December 2003 - cypherpunks-legacy

Atari and VAX
by major＠dcd.wa.gov.au 17 Dec '03

17 Dec '03

"John W. Redelfs" <TSJWR(a)acad2.alaska.edu> writes: > If I owned a PC clone or a Mac, I'd be sitting pretty. If my host machine > was Unix, I'd be fine. But I'm using an Atari emulating vt100 off a > VAX 6510. Is there any help for me? How can I be a cypherpunk? > > I want to be using PGP, but I haven't found it for either machine I'm on. PGP version 2.3A contains conditionals for both Atari and VMS, The distribution includes a file vmsbuild.com which presumably does the obvious. I have no facilities to check if either of these actualy work. Major +------------------------------------------------+------------------------+ | Snail: Box T1680 GPO, Perth WA 6001, Australia | Phone: + 61 9 357-5076 | | email: major(a)dcd.wa.gov.au | FAX: + 61 9 370-3692 | +------------------------------------------------+------------------------+ Netware 4.0 slogan: Know no bounds; Internet slogan: Have no bounds

1 0

PGP,etc.
by PSDAA%LSUVM.BITNET＠RICEVM1.RICE.EDU 17 Dec '03

17 Dec '03

I am very interested in PGP, anonymous mailers,etc. but I'm pretty new to the n et and I'm having trouble finding PGP and any other info. Please send me info. Thanks. Drew PSDAA(a)LSUVM.SNCC.LSU.EDU

1 0

Re: POISON PILL
by gtoal＠gtoal.com 17 Dec '03

17 Dec '03

Stuart mailed this to me by accident and asked me to forward it to the list. G :From: "Stuart W. Card" <swc(a)uc1.ucsu.edu> :How's this as a dead man encryption protocol: :1) don't keep any sensitive stuff of your own on your own hardware, :put it on other peoples' machines (and let them put their stuff :on yours); :2) encrypt all of your stuff before transferring it to other peoples' :boxes; :3) send the keys that you used to do the encryption to other folks' :boxes as well (not the same ones on which you stored the files); :4) if you are really paranoid, Shamir share the keys; :5) don't keep any local copies of the plaintext, cyphertext or keys; :6) periodically send messages to the boxes where you have stashed :your files, saying "Everything is still cool, don't wipe my files :or my keys."; :7) if/when it hits the fan and you are pressured to reveal your stuff, :stop sending those messages -- the dead man switch goes off and your :files/keys are wiped. :There are countless variations on this theme, each offering a :different compromise between security against prying versus :overhead and the chance of unintended deletion. :------------------------------------------------------------------------ :Stuart W. Card, Consultant, Card & Associates -- Research & Development :Box 153 RR 1 Newport Rd Utica NY 13502 315-735-1717 / FAX -8469 :swc@uc1.ucsu.edu or cards(a)top.cis.syr.edu "Who is John Galt?"

