...working for a better understanding...
-:-
bio
-:-
Articulate Campaigns
Campaign
Management
Services
-:-
email me
you are visitor number
Blogroll
QandO
Fran Tully
Doug Kenline
Ron Robinson
Dead Mercenary
Guerrilla Funk
CainSnake
Jon Rappoport
Tupper Saussy
Gerald Klaas
Greg Palast
George Kysor's
sampler
David Goodyear
Alan Bacon
Bill Stegmeier
Christian Bowman
Jim Paulson
Dave Toney
Thompson News
Niki Hannevig
Larken Rose
Fred Smart
Joe Banister
Rose Lear
Links
Alliance for the Separation of School and State
Guerrilla Funk
claimant
in person:
"The [right] against self-incrimination is neither accorded to the passive resistant, nor the person who is ignorant of his rights, nor to one indifferent thereto. It is a fighting clause. Its benefits can be retained only by sustained combat. It cannot be claimed by an attorney or solicitor. It is valid only when insisted upon by a belligerent claimant in person."
76 F. Supp 538
(pre-Miranda)
Dubya Charged
With Treason
And Murder
free web counter
courtesy of
www.digits.com
![[Powered by Blogger]](http://buttons.blogger.com/bloggerbutton1.gif){kind=small}
Saturday, July 12, 2003
Getting IRS out of Stone Age?
Doug Kenline has begun a campaign to get the IRS to use email in communicating with "taxpayer" and other victims. He's already got a blog set up for the project, at irsemails.
Of course, there are technical challenges that the IRS could (can? does?) hide behind.
More about the internet than you'll ever need to know...
Email is sent "in the open". This means that your messages are travelling the net as simple text files, on the honor system, readable by anyone with a mail server. No need to go into the technology of how they are readable by other than the intended recipient, but they are. And anybody with an email server online can target whose email they want to intercept. Therefore, it wouldn't be that hard to set up a "sniffer" to watch for email coming FROM the IRS and read it for social security and other tax ID info, for whatever bad purpose such info can be put.
Doug asks why, if he can do web commerce, he can't have secure email. Actually, he can, but it is not because of e-commerce tech.
E-commerce is done through secure web servers, where you go to the vendor's secure site. You info is encrypted by your browser and transmitted directly to the vendor's server, where it is decrypted and then acted upon.
True, email could be done this way. In fact, it often is done in a *similar* way, but without the direct browser-to-vendor transmission of info. The way it is done still uses the old trans,mission in the open to get the email from the sender to the destination mail server, and then a web server at that end location provides an email reader page.
The really big difference between email and secure web browser sessions is in how the transmission is done. One is more like a telephone connection, and the other is more like a radio connection.
With a telephone, you dial a 10-digit number to connect across the country. International, more digits. This is because you are connecting, with each set of digits, to a particular exchange. Dial 1 and you are automatically queued for long distance. Then 650, and you are directed to the San Francisco peninsula. (64 gets you into Mountain View, and 3436 gets you my office.
Telephone is a direct connection. Even if it's done through satellites, it's still essentially a direct connection, although when the signal comes back down from the satellite it does come down all over the place, and it depends on the correct local receiver to capture the signal and the other receivers to ignore it.
Radio is what is called "broadcast", because that's what happens to the signal. It is cast out, broadly, over the entire service area. Any radio in that area can pick up that signal by being tuned to its frequency, and convert the signal into comprehensible noise: music, speech, etc.
Cell phones work (sort of) that way. To an extent. The signal control is reversed in the first part, however. It is the phone that initiates contact. As you move around, every 6 seconds or so your cell phone broadcasts a "Here I am--got anything for me" query. Every cell transceiver (tower) that detects the call reports back to its control that it has you in its area. It also reports your signal strength. That way, they know (a) which tower you are closest to, and (b) by calculating from relative signal strength, they can triangulate where you are to within less than 20 feet.
So your cell phone reaches out for calls. The local tower relays that query. If there is a call for you, it is being held in queue, and when your phone's query comes in, the control responds by telling it yes, you have an incoming call. Your phone starts ringing all by itself, to let you know to pick up. You pick up, the phone tells control you're on the line, and then the 2-way transmission begins. Very different from land-based telephones.
If you thought that was wild, you're right. Email is both stranger and simpler.
Simpler because it's passive: you don't have to make a connection when the email is being sent. You can come in later and get it like it was new.
Stranger because the internet doesn't know where its parts are! Every domain has an URL (Uniform Resource Locator) Like lawfulgov.org. That's for us human-language speakers. Behind the URL is an IP (Internet Protocol) address. That's a four-part number separated by dots (periods), each part including 1, 2, or 3 digits, like so: 209.126.224.128 If you click this link and go to that site, look at the address bar in your browser. Magic, huh?
