on them in my mind, no matter how good their
intention. It's not very different in the sense that some BT employees
may have to provide information to the LEAs under statutes that I am not
in favour of.

Public organisations should not have many things to hide without good
reason. Frequently the reasons provided to us by many of them are
trivial.
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
David Hansen
2004-10-07 08:12:58 UTC
Permalink
Post by Roland Perry
Post by Brian Morrison
The misdeeds and mistakes of a few say nothing of the long term
"corporate" integrity.
I disagree entirely. A corporate entity is nothing without the humans
that comprise it; their misdeeds *are* the public face of a corporation
just as much as their good deeds. Knowledge of these is necessary for an
informed judgement.
OK, so your theory is that BT is corrupt. Jolly good.
Not in the least. You are trying to make things black and white, when
an informed judgement tends to be neither. I know that BT is
incompetent and appears to intercept telephones on verbal instructions
(though Mr Hutton will not name the company concerned so it may be one
of their competitors). I also know that BT do some very good work at
times. An informed judgement takes account of all this.
Post by Roland Perry
All I said was that "I wish" I could debunk the "police are corrupt" as
easily as "BT is corrupt". I know I can't, and don't propose to waste
everyone's time with another fruitless attempt.
The fact that the police are corrupt does not mean all police officers
are corrupt all the time. An informed judgement takes account of this.
--
David Hansen, Edinburgh | PGP email preferred-key number F566DA0E
I will *always* explain why I revoke a key, unless the UK
government prevents me by using the RIP Act 2000.
Roland Perry
2004-10-06 15:04:32 UTC
Permalink
Both can of course be steered by suitable happenings, whether they are
"real" or "made up".
Sadly, the difference between the two is no longer as great as it once was I
think. These days what matters is not what may be real or true but what is
widely reported and editorialised - and what is not.
Is Ken Bigley's plight real, or made up?

If there was a policeman who asked the British public "I have this
button here that I can press to intercept the kidnappers' phone, from
which we'll be able to work out where they are, and have the SAS round
there in half an hour. Should I press it, or should I respect the
kidnappers' privacy?

What do you think the vote would look like?
--
Roland Perry
Owen Lewis
2004-10-06 15:40:49 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 16:05
Subject: Re: USA ID card for federal employees and contractors
Both can of course be steered by suitable happenings, whether they are
"real" or "made up".
Sadly, the difference between the two is no longer as great as
it once was I
think. These days what matters is not what may be real or true
but what is
widely reported and editorialised - and what is not.
Is Ken Bigley's plight real, or made up?
That's actually a much bigger question than you may have intended.

His abduction is certain and it is a tragedy for him and his family. The
widespread and almost salacious reportage of his fear for his life, his
pleadings and of the details of his probable fate, this can only serve the
interests of those who abducted him - like meat to market - and those who
hold and terrorise him as an exercise in banditry and the abuse of power and
make the more likely that others will tread the same horrid path as he.

No possible good end is served by the titillation of the daily reportage and
editorialisation.
If there was a policeman who asked the British public "I have this
button here that I can press to intercept the kidnappers' phone, from
which we'll be able to work out where they are, and have the SAS round
there in half an hour. Should I press it, or should I respect the
kidnappers' privacy?
If you think that question need to be asked, you are asking it of the wrong
man :-)
What do you think the vote would look like?
I think that, on this occasion, one could expect a result by acclamation
with no need for a count. Which is why LI access is here to stay.

Owen
Roland Perry
2004-10-06 16:38:52 UTC
Permalink
Post by Owen Lewis
Post by Roland Perry
Is Ken Bigley's plight real, or made up?
His abduction is certain and it is a tragedy for him and his family.
Trying to avoid being non-PC, and failing: as is every one of those
killed on the roads today, or whose battle with cancer finally ended, or
any other apparently randomly-inflicted death.
Post by Owen Lewis
Post by Roland Perry
If there was a policeman who asked the British public "I have this
button here that I can press to intercept the kidnappers' phone, from
which we'll be able to work out where they are, and have the SAS round
there in half an hour. Should I press it, or should I respect the
kidnappers' privacy?
If you think that question need to be asked, you are asking it of the wrong
man :-)
Almost a rhetorical question, of course.
Post by Owen Lewis
Post by Roland Perry
What do you think the vote would look like?
I think that, on this occasion, one could expect a result by acclamation
with no need for a count. Which is why LI access is here to stay.
Indeed. And you'd get the same answer for any life-threatening crime
that the voter had any vicarious (or, god-forbid, direct) stake in.
--
Roland Perry
Owen Lewis
2004-10-06 17:54:07 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 17:39
Subject: Re: USA ID card for federal employees and contractors
Post by Owen Lewis
Post by Roland Perry
Is Ken Bigley's plight real, or made up?
His abduction is certain and it is a tragedy for him and his family.
Trying to avoid being non-PC, and failing: as is every one of those
killed on the roads today, or whose battle with cancer finally ended, or
any other apparently randomly-inflicted death.
Quite so. And made only the more painful by the ceaseless and prurient
reportage and, in particular, the imagery.
Post by Owen Lewis
Post by Roland Perry
If there was a policeman who asked the British public "I have this
button here that I can press to intercept the kidnappers' phone, from
which we'll be able to work out where they are, and have the SAS round
there in half an hour. Should I press it, or should I respect the
kidnappers' privacy?
If you think that question need to be asked, you are asking it
of the wrong
Post by Owen Lewis
man :-)
Almost a rhetorical question, of course.
Post by Owen Lewis
Post by Roland Perry
What do you think the vote would look like?
I think that, on this occasion, one could expect a result by acclamation
with no need for a count. Which is why LI access is here to stay.
Indeed. And you'd get the same answer for any life-threatening crime
that the voter had any vicarious (or, god-forbid, direct) stake in.
We all have such a stake. 'Any man's death diminishes me, for I am part of
Mankind'. 'Ask not for whom the bell tolls. It tolls for thee'. (With
acknowledgements).

Owen
Brian Morrison
2004-10-06 16:19:47 UTC
Permalink
On Wed, 6 Oct 2004 16:04:32 +0100 in
Post by Roland Perry
If there was a policeman who asked the British public "I have this
button here that I can press to intercept the kidnappers' phone, from
which we'll be able to work out where they are, and have the SAS
round there in half an hour. Should I press it, or should I respect
the kidnappers' privacy?
A crime has already been committed, hence that question is moot.

Asking the same question in other circumstances (i.e. "We know that the
kidnappers are in Baghdad, so we're going to tap all the phones in that
area and record everything that is said") is going to elicit a different
answer. Except of course that the question is likely to be adjusted to
fit the desired answer anyway....
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
Roland Perry
2004-10-06 16:43:31 UTC
Permalink
Post by Brian Morrison
On Wed, 6 Oct 2004 16:04:32 +0100 in
Post by Roland Perry
If there was a policeman who asked the British public "I have this
button here that I can press to intercept the kidnappers' phone, from
which we'll be able to work out where they are, and have the SAS
round there in half an hour. Should I press it, or should I respect
the kidnappers' privacy?
A crime has already been committed, hence that question is moot.
Not moot, merely easier to answer than one that says "the kidnappers are
one of these three, so we need to find out which".
Post by Brian Morrison
Asking the same question in other circumstances (i.e. "We know that the
kidnappers are in Baghdad, so we're going to tap all the phones in that
area and record everything that is said") is going to elicit a different
answer.
Of course. Nor is your proposed activity at all plausible to implement.
--
Roland Perry
Ian G Batten
2004-10-06 17:52:45 UTC
Permalink
Post by Brian Morrison
Asking the same question in other circumstances (i.e. "We know that the
kidnappers are in Baghdad, so we're going to tap all the phones in that
area and record everything that is said") is going to elicit a different
answer.
Really? You mean, asked if a wide-spread telephone tapping programme
which is claimed to reduce some nebulous crime should be implemented,
you expect a plebiscite to say `no'? There's some fairies at the bottom
of my garden who have a bridge to sell you.

If you held a referendum on compulsory carry ID cards combined with
random, unwarranted telephone tapping combined with a massive increase
in CCTV --- a field Britain leads the world in, but not in a good way
--- it would pass with 80% of the vote. Throw in capital punishment for
homosexuals and sending the darkies back to where they come from and
you'd drop it to, _maybe_ 70%. Civil liberties are often, sadly, about
protecting rights that people themselves don't believe they should have.

_Never_ underestimate the atavistic urges of the vast majority of the
population.

ian
Dave Howe
2004-10-06 18:41:00 UTC
Permalink
Post by Ian G Batten
Really? You mean, asked if a wide-spread telephone tapping programme
which is claimed to reduce some nebulous crime should be implemented,
you expect a plebiscite to say `no'? There's some fairies at the bottom
of my garden who have a bridge to sell you.
The electorate are quite happy to have you tap anyone else's phone - as
long as you don't tap theirs. That is because the average voter thinks
such things are only ever used on criminals - which in an ideal world
would be true.
Post by Ian G Batten
If you held a referendum on compulsory carry ID cards combined with
random, unwarranted telephone tapping combined with a massive increase
in CCTV --- a field Britain leads the world in, but not in a good way
--- it would pass with 80% of the vote. Throw in capital punishment for
homosexuals and sending the darkies back to where they come from and
you'd drop it to, _maybe_ 70%. Civil liberties are often, sadly, about
protecting rights that people themselves don't believe they should have.
Isn't "sending the darkies back to where they came from" blunkett's
target immigration policy anyhow though? :)
Brian Morrison
2004-10-06 19:05:52 UTC
Permalink
On Wed, 6 Oct 2004 18:52:45 +0100 in
Post by Ian G Batten
Post by Brian Morrison
Asking the same question in other circumstances (i.e. "We know that
the kidnappers are in Baghdad, so we're going to tap all the phones
in that area and record everything that is said") is going to elicit
a different answer.
Really? You mean, asked if a wide-spread telephone tapping programme
which is claimed to reduce some nebulous crime should be implemented,
you expect a plebiscite to say `no'? There's some fairies at the
bottom of my garden who have a bridge to sell you.
No, I didn't say a plebiscite, I was actually saying that if the police
knew the telephone line that they needed to tap I would have no problem
with that, but I would not be happy in trying to tap a large number of
lines as a trawling exercise. Please keep your bridge, I had thought you
were selling me a different one.
Post by Ian G Batten
If you held a referendum on compulsory carry ID cards combined with
random, unwarranted telephone tapping combined with a massive increase
in CCTV --- a field Britain leads the world in, but not in a good way
--- it would pass with 80% of the vote. Throw in capital punishment
for homosexuals and sending the darkies back to where they come from
and you'd drop it to, _maybe_ 70%. Civil liberties are often, sadly,
about protecting rights that people themselves don't believe they
should have.
Yes, I know, I try very hard not to think in that way but I am sometimes
guilty of atavistic impulses myself. I try not to open my mouth with
brain in neutral but it does happen.
Post by Ian G Batten
_Never_ underestimate the atavistic urges of the vast majority of the
population.
I find that a bit of discussion with people who express that sort of
opinion often reveals that they don't really mean what they say. Sadly
first impressions are usually the ones that stick.
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
Owen Lewis
2004-10-06 15:10:28 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 13:21
Subject: Re: USA ID card for federal employees and contractors
C'mon.
Hardware can be well regulated. A part of that regulation can be
to require
design such that firmware can only be updated/changed
successfully without
disturbing or overriding certain embedded protocols required by the
regulations.
C'mon, yourself.
You propose banning the shipment of General Purpose Computing Devices?
No.
Or limiting PCs to a single ethenet port and banning the sale of
ethernet cards?
No.
If the special purpose hardware is restricted, then it will
lose its market immediately to small PC running a full blown, if
stripped down, OS.
(You can get a 3 ethernet port PC compatible board for perhaps
EUR 120-200;
possibly including a PCMCIA/Cardbus or PCI slot; it will run several
different Unix variants)
You are effectively proposing a ban on specific capabilities in software;
capabilities which now exist in all OSes I am familiar with (Windows,
Solaris, Linux, *BSD).
I think you chase a different point. Mine was that if this govt wishes to
licence and tax internet connection it can make it law to do so. If it
wishes to licence and regulate routers used in this country on private
networks it can do so (though that is harder to police - but is more
amenable to the employment of auxiliary lawful eavesdropping techniques).

