• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Junilu Lacar
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • Rob Spoor
  • Bear Bibeault
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Piet Souris
  • Carey Brown
  • Stephan van Hulst
Bartenders:
  • Frits Walraven
  • fred rosenberger
  • salvin francis

The Liquor Cabinet & the Whiskey Rebellion

 
Ranch Hand
Posts: 1282
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
In the discussion: Criptography, my discussion with Pat Farrell has gone far beyond "Quantum computing and quantum cryptography are new fields based on quantum mechanics which takes place in Hilbert space", and will soon range into Understanding How Good People Turn Evil.

As an adjunct to our work, I wish to move the discussion here - where those who know my work can shield Dr. Farrell from some preliminary thoughts,... such as if we will cite: Bad Mitten, the cruel kitten as an opening into the discussion of " But while security needs are well known, at least per the media hype over the latest bad thing(tm), good security is actually hard." and that type of thing - then we need to be here, in the company of real and accomplished work.

To start off with, we are working in an area where most engage in Psychotic Bunnies, engaged in forward slashing and backslashing. As to how good people go over and tromp the clover, just look at the smitten kitten cited in the article: stealing driver's license photos ? ....

Do what ? I cannot even describe the nature of where the cited person is or will be or was going, due to it's distant removal from the type, nature and personna revealed by your website design. It is so far removed from daily life of those who talk about it that it just isn't fair to the kiddos who might be reading this web page to talk about such stuff in a constrained vocabulary and a reasonable manner in choice of words. Put on top of that the common nature of cyber-crime making it's way in to the ensconcment of decent people via optic fibre, the capacity of which is wildy beyond human visualization, and we have a Dead on Demand intrusion portal that cannot be thwarted or detected by the Joe Citizen, and Mabylene Darling - many of which cannot even turn the computer on and off correctly, let along make the distinction between a folder icon and the AVL tree implementation it represents.

So, given the calber of your work, I respond:



  • google for "Pat Farrell security"

  • <BLOCKQUOTE> I did, and given that this might seem combative, I complement your design for it's operational efficiency and adroit use of client-side utility without impeding responsiveness. ( folks, you gotta go look at this guy's resume' so you realize that I realize what I am biting off here. This guy taught this stuff - at GMU ....)
    </BLOCKQUOTE>
  • I'm a heavy weight guy, too close to 300 pounds.

  • <BLOCKQUOTE> So is Bear Bibeault, but I am a meager 235# and it's just a short drive if you need the bear to come up and kick my butt.
    </BLOCKQUOTE>
  • per the media hype over the latest bad thing(tm), good security is actually hard.

  • <BLOCKQUOTE> I was actually in a video, Hollywood is a comercialization of real human needs .... and serves as a sanitized thought factory. It is far removed from reality or they would not be able to get money for it. Taking Enemy of the State as a reasonable work of that which it studies and that we can work that in the clear, what is the role of the human mind ( as the creator of the computer ) in controlling the computer. Use parallels to the movie Forbidden Planet where possible.

    When I was young, very young, I had a profound experience when the log(base 10) power meters were explained by Dr. Lostfarawy. It parallels, in power and depth, one and only one experience in my existence: The Amazon. (The experience's one and only one peer) I met a hollwod producer by the name of Neil Stone. He has worked in the movie and television industry since 1972 with credits for over 75 TV shows and movies. He told my why my feature won't market: Guys wont get off their ass and go buy tickets, girls don't want to see it.

    It is so, so unusual for one to actually be working in their degree field ~ can you explain to us how that happend ?
    </BLOCKQUOTE>

  • Bruce often writes about how easy it is to screw up. Security is somewhat like global politics, its not as easy as saying the right thing to Pakistan and hoping that the India govenment won't notice.

  • <BLOCKQUOTE>
    I suffer the same weaknesses that motivate Bruce Schneier to be overly concerned with screw ups. This attack point derives from working with people who screw up. Your website, because of it's composed nature, reveals an attack point for you: You deal with people who are not as screwed up as the people I deal with. Everything is an attack point, as discussed in my setup private message to you. It's when ideas begin to gain some footing in my thought patterns that I realize I have been successfully attacked. I know my way around in corners of your soul you don't even know you have.

    Yes, those are nice piano/organs - and I appreciate the man-of-honor and clear thoughts in the pointing to the fine musicals, but baryonic matter only comprises a guestimated 4% of reality.

    But why move to Omaha ? Due to fibre-optical transmission reducing the processor to the bottleneck today - it looks like the true battlefield of the future is the battle of ideas, conducted in the human mind. Therefore an illuminated screen in damn near every home would become in intractable domain of idiocy and idocratics. RFID is inveitable as a control technology, but who controls the controllers ?
    </BLOCKQUOTE>

  • It is a really, really hard problem in general. The first thing you realise is that just as most retail shoplifting is done by employees, most security hacks are not done by breaking ciphers, its by exploiting the weakest link, the humans. Read up on   " social engineering "   it is amazing. If you check out Kevin Mitnick's record, he was a master at social engineering.