The real magic is that the internet is so decentralized that it doesn't need to know the physical locations of anything. Well, almost.
Web browsers use that 4-part IP number much the same way that telephones use area codes and local exchange codes, narrow into a destination step-by-step until it reaches the machine with the last set of numbers. But that's going in from a single-user web browser. Until that happens, nothing else happens at all. The documents on the web are totally passive, sitting there until requested. Only when a web browser send an http (HyperText Transport Protocol) request for a specific document (like http://lawfulgov.org/proact.htm -or http://209.126.224.128/proact.htm :), is that document sent out.
Email is where it's most strange, compared to the way we normally think about communication.
Imagine you are in a room filled with people. You want to get a message to Joe, and you neither know nor care where he is in the room, because everybody has agreed to relay all messages until (apparently) Joe has it.
So you say what you want Joe to hear. Everybody next to you repeats it. Everybody next to them repeats it. Everybody repeats it once. When it comes back around to someone who has already repeated it, he ignores it. So there's a sudden short burst of noise in the room, and Joe has your message. Cool, huh?
But there are obvious things to consider. This means that every person in the room has to repeat every statement made by every other person in the room, except for those that he's already repeated. So that burst of noise we just discussed is not a one-time or isolated thing, it's a tiny piece of an incredible amount of noise that is always happening. In an ideal world, dying repetitions would make way for new ones,but people like the deal so there are always increasing numbers of new messages. The room can get so busy that nobody has time to repeat everything they receive.
A curiosity in this system is that in most cases, Joe will already have the message before all of the repetitions are done. He's already reading it, and some other people are still repeating it, just to make sure he gets it, and there's no way from them to know when he does. Better yet, he'll get it twice, too.... A quirk: he'll be the only one to pass the message on, of course.
In our example of people doing verbal repeating, messages would get lost as they forgot the ones that came in after the ones they still haven't repeated yet.. In the electronic world, where the message is a series of bits (zeros and ones, or on-off signals) that translate into text pages, and other types of documents, a different problem develops. Machines can remember for a long time, so messages don't get forgotten. Instead, the flow slows down as more and more items are put into queue. If this progresses too far, the "pipeline" clogs, and transmissions cease. Because of a fail-safe mechanism that prevents internet servers from consuming their entire memories with undelivered messages, messages can only be held in queue fro just so long, and then they are returned. If not returnable, dropped. As with people, effectively forgotten.
That's why spam is so bad. When you send a single email to a single person, it spins around the entire globe and registers twice at every "node". That could be thousands of places, twice each, for just one message. But wait, it's worse than that, even with just the one message. Emails are broken up into "packets" of information. The longer the email, the more packets. The more and bigger the attachments, the more packets. So a single email might have a thousand packets. Each email is assigned an ID number, and each packet carries that email-ID plus a packet ID. As the packets come in from all over the place to the destination server, they are re-assembled and deposited into a mail folder to wait for a user to pull up and read. Get this: a thousand packets a day from you to me, bouncing around through a thousands nodes until they all find me, times two arrivals at each node (one to be repeated, the second one ignored but only after being registered and checked for previous forwarding), and you have two million transactions on the internet just to get your fat email with attachments to me. And that doesn't even consider the computing actions taken at each node to do the registering, handling, and repeating or dropping of packets.
So when a spammer send out 10 million messages in a day....
And hundreds of thousands of irate spam victims respond with their malcontent....
It's a wonder the thing doesn't choke to death. Oh, wait, it is choking to death, and that's why there's so much concern about spam.
Back to why email, transmitted "in-the-open", is not secure.
Your message goes all around the world twice, to every node. People can "sample-in" at the nodes if they know how (not difficult, really), and read email as it goes by. Lots of hacker tricks for doing that in lots of different ways, not my job to teach them.
That's why you don't do e-commerce by email. You can do secure-connection web transactions in near-real time, but not email. And email is open text, not encrypted.
Ah, but...
That's not a problem. Email CAN be encrypted. It just takes a little more work than most lazy affluent computer-riding people are willing to do. You have to set it up in your email program.
The first problem after simple laziness is that you do have to use an email program. That means learning a program rather than just going to a website to read your email. Oops, that closes the door on half of us!
The next problem is setting up the encryption/decryption functions in your email program Oh, I forgot to mention, you have to use an email program that supports those plug-ins. There goes half of those who remain....
And then the biggest problem of all, you have to get the next guy to work through all those problems too, just so you have someone with whom you can exchange secure email. Of course, this is more trouble than it's worth to anyone but the CIA and other terrorist orgs.
And of course, the government has massive computing power and Carnivore, so they can crack your restricted-encryption (the wimpy level allowed to the public) emails almost as fast as you can change your encryption key, so there's no incentive to the non-big-corporate private sector to bother with encryption.
But it can be done, has been available for a few years now.