Our ruling clique is sovereign in all, except that it cannot bind its
successors. Technology has little to do with it. If such a law is passed (or
more properly is one term of some portmanteau Act), the main manufacturers
and ISPs will comply and therefore, de facto, so will most users here. That
there will be a minority who will choose to disobey is to be expected - but
this happens in respect of all our laws and does not thereby remove the
desirability of many of our laws.

The concern here will be, I believe, to ensure, in the most cost effective
way and to a cost effective level, that electronic communications can be
intercepted and read where that is authorised by lawful process. This does
not require the 'banning' of anything but a process of licencing and
regulation which, admittedly will never be completely effective but will
leave those acting outside the law in risk of attracting attention to
themselves.

Owen
Brian Gladman
2004-10-06 15:22:30 UTC
Permalink
Owen Lewis wrote:

[snip]
Post by Owen Lewis
Our ruling clique is sovereign in all, except that it cannot bind its
successors.
Not always so. In the end even they are subservient to the will of the
people when a sufficient number of citizens are prepared to disobey any
law that they pass.

This was the way the Poll Tax was removed - and this was not the first
time that this sort of thing has happened.

[snip]
Brian Gladman
Roland Perry
2004-10-06 15:29:11 UTC
Permalink
In the end even they are subservient to the will of the people when a
sufficient number of citizens are prepared to disobey any law that they
pass.
This was the way the Poll Tax was removed - and this was not the first
time that this sort of thing has happened.
Poll Tax was special because disobedience hit revenue collection
head-on. "Something" had to be done. As illegal foxhunting doesn't
sabotage a major revenue stream, don't expect that law to be repealed
any time soon, whatever public opinion thinks.
--
Roland Perry
Ian G Batten
2004-10-07 06:23:47 UTC
Permalink
Post by Roland Perry
Poll Tax was special because disobedience hit revenue collection
head-on. "Something" had to be done. As illegal foxhunting doesn't
sabotage a major revenue stream, don't expect that law to be repealed
any time soon, whatever public opinion thinks.
On the other hand, have you noticed Brown's reluctance to re-assert the
fuel duty escalator, just because a few farmers might object?

ian
Roland Perry
2004-10-07 10:20:12 UTC
Permalink
Post by Ian G Batten
Post by Roland Perry
Poll Tax was special because disobedience hit revenue collection
head-on. "Something" had to be done. As illegal foxhunting doesn't
sabotage a major revenue stream, don't expect that law to be repealed
any time soon, whatever public opinion thinks.
On the other hand, have you noticed Brown's reluctance to re-assert the
fuel duty escalator, just because a few farmers might object?
I hadn't, but I doubt it's because of a few farmers (whatever any
statements - which I've not seen - might say). The fuel blockades when
they last happened were taken *extremely* seriously by central
government, and they'd got as far as giving the police lists of
organisations that were allowed to fill up. That meets my "serious
economic consequences" test, bang on.
--
Roland Perry
Owen Lewis
2004-10-06 15:40:50 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 16:23
Subject: Re: USA ID card for federal employees and contractors
[snip]
Post by Owen Lewis
Our ruling clique is sovereign in all, except that it cannot bind its
successors.
Not always so. In the end even they are subservient to the will of the
people when a sufficient number of citizens are prepared to disobey any
law that they pass.
This was the way the Poll Tax was removed - and this was not the first
time that this sort of thing has happened.
Nor will it be the last.

I asked you how you rated the chances of the Countryside Alliance with about
1M supporter in getting the Hunting with Dogs Act repealed. You never
answered :-)

Owen
Brian Gladman
2004-10-06 16:12:03 UTC
Permalink
Post by Owen Lewis
-----Original Message-----
Sent: 06 October 2004 16:23
Subject: Re: USA ID card for federal employees and contractors
[snip]
Post by Owen Lewis
Our ruling clique is sovereign in all, except that it cannot bind its
successors.
Not always so. In the end even they are subservient to the will of the
people when a sufficient number of citizens are prepared to disobey any
law that they pass.
This was the way the Poll Tax was removed - and this was not the first
time that this sort of thing has happened.
Nor will it be the last.
I asked you how you rated the chances of the Countryside Alliance with about
1M supporter in getting the Hunting with Dogs Act repealed. You never
answered :-)
Because I was not convinced that it had any relevance to the point at
issue at the time.

My answer is that if the Countryside Alliance take the democratic route,
I don't think they stand much of a chance.

But if a large proportion of the 1 million take the same undemocratic
route taken by a proportion of those who opposed the Poll Tax (which I
doubt will happen) they will then stand a somewhat better chance.

Brian Gladman
Owen Lewis
2004-10-06 16:31:22 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 17:12
Subject: Re: USA ID card for federal employees and contractors
Post by Owen Lewis
-----Original Message-----
Sent: 06 October 2004 16:23
Subject: Re: USA ID card for federal employees and contractors
[snip]
Post by Owen Lewis
Our ruling clique is sovereign in all, except that it cannot bind its
successors.
Not always so. In the end even they are subservient to the will of the
people when a sufficient number of citizens are prepared to disobey any
law that they pass.
This was the way the Poll Tax was removed - and this was not the first
time that this sort of thing has happened.
Nor will it be the last.
I asked you how you rated the chances of the Countryside
Alliance with about
Post by Owen Lewis
1M supporter in getting the Hunting with Dogs Act repealed. You never
answered :-)
Because I was not convinced that it had any relevance to the point at
issue at the time.
My answer is that if the Countryside Alliance take the democratic route,
I don't think they stand much of a chance.
True, if you delete 'much' and insert 'any'
But if a large proportion of the 1 million take the same undemocratic
route taken by a proportion of those who opposed the Poll Tax (which I
doubt will happen) they will then stand a somewhat better chance.
I give them a cat's chance in hell, unless and until the revolution comes.

Owen
Brian Gladman
2004-10-06 15:55:04 UTC
Permalink
Owen Lewis wrote:

[snip]
Post by Owen Lewis
I think you chase a different point. Mine was that if this govt wishes to
licence and tax internet connection it can make it law to do so. If it
wishes to licence and regulate routers used in this country on private
networks it can do so (though that is harder to police - but is more
amenable to the employment of auxiliary lawful eavesdropping techniques).
If what you are concerned about is what laws legislators _can_ pass,
then let me assure you that they can, and sometimes do, pass pretty well
anything into law.

There have, for example, been US legislators who have passed laws
asserting that pi equals three. As somone who seems to take the view
that a law must be obeyed once it is passed - no matter how stupid - I
have to assume that you would have compiled with this if you had been
subject to it. But from what I have read nobody bothered to comply and
nobody ever made any serious attempt to enforce it (I am not even sure
whether anyone bothered to repeal it).

However, what the rest of us are talking about is not simply laws that
legislators _can_ pass but rather laws that they can pass _and_ which
are going to be effective in bringing about their intended result.

And here there is not even the remotest possibility of such laws
governing the functionality of encrypting routers.

Brian Gladman
Owen Lewis
2004-10-06 16:21:15 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 16:55
Subject: Re: USA ID card for federal employees and contractors
If what you are concerned about is what laws legislators _can_ pass,
then let me assure you that they can, and sometimes do, pass pretty well
anything into law.
There have, for example, been US legislators who have passed laws
asserting that pi equals three.
Maybe that accounts for the fact that American doughnuts are never perfectly
circular?

And, here, they once legislated 11 days out of existence (which was,
overall, a useful thing to do).

Owen
Brian Gladman
2004-10-06 16:29:02 UTC
Permalink
Post by Owen Lewis
-----Original Message-----
Sent: 06 October 2004 16:55
Subject: Re: USA ID card for federal employees and contractors
If what you are concerned about is what laws legislators _can_ pass,
then let me assure you that they can, and sometimes do, pass pretty well
anything into law.
There have, for example, been US legislators who have passed laws
asserting that pi equals three.
Maybe that accounts for the fact that American doughnuts are never perfectly
circular?
:-)

I think you would have to observe this only in a a particular State (or
States) though.
Post by Owen Lewis
And, here, they once legislated 11 days out of existence (which was,
overall, a useful thing to do).
And I wonder how many of them thought that they had lost 11 days of
their lives :-)

Brian Gladman
Owen Lewis
2004-10-06 17:44:04 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 17:29
Subject: Re: USA ID card for federal employees and contractors
Post by Owen Lewis
-----Original Message-----
Sent: 06 October 2004 16:55
Subject: Re: USA ID card for federal employees and contractors
If what you are concerned about is what laws legislators _can_ pass,
then let me assure you that they can, and sometimes do, pass pretty well
anything into law.
There have, for example, been US legislators who have passed laws
asserting that pi equals three.
Maybe that accounts for the fact that American doughnuts are
never perfectly
Post by Owen Lewis
circular?
:-)
I think you would have to observe this only in a particular State (or
States) though.
Post by Owen Lewis
And, here, they once legislated 11 days out of existence (which was,
overall, a useful thing to do).
And I wonder how many of them thought that they had lost 11 days of
their lives :-)
Those who so legislated? None, I opine. Those who rioted and caused civil
disorder.... probably many, deluded by a few with an unrelated axe to grind.

Owen
Ian G Batten
2004-10-07 06:22:36 UTC
Permalink
Post by Brian Gladman
There have, for example, been US legislators who have passed laws
asserting that pi equals three.
Really? Where?

