Here is a taste of some of the sort of things we chatted about this month - our version of the Chatham House Rule applies, so nobody is directly identified, in order to promote open communication, even on controversial, sensitive or potentially illegal topics.
This is not a substitute for coming along to the meetings in person: - remember that everyone is welcome, no matter your age or experience or skills (or lack of them), from both sides of the legal fence.
- Gary McKinnon - the European Court of Human Rights decided not to bother looking at the human rights aspects of his extradition case. There was a demonstration in front of the Home Office, and various last minute writing of letters to MPs etc., but it looks as if Gary will be sent to the USA any day soon.
Gary's case proves that zer0 dayz exploit technical skill has never been the main requirement to be a "hacker" - you also need luck and persistence.
Will any of the dozens of US Military officers or bureaucrats or civilian defence contractors responsible for the utter lack of security, which lasted for years on end, be named and shamed and shown to be incompetent or corrupt in the forthcoming trial ?
- Draft regulations implementing the (delayed by 18 months) European Commission Directive on mandatory Data Retention. Telecomms (landline and mobile) came into force in October 2007, "internet connection, internet e-mail and internet telephony" due in March 2009. What do these vague legal terms actually mean in practice regarding log files, ports etc ?
Interestingly, despite the media hype, there do not seem to be any proposals for retaining any web URLS or cookies or DNS access records etc. under this EC Data Retention law.
See low number of active Tor Exit nodes in the UK compared with other countries. Please set up one yourself:
but bear in mind the bandwidth requirements - does your "unlimited" ADSL broadband package allow to transfer tens or hundreds of Gigabytes a month ?
- Nokia Siemens snooping and surveillance consolidation software - see Snoop software makes surveillance a cinch - how many false positives and false negatives ?
- "Educate" them whilst they are young - phun with unix based Chumby "toys" e.g. a Chumby Wifi Sniffer
- Giving things away for free usually draws a crowd:
Interesting free stuff or junk ?
This AMD / Intel and Zilog chipped card caused some puzzlement:
Some sort of S3 video card ?
- Risks of fingerprint scanners at airports etc - biohazards - how do you sterilise high volume scanners being potentially contaminated with pathogens etc from around the world, without causing massive queues ? The Heathrow Terminal 5 fingerprint scanning machines seem to have Firewire access - therefore no effective security, apart from a cheap cabinet lock (The Reverend Rat probably already has the keys !)
- The joys of dual boot Win98 SE and Linux SUSE version 10 - is Ubuntu easier for a beginner ?
- The Yorkshire Ranter's proposal for open source framework tools to help activist groups - see Organise, and a very wet 2600, The detailed Organise proposal is available online via Google Documents
- The BBC are researching a TV programme about privacy, e.g. exactly what a private investigator might be able to gather about a target, using social engineering and hacking techniques.
- A new (US market ? "big budget" tv series is in development, looking to pit teams of "hackers" against each other . Will this be like the sophisticated DefCon Las Vegas conference style style professional "capture the flag" (sometimes using non-computer methods to achieve the object of the contest) or the more young teenager gamer / gadget quiz style presented by Jason Bradbury from The Gadget Show, who developed a series in 2001 called Mercenaries, which had a "hacking" segment in each show.. Happy memories of meeting Angelina Jolie at the London after filming party of the Hollywood film Hackers back in 1995.
- Advice on how to structure a Freedom of Information Act request to Ofcom, about what appears to be licence free radio equipment which could actually interfere with other regulated equipment. See recent Spy Blog UK FOIA requests for some effective wording regarding potential costs and exemptions etc.to use in your own FOIA requests. Also look the the new, WhatDoTheyKnow.com FOIA request submission and tracking website, developed by the MySociety.org people.,
- Rumours of a former Warsaw Pact country's atomic energy research authority placing their intranet backups in a world readable directory.
- Why do British Telecom roadside street cabinets seem to be broken into less frequently than Virgin Media (Cable West) ones ? Better locks, better alarms ?