  • <BLOCKQUOTE>
    As responed earlier in the post. Mr. Mitten, the smitten kitten, cannot be too smart. Gene Pool, (clearcode for one of the contacts I introduced you to in email), builds the places Mr. Kitten will be visiting. It's not something that can be discussed with this clean of words. I know, I tried it. marginally testing small-scale violations of residential front-room decorum, often results in deletion of post.

    Lets's start over. Rename the project: Project Glass Eye, re-work the problem definition from the get-go ( now that I have a doctorate in the science to work with ) and let's do the preliminary concepting.

    Those who have read my work know to show me no mercy. I address my New Team lead: Blue Monday as Good Morning, Clarice and signoff as something we won't cleartext into a beginner area.

    We are in the battle of ideas - where idiots cannot follow. Nobody likes to be called idiot/ignorant. We can work freely and unfettered.

    </BLOCKQUOTE>

  • The spy movie cliche of a serious guy with a briefcase handcuffed to his wrist is not far from the truth of how to transport keys. The real definition of "key" is really that of "secret".

  • <BLOCKQUOTE>
    Agreed, but transport should be a rather moderate person who will not attract attention. Breifcases bound to the wrist by Clairmont and Clyde Brother's latest titainium fashions toting a psuedo-hide attache would not make it past the parking lot. See any Hollywood agent for details. (Or your local retailer of videos)

    We better get Jimmie Spits to run the taxicabs and have RCC as our cryptographers.

    A few operatives as real Hollywood versions of Ed the Fed standing on the curb and we can overrun any budget they can give us. Overruning the budget always gets you work in Hollywood, they have a lot of cash to hide. {   }

    As for OTP transport, better to have a lower-grade clerical - in routine traffic, not a Master Social Engineer - so that employ the lessons learned in the   Tor: The Second-Generation Onion Router.
    </BLOCKQUOTE>

  • --- edited to fix quoting and make sentence about 1024 bit keys be logical --

  • <BLOCKQUOTE>
    If I try to employ encipherment, and do not know what I am doing, would it not be better to work with toy-grade tools until I have some idea what questions to ask ?

    [ Message edit: I came up with 4912 bit seeds this morning.]

    I took your basic idea of the Message Digest help above and just started reading the sources on my remote, isolated platform.

    I think I got a reasonable random byte[256]

    I transport all work to the remote on floppy, then shred the floppy.

    I use, and work in cleartext only, then shred the floppy.

    I have no enemies to hide from.

    I tore into Blue Monday for sending me his PGP keyring. I told him I have the sources for PGP - why would I want to pass executables to the shell ?

    You can call him and ask him. You have his phone number. He was trained by your thought school, in the ways of the pure and decent.

    We are dealing with people who will .....

    It just doesn't make any sense: Mr. Mitten, the smitten kitten, went to steal   driver's license photos   driver's license photos. For most people, this is resolvable by pulling out your own driver's license and looking at the photo. Consider: What mentality would want to break into anything for that ? We have a serious challenge here, folks.

    It is not a risk-assesment where the decision can be evaluated by comparing the cost of a failed attack to the target value. I know, used to run with one of these guys in High School. His name was Don Anderson. I renamed the person to Frank Abagnale Jr. in my Mission Statement to avoid making someone feel bad.

    This guy would do loads of work, if it was wrong. Doing absolutely no legitimate work for any reason or under any duress. We would be on a construction site at nine pm on Friday night. He would be there to siphon gas. He could tell which ones were diesel and which ones were gasoline. I told him, let's come back on Monday and get a job. We can make a lot more money.

    There is no way in Thirteen Hells that guy would do any legitimate work. Show him Frank Abagnale Jr and the guy would run circles around a taxicab a LaGuardia International Airport, at Five P.M. on any Holiday Friday - Labor Day, Thanks Giving, you name it.

    So tell me, what does [[[[[[ or ]]]]]] showing up in the browser mean ?

    There are plenty of Doctorates watching who can come to your aid if you need it.

    I told my Social Engineer about my last post. It made his blood run cold.
    </BLOCKQUOTE>


    Full tilt boogie. There is no mercy between professionals.



    [ September 16, 2007: Message edited by: Nicholas Jordan ]
 
Rancher
Posts: 4686
7
Mac OS X VI Editor Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Nicholas Jordan:

If I try to employ encipherment, and do not know what I am doing, would it not be better to work with toy-grade tools until I have some idea what questions to ask ?

I transport all work to the remote on floppy, then shred the floppy.

I use, and work in cleartext only, then shred the floppy.


I have no enemies to hide from.



You only think you have no enemies to hide from. They are out to get you.

Floppies are computer things. Don't use a computer.
If you have to use a computer, use it in a SCIF.

Use paper and pen, burn the paper, mix the ashes with acid.

Just because you are paranoid, doesn't mean that they are not out to get you.
 
Nicholas Jordan
Ranch Hand
Posts: 1282
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Ahhh, world-class Master !...
  • You only think you have no enemies to hide from. They are out to get you.