So badger the IRS to do it, Doug! But realize that you'll have to learn a few things, and use them, too.
And be prepared to argue that it IS worth the cost, because that will be the next objection now that you know they can do email securely if they want to.
Doug Kenline has begun a campaign to get the IRS to use email in communicating with "taxpayer" and other victims. He's already got a blog set up for the project, at irsemails.
Of course, there are technical challenges that the IRS could (can? does?) hide behind.
More about the internet than you'll ever need to know...
Email is sent "in the open". This means that your messages are travelling the net as simple text files, on the honor system, readable by anyone with a mail server. No need to go into the technology of how they are readable by other than the intended recipient, but they are. And anybody with an email server online can target whose email they want to intercept. Therefore, it wouldn't be that hard to set up a "sniffer" to watch for email coming FROM the IRS and read it for social security and other tax ID info, for whatever bad purpose such info can be put.
Doug asks why, if he can do web commerce, he can't have secure email. Actually, he can, but it is not because of e-commerce tech.
E-commerce is done through secure web servers, where you go to the vendor's secure site. You info is encrypted by your browser and transmitted directly to the vendor's server, where it is decrypted and then acted upon.
True, email could be done this way. In fact, it often is done in a *similar* way, but without the direct browser-to-vendor transmission of info. The way it is done still uses the old trans,mission in the open to get the email from the sender to the destination mail server, and then a web server at that end location provides an email reader page.
The really big difference between email and secure web browser sessions is in how the transmission is done. One is more like a telephone connection, and the other is more like a radio connection.
With a telephone, you dial a 10-digit number to connect across the country. International, more digits. This is because you are connecting, with each set of digits, to a particular exchange. Dial 1 and you are automatically queued for long distance. Then 650, and you are directed to the San Francisco peninsula. (64 gets you into Mountain View, and 3436 gets you my office.
Telephone is a direct connection. Even if it's done through satellites, it's still essentially a direct connection, although when the signal comes back down from the satellite it does come down all over the place, and it depends on the correct local receiver to capture the signal and the other receivers to ignore it.
Radio is what is called "broadcast", because that's what happens to the signal. It is cast out, broadly, over the entire service area. Any radio in that area can pick up that signal by being tuned to its frequency, and convert the signal into comprehensible noise: music, speech, etc.
Cell phones work (sort of) that way. To an extent. The signal control is reversed in the first part, however. It is the phone that initiates contact. As you move around, every 6 seconds or so your cell phone broadcasts a "Here I am--got anything for me" query. Every cell transceiver (tower) that detects the call reports back to its control that it has you in its area. It also reports your signal strength. That way, they know (a) which tower you are closest to, and (b) by calculating from relative signal strength, they can triangulate where you are to within less than 20 feet.
So your cell phone reaches out for calls. The local tower relays that query. If there is a call for you, it is being held in queue, and when your phone's query comes in, the control responds by telling it yes, you have an incoming call. Your phone starts ringing all by itself, to let you know to pick up. You pick up, the phone tells control you're on the line, and then the 2-way transmission begins. Very different from land-based telephones.
If you thought that was wild, you're right. Email is both stranger and simpler.
Simpler because it's passive: you don't have to make a connection when the email is being sent. You can come in later and get it like it was new.
Stranger because the internet doesn't know where its parts are! Every domain has an URL (Uniform Resource Locator) Like lawfulgov.org. That's for us human-language speakers. Behind the URL is an IP (Internet Protocol) address. That's a four-part number separated by dots (periods), each part including 1, 2, or 3 digits, like so: 209.126.224.128 If you click this link and go to that site, look at the address bar in your browser. Magic, huh?
The real magic is that the internet is so decentralized that it doesn't need to know the physical locations of anything. Well, almost.
Web browsers use that 4-part IP number much the same way that telephones use area codes and local exchange codes, narrow into a destination step-by-step until it reaches the machine with the last set of numbers. But that's going in from a single-user web browser. Until that happens, nothing else happens at all. The documents on the web are totally passive, sitting there until requested. Only when a web browser send an http (HyperText Transport Protocol) request for a specific document (like http://lawfulgov.org/proact.htm -or http://209.126.224.128/proact.htm :), is that document sent out.
Email is where it's most strange, compared to the way we normally think about communication.
Imagine you are in a room filled with people. You want to get a message to Joe, and you neither know nor care where he is in the room, because everybody has agreed to relay all messages until (apparently) Joe has it.
So you say what you want Joe to hear. Everybody next to you repeats it. Everybody next to them repeats it. Everybody repeats it once. When it comes back around to someone who has already repeated it, he ignores it. So there's a sudden short burst of noise in the room, and Joe has your message. Cool, huh?