A lower house in Indiana passed a bill specifying pi at 3.2, for reasons
more bound up with putative copyright actions than anything else. It
was laughed to scorn in the upper house, and never became law. Unless
you have solid documentation of your claim, I'm calling you on spreading
urban myths. Craig Shergold's collecting digits of pi, too.

http://www.agecon.purdue.edu/crd/Localgov/Second%20Level%20pages/Indiana_Pi_Story.htm

http://www.straightdope.com/classics/a3_341.html
Post by Brian Gladman
But from what I have read nobody bothered to comply and nobody ever ma
de any serious attempt to enforce it (I am not even sure whether
anyone bothered to repeal it).
Nobody bother to comply with a law that wasn't passed, and no-one
bothered to repeal a law that wasn't passed either. Since we're quick
to criticise politicians for trotting out urban myths and bogus
anecdotes, perhaps we should police ourselves to a slightly higher
standard.

ian
Brian Gladman
2004-10-07 07:07:20 UTC
Permalink
Post by Ian G Batten
Post by Brian Gladman
There have, for example, been US legislators who have passed laws
asserting that pi equals three.
Really? Where?
A lower house in Indiana passed a bill specifying pi at 3.2, for reasons
more bound up with putative copyright actions than anything else. It
was laughed to scorn in the upper house, and never became law. Unless
you have solid documentation of your claim, I'm calling you on spreading
urban myths. Craig Shergold's collecting digits of pi, too.
http://www.agecon.purdue.edu/crd/Localgov/Second%20Level%20pages/Indiana_Pi_Story.htm
http://www.straightdope.com/classics/a3_341.html
Post by Brian Gladman
But from what I have read nobody bothered to comply and nobody ever ma
de any serious attempt to enforce it (I am not even sure whether
anyone bothered to repeal it).
Nobody bother to comply with a law that wasn't passed, and no-one
bothered to repeal a law that wasn't passed either. Since we're quick
to criticise politicians for trotting out urban myths and bogus
anecdotes, perhaps we should police ourselves to a slightly higher
standard.
Ok, I will see if I can give a reference to my source foir this, which I
think was a book on pi that I have around here (I did not check out the
primary source material).

Brian Gladman
Dave Howe
2004-10-06 16:50:26 UTC
Permalink
Post by Owen Lewis
I think you chase a different point. Mine was that if this govt wishes to
licence and tax internet connection it can make it law to do so. If it
wishes to licence and regulate routers used in this country on private
networks it can do so (though that is harder to police - but is more
amenable to the employment of auxiliary lawful eavesdropping techniques).
Hardness to police has never been a barrier to lawmaking.
The speeding laws were (possibly still are) universally flouted, despite
ever better technology making it harder to "get away with"
Owen Lewis
2004-10-06 18:04:07 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 17:50
Subject: Re: USA ID card for federal employees and contractors
Post by Owen Lewis
I think you chase a different point. Mine was that if this govt
wishes to
Post by Owen Lewis
licence and tax internet connection it can make it law to do so. If it
wishes to licence and regulate routers used in this country on private
networks it can do so (though that is harder to police - but is more
amenable to the employment of auxiliary lawful eavesdropping
techniques).
Hardness to police has never been a barrier to lawmaking.
The speeding laws were (possibly still are) universally flouted, despite
ever better technology making it harder to "get away with"
Agreed. And yet the common good is better maintained by having arbitrary
limits imposed that it would be were there no limits at all.

Owen
Ian G Batten
2004-10-07 06:28:22 UTC
Permalink
Post by Owen Lewis
I think you chase a different point. Mine was that if this govt wishes to
licence and tax internet connection it can make it law to do so. If it
It can. It can get itself unelected rapidly, though: the departure of
almost every multinational company from the UK will tend to have that
effect.
Post by Owen Lewis
wishes to licence and regulate routers used in this country on private
networks it can do so (though that is harder to police - but is more
amenable to the employment of auxiliary lawful eavesdropping techniques).
It's impossible to police: if it were possible, cable companies could
enforce their ``one port, one device'' Ts&Cs.
Post by Owen Lewis
successors. Technology has little to do with it. If such a law is passed (or
more properly is one term of some portmanteau Act), the main manufacturers
and ISPs will comply and therefore, de facto, so will most users here. That
Owen, note how successful the EU has been in getting Microsoft to split
out Media Player, or the US DoJ in getting Microsoft to split out IE.
And now you say that the UK government can insist on Microsoft rewriting
the NT kernel and shipping a UK specific version? And Linux? And
NetBSD? And OpenBSD? And MacOS? And, and, and? And prevent copies of
any of those things entering the country? And impound every existing
copy? Behave.
Post by Owen Lewis
intercepted and read where that is authorised by lawful process. This does
not require the 'banning' of anything but a process of licencing and
regulation which, admittedly will never be completely effective but will
leave those acting outside the law in risk of attracting attention to
themselves.
Meanwhile, of course, every computer company flees the UK, as they won't
be able to sell their products and the hassle won't be worth it.

ian
Peter Tomlinson
2004-10-06 15:18:21 UTC
Permalink
So for ADSL, everyone has to have the same upstream allocation. As
512/256 is a reasonable split for most users, that's what you get.
Those of us on standard spec Telewest cable have a 768/128 split. What
thinks the experts about using VoIP (Skype) over that?

Peter
Roland Perry
2004-10-06 15:25:39 UTC
Permalink
Post by Peter Tomlinson
Those of us on standard spec Telewest cable have a 768/128 split. What
thinks the experts about using VoIP (Skype) over that?
I had 1.5MB/128k ADSL when I was in the USA recently, and Skype to the
UK was fine.
--
Roland Perry
Brian Morrison
2004-10-06 16:07:45 UTC
Permalink
On Wed, 6 Oct 2004 16:25:39 +0100 in
Post by Roland Perry
Post by Peter Tomlinson
Those of us on standard spec Telewest cable have a 768/128 split.
What thinks the experts about using VoIP (Skype) over that?
I had 1.5MB/128k ADSL when I was in the USA recently, and Skype to the
UK was fine.
How much bandwidth does Skype use? If it is voice bandwidth then that
fits into 128k easily if compressed, as it surely must be.
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
Dave Howe
2004-10-06 16:48:00 UTC
Permalink
Post by Roland Perry
I had 1.5MB/128k ADSL when I was in the USA recently, and Skype to the
UK was fine.
Problem there is you were on the wrong end of the pipe to judge - you
were receving (assuming your recipient here was on 512+256) 256 or as
much of the 256 as he could spare. he was getting at best 128, or as
much of the 128 as you could spare. Your correspondent could make a
decent value judgement though.
However note that digitally compressed teleconferencing on ISDN2 (64K
each way, shared with the data channel) is decent speech quality, has
been around for a fairly long time now, and codec development has only
improved since then, not gone backwards.
Roland Perry
2004-10-06 14:23:19 UTC
Permalink
As I said at the start, such a data grab should have been authorised
by the Home Secretary or Prime Minister in my view. So far you have
not provided any information that it was.
To do so would be inappropriate in a public forum.
And there I was thinking that high office of that nature should require
that such information *is* placed where the public can verify the
identity of the people that are taking decisions and exercising powers
legislated on their behalf.
A rather naive view. The relevant cabinet papers will no doubt be
available on the usual timescales.
--
Roland Perry
Brian Morrison
2004-10-06 16:15:12 UTC
Permalink
On Wed, 6 Oct 2004 15:23:19 +0100 in
Post by Roland Perry
And there I was thinking that high office of that nature should
require that such information *is* placed where the public can
verify the identity of the people that are taking decisions and
exercising powers legislated on their behalf.
A rather naive view. The relevant cabinet papers will no doubt be
available on the usual timescales.
And who will care in 30+ years? Only the historians, the rest of us
would rather like to know now and be able to draw our own conclusions of
what is really happening.

And yes, I know about the difficulties with ongoing investigations, I
don't want to ruin them but I do want to be able to verify the trust I
am forced to place in these people.
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
Roland Perry
2004-10-07 09:59:19 UTC
Permalink
I do want to be able to verify the trust I am forced to place in these
people.
This is something that doesn't scale well. I'd like to be able to
investigate (for example) the sort of locomotive driving skills which
have resulted in the recent Southall and Paddington accidents. I want to
know that the people driving the trains I'll be catching won't be
looking at the wrong signals or packing their bags as we pass one at
danger. Somehow, I don't think I can; so there has to be a strategy of
believing that there are other people whose job it is to look after
these things on my behalf, or that I'm mis-understanding the issue but
haven't yet found the person to explain to me why.

In the case of the matters pertinent to the current discussion you have
a distinct advantage (as an interested party) because the policing of
the Internet is such a hot topic that there's been enormous effort put
in by both sides to determine what makes each other tick. If the police
had been found to as institutionally bad as they are painted here, this
would not have escaped our attention, and you would have heard about it
because it would make material, too good to miss, for lobbying
campaigns.
--
Roland Perry
Dave Howe
2004-10-06 15:57:47 UTC
Permalink
Actually, you are perilously close to a previous debate. You *can*
download a copy of RealPlayer (or an equivalent written by one of your
high-school students), and then access a wide range of broadcast media
on your PC. That this doesn't require a TV licence is probably more due
to Ofcom not wanting to rock that particular boat this week, than it
being legally unnecessary.
I would be astonished if it were - unless the BBC are claiming that
because they use RM on their website, you should have to pay a licence
for it (which isn't actually too far from the truth it seems - I have
heard it rumoured that they are talking about making their site
pay-to-use for non-uk browsers)
Dave Howe
2004-10-06 16:02:03 UTC
Permalink
I'm not sure how the infamous Egg Marketing Inspectorate or the other
Toms, Dicks and Harriets fit in with investigating "organised crime".
tsk. surely you recognise the risk to international harmony inherent in
people selling unsanctioned eggs? :)
David Hansen
2004-10-06 16:08:09 UTC
Permalink
Post by Roland Perry
The Commissioner's report does specify the number of warrants (which are
in effect one per person). It's an exercise for the reader to estimate
whether or not crooks make more calls per day than non-crooks.
That does not tell the whole story though.
It tells you how many people's letters/phones are intercepted in a year,
and how many at one point in a year (from which you can estimate churn).
Also the average number of times these people change from one address or
phone number to another, requiring a modification to the warrant.
It does not tell you how many telephone "lines" are intercepted. Also,
because the time limits have been greatly extended it gives no feel for
how long.

All very convenient for those inside the tent.
--
David Hansen, Edinburgh | PGP email preferred-key number F566DA0E
I will *always* explain why I revoke a key, unless the UK
government prevents me by using the RIP Act 2000.
David Hansen
2004-10-06 16:09:25 UTC
Permalink
Post by Roland Perry
If it was only as easy to debunk the "wild conspiracy theories" floating
about regarding the wicked forces of law and order [tm].
The West Midlands Serious Crime Squad were rather more than a wild
conspiracy theory.
--
David Hansen, Edinburgh | PGP email preferred-key number F566DA0E
I will *always* explain why I revoke a key, unless the UK
government prevents me by using the RIP Act 2000.
David Hansen
2004-10-06 16:11:37 UTC
Permalink
On one hand, not at all, because LI isn't available to any of the people
you list. HOW MANY TIMES DOES THIS POINT NEED TO BE MADE?!?!?!
The flaws of RIP are not something I take responsibility for.

