Speak of the Devil
eugen at leitl.org
Fri May 19 08:29:05 UTC 2006
On Fri, May 19, 2006 at 03:59:46AM -0400, Dan Mahoney, System Admin wrote:
> I can't speak for the british government, but if someone came to me and
> said "someone is using your SSL-enabled webmail system to traffic kiddie
> porn" and felt that somehow the easiest way to sniff their traffic was
I can't believe you have actually bought into this tripe about
terrorists, and pedophiles. Consider it the new Godwin's law:
if someone mentions pedophiles, terrorists and drug traffickers
in order to justify wiretapping, that argument is automatically
nil and void.
> with my private key (as opposed to just asking me to tap their spool
> dir, tar up their homedir, and gladly hand over any information
> associated with them), I'd be more than willing to cooperate. With
Are you running a Tor node? You should not be running a Tor node.
> probable cause. I know warrants are difficult, but I come from a law
> enforcement family.
> Sadly, the truth here is that if someone is using my server, then the
> fedgov HAS to act as if I am in on this, and will likely blow their
> investigation if they contact me -- at least this is how procedural rules
> are set up for them.
So basically I can use bogus pedophile and terrorist charges to
shut down about anybody? No doubt that's terribly convenient for
> I've investigated kiddie porn complaints on my network, and let me say
> this in total seriousness -- while we've all seen the maxim-like young
> looking models that are just recently 18 (hell, they advertise on regular
> cable here in the states)...every once in a while you come across a site
> like the ones in question that is so blatant, so disgusting -- where
> there's no question in your mind that yes, that's thirteen. Following
What has this to do with turning over your keys because somebody
claims that children are being violated somewhere?
> that, there's a fit of nausea and a willingness to research some drug or
> amount of voltage that can remove the images you've just seen from your
> mind. I'm told the sensation is about ten times worse if you're a parent.
So, again, what has moral indignation to do with cooperating with
people who you *know* would lie and bend the law to their advantage?
> With that said, however...
> There's nothing stopping governments from logging the traffic (possibly at
> a higher level, like the upstream level) and then getting a subpoena for
> whatever key was used to encrypt it.
> The PROBLEM with this method is that once the length of the warrant has
> expired, 99 percent of people out there DO NOT check CRL's. I myself am
> guilty of this. I.e. once the government HAS your key, they've got it for
> the lifetime of your cert -- and while you can certainly retire that cert
> from use, there's no way to prevent the now-compromised cert and key from
> being used creatively for the remainder of the validity period.
> Or am I wrong here?
Yes, you're being a good German here. Facilitating the totalitarian
takover, by cooperating instead of being difficult.
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 191 bytes
Desc: Digital signature
More information about the tor-talk