PIGSVILLE - THE FOUL FLAVOUR

{december 6, 1999}

JIBBA JABBA
personal ramblings

TEXTS
published writings
[mostly in swedish]

LINKS
links, the wild style

MUSIC
bands and labels

SECURITY
good links on security

CURRLINK
bookmarks0411@job2

GRAFFITI
by Swedish writers

THANKS

www.sunnerdahl.org

::::::::::::::::::::::

you got a problem,
pilgrim?
then mail me

December 6, 1999: ENCRYPT YOUR ASS, KID!

Let's get this straight. The future started a long time ago. So what will your "future" be like? Will you belong to a world spanning clan, a krewe, a subculture of brethren & peers & hubbub? Will you cradle your ideas about yourself and what the world is made of up until the bitter fucking end? Let's talk about your networked future. Let me tell you what I think about it. Let me tell you why I've loved computers for as long as I can remember:

I was born in 1967. I was - as most children are - eager to learn.
Like most boys, I was into archaeology. I was into space. Rocketry. Astronomy. Why, I don't know. No-one except myself made me find those books in the library. I came to love fantasy and SF at an early age. When I was 10 or so, I had already read about computers. At that time I saw my first personal computer, a Commodore Pet. I was shocked. It was the future, but now. It was science fiction. Not a rocket, but science fiction nevertheless. That, I think, is why I still love computers. I don't even need to do anything with them, except twiddle & fiddle. Install a new OS. Try to get a program up and running. Compile some nifty netstat gadget. Testflood myself. Move a window. Render a movie. Generate secure keys in pgp. Testhack a shitty old quadra. Partition a HD. Manipulate a sound. It all leads to nothing, but it's probably the closest I will get to a future of sorts. At least during my lifetime...

A Little Futurism
Let me try to sketch your computer future.
In this new world of routers galore, optical hip connexions spanning your neighbourhood, companies promising the world, media on demand, power at your fingertips, consumer rights and direct democracy, nothing means anything and the world means null and it's void to boot. Empty promises full of threats.
OK. In the morning you wake up. Your GSM/slate/digital swiss armyknife beeps you. You've wisely kept your computers off-line during the night. So the first thing you do is to initiate a secure connection to your anti-adbot outlet. You download the latest patches from another secure connection. Then you log on to the real internet and check your mail. 2000 e-mails are spambusted by your newly downloaded software, and intrusion detection shows hundreds of streams pummelling against your gatekeeper, who stoutly denies them entrance. A trojan auto extracts in an unused part of your video RAM, which causes your Van Eck surveyor to isolate it. In a simulated environment, the trojan is trying to dump your computer's statistics core to an offshore spambank. You feel pretty secure. Van Eck phreaking your computer won't work, since your computer is TEMPEST-classed. Your secure connection are encrypted using pseudo random keys created by angled photons. Now you contact your auxiliary work systems which have been up all night. A temporary hijacking of one router in your vicinity has lead to serious fakespamming from your subnet, which have resulted in a plethora of angry e-mail. Your autoresponder watchdogs have found the real culprit and reported his net address to the complainers as well as launching a counterattack on him, this time being a third and thus a punishment seems in order. Bla bla bla ad nauseam.

Realize Your Vulnerability
I used to be positive about the entire internet thang, but right now the future seems pretty bleak. We all write weblogs, we get too fucking candid for our own good. At the same time we are stalked by numerous software. RealAudio logs your computer info at a "statistics" server. Cookies bounce to and fro, totally unencrypted, containing vital data about yourself and your computer. Using Microsoft Office can mean that you violate nondisclosure contracts if you're running beta software, since Office gleans data about your system and dumps it in Bill's digital dungeons. The tcp streams that you send are not encrypted, and thus easy to tap. I can see what you type on your icq. I can trace your mail. I can steal your mail. I can steal your IP and do nasty things. The common user don't care. That's OK. One doesn't have to care about most mail & shit. But let's say that your boss is running a sniffer with a porn filter. He sees that you're at a smut site. Tough titty. Novell recently fired some guys - who claimed innocence - for porn surfing. Good fucking riddance.

There are plenty more reasons to encrypt at least your e-mail and TCP/IP transactions:
1. information about you may be used to target you for sales drives etc.
2. passwords can be gleaned. if you use a free e-mail service, or a free web page, you're easy to get.
3. your opinions may be gleaned by the powers that be: your company, your country.