One of the flaws is that it is a mess. As a result people can discuss
several things in relation to one bit of it. The result is confusion, I
do not think this is accidental.
--
David Hansen, Edinburgh | PGP email preferred-key number F566DA0E
I will *always* explain why I revoke a key, unless the UK
government prevents me by using the RIP Act 2000.
David Hansen
2004-10-06 16:16:30 UTC
Permalink
Therefore, I suggest (and have bored some here to death with it) that we
need a written Constitution
I have no objection to one.
Well it is now the law and therefore, de facto and de jure, must be the
right way to do things for the time being.
Just because something is in the law does not mean it is right, unless
one postulates Parliamentary Infallibility.
--
David Hansen, Edinburgh | PGP email preferred-key number F566DA0E
I will *always* explain why I revoke a key, unless the UK
government prevents me by using the RIP Act 2000.
Owen Lewis
2004-10-06 16:41:28 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 17:17
Subject: RE: USA ID card for federal employees and contractors
Therefore, I suggest (and have bored some here to death with it) that we
need a written Constitution
I have no objection to one.
Well it is now the law and therefore, de facto and de jure, must be the
right way to do things for the time being.
Just because something is in the law does not mean it is right, unless
one postulates Parliamentary Infallibility.
What is right for you is one thing. What is right for me, he or she may be
something quite different. What is the law is the same for all of us.

All of us (most anyway) put what seems right to us before our observation of
the law from time to time. Yet as a principle, this cannot be right. If we
all did so and in every way and over everything, society as we have it would
simply become unglued and fall apart. The prime purpose of the body of law
is to act as that glue and hold society together, more or less, against the
centrifugal forces that our multitudinous and disparate wishes strain it
with.

Owen
David Hansen
2004-10-06 16:18:26 UTC
Permalink
And how tanks at Heathrow can affect someone launching a missile from
the other side of Windsor is a puzzle to me....
Well, assuming there was such a missile (which could have been launched
from most parts of London, these things no longer need to be fired at
the rear of aeroplanes), then the soldiers in the tanks could have
rushed around busily showing that "something is being done".
--
David Hansen, Edinburgh | PGP email preferred-key number F566DA0E
I will *always* explain why I revoke a key, unless the UK
government prevents me by using the RIP Act 2000.
Dave Howe
2004-10-06 16:28:19 UTC
Permalink
Different task. We were talking about making a firearm not making ammunition
:-) Ammo is easier to procure then firearms 0 of one can make it oneself.
I will take your word for that - I am surprised that ammo is easier to
get, given a gun without ammo is only a crude club, but a cartridge
without a gun is much easier to make an improvised firing mechanism for
(we have all seen at least web pictures of concealed weapons in
cellphones and so forth, yes?)
I could probably build some sort of oneshot gun for a commercial
cartridge without too much effort - particularly a shotgun cartridge,
where accuracy isn't as important as making sure the bloody stuff
doesn't come backwards at you ;)
.... form a closed (at one end) tube,
with or without some sort of breach,
Better to drill out a solid block or rod. This is best done on a lathe but
can be done by hand.
Indeed so. its still a tube closed at one end though, however you make it :)
then make a projectile, and arrange
some sort of ignition system for the propulsive chemical.
Only if you must. But (subject to the usual health warnings) Weedkiller
(NAClO3) and icing sugar in the proportions by weight that the composition
of the molecules requires (or determination by trial and error which mixture
burns fastest and most completely if you don't know the chemistry. Barrel is
bored to 0.25 in plus a couple of thou. Projectile is a steel
ballbearing/lead ball/ metal or stone rubbish between two wads to stop the
projectile falling out of the barrel and to tamp the charge. Most basic
ignition is on the matchlock principle, using a small priming charge of your
propellant and a slow match made by soaking a length of string in a very
strong solution of weed killer and then hanging it up to dry.
Interesting. I wouldn't know this myself, but I do know a few people who
I could ask easily enough for this sort of info.
You get the point I think. There's nothing here that a very average person
cannot do after a little show 'n tell instruction. You could do it now, I
think.
with a little trial and error, yes.
still harder work for me than writing a few lines of code though :)
- Before firing it whilst holding it, fire remotely (twice) with double
your standard load of propellant. If that doesn't destroy it you should be
(H&S disclaimer) OK thereafter if you stick to standard loads of one half of
your proof load.
or hand it to an even sillier 15 year old to fire and then run away? :)
None of this is insurmountable, but would take a bit of practice at
metalwork and a fair amount of research in various parts of a decent
reference library.
How long did it take you the read this?
How long would it have taken me to find this information (and more
probably, more accurate information on the formation of the propellent)
in a normal library?
Even most Internet texts are designed more to look scary and (by the
looks of things) remove would-be terrorists from the gene pool than to
produce genuine, usable weaponry.
If you want to make a good copy of
something more difficult, such as a Colt .45 semi-auto pistol or an AK-47
rifle complete with magazines, I can take you to villages in Pakistan and
elsewhere where an illiterate 14 year old will give you an excellent six
month show 'n tell course. Another six months of working under supervision
and you'll be more competent than most of the armourers in Western armies
:-)
Quite possibly. still wouldn't like to make cartridges from scratch
though (and yes, I know that a lot of professional shooters load their
own ammo, but even if they mold their own bullets, their propellent, and
their cases - with ignition caps - tend to be factory-standard).
Its not about book learning. It's about using your hands, patience,
attention to detail etc..
There is a fair amount of book learning there too. give some guy a fully
equipped tool shed (a la the a-team) and a chemistry lab, and a short
hollywood film with gunfights in it, then tell him to go make something
that can act like one of the guns he just saw....
A crypto library on the other hand requires only a considered-good algo
(such as 3des or arcfour) and a modest amount of programming ability; I
implemented both DES and RSA successfully on a ZX Spectrum in m/c at
around the same age you were making firearms - which didn't work first
time I admit, but worked once I got the bugs out.
Cheat! :-) You didn't write the crypto algorithm and evaluate its strength.
Indeed not. I am simply not stupid enough to do this (I am fully aware
that PRZ decided to roll his own crypto, and got it horribly wrong in
the first version of pgp. I am not going to repeat his mistake :)
I have no problem starting with the product of other people's skill in
mathematics - and even if I were to invent my own crypto scheme, it
would have to be based on math I had learnt, as I am certainly not going
to reinvent math from first principles just so I get *all* the glory ;)
I thought their implementation was fine, but key reuse happened?
There is also the issue of bias in the RNG which isn't a failure in OTP
itself, but in its key material
The (principle of OTP is sound and very simple). Protecting information with
a security equal to the strength of that simple algorithm is hard to do.
Yup. often the crypto is the strongest link anyhow, even if it is
something as underpowered as DES.
This is of course true - but to be honest I still think you could get
better results giving a random programmer the algo to arcfour and saying
"impliment this" than giving a random metalworker a diagram of a gun and
say "build one of these"
Do you still feel the same having read this?
Yup. unless you plan to just have it fire cartridges, you would need
a fairly detailed description (such as you have supplied, but obviously
giving a more exact mix for the chemicals and possibly specifying brand
names) of the propellent, the barrel, the projectile and assembly as a
whole. this is more complex (and requires more skill) from the average
metalworker than implimenting arcfour would for the average programmer.
I would also hesitate to put that rube goldburg gun up against a
machine-shop rifle, but that programmer's implimentation of crypto could
easily be as strong or stronger than many commercial products.
Owen Lewis
2004-10-06 17:44:04 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 17:28
Subject: Re: USA ID card for federal employees and contractors
You get the point I think. There's nothing here that a very
average person
cannot do after a little show 'n tell instruction. You could do
it now, I
think.
with a little trial and error, yes.
still harder work for me than writing a few lines of code though :)
We return to the point that at least half the adult population can do the
one, whilst shall we say < 1% of the population can do the other. Its not
the writing of the code but the knowing what to write and how, precisely, to
express it. Not to be taught in five minutes nor taught at all by the
illiterate.
- Before firing it whilst holding it, fire remotely
(twice) with double
your standard load of propellant. If that doesn't destroy it
you should be
(H&S disclaimer) OK thereafter if you stick to standard loads
of one half of
your proof load.
or hand it to an even sillier 15 year old to fire and then run away? :)
Why am I telling you these things? With a mind like yours, you should be
banged up :)
If you want to make a good copy of
something more difficult, such as a Colt .45 semi-auto pistol
or an AK-47
rifle complete with magazines, I can take you to villages in
Pakistan and
elsewhere where an illiterate 14 year old will give you an excellent six
month show 'n tell course. Another six months of working under
supervision
and you'll be more competent than most of the armourers in
Western armies
:-)
Quite possibly. still wouldn't like to make cartridges from scratch
though
Not as difficult as you think. Enormous up-front investment if you only want
two or three of a some specific military type. However, two or three of any
straight-cased rimfire round should not be too demanding. Tool up to make a
million of 'em and the setting up to make any type is no longer out of
proportion to the investment required. The production is all low-tech
semi-skilled work.
Its not about book learning. It's about using your hands, patience,
attention to detail etc..
There is a fair amount of book learning there too. give some guy a fully
equipped tool shed (a la the a-team) and a chemistry lab, and a short
hollywood film with gunfights in it, then tell him to go make something
that can act like one of the guns he just saw....
Tell that to some 14 year old Pakistani peasants who, on a good day, can
sign their names as something other than the proverbial X.
A crypto library on the other hand requires only a considered-good algo
(such as 3des or arcfour) and a modest amount of programming ability; I
implemented both DES and RSA successfully on a ZX Spectrum in m/c at
around the same age you were making firearms - which didn't work first
time I admit, but worked once I got the bugs out.
Cheat! :-) You didn't write the crypto algorithm and evaluate
its strength.
Indeed not. I am simply not stupid enough to do this (I am fully aware
that PRZ decided to roll his own crypto, and got it horribly wrong in
the first version of pgp. I am not going to repeat his mistake :)
I have no problem starting with the product of other people's skill in
mathematics - and even if I were to invent my own crypto scheme, it
would have to be based on math I had learnt, as I am certainly not going
to reinvent math from first principles just so I get *all* the glory ;)
Yet I can tell you how to make a fiream with simple hand tools and everyday
materials. The manufacture of Napalm B is even simpler and far quicker,
using only what lies around you :-)
......to be honest I still think you could get
better results giving a random programmer the algo to arcfour and saying
"impliment this" than giving a random metalworker a diagram of a gun and
say "build one of these"
Do you still feel the same having read this?
Yup.
Ah well - but you agree that established skills as a programmer are
prerequisite. My example requires no previos training or qualification.
unless you plan to just have it fire cartridges, you would need
a fairly detailed description (such as you have supplied, but obviously
giving a more exact mix for the chemicals and possibly specifying brand
names)
No. Suitable pre-cursor chemicals lie about. They only need to be brought
together and with intent. Optimum mix is easily determined by trial and
error by open burning, once you know what it is you seek. Fast, even,
complete combustion. Don't need a GSCE to understand that.

Diesel and air. Great mix, given a little compression. So find/make a spring
and plunger.

of the propellent, the barrel, the projectile and assembly as a
whole. this is more complex (and requires more skill) from the average
metalworker than implimenting arcfour would for the average programmer.
The one does not require to be a (semi-)skilled metal worker, not for the
project I described. And becoming a semi-skilled metal worker is within the
natural gifts of better than half the population which becoming a programmer
(a very skilled trade) is only open to a few.
I would also hesitate to put that rube goldburg gun up against a
machine-shop rifle, but that programmer's implimentation of crypto could
easily be as strong or stronger than many commercial products.
You want the five min course only, you get the Rube. And don't be so
dismissive. That little dear, with only a 3-4 in barrel, can put a ball
bearing through an inch of pine and more at five metres - a range at which
you don't even need sights to nut or gut.