But there are obvious things to consider. This means that every person in the room has to repeat every statement made by every other person in the room, except for those that he's already repeated. So that burst of noise we just discussed is not a one-time or isolated thing, it's a tiny piece of an incredible amount of noise that is always happening. In an ideal world, dying repetitions would make way for new ones,but people like the deal so there are always increasing numbers of new messages. The room can get so busy that nobody has time to repeat everything they receive.
A curiosity in this system is that in most cases, Joe will already have the message before all of the repetitions are done. He's already reading it, and some other people are still repeating it, just to make sure he gets it, and there's no way from them to know when he does. Better yet, he'll get it twice, too.... A quirk: he'll be the only one to pass the message on, of course.
In our example of people doing verbal repeating, messages would get lost as they forgot the ones that came in after the ones they still haven't repeated yet.. In the electronic world, where the message is a series of bits (zeros and ones, or on-off signals) that translate into text pages, and other types of documents, a different problem develops. Machines can remember for a long time, so messages don't get forgotten. Instead, the flow slows down as more and more items are put into queue. If this progresses too far, the "pipeline" clogs, and transmissions cease. Because of a fail-safe mechanism that prevents internet servers from consuming their entire memories with undelivered messages, messages can only be held in queue fro just so long, and then they are returned. If not returnable, dropped. As with people, effectively forgotten.
That's why spam is so bad. When you send a single email to a single person, it spins around the entire globe and registers twice at every "node". That could be thousands of places, twice each, for just one message. But wait, it's worse than that, even with just the one message. Emails are broken up into "packets" of information. The longer the email, the more packets. The more and bigger the attachments, the more packets. So a single email might have a thousand packets. Each email is assigned an ID number, and each packet carries that email-ID plus a packet ID. As the packets come in from all over the place to the destination server, they are re-assembled and deposited into a mail folder to wait for a user to pull up and read. Get this: a thousand packets a day from you to me, bouncing around through a thousands nodes until they all find me, times two arrivals at each node (one to be repeated, the second one ignored but only after being registered and checked for previous forwarding), and you have two million transactions on the internet just to get your fat email with attachments to me. And that doesn't even consider the computing actions taken at each node to do the registering, handling, and repeating or dropping of packets.
So when a spammer send out 10 million messages in a day....
And hundreds of thousands of irate spam victims respond with their malcontent....
It's a wonder the thing doesn't choke to death. Oh, wait, it is choking to death, and that's why there's so much concern about spam.
Back to why email, transmitted "in-the-open", is not secure.
Your message goes all around the world twice, to every node. People can "sample-in" at the nodes if they know how (not difficult, really), and read email as it goes by. Lots of hacker tricks for doing that in lots of different ways, not my job to teach them.
That's why you don't do e-commerce by email. You can do secure-connection web transactions in near-real time, but not email. And email is open text, not encrypted.
Ah, but...
That's not a problem. Email CAN be encrypted. It just takes a little more work than most lazy affluent computer-riding people are willing to do. You have to set it up in your email program.
The first problem after simple laziness is that you do have to use an email program. That means learning a program rather than just going to a website to read your email. Oops, that closes the door on half of us!
The next problem is setting up the encryption/decryption functions in your email program Oh, I forgot to mention, you have to use an email program that supports those plug-ins. There goes half of those who remain....
And then the biggest problem of all, you have to get the next guy to work through all those problems too, just so you have someone with whom you can exchange secure email. Of course, this is more trouble than it's worth to anyone but the CIA and other terrorist orgs.
And of course, the government has massive computing power and Carnivore, so they can crack your restricted-encryption (the wimpy level allowed to the public) emails almost as fast as you can change your encryption key, so there's no incentive to the non-big-corporate private sector to bother with encryption.
But it can be done, has been available for a few years now.
So badger the IRS to do it, Doug! But realize that you'll have to learn a few things, and use them, too.
And be prepared to argue that it IS worth the cost, because that will be the next objection now that you know they can do email securely if they want to.
Comments:
Post a Comment
ASC Missions Group, ntc.
-:-
Lawful Government
-:-
The New Epiphany Chapel
-:-
Articulate Management
-:-
Libertarian Party
- local -
California
Santa Clara County
-:-
Effectiveness Profile
-:-
On The Precipice of Epiphany
-:-
AEscirLink Communications
-:-
Amazon.com
PUBLIC NOTICE:
This website (blog) is an official News Outlet of the State of Æscir, by and through its agent and representative, ASC Missions Group, ntc, Speaker Allen Hacker, Trustee.
Any attempt to censor or prosecute anything published herein will be met affirmatively with the fullest force of the law, without mercy or reservation and with absolute prejudice.
Refer to
US v Johnson
76 F. Supp 538,
et seq, et al.
However, anything published here is free for use so long as it is not altered or quoted out of context, and proper attribution is given.
Allen
-:-
Truth or Fiction?
-:-
Truth via Paris
-:-