Still you don't care? Project Echelon is still a big hush-hush hunk o' burning love (see http://www.echelonwatch.org at ACLU). Australia have confessed that it- under the UK-USA agreement- have spied on it's citizens since the 1950s: phone, radio, and later on net communications. The European Union parliament have claimed that they have been suckered into helping American companies swinging sweet deals on behalf of euro companies. The Wassenaar treaty tried to limit strong personal encryption such as Phil Zimmerman's Pretty Good Privacy, PGP. For several years- and i guess they're still up to their tricks- the US government wanted to outlaw strong personal AND commercial crypto in favour for their own Slapjack/Clipper scheme. Clipper would be a pretty strong crypto, key based like PGP. the crux is that there would be two keys: one that you would have and one that the US Treasury dept. would keep in escrow. If you were suspected of breaking the law, FBI or some other spookshow would be able to get the key from the treasury boys and decrypt your "secure" data, just like so. It's the greatest dog and pony show on earth.

A Swedish Conspiracy;-)
Fuck, I'm slowly becoming one of them conspiracy nuts. I started to wonder why the fuck the swedish equivalent to the NSA, FOA, would need the fastest strapping super computer in the country for. It's magnitudes faster than the one's they use for advanced chemical calculations, finite numbers and shit. FOA used to listen to Russians, flying their pithy AWACS mini copies. What do they do now? Monitor the airspace with computer power from hell? Yup. Another thing: a law was swiftly passed here in Sweden called PUL, the law about personal information. In theory, the law would stop everyone except journalists to write about other people. In effect, it meant nothing, except making the politruks feel stupid as all hell. But my take on it was that the government- in accordance with the Wassenaar treaty- wants to exercise some control over the internet. They are afraid of free encrypted and F-A-S-T communication between individuals and companies. I think. I'm currently reading Bruce Sterling's Distraction, where political strongholds are taken over by squatters and politicians misplace USAF bases. Netwar runs berserk. But that's just fiction.

Another thing: I did my military service (used to be almost obligatory here in Sweden) back in 88-89. i did some pretty secret stuff, I guess. Hush-hush. The military struck me as being a little ass backwards, until I realised that they monitored every ship & plane from the Eastern Bloc: "Gadagada Protch from Poland arrived Snuskhamra Harbour at elevenhundred hours", etc. Then I realised that the computers i eventually got to use were TEMPEST-classed, which means that they are secured from electromagnetic surveillance (Van Eck phreaking). Your computer screen, keyboard, printer, cables and the computer itself emanates electromagnetic radiation, which can be tapped with any electromagnetic surveillance equipment. No-one talks much about it nowadays. But now ponder this: If they had TEMPEST-classed computers in 1988, what the fuck do they have today? Same goes for crypto, of course.

This is what I suggest: demand free strong crypto. Demand personal security on the web. Outlaw spamming. Outlaw snooper functions in software. Almost as simple as that.

I also recommend a few tools:
*SSH & RFC - Secure shell & Remote File copy [several free clients]
*Freedom - new all-in-one package for surfing, mail, etc. anonymity.
*HushMail - a secure FREE e-mail service
*Cookie cleaners of any flavour
*Antivirus software
*Any kind of good logging software you can find
*& if you're silly enough to use Windows, install the latest service packs, by god!

Pack me,
//Monsignor Pig

--
Music: Beach Boys, Buck Owens, Peanut Butter Wolf, Dead Kennedys, AC/DC, Ween, Blackstar, Hashim, WARP Influences, Supersuckers, Thee Headcoates, Undertones, Lee Hazlewood, L'Usine and Jonathan Richman.
Photography: Nan Goldin, Larry Burrows, Joel-Peter Witkin, Jan Saudek, Weegee, Wolfgang Tillmans, Noboyushi Araki and Sebastião Salgado.
Movies: My Name is Joe, American Beauty and The Slums of Beverly Hills.
Comic Books: From Hell, Hell and Back, Artbabe, Optic Nerve, Epix, MegaPyton, Eightball, Louis Riel, Two-Fisted Tales and Comics Journal.
Books: Cryptonomicon, Hacking Exposed, Distraction, Answer Me! and The Hard-Boiled Omnibus

BACK TO THE TOP