You want an assault rifle and ammo you won't know didn't come from a Sov
arsenal, take the one year apprenticeship on the North West Frontier. Its
odds on you have the capability to absorb the training. Sadly, it's very
much odds against that you could equally well train your young and
illiterate expert instuctor to first program and then to make good crypto
implementations.

Owen
Dave Howe
2004-10-06 18:37:45 UTC
Permalink
Post by Owen Lewis
Ah well - but you agree that established skills as a programmer are
prerequisite. My example requires no previos training or qualification.
Indeed so, and for a while (ie, when I was younger :) I thought that
would become so common a prerequisite that it would be unmentionable -
my entire generation grew up with the concept of a personal computer
being better than a "games machine"
Unfortunately, half a generation later, they would rather have a sega or
a nintendo than a real pc, and the opportunity was gone forever. I sorta
miss it :)
Post by Owen Lewis
No. Suitable pre-cursor chemicals lie about. They only need to be brought
together and with intent. Optimum mix is easily determined by trial and
error by open burning, once you know what it is you seek. Fast, even,
complete combustion. Don't need a GSCE to understand that.
Indeed - but apart from your admittedly quite clear instruction, I
wouldn't have had a clue which chemicals to try - or which ones to avoid
even tampering with. Chemistry was never my strong suit though, I
concentrated on physics and electronics.
Post by Owen Lewis
Post by Dave Howe
whole. this is more complex (and requires more skill) from the average
metalworker than implimenting arcfour would for the average programmer.
The one does not require to be a (semi-)skilled metal worker, not for the
project I described. And becoming a semi-skilled metal worker is within the
natural gifts of better than half the population which becoming a programmer
(a very skilled trade) is only open to a few.
I would like argue the opposite - but the youth computer market has been
deliberately deskilled, to make it a better market. Still, the average
youth would probably not know what a lathe was either (do they teach
that at school these days? I certainly didn't see one until college)
Post by Owen Lewis
Post by Dave Howe
I would also hesitate to put that rube goldburg gun up against a
machine-shop rifle, but that programmer's implimentation of crypto could
easily be as strong or stronger than many commercial products.
You want the five min course only, you get the Rube. And don't be so
dismissive. That little dear, with only a 3-4 in barrel, can put a ball
bearing through an inch of pine and more at five metres - a range at which
you don't even need sights to nut or gut.
Indeed so - I wasn't being dismissive about the gun as a gun, just
relatively as to its "bigger brothers"
Post by Owen Lewis
You want an assault rifle and ammo you won't know didn't come from a Sov
arsenal, take the one year apprenticeship on the North West Frontier. Its
odds on you have the capability to absorb the training. Sadly, it's very
much odds against that you could equally well train your young and
illiterate expert instuctor to first program and then to make good crypto
implementations.
This is of course true - but not because of any particular quality of
the crypto, but because the prerequisites (math, mostly, and exposure to
computers) just aren't there.
I would hazard that a typical schooleaver (with gcse math or whatever it
is these days) could pick up a fairly basic (or Basic :) programming
language, well enough to write a simple encryptor, in a week or less.
Programming a high level language is not a hard task, after all.
Owen Lewis
2004-10-06 19:34:56 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 19:38
Subject: Re: USA ID card for federal employees and contractors
Post by Owen Lewis
Ah well - but you agree that established skills as a programmer are
prerequisite. My example requires no previous training or qualification.
Indeed so, and for a while (ie, when I was younger :) I thought that
would become so common a prerequisite that it would be unmentionable -
my entire generation grew up with the concept of a personal computer
being better than a "games machine"
Unfortunately, half a generation later, they would rather have a sega or
a nintendo than a real pc, and the opportunity was gone forever. I sorta
miss it :)
The Army tried to tech me to program in Elliott Autocode. I hated it and,
for over 10 years, walked smartly in the opposite direction whenever I saw a
computer. I became interested in them when is was clear that, by standing on
the shoulders of others, I could do things that I would never be able to do
without them. I was converted and, for many years have considered a computer
and suitable suite of software as some sort of prosthetic, so that I can,
just occasionally, 'Slip the surly bonds of Earth and touch the face of
God'.
Post by Owen Lewis
No. Suitable pre-cursor chemicals lie about. They only need to
be brought
Post by Owen Lewis
together and with intent. Optimum mix is easily determined by trial and
error by open burning, once you know what it is you seek. Fast, even,
complete combustion. Don't need a GSCE to understand that.
Indeed - but apart from your admittedly quite clear instruction, I
wouldn't have had a clue which chemicals to try - or which ones to avoid
even tampering with. Chemistry was never my strong suit though, I
concentrated on physics and electronics.
Sigh... why is it the clever ones always want more than you give 'em? :)
Sodium chlorate weedkiller and icing sugar for you my lad.... .
Post by Owen Lewis
..... And becoming a semi-skilled metal worker
is within the
Post by Owen Lewis
natural gifts of better than half the population which becoming
a programmer
Post by Owen Lewis
(a very skilled trade) is only open to a few.
I would like argue the opposite - but the youth computer market has been
deliberately deskilled, to make it a better market.
Until the advent of GUI, it was received wisdom that one needed an IQ of 120
to master computer operation, leave alone to be able to program it. This
computers seemed never to be for the majority. However, the thrust of
popular software development since the advent of the GUI had been to reduce
the necessary IQ for computer operation to about 90, I.e. more than half the
population now have sufficient marbles to run software under Windows and do
something vaguely useful with it. But GUI and friendlier compilers have made
no real dent in the IQ necessary to be a good programmer, let alone systems
analyst. And, IMO, bever will. Ergo, it's always going to be an elite skill
group.

Still, the average
youth would probably not know what a lathe was either (do they teach
that at school these days? I certainly didn't see one until college)
Three out of my four kids (1G 2B) were using wood turning lathes at school
from about the age of 9. The house is still stuffed with appallingly
designed but so lovingly made turned wood candlesticks etc. I still also
have a cannon made by one of the boys with a nicely turned brass barrel
(bored but non-firing) and with a wheeled wooden carriage; he would have
been 12, I think. I was tempted to convert it to a firing model to amuse him
but, with brass for the barrel and a calibre of almost 0.5 in, discretion
was the better part of valour. He's now has a small video-editing business
and is as proud as hell of his MAC user-skills.
Post by Owen Lewis
Post by Dave Howe
I would also hesitate to put that rube goldburg gun up against a
machine-shop rifle, but that programmer's implementation of crypto could
easily be as strong or stronger than many commercial products.
You want the five min course only, you get the Rube. And don't be so
dismissive. That little dear, with only a 3-4 in barrel, can put a ball
bearing through an inch of pine and more at five metres - a
range at which
Post by Owen Lewis
you don't even need sights to nut or gut.
Indeed so - I wasn't being dismissive about the gun as a gun, just
relatively as to its "bigger brothers"
Post by Owen Lewis
You want an assault rifle and ammo you won't know didn't come from a Sov
arsenal, take the one year apprenticeship on the North West
Frontier. Its
Post by Owen Lewis
odds on you have the capability to absorb the training. Sadly, it's very
much odds against that you could equally well train your young and
illiterate expert instructor to first program and then to make
good crypto
Post by Owen Lewis
implementations.
This is of course true - but not because of any particular quality of
the crypto, but because the prerequisites (math, mostly, and exposure to
computers) just aren't there.
I would hazard that a typical schooleaver (with gcse math or whatever it
is these days) could pick up a fairly basic (or Basic :) programming
language, well enough to write a simple encryptor, in a week or less.
But not even to begin to know how to tell good crypto from bad :-( Yet you
can be taught to identify good propellant from bad in a couple of minutes
show 'n tell.
Programming a high level language is not a hard task, after all.
All things are simple to those who can do them well.

Owen
Dave Howe
2004-10-06 21:14:37 UTC
Permalink
Post by Owen Lewis
The Army tried to tech me to program in Elliott Autocode. I hated it and,
for over 10 years, walked smartly in the opposite direction whenever I saw a
computer. I became interested in them when is was clear that, by standing on
the shoulders of others, I could do things that I would never be able to do
without them. I was converted and, for many years have considered a computer
and suitable suite of software as some sort of prosthetic, so that I can,
just occasionally, 'Slip the surly bonds of Earth and touch the face of
God'.
I think a desire to learn is also a prerequisite for both tasks :)
Post by Owen Lewis
Post by Dave Howe
Indeed - but apart from your admittedly quite clear instruction, I
wouldn't have had a clue which chemicals to try - or which ones to avoid
even tampering with. Chemistry was never my strong suit though, I
concentrated on physics and electronics.
Sigh... why is it the clever ones always want more than you give 'em? :)
Sodium chlorate weedkiller and icing sugar for you my lad.... .
*lol* I did say *apart from*

But I am happy to concede the point - although it would be much easier
for me and any other experienced programmer to do crypto than weaponry,
it is probably a much lower bar to leap over to learn to make a gun from
a startpoint most school leavers (and enterprising gunsmiths in
afganistan) would start from :)
Post by Owen Lewis
But not even to begin to know how to tell good crypto from bad :-( Yet you
can be taught to identify good propellant from bad in a couple of minutes
show 'n tell.
I *still* can't reliably tell good crypto algos from bad - I rely on
other people's evaluations and use whatever the community recommends.
I *can* tell good crypto implimentations from bad, by how well they
conform to the standards and how well they avoid doing anything stupid
to give a weaker point of attack than the crypto itself.
Usually the latter isnt' required though, as snakeoil tends to announce
itself in large letters (and larger press releases; VME anyone? :)
Post by Owen Lewis
Post by Dave Howe
Programming a high level language is not a hard task, after all.
All things are simple to those who can do them well.
VBScript is the same language that MS Office uses for stored macros in
word and excel, which can save hours of work repeatedly doing the same
basic operations - phrased like that, it is surprising how many sales
and executive staff suddenly find a reason to learn how VBS works.
VBS isn't the greatest of languages - its slow, its instruction set is
quite limited (outside of manipulating excel of course :) and its gui is
almost non-existent - but it *is* easy to pick up in an hour or so.
Owen Lewis
2004-10-07 09:41:36 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 22:15
Subject: Re: USA ID card for federal employees and contractors
Post by Owen Lewis
But not even to begin to know how to tell good crypto from bad
:-( Yet you
Post by Owen Lewis
can be taught to identify good propellant from bad in a couple
of minutes
Post by Owen Lewis
show 'n tell.
I *still* can't reliably tell good crypto algos from bad - I rely on
other people's evaluations and use whatever the community recommends.
Yes, Its **really** hard isn't it? But I did say 'begin' and not 'perfect'.
Post by Owen Lewis
Post by Dave Howe
Programming a high level language is not a hard task, after all.
All things are simple to those who can do them well.
VBScript is the same language that MS Office uses for stored macros in
word and excel, which can save hours of work repeatedly doing the same
basic operations - phrased like that, it is surprising how many sales
and executive staff suddenly find a reason to learn how VBS works.
VBS isn't the greatest of languages - its slow, its instruction set is
quite limited (outside of manipulating excel of course :) and its gui is
almost non-existent - but it *is* easy to pick up in an hour or so.
Derek Fawcus
2004-10-06 19:09:41 UTC
Permalink
Post by Owen Lewis
We return to the point that at least half the adult population can do the
one, whilst shall we say < 1% of the population can do the other. Its not
the writing of the code but the knowing what to write and how, precisely, to
express it. Not to be taught in five minutes nor taught at all by the
illiterate.
I think I have to agree with Owen here. Having had the metalwork / craftwork
classes at school, where we played with wood and metal working lathes
(in fact I still have a working screwdriver I made at middle school - about
age 12/13 - this was produced in part by turning on a metalwork lathe).

