OT: mailbox generator

OT: mailbox generator

Nadav Har'El nyh at math.technion.ac.il
Fri Apr 26 22:35:09 IDT 2013 

On Thu, Apr 25, 2013, Oleg Goldshmidt wrote about "Re: OT: mailbox generator":
> One can set up several mail accounts, devise such a script (my friend's
> story proves it is possible), generate a random delay and run it off
> at(1) [rather than cron, to avoid regularity], rotating sender addresses
> in the process. Then fetchmail from a designated account, procmail to a
> script that sometimes generates a reply...

If you lie, it's better to keep your lies simple, and well prepared.

If you lie and say you have an email account and rarely use it, and show
some desterted hotmail account with 50 messages over the last decade,
you'll come off believable - a luddite, but believable.

But if you show an eleborate machine-generated email account, with 50
machine-generate mails a day, it will be very easy to spot errors in
your lies. The agent can ask you to tell him a bit about your friend
Moshe Washington, the made-up persona who sent you mail last week.
The agent can ask you how come your travel agent didn't mail you your
e-ticket to this account. The agent can notice all sorts of "wrong"
patterns in your mail that your non-perfect script forgot to account
for. And so on and so on...

I remember long ago, I was visiting the U.K., and for some irrelevant
reason decided NOT to tell the security person that I *had* a job (which
is more or less, the opposite lie they usually hear). He started asking
me how I could afford the stay in the U.K. if I didn't have a job, and
I started coming up with more and more eleborate lies (my parents gave
me money, etc., etc.) to cover my small innocent lie in the beginning,
digging my metaphorical grave as I continued to speak. Luckily, I was a
better lier than he was an interrogator, and they let me pass :-)
But usually, just telling the truth is easier :-)

>    suspicion a priori exists that (business/technological) intelligence
>    may be gathered (obvious examples: China, Russia, etc.). IBM had such
>    a policy when I worked there.

About 13 years ago, when I travelled to Russia, I was told that I
shouldn't be afraid of criminals - I should be afraid of the police and
the border control - because they can basically ask you to do anything,
and you have no alternative but to comply. :-)

>    democtratic ones. Besides, how is it different from invasive search
>    of your personal belongings or a body search which are routine in
>    every airport everywhere? And some countries actually have laws
>    against search and seizure, while denying reasonable expectation of
>    privacy for internet communications.

It's very different. Searching your baggage is reasonable, because
you're trying to enter this baggage into their country, so it is
reasonable to allow the country to check what you're trying to bring in
(maybe it's weapons, maybe its other items forbidden for some reason,
etc.). But your cloud email password isn't an item you're bringing into
the country - it's knowledge in your brain. It isn't relevant to your
entering the country (the files in the cloud were already available to
people in their country before you entered). Asking you to surrender
a gmail or facebook password is just like asking you to pay them $1000
or they refuse your entry - it's blackmail.

>    travel to X, anywhere in the world. The argument that you will gladly
>    provide an email password because you are under duress since you've
>    paid for the ticket is bull***t. You may even be refused boarding by

It isn't bull, especially if you're innocent. Sure, if you're a
terrorist and your only email account is full of terrorist plans, you'd
rather be deported then surrender your account. But if you're an
innocent tourist (or business man), who invested your yearly savings
in this trip (flight, hotel trip, etc.) or your business rides on it -
wouldn't you do almost anything to not give them an excuse to deport
you? Allow them to read your mail, do a cavity search, take off your
belt and shoes, throw your water to the garbage - just so they'll let
you continue?

-- 
Nadav Har'El                        |       Friday, Apr 26 2013, 17 Iyyar 5773
nyh at math.technion.ac.il             |-----------------------------------------
Phone +972-523-790466, ICQ 13349191 |Help Microsoft stamp out piracy. Give
http://nadav.harel.org.il           |Linux to a friend today!

More information about the Linux-il mailing list