2 1

PGP Interface
by Ian Smith 17 Dec '03

17 Dec '03

As part of class project here at Ga. Tech, we are designing/implementing a new (graphical) interface for the program PGP, Pretty Good Privacy. To do this well, we need information about the potential user community of such an interface, and the pros/cons of the existing PGP interface... thus we are sending out this questions As mentioned in the survey, the data collected will be kept confidential, and we encourage the replies to this survey to be sent via anonymous remailers. ------------------------------------------------------------------------------ CS 6144 Design Project User Questionnaire The following questionnaire is for a Computer Science Class project assignment. The information that you provide will be used for designing a computer interface for an electronic mail enhancement. Data collected in this survey will be kept STRICTLY CONFIDENTIAL and will only be reported in an aggregated form. We would appreciate it if you would take a few minutes to complete it. Completed questionnaires, or any questions you may have concerning this questionnaire may be mailed to iansmith(a)cc.gatech.edu. Please complete it and return it as soon as possible. Thank you very much for your time and cooperation. Please mark an 'X' under the column that most closely describes your response. ------------------------------------------------------------------- GENERAL COMPUTER USAGE ------------------------------------------------------------------- 1. How often do you use: Frequently Occasionally Seldomly 3 2 1 a. a computer --- --- --- b. Electronic Mail --- --- --- 2. Do you use a computer for: Yes No a. business use? --- --- b. personal use? --- --- c. file transfer? --- --- 3. In what type of environment do you MOST OFTEN use a computer? (Please mark only ONE of the following) Use Most LAN (Local Area Network): --- WAN (Wide Area Network e.g.Internet): --- Laptop or Portable WITH a modem: --- Laptop or Portable WITHOUT a modem: --- Stand alone PC (not a laptop) WITH a modem: --- Stand alone PC (not a laptop) WITHOUT a modem: --- Other (please specify): _________________________________________ ---------------------------------------------------------------------- ELECTRONIC MAIL ---------------------------------------------------------------------- 4. Which of the following interfaces do you most often use for electronic mail (e-mail)? Use Most Text only interface: --- Graphical only interface: --- Combination (text and graphical): --- Other (please specify): ------------------------------- 5. Do you ever send e-mail messages you ONLY want the recipient(s) to read? Often Sometimes Seldomly Never 3 2 1 0 --- --- --- --- 6. Have you ever had occasion to believe a mail message you recieved was forged? Yes No --- --- 7. When sending/receiving e-mail, how much additional time would you be willing to spend to: Less than 5 to 30 30 sec. More than 5 seconds seconds to a minute a minute Digitially 'sign' your message: --- --- --- --- Authenticate the sender: --- --- --- --- Prevent eavesdropping: --- --- --- --- 8. Does the amount of time you would be willing to spend in the previous question depend on: Yes No Person the info was being sent to: --- --- Your workload at the time: --- --- Contents of the mail/msg: --- --- 9. Encryption is a common method of protecting information transmitted. The basic mechanism works as follows: The information or message (text) is encoded from its initial readable form, to an internal form by means of a 'key'. This internal text form (ciphertext), although readable, does not make any sense. To make sense of the cipher text, the receiver must decode it (with a 'key') back into its initial readable form. If the encoded information is accessed by an unauthorized person, it will be useless unless it can be decoded (i.e. a person has a 'key' for it). Yes No 9A. Are you familiar with this concept? --- --- 9B. Have you ever used encryption? --- --- 9C. Have you ever encrypted files or mail? --- --- The following questions relate to specifics about encryption use. If you answered 'NO' to ANY of the three questions above (9A, 9B, or 9C), please skip to the Background Information Section (questions 19-23). ---------------------------------------------------------------------- ENCRYPTION USERS ONLY ---------------------------------------------------------------------- 10. What encryption software have you used? PGP: --- Crypt: --- Other (please specify): ------------------------------- 11. Have you used the encryption software because Yes No You like it: --- --- It was the industry/school standard: --- --- It was the only one you had: --- --- It was used by others that you interract with: --- --- Industry/school required it be used: --- --- 12. Would you say the size of file(s) or message(s) you usually encrypt tend(s) to be: (4Kb+) (1Kb-4Kb) (100b-1Kb) (<100b) VERY large Large Medium Small --- --- --- --- 13. Have you ever spent multiple attempts trying to encrypt something? Yes No --- --- 14. What is the most common error you have encounterd trying to encrypt something? Most common error: ----------------------------------------------- 15. What is the frequency that you have made the following errors when encrypting something: Very often Sometimes Seldomly Never 3 2 1 0 Typing mistakes: --- --- --- --- Forgetting passwords: --- --- --- --- Misusing options/functions: --- --- --- --- Losing others' keys: --- --- --- --- Other (please specify): -------------------------------------- 16. Please rate the following features of encryption software in terms of the importance of the feature to you: Very Somewhat Not Very Not Important Important Important Important 3 2 1 0 Integration with other tools: --- --- --- --- Time it takes to encrypt: --- --- --- --- Time it takes to decrypt: --- --- --- --- Time it takes to digitally sign: --- --- --- --- Time it takes to authenticate: --- --- --- --- Distribution of 'Keys': --- --- --- --- Security of message contents: --- --- --- --- Other (please specify): ---------------------------------- 17. Please indicate which of the two attributes in each pair is MORE important to you: How long it takes ME vs. How long it takes the recipient --- --- Difficulty to encrypt vs. Security gained by encryption --- --- Security gained by encryption vs. Time it takes to encrypt --- --- 18. Overall, how satisfied are you with the encryption software that you use? Very Somewhat Not very Not at all Satisfied Satisfied Satisfied Satisfied 3 2 1 0 --- --- --- --- (optional comments:) ------------------------------------------------- ---------------------------------------------------------------------- BACKGROUND INFORMATION ---------------------------------------------------------------------- 19. What is your age (in years)? ------------------ 20. Are you Male? Female? --- --- 21. What is the highest level of an educational degree that you hold? HS AA BA/BS MA/MS PhD other(specify) --- --- --- --- --- ------------------- Yes No 22. Are you currently a college student? --- --- 22a. If (YES) you are a student, what is your major field of study? Major: -------------------------------------------------- 22b. If (NO) you are NOT a student, what is your occupation? Occupation: --------------------------------------------------- 23. We welcome any additional comments that you might have. Please feel free to add any comments, questions, or suggestions in the space below: ===================================================================== THANK YOU VERY MUCH FOR TAKING THE TIME TO COMPLETE THIS QUESTIONNAIRE. (Please return it to iansmith(a)cc.gatech.edu as soon as possible.) ======================================================================