The skills to do this sort of work are easily picked up, and come quite
naturally - we are after all tool makers. About all one has to learn are
some simple techniques and what not to do in order to prevent injuries.

Alas, the quality of some "professional" programmers is in comparision
quite lacking.
Post by Owen Lewis
The manufacture of Napalm B is even simpler and far quicker,
using only what lies around you :-)
Not sure if it's Napalm, but I seem to recall hearing/reading about some
nasty stuff made from mixing petrol and expanded polystyrene foam. One
could then add extra stuff to make it worse - i.e. acid.
Post by Owen Lewis
No. Suitable pre-cursor chemicals lie about. They only need to be brought
together and with intent.
A fuel and an oxidiser. Hmm - can't remember, would household bleach be
usable given the right combinations? I'd have to dig out some of my old
school chemistry texts.

Even black powder should be easy to make, the proportions have been well
documented, the only difficulty possibly being in getting the sulphur.
But I seem to recall there were medications available containing sulphur.
Saltpetre - well how about raising your own pig. Doing it in large quantities
proportions way well prove difficult however.

Actually I do seem to recall that a lot ofbooks I read as a kid had details
about how to make various explosives. You know old encyclopedia, 'how stuff works'
types of books, etc. One I recall had the process for making TNT.

DF
Brian Morrison
2004-10-06 19:14:54 UTC
Permalink
On Wed, 6 Oct 2004 20:09:41 +0100 in
Post by Derek Fawcus
One I recall had the process for making TNT.
The process is fairly simple. The more difficult part is how to solidify
the resulting product without it going off in your face.
--
Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
Paul Leyland
2004-10-06 20:40:07 UTC
Permalink
Post by Brian Morrison
On Wed, 6 Oct 2004 20:09:41 +0100 in
Post by Derek Fawcus
One I recall had the process for making TNT.
The process is fairly simple. The more difficult part is how to solidify
the resulting product without it going off in your face.
A moderately difficult part is to avoid oxidising your person while
nitrating the toluene. Far from impossible in a domestic setting but
you do have to be careful. Treating it like Brut is specifically not
recommended.

Yes, I speak from personal experience. I've washed off H_2SO_4 before
it turned my fingers black. It's impossible to wash off HNO_3 before
they turn orange-brown but I did manage it before it turned them black.
I wasn't making TNT at the times in question and I was fortunate only to
get the liquids on bare skin and not soaked into fabric adjacent to
skin.

I don't recommend inhaling the fumes either. Clears the tubes
wonderfully, almost as well as 880 ammonia, but sucking a
menthol-flavoured lozenge is usually better for long-term comfort.


Paul
Owen Lewis
2004-10-06 19:45:00 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 20:10
Subject: Re: USA ID card for federal employees and contractors
Post by Owen Lewis
The manufacture of Napalm B is even simpler and far quicker,
using only what lies around you :-)
Not sure if it's Napalm, but I seem to recall hearing/reading about some
nasty stuff made from mixing petrol and expanded polystyrene foam. One
could then add extra stuff to make it worse - i.e. acid.
That's it. Don't think the acid could add to the party though and,
acid-dependent, might well detract from it. Sounds like the sort of
inventive twist one might find in the Anarchist's Handbook of the Jolly
Roger Book of Mischief . Both to be avoided like the plague in my view. If
you know enough to be evaluate then, you don't need them (and realise how
self-murderous they are) If you do need them, you are going to be
disappointed, dead or crippled, depending on which page you start at and the
quantities involved.
Post by Owen Lewis
No. Suitable pre-cursor chemicals lie about. They only need to
be brought
Post by Owen Lewis
together and with intent.
A fuel and an oxidiser. Hmm - can't remember, would household bleach be
usable given the right combinations? I'd have to dig out some of my old
school chemistry texts.
Even black powder should be easy to make, the proportions have been well
documented, the only difficulty possibly being in getting the sulphur.
But I seem to recall there were medications available containing sulphur.
Saltpetre - well how about raising your own pig. Doing it in
large quantities
proportions way well prove difficult however.
Enough already :-)
Actually I do seem to recall that a lot of books I read as a kid
had details
about how to make various explosives. You know old encyclopedia,
'how stuff works'
types of books, etc. One I recall had the process for making TNT.
Yup. I learned how to make homemade shaped charges and cutting charges
(using commercial gelignite and similar) for underwater salvage work from
library books in the 1970's.

Owen
Paul Leyland
2004-10-06 20:31:32 UTC
Permalink
Post by Derek Fawcus
Even black powder should be easy to make, the proportions have been well
documented, the only difficulty possibly being in getting the sulphur.
Finely powdered elemental sulphur is sold in kilogram quantities in
garden centres. It's a moderately effective fungicide.
Post by Derek Fawcus
But I seem to recall there were medications available containing sulphur.
Saltpetre - well how about raising your own pig. Doing it in large quantities
proportions way well prove difficult however.
Saltpetre, aka potassium nitrite, is slightly harder to get hold of.
Sodium nitrate (which works about as well but absorbs water more easily
so you have to keep your powder dry) is a fast-acting nitrogenous
fertiliser. Needless to say, it is also sold in kilogram quantities in
garden centres.

Barbeque charcoal is also sold in many garden centres, again in kilogram
quantities. You do have to grind it up yourself though.

Half an hour and a few quid down the local garden centre and you have
the ingredients for reducing your house, and probably those of your
neighbours, to a heap of smouldering rubble.

(An even faster acting nitrogenous fertiliser is ammonium nitrate. It
is also easily available from garden centres. Although traditionally
used to oxidise diesel --- Google for ANFO --- it will work with carbon
and sulphur too.)


Paul
Paul Leyland
2004-10-06 20:12:34 UTC
Permalink
Post by Owen Lewis
Yet I can tell you how to make a fiream with simple hand tools and everyday
materials. The manufacture of Napalm B is even simpler and far quicker,
using only what lies around you :-)
On the assumption that you've got some of Messrs Esso or Shell's finest
unleaded near by. Actually, it doesn't need to be their finest or even
uleaded. Almost any old hydrocarbon will do at a pinch. White spirit
works well and is a bit easier to work with than petrol. Not as
volatile and, IMO, smells nicer.

A couple of years ago I took out a wasps' nest in the garden with
homemade napalm. Quite fun and moderately spectacular. My neighbours
before I moved to the Fens had a line of Leylandii (apt, perhaps?) that
they wanted removing. I offered to napalm them (the trees, not the
neighbours) but the offer was turned down because they weren't too sure
about the degree of collateral damage that might ensue.

FWIW, it's possible to buy napalm commercially, though at horrendous
expense compared with the production cost. It is sold as barbeque
lighter. Squirt a bit from a tube onto the charcoal and apply a flame.
Post by Owen Lewis
No. Suitable pre-cursor chemicals lie about. They only need to be brought
together and with intent. Optimum mix is easily determined by trial and
error by open burning, once you know what it is you seek. Fast, even,
complete combustion. Don't need a GSCE to understand that
Yup. I was producing very large and impressive fireballs from sodium
chlorate and sugar in kilogram quantities long before I was an age at
which people commonly take GCSEs. They were called O Levels in my day
and I measured stuff in pounds rather than kilograms but the principle
remains the same.


Paul
Dave Howe
2004-10-06 16:32:46 UTC
Permalink
At least we agree that the decision isn't that of a junior.
No. You have stated that the decision was not that of a junior. You
imply that you know who the decision makers were, but will not respond
to prompts to name them.
I find it deeply worrying that a junior was asked to sign his name to
an unspecified superior's decision - this is the sort of tactic you
would expect from a superior that knew that even if his decision was
technically legal, it could be either politically or legally awkward if
it came out some time in the future, and wanted to avoid having his name
associated with it.
But of course some unnamed superior at least wanted it done, so
that's ok.
Dave Howe
2004-10-06 16:39:20 UTC
Permalink
Possibly scares them off. ISTR this "emergency" happened at a very
convenient time for Mr Liar and his cronies. A few soldiers driving
around in tanks is always good for getting people to do what government
wants.
In the face of such cynicism, all further debate is probably futile.
Its not particularly cynical to note that no evidence of this plot to
destroy an airliner was ever given, nobody appears to have been charged
with conspiracy over this plot, and it *was* very politically convenient
to have an alert in london and lots of military bods making everyone
feel very nervous....
Still, we have gotten so used now to governments saying "we have
excellent intelligence that... ... but of course we can't show you as it
is too sensitive, so you will have to take our word for it"
I sometimes wonder what is going to come out when the paperwork for
the 9/11 "evidence" eventually reaches an age it can be demanded under
the american FOIA (assuming they haven't abolished that by the time it
becomes an issue). I suspect strongly (if cynically) that it wouldn't
have convinced a prosecutor to take it to trial, never mind justifying
bombing a country back into the stone age that had already agreed to
formal extradition proceedings against OBL...
Charles Lindsey
2004-10-06 14:19:34 UTC
Permalink
This discussion is good evidence in the case for using secure hardware
(or using an OS that makes full use of the x86 hardware protection
features) so that code cannot be planted and executed, and then
generating the key pairs in situ and storing them in a manner that
ensures that the private key cannot be exported.
Well in the systems I have been using for the past 15 years, programs (as
routinely compiled in C) were divided into text areas and data areas. The
text was where the executable code was put, and it was always read-only so
it could be shared between applications. One just didn't put code in the
data area, except for the most arcane of reasons. So if buffers 0verflowed
in the data area, all sorts of data might be corrupted, but no chance that
any of your carefully planted bogus data would ever be obeyed as running
code.

Has Mr Gates not caught up with such elementary technology yet?
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131 Fax: +44 161 436 6133   Web: http://www.cs.man.ac.uk/~chl
Email: chl-***@public.gmane.org      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
David_Biggins-XjoIEpZFQiJWk0Htik3J/
2004-10-06 18:02:34 UTC
Permalink
-----Original Message-----
Sent: Wednesday, October 06, 2004 3:20 PM
Subject: Re: USA ID card for federal employees and contractors
On Sat, 02 Oct 2004 06:52:19 +0100, Peter Tomlinson
This discussion is good evidence in the case for using
secure hardware
(or using an OS that makes full use of the x86 hardware protection
features) so that code cannot be planted and executed, and then
generating the key pairs in situ and storing them in a manner that
ensures that the private key cannot be exported.
Well in the systems I have been using for the past 15 years,
programs (as
routinely compiled in C) were divided into text areas and
data areas. The
text was where the executable code was put, and it was always
read-only so
it could be shared between applications. One just didn't put
code in the
data area, except for the most arcane of reasons. So if
buffers 0verflowed
in the data area, all sorts of data might be corrupted, but
no chance that
any of your carefully planted bogus data would ever be obeyed
as running
code.
Has Mr Gates not caught up with such elementary technology yet?
Only partly. The problem is the protection against such things in the
'classic' x86 hardware is in the segment descriptors, not the actual memory
descriptors.