  • <BLOCKQUOTE>If you only knew, if you only knew - just look at your sentence.
    </BLOCKQUOTE>
  • Floppies are computer things. Don't use a computer. If you have to use a computer, use it in a SCIF.

  • <BLOCKQUOTE>I assume you are talking about copper-plate, installed four-wall, by union-geezers making mucho-dollars an hour. You got me on that one, I will have to look up SCIF - I'll give you an opening: It means SANITIZED COMPUTER INFORMATION FACILITY, correct ?

    Tabby the Cat is watching, tear me up. Let's build a fire for the pencil holding desire of kraftwork of Tradecraft.
    </BLOCKQUOTE>
  • Use paper and pen, burn the paper, mix the ashes with acid.

  • <BLOCKQUOTE>I assume corrosives, not that of which Louis V Gerstner avoids speaking.
    </BLOCKQUOTE>
  • Just because you are paranoid, doesn't mean that they are not out to get you.

  • <BLOCKQUOTE>
    Why would they be out to get me ? {trick question}
    </BLOCKQUOTE>


    [ Message edited to get Mr.Gerstner spelled correctly ]
    [ September 16, 2007: Message edited by: Nicholas Jordan ]
     
    Pat Farrell
    Rancher
    Posts: 4686
    7
    Mac OS X VI Editor Linux
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator

    Originally posted by Nicholas Jordan:
    If you have to use a computer, use it in a SCIF.
    look up SCIF - I'll give you an opening: It means SANITIZED COMPUTER INFORMATION FACILITY




    Actually that is not correct. It means Secure Compartmentalized Information Facility.

    Among the spooks, you have to compartmentalize everything. Need to know and all that.

    The only secure computer is inside a SCIF, unplugged, powered down, door locked, and a squad of US Marines guarding it. All else is just degrees of less exposed.

    Now I thought the Wiskey Rebellion was about taxes, not booze.
     
    Nicholas Jordan
    Ranch Hand
    Posts: 1282
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    [Pat Farrell:]Actually that is not correct. It means Secure Compartmentalized Information Facility.
    My Social Engineer is a world-class Master at compartmentalization. And while I am eating Humble Pie to suck you in, it is noteworthy that Blue Monday uses that nomenclature .... and was formally trained by your thought school. So I just picked up a piece of information, be though it may minor and not ready for packing in a Pelican Case: Pelican - Products is a manufacturer of watertight protective cases,



    [Pat Farrell:]Among the spooks, you have to compartmentalize everything. Need to know and all that.
    Spooks spook me. But Electronic Vector Intercept Language (E.V.I.L.) - comes from within. You have to look inside yourself. Something that is hard for the M.O.S (Man On Street - for observers and potential participants in the discussion) ... hard for the M.O.S to do.

    I know they do not teach this in spook school, maybe in Teenager Ninja School. Maybe we should buy some Ninja videos. I can put one ( a purchase ) in your destiny easily. Just casual miscellaneous side motion, no kraftwerk involved. I am a little leary of inviting trained combatants until you get up to,... guidance says you are not ready to walk in the void. It would disturb your world.

    [Pat Farrell:]The only secure computer is inside a SCIF, unplugged, powered down, door locked, and a squad of US Marines guarding it. All else is just degrees of less exposed.

    What about the thoughts of the workers, as they lay there - dreaming. Not the Mata-Hari they teach in spook school. You're in the 4% domain. I will give you some more acclimatization before real demonstrations begin.

    Isn't Hannibal an entertaining and funny Clown ? So correct to lead the Nation of Clowns.

    [Pat Farrell:]Now I thought the Wiskey Rebellion was about taxes, not booze.
    Well I gotta get past the filters. Lots of Pencil Holding Desire trying to keep this discussion from occuring. {Pat - those who know me will know that I cannot take " Pencil Holding Desire " any farther, they will know where I am going with that, and I am not falling into crudities. }

    There was a joke, early on, about Liquor. My cat, named Rat Trap, has Whiskers and I have not learned how to use:

    I wanted to put up a jpeg of my cat and say that this was the Whiskey Rebellion, lining up Liquor Cabinet on one side, and a so called Whiskey Rebellion just to keep our extremely productive exploratory work from being taken down because of having meaning.

    There is plenty of Pencil Holding Desire that will crawl into the Ivory Tower and drag up 600 year old verbosity, much of which is meaningless to me, but why do words have meaning. Is it because words are mean ? If you look at the emoticons, only four of them are clearly non-negative. It's not that I am handing you a paranoia joke, it's just that if a word can have two meanings, where's the goodings ?

    [ Exemplary comment from DragonFly:   Why run msdosfs or cd9660 in the kernel and risk a crash when it would operate just as well in userland ? ]

    [ Message edit: Why do you think they call him Gene Hackman. ]
    [ September 21, 2007: Message edited by: Nicholas Jordan ]
     
    reply
      Bookmark Topic Watch Topic
    • New Topic