The old hyperarchive has gone down, and many of the other archives out there have recently stopped keeping up. This one is up to date and spam free. It was suprisingly hard to find.

Cypherpunks Yahoo Group

] To make a duplicate of a lifted fingerprint took me several
] days in 1992 and I had to do a lot of experiments to find the
] right process/technique. Now it takes me half an hour and the
] material costs are $20 (also sufficient for about 20 duplicates),
] the only equipment you need is a digital camera and an UV lamp.

A biometric is a password that is easy to steal and that you cannot
change.

[IP] From CryptoGram: faking fingerprints trivial

] The purpose of this project is to construct a high
] quality working model of a homemade HERF device built
] from microwave oven components.

This is positively one of the coolest hacker sites I have ever seen. This dude is a bad ass.

Voltage Labs

] The outcry from computer users over their rights being
] trampled would be "shocking," said Ken Silva, vice
] president of VeriSign Inc. "What you're proposing is
] tantamount to trimming a little fat off the
] Constitution," Silva told Bass.

Thats an ironic quote given that in another (recent) context an outcry from thousands of internet users in reaction to Verisign shoving a "solution" down everyone's throats was spun by Silva and friends as "technical zealotry by a vocal minority."

This hearing was about requiring people to install anti-virus software in their computers.

Honestly, cars are required to have seat belts. I can imagine computers being required to have some sort of defensive security technology. I don't even think I would have a problem with that as long as it really was defensive, although I'd prefer that it be a requirement on operating system companies rather then end users... so I don't have to buy new software. The most compelling problem with this proposal is that "virus scanners" per say only really make sense on windows machines. Its technically possible to have viruses on any os, but the scale of the problem isn't the same. Unix machines tend to have different kinds of security problems.

Of course, it only gets worse from there. A congressional committee sitting around har haring about virus writers being primarily motivated by the fact that they "can't get dates..." Seems like a standard "making fun of the geeks" comment, but think about it. This isn't junior high school or even a sitcom. These people actually run large social institutions. They are in a congressional committee hearing and they are discussing questions that are ostensibly significant to national security.

These people actually think that all normal people are extroverted, and that introverted people are dangerous, and also pitiful. Don't these people have a basic understanding of the notion of personality types? Why do we have people who never took a psychology class in college running the country? Oh, yeah, thats right, we've just handed one of the largest economies in the world over to a professional body builder. Never mind. The world is supposed to be run by morons. Otherwise, we wouldn't have any wars.

A Congressional hearing rife with quotables...

] While critics in the United States grow more concerned
] each day about the insecurity of electronic voting
] machines, Australians designed a system two years ago
] that addressed and eased most of those concerns: They
] chose to make the software running their system
] completely open to public scrutiny.

Wired News: Aussies Do It Right: E-Voting

] The plan calls for a media campaign to "generate positive
] public perception" of the companies and to "reduce
] substantially the level and amount of criticism from
] computer scientists and other security experts about the
] fallibility of electronic voting systems."

Brilliant... They publicly announce that they are going to engage in a PR campaign in order to "manage perceptions." Its like having an argument with someone who is mentally retarded. They just don't get it.

There are only two options in this discourse:

1. Computer security experts are satisfied. (You fixed the problem.)
2. Computer security experts are not satisfied. (Democracy is broken.)

There are only three reasons why someone would choose option 2:

1. They are absolutely nuts. (They think the fall of the Weimar Republic sounded like fun and they want to try.)
2. They are involved in a conspiracy. (They ARE the Nazis.)
3. They are mentally retarded. (They have no concept of the history of human societies and so they don't understand what they are creating.)

We all know the option is three. What I just don't understand is why there are so many people who are mentally retarded who are responsible for so many important things today. Its everywhere: Verisign, SCO, Diebold, Enron... Can't think long term. Makes significant strategic miscalculations. Underestimates the consul of intelligent people. Doesn't understand the obvious secondary implications of it's actions. Sees money as an end and not a means. ... Fucking mentally retarded. WHY do we let these people run things?!

This is how societies collapse.
1. People trust the elites because of their demonstrated ability. People stop putting pressure on the leadership.
2. The elites hand the society off to their children.
3. The children have never faced pressure. They are therefore lazy and dull.
4. The children's laziness turns to greed, and people suffer.
5. The situation slowly collapses into violence.
6. The old elites are replaced with a new group of elites who are fresh, hard working thinkers.

This is so well understood that it is now taught in grade school. We don't have to go through this anymore...

Wired News: E-Vote Firms Seek Voter Approval

"DRM is the magic link that allows you to step into that secure world, yet do it in a smart, flexible way."

- Dave Fester
General Manager of Microsoft's Digital Media Division
WSJ 10-20-03, page R3

("Secure World" was also the answer that Mr. Fester gave when asked what planet he lives on.)

] They have raised alleged technical concerns. We have
] asked them half a dozen times to present us with some
] data, and as late as [Wednesday] afternoon, we were told
] again they have no data. It really is quite a bit of
] rumor and innuendo being fed by technical and political
] zealots.

Q&A: Security needs to be proactive, says Verisign CEO Stratton Sclavos - Computerworld

] Caffrey claimed the evidence against him was planted on
] his machine by attackers who used an unspecified Trojan
] to gain control of his PC and launch the assault.
]
] Neil Barrett, an expert witness for the prosecution, said
] that Caffrey's machine showed no trace of the tell-tale
] signs that would be left by such an attack but today's
] verdict, shows that this did not persuade the jury.

This is actually the right decision, but I'll bet it will send the computer forensics industry for a loop. Computer log file "evidence" cannot be trusted. You need something else. There is always reasonable doubt that the computer records have been tampered with. There are no "telltale" signs.

The Register - Jury says computer records not enough to convict

] This event offers computer scientists, public officials,
] and industry representatives an opportunity to present their
] analyses to the Georgia public. It offers a neutral, academic
] setting for a fact-based discussion of what has become a
] contentious issue.

They are having some serious problems with their broadcast. I hope they get it cleaned up. Its on now though. Tune in and listen...

U: Well we got about 45 minutes of anecdotal discussion of the John's Hopkins report, and then techno music. I guess nothing says "computers break" like a failing broadcast.

Tune in Now: Electronic Voting meeting at Georgia Tech