So any program or operating system that is running in the flat memory model
can't actually use this protection.

That's why there is a new bit in the memory descriptors in the newest AMD
and Intel CPUs.

The question is really why it's taken so long to add the hardware protection
into the place where most operating systems actually require it.

And given that at the time of writing win95, MS were being creamed by
various developers and trade press for not having used the flat model, it's
easy to see why they made technically the wrong decision for what was, at
the time, the right marketing reasons.

Dave.
David_Biggins-XjoIEpZFQiJWk0Htik3J/
2004-10-06 18:08:22 UTC
Permalink
-----Original Message-----
Sent: Wednesday, October 06, 2004 4:05 PM
Subject: Re: USA ID card for federal employees and contractors
Owen Lewis
Both can of course be steered by suitable happenings,
whether they are
"real" or "made up".
Sadly, the difference between the two is no longer as great
as it once was I
think. These days what matters is not what may be real or
true but what is
widely reported and editorialised - and what is not.
Is Ken Bigley's plight real, or made up?
If there was a policeman who asked the British public "I have this
button here that I can press to intercept the kidnappers' phone, from
which we'll be able to work out where they are, and have the
SAS round
there in half an hour. Should I press it, or should I respect the
kidnappers' privacy?
What do you think the vote would look like?
But then again, what would it look like if the policeman said "I have this
button here that I can press to intercept a few hundred peoples' phones,
most or all of whom will have no knowledge of the case, a significant number
will be mistaken identities or the wrong people, and if we are very lucky,
we might just catch somebody for something, but the odds of it actually
helping find a kidnapping victim are very low"?

Dave.
Owen Lewis
2004-10-06 18:34:30 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 19:08
Subject: RE: USA ID card for federal employees and contractors
-----Original Message-----
Sent: Wednesday, October 06, 2004 4:05 PM
Subject: Re: USA ID card for federal employees and contractors
Owen Lewis
Both can of course be steered by suitable happenings,
whether they are
"real" or "made up".
Sadly, the difference between the two is no longer as great
as it once was I
think. These days what matters is not what may be real or
true but what is
widely reported and editorialised - and what is not.
Is Ken Bigley's plight real, or made up?
If there was a policeman who asked the British public "I have this
button here that I can press to intercept the kidnappers' phone, from
which we'll be able to work out where they are, and have the
SAS round
there in half an hour. Should I press it, or should I respect the
kidnappers' privacy?
What do you think the vote would look like?
But then again, what would it look like if the policeman said "I have this
button here that I can press to intercept a few hundred peoples' phones,
most or all of whom will have no knowledge of the case, a
significant number
will be mistaken identities or the wrong people, and if we are very lucky,
we might just catch somebody for something, but the odds of it actually
helping find a kidnapping victim are very low"?
This is not actually a value-of-privacy related question but one of the
efficient use of resources.. Making the taps is essentially cost-free, once
the up-fronts have been spent. Employing people to wade through all the
dreck and follow up blind alleys is not cost-free.

If the chances of it are poor, allocate resources to something more useful.
If intercepting 100 lines in a city of 2 million has an evens chance of
yielding something critical then go for it. Similarly, if losing that one
life will secure the lives of two others, then there's another hard and
probably necessary choice to make. Be grateful that no one asks *you* to
play God with other people's lives. Or perhaps they do?

Owen
David_Biggins-XjoIEpZFQiJWk0Htik3J/
2004-10-06 18:11:02 UTC
Permalink
-----Original Message-----
Sent: Wednesday, October 06, 2004 5:09 PM
Subject: Re: USA ID card for federal employees and contractors
Post by Roland Perry
If it was only as easy to debunk the "wild conspiracy
theories" floating
Post by Roland Perry
about regarding the wicked forces of law and order [tm].
The West Midlands Serious Crime Squad were rather more than a wild
conspiracy theory.
Indeed. My response to several people advocating draconian punishment is
"there may be a West Midlands Serious Crime Squad out there with your name
on it".

Dave
David_Biggins-XjoIEpZFQiJWk0Htik3J/
2004-10-06 18:16:36 UTC
Permalink
-----Original Message-----
Sent: Wednesday, October 06, 2004 5:41 PM
Subject: RE: USA ID card for federal employees and contractors
All of us (most anyway) put what seems right to us before our
observation of
the law from time to time. Yet as a principle, this cannot be
right. If we
all did so and in every way and over everything, society as
we have it would
simply become unglued and fall apart.
Indeed - but if none of us ever did so, the same result would certainly
occur.
The prime purpose of
the body of law
is to act as that glue and hold society together, more or
less, against the
centrifugal forces that our multitudinous and disparate
wishes strain it
with.
And yet, because it is created largely as a result of interaction of those
centrifugal forces and multitudinous and disparate wishes, and because in
order to be at least marginally comprehensible it must deal largely in
general cases and ignore the vast variation in detail and circumstance, its
rigid and inflexible application would be as misguided as setting it aside
too often.

Dave.
Owen Lewis
2004-10-06 18:43:25 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 19:17
Subject: RE: USA ID card for federal employees and contractors
-----Original Message-----
Sent: Wednesday, October 06, 2004 5:41 PM
Subject: RE: USA ID card for federal employees and contractors
All of us (most anyway) put what seems right to us before our
observation of
the law from time to time. Yet as a principle, this cannot be
right. If we
all did so and in every way and over everything, society as
we have it would
simply become unglued and fall apart.
Indeed - but if none of us ever did so, the same result would certainly
occur.
Possibly so.
The prime purpose of
the body of law
is to act as that glue and hold society together, more or
less, against the
centrifugal forces that our multitudinous and disparate
wishes strain it
with.
And yet, because it is created largely as a result of interaction of those
centrifugal forces and multitudinous and disparate wishes,
Not so, the forces acting in society are both centrifugal and centripetal.
Another part of the role of law is constantly to keep the whole at some
tolerable point of balance. The forces that *make* a society are the
centripetal ones. Those which are individualist are mainly centrifugal and
will tend to weaken rather than strengthen a society. Much of what we
discuss here simply comes down to opinion as to where that point of balance
is best placed.
and because in
order to be at least marginally comprehensible it must deal largely in
general cases and ignore the vast variation in detail and
circumstance, its
rigid and inflexible application would be as misguided as setting it aside
too often.
Which remakes your first point, I think.

Owen
David Hansen
2004-10-06 16:12:39 UTC
Permalink
Post by Roland Perry
And there I was thinking that high office of that nature should require
that such information *is* placed where the public can verify the
identity of the people that are taking decisions and exercising powers
legislated on their behalf.
A rather naive view.
Why.
Post by Roland Perry
The relevant cabinet papers will no doubt be
available on the usual timescales.
A timescale that is as useless as ever.
--
David Hansen, Edinburgh | PGP email preferred-key number F566DA0E
I will *always* explain why I revoke a key, unless the UK
government prevents me by using the RIP Act 2000.
Owen Lewis
2004-10-06 14:40:03 UTC
Permalink
-----Original Message-----
Sent: 06 October 2004 14:03
Subject: RE: USA ID card for federal employees and contractors
As discussed in other posts, here in UK
govt won the point of principle (that LI shall occur under
process as
governed by Statute). There is no reason to think now that they will
allow permanently any means lawfully to thwart this. In their place,
would you?
You appear to be assuming that decisions made by a bunch of rogues who
mostly do what their pagers tell them to do, especially in
fields about
which they know almost nothing but do believe the lies fed to them by
officials, cannot be changed. I am not so defeatest.
Well, I'd guess that LI access regulated under Statute is here to stay.
I suspect people said much the same thing about slavery, "legalised"
murders and a host of less dramatic things.
Hmmm... Slavery is lawful until the law of the land says that it is not so.
By definition, murder is an act of unlawful killing and therefore it is
self-evident that it can never at any time be lawful. If the law removes its
protection from some act of deliberate killing it will make murder that type
of act in the future. Conversely, if law is made to make lawful some type
of deliberate killing that was previously unlawful, then such acts are no
longer murder but something else.

One cannot choose what words mean in such contexts but must use the meaning
given to them for the purpose in hand (here, a determination of what is
lawful and what constitutes an act of murder).
Don't be too harsh on the poor polly-whatnots. I believe that
there is wide
public support for it.
I believe that the public are largely ignorant, just like the rogues.
I'd say that both can demonstrate a nasty streak of intolerance.
Both can of course be steered by suitable happenings, whether they are
"real" or "made up".
Sadly, the difference between the two is no longer as great as it once was I
think. These days what matters is not what may be real or true but what is
widely reported and editorialised - and what is not.
And you didn't answer my question :-)
In their place I wouldn't have got into the mess they are now in. Of
course I would take steps to change things for the better.
And you still have not answered. I presume that you have now cut the
question and its context away out of some sense of embarrassment ;-)

Owen
Roland Perry
2004-10-06 14:22:10 UTC
Permalink
And how tanks at Heathrow can affect someone launching a missile from
the other side of Windsor is a puzzle to me....
Indeed; the reason for the conflation of those tanks with the scaring
away of folks from a public carpark on a hilltop under the flight path,
is yet another exercise for the reader.
--
Roland Perry
Peter Tomlinson
2004-10-07 06:12:50 UTC
Permalink
It's not clear to me who the small businesses are going to be
communicating with. Perhaps their own teleworkers?
My guess is that this is a significant part of the requirement
in many cases. There are a number of benefits for small
companies if they can meet such voice and data needs using low
cost broadband services. The security requirement probably
stems from the data traffic but it a nice plus to know that
voice is also protected.
Seems rather niche to me.
Well, we need to have a system permanently online
Phone system or computer system?
Let's start with the basic free P2P offering (e.g. Skype) and
teleworkers calling each other (that's how us sole trader consultants
work): its PC to PC, and typically I would expect to have a headset
plugged into the PC. Somebody calls me: I expect the PC to produce a
sound equivalent to a phone ringing (loud enough to attract me if I'm
not at the PC). Then we would want to exchange screens of data while we
talk. That is an upgrade from the present positon where we use phones
and both look at the same data while we talk (data that we both have, or
data on a web site).

That's an attractive offering, but doesn't make the supplier any money.
and it needs to ring when we receive a call.
"It" being what? Some preselected phone handset?
And the software needs to be able to handle extensions (on the
business's local network).
Next: the small business where at the moment each desk has a phone,
incoming calls can be answered on any phone, but normally there is one
person who answers each call and then transfers it to the intended
recipient. This level of functionality I would expect to pay for
(software licence) when using P2P over the internet. The incoming call
over the internet should be indicated to every PC on the local network
in the office (preferably in a window showing who the caller is and who
the caller wants to speak to, and with an option for audible
indication). The person who normally answers the phone would answer the
call iff the intended recipient doesn't, and then must have the ability
to transfer the call to another PC on the local network. Here I would
want 2 or 3 'lines' capability.

That's also an attractive proposition.

Only after that do I want to consider calls between PCs at one end and
real landline or mobile phones - but I can see that others who network
with teleworkers who are not bound into a free mobile phone net, or
others who make a lot of international calls, will find the 'real phone
at one end' versions attractive if the result is significant call cost
savings.

Still niche products, of course, but I vividly remember how, about 10
years ago, it was hellishly difficult to put into an office a 3 + 10
phone installation with call cost logging using account codes that we
keyed in (we needed that extra function to be able to post call costs to
client accounts - Mercury offered it on a single phone line, but not via
a small PABX when we needed to install).
If it's local, then why a VPN?
Peter
Peter Tomlinson
2004-10-07 06:34:06 UTC
Permalink
C'mon.
Hardware can be well regulated. A part of that regulation can be to
require design such that firmware can only be updated/changed
successfully without disturbing or overriding certain embedded
protocols required by the regulations.
C'mon, yourself.
You propose banning the shipment of General Purpose Computing
Devices? Or limiting PCs to a single ethenet port and banning the
sale of ethernet cards?
If the special purpose hardware is restricted, then it will lose its
market immediately to small PC running a full blown, if stripped
down, OS. (You can get a 3 ethernet port PC compatible board for
perhaps EUR 120-200; possibly including a PCMCIA/Cardbus or PCI slot;
it will run several different Unix variants)
You are effectively proposing a ban on specific capabilities in
software; capabilities which now exist in all OSes I am familiar with
(Windows, Solaris, Linux, *BSD).
If you spec the necessary secure hardware and software combination (and
I have previously reported some initiatives in this area; also Nicholas
and I have corresponded on the desire of lawyers to have such systems),
there is still the risk that it will be cloned using cheap but powerful
hardware. That is also exercising some of us in the smart card arena.

Look at the end to end situation, not at the individual components. The
idea is that there should be a binding of the user to the local hardware
and software, in a manner that can be confirmed by the other end of the
link. Quite separately, changes to the local hardware and software need
to be securely managed and logged.

These systems will indeed have limited capabilities, but by user
agreement not by law (but sometimes the agreement will have to be with
the civil power at one end of the link).

Peter
Ian G Batten
2004-10-07 06:30:55 UTC
Permalink
Hardware can be well regulated. A part of that regulation can be to require
design such that firmware can only be updated/changed successfully without
disturbing or overriding certain embedded protocols required by the
regulations.
When you find out how to do that, patent it. You'll be very rich.
Remember, you've just bankrupted the entire UK electronics industry,
because you've just banned FPGAs, so you need to tell us who's going to
build and distribute your UK-specific computers.

ian
Peter Tomlinson
2004-10-07 06:35:20 UTC
Permalink
Owen,

You beat me to it.

Peter
-----Original Message-----
Sent: 06 October 2004 00:20
Subject: Re: USA ID card for federal employees and contractors
If govt can require you to licence your TV and to regulate under
statute key
factors of the design of those TVs offered for sale to you,
what on earth
makes you think they cannot do likewise for x,y' or z manufactured
items, as it may suit them to do so?
Because I can't download a TV written by a high-school student from any
of the almost 200 member states of the United Nations?
C'mon.
Hardware can be well regulated. A part of that regulation can be to require
design such that firmware can only be updated/changed successfully without
disturbing or overriding certain embedded protocols required by the
regulations.
Turn your hat around. Could you do it? Bet you could ;-)
Owen
Peter Tomlinson
2004-10-07 06:36:46 UTC
Permalink
Aah. We suffer from dogma all the time.

Peter
The next question is what "due process of law" is. To most people that
means the courts are involved,
Then they would be wrong, I think. For present purposes, I would suggest
that due process is the correct following of process authorised by
Statute(Law). If the ruling clique in the Commons should say (or imply) that
there is no requirement for any judicial proceeding, then that's an end to
it. They are sovereign.
I think that is defeatest. Just because some bods in Westminster decide
something does not mean that this cannot be changed. There has been
nothing other than loud assertions (such as the assertions from the
chairman of some committee) to explain why RIP is the right way to do
things.
Peter Tomlinson
2004-10-07 06:40:17 UTC
Permalink
How long did it take you the read this? If you want to make a good
copy of something more difficult, such as a Colt .45 semi-auto pistol
or an AK-47 rifle complete with magazines, I can take you to villages
in Pakistan and elsewhere where an illiterate 14 year old will give
you an excellent six month show 'n tell course. Another six months of
working under supervision and you'll be more competent than most of
the armourers in Western armies :-)
Its not about book learning. It's about using your hands, patience,
attention to detail etc..
To drop a name, Michael Palin's Himalaya trip on TV took him to a town
where guns are made - proof visual.

Peter
David Hansen
2004-10-07 07:44:30 UTC
Permalink
Possibly scares them off. ISTR this "emergency" happened at a very
convenient time for Mr Liar and his cronies. A few soldiers driving
around in tanks is always good for getting people to do what government
wants.
In the face of such cynicism, all further debate is probably futile.
Cynicism, or realism?

Generating a "crisis" to deflect public attention is something that has
been done for as very long time. I see no signs that Mr Liar and his
cronies are different to any other bods.
I have named at least his unit boss (Head of NHTCU) but
naming more people of that rank and above doesn't particularly advance
anything.
It goes to the heart of the matter.

We know that those responsible decided to hide behind some junior bod.
Whether that decision was deliberate or accidental is an interesting
academic question to discuss, but we now know the answer to it. We know
that those responsible have continued to hide. They have had long
enough to come out of hiding.

Now the logic expressed by Home Secretaries is that only those with
something to fear hide. So, either Home Secretaries assertions on this
are wrong, or they have something to fear.
They aren't mentioned because it's not the protocol in a letter like
that.
We are told that this was a one-off.
As I said at the start, such a data grab should have been authorised by
the Home Secretary or Prime Minister in my view. So far you have not
provided any information that it was.
To do so would be inappropriate in a public forum.
See above about those with something to fear.
--
David Hansen, Edinburgh | PGP email preferred-key number F566DA0E
I will *always* explain why I revoke a key, unless the UK
government prevents me by using the RIP Act 2000.
Brian Beesley
2004-10-07 07:56:33 UTC
Permalink
-----Original Message-----
Sent: Monday, October 04, 2004 10:09 AM
Subject: Re: USA ID card for federal employees and contractors
But strong 'end to end' cryptographic _communications_ security is
available for all those within the 'masses' who are prepared
to develop
the knowledge necessary for its effective use.
Debatable, at least if those against whom protection is sought have
sufficient power and resources.
Surely there are two points here:

(1) strong encryption is by its very definition harder to "eavesdrop"
(intercept and decode) than no or weak encryption

(2) "sufficient power and resources" comes down in the end to expenditure on
manpower and hardware - despite the existence of "black budget" projects, I
simply don't believe that TPTB could divert a significant proportion of their
resources into defeating widely-deployed strong encryption without
embarassing leaks, or questions being asked in High Places.

Naturally it helps nosey parkers in TPTB if there exist loopholes in deployed
"strong" encryption products which make them effectively transparent given
the limited resources they are able to deploy.

As has been pointed out elsewhere, conventional intelligence methods _can_
break the "secure" comms links between specifically targetted individuals or
groups by infiltration of the cell and/or eavesdropping on the comms before
encryption or after decryption.

Brian Beesley
Brian Beesley
2004-10-07 08:06:12 UTC
Permalink
ISTR a long time ago the Germans believed this and those at Bletchley
Park showed that it aint necessarily so.
You are right; t'ain't necessarily so but, for a simple illustration of
principles, its a reasonably fair approximation where the ciphers are
entirely dissimilar. Particularly where one re-enciphers a text using the
same algorithm one may have to be rather more circumspect.
Surely this boils down to E(k1)[E(k2)[P]]= E(k3)[P] (at any rate for some
encryption algorithms, including Enigma, I think) so that breaking a message
encrypted twice can be done by recovering one key instead of two.

On the other hand, if the enemy may have means of finding or deducing one of
the two encryption keys actually used by indirect methods but deducing a
single key by brute force attack is too time consuming, double encryption may
be a valuable safeguard.

Brian Beesley
Brian Beesley
2004-10-07 08:34:16 UTC
Permalink
However, the request should have come from the Home Secretary or Prime
Minister, not some bod in the police. Party politicians can in some
(imperfect) ways be held accountable for their actions. The fact that
the industry responded to this bod is a clear illustration of the
contempt with which the industry holds its customers.
They also have some responsibility that their customers aren't blown up.
No; _I_ have the responsibility to ensure that I am not blown up.

The Government has the responsibility to provide resources (e.g. bomb
disposal squads) to assist me in dealing with suspect objects.

But, in the end, it's up to _me_ to decide how careful I am about checking
the underside of my car before I get in, to decide how to deal with
packages which arrive unexpectedly through the mail, etc, etc.

The Post Office may screen packages for the protection of its own staff, but
routinely logging even comms data (sender and recipient) and passing this
data on to Government agencies is an unwarranted infringement of privacy.

Brian Beesley
Roland Perry
2004-10-07 08:53:54 UTC
Permalink
Post by Brian Beesley
However, the request should have come from the Home Secretary or Prime
Minister, not some bod in the police. Party politicians can in some
(imperfect) ways be held accountable for their actions. The fact that
the industry responded to this bod is a clear illustration of the
contempt with which the industry holds its customers.
They also have some responsibility that their customers aren't blown up.
No; _I_ have the responsibility to ensure that I am not blown up.
The Government has the responsibility to provide resources (e.g. bomb
disposal squads) to assist me in dealing with suspect objects.
The government also has the responsibility to fund and provide a police
force, which is used to detect and detain those who would blow you up.
They need evidence to do that, and some of that evidence is in logs, and
companies have a responsibility to assist the police when lawfully
requested to.
Post by Brian Beesley
But, in the end, it's up to _me_ to decide how careful I am about checking
the underside of my car before I get in, to decide how to deal with
packages which arrive unexpectedly through the mail, etc, etc.
The Post Office may screen packages for the protection of its own staff, but
routinely logging even comms data (sender and recipient) and passing this
data on to Government agencies is an unwarranted infringement of privacy.
If it was being routinely passed on, I might agree with you. But the
logs exist for the business purposes of the communications companies,
and sometimes an extract of that log is evidence required by the police.
--
Roland Perry
Ian Miller
2004-10-07 08:41:54 UTC
Permalink
Post by Brian Beesley
Surely this boils down to E(k1)[E(k2)[P]]= E(k3)[P] (at any rate for some
encryption algorithms, including Enigma, I think) so that breaking a message
encrypted twice can be done by recovering one key instead of two.
Algorithms that have this property and said to be a "group". That is using
the word "group" as its meaning in set theory. My understanding is that an
algorithm being a group is generally recognised as a major weakness.
See Schneier[1] for more details. I don't think there are any modern
cyphers known to suffer from this.

Ian
--
[1]: Applied Cryptography by Bruce Schneier ISBN 0-471-11709-9; cht. 14.10 p348

--
Singularis Ltd, 32 Stockwell St, Cambridge, CB1 3ND
Tel: +44 1223 525088 Mobile: +44 777 5536663
Fax: +44 870 0514333 (e-mail preferred to Fax)
Continue reading on narkive:
Loading...