1 0

Re: Was: POISON PILL
by smb＠research.att.com 17 Dec '03

17 Dec '03

According to gtoal(a)gtoal.com: > :4) if you are really paranoid, Shamir share the keys; Please explain this to me. What is "Shamir?" The reference is to the following paper: @article{sharesecret, author = {Adi Shamir}, journal = {Communications of the ACM}, number = {11}, pages = {612--613}, title = {How to Share a Secret}, volume = {22}, year = {1979} } More generally, see the article on shared control systems: @incollection{Simmons92, author = {Gustavus J. Simmons}, title = {An Introduction to Shared Secret and/or Shared Control Schemes and Their Application}, booktitle = {Contemporary Cryptology: The Science of Information Integr ity}, year = 1992, pages = {441--497}, editor = {Gustavus J. Simmons}, publisher = {{IEEE} Press} } I'm especially fond of this article: @article{sealing, author = {David K. Gifford}, journal = {Communications of the ACM}, number = {4}, pages = {274--286}, title = {Cryptographic Sealing for Information Secrecy and Authentication}, volume = {25}, year = {1982} } since it shows how to implement a variety of access mechanisms, including key-AND, key-OR, m-of-n, etc. > :6) periodically send messages to the boxes where you have stashed > :your files, saying "Everything is still cool, don't wipe my files > :or my keys."; Folks who contemplate such schemes should investigate the false alarm rate. Most automated systems experience a much higher rate of false triggers than true. Of course, as described here, you'd only get one, since your data would be gone after that...

1 0

Richard Stallman speaks at Michigan
by L. Detweiler 17 Dec '03

17 Dec '03

some cypherpunks may be interested in this ... ===cut=here=== From: "Theodore C. Belding" <streak(a)engin.umich.edu> Subject: Richard Stallman to speak at the University of Michigan Date: Fri, 08 Oct 1993 23:55:25 +0100 Sender: streak%nv.engin.umich.edu(a)srvr4.engin.umich.edu [Please redistribute WIDELY, to anyone who may be interested. Thanks!] Richard Stallman will give a talk entitled "Protecting the Freedom to Write Software: The new software monopolies, and what we can do about them" on Wednesday, November 17, from 7pm to 9pm, in Auditorium 3 of the Modern Languages Building (MLB). The MLB is at the corner of E. Washington St. and Thayer St. on U of M's Central Campus in Ann Arbor. All are welcome to attend, and admission is free. Stallman is one of the founders of the League for Programming Freedom, an organization whose goal is to protect the freedom to write programs. Specifically, the League aims to abolish two recently established legal concepts which it feels restrict programmers' freedom to do their work: interface copyright and software patents. Stallman will speak about how interface copyright and software patents originated and why they hurt both computer users and programmers. In the field of software, Richard Stallman is best known for developing the popular Emacs text editor while working at the MIT Artifical Intelligence lab between 1971 and 1984. Today he is working to develop the free UNIX-compatible software system known as GNU. In 1990, Stallman received a MacArthur Foundation Fellowship; he also received the 1990 ACM Grace Hopper Award for his work on Emacs. Stallman's talk is being sponsored by the U of M and Ann Arbor chapters of the Association for Computing Machinery (ACM), the Wayne State University ACM, the Wayne State University CS Department, and the CSE Divison of the University of Michigan. The Association for Computing Machinery was formed in 1947 as the society for the computing community; its members are students and professionals interested in all aspects of computing. For more information on this or other UMACM activities, contact Ted Belding (Ted.Belding(a)umich.edu, streak(a)engin.umich.edu, or (313) 994-9573) or Sarah Granger (sgranger(a)engin.umich.edu or (313) 741-9318). For information about the Ann Arbor ACM, contact Susan Haynes (haynes(a)emunix.emich.edu or (313) 487-4446). Ted Belding, UMACM Chair

1 0

Health Reform Smart Cards
by L. Detweiler 17 Dec '03

17 Dec '03

in respect to D. Frissnell <g> - ------- Forwarded message Date: Sat, 9 Oct 1993 06:49:28 -0400 From: farber(a)central.cis.upenn.edu (David Farber) Subject: and you wondered what would take the place of Star Wars A review of the ****Clinton Health Care Plan To Focus On Computer Support 10/07/93 WASHINGTON, DC, U.S.A., 1993 OCT 7 (NB) "The Clinton Administration proposal would put smart cards in the hands of every US citizen and some legal aliens that would provide billing reference identification as well as carry up to about 30 pages of medical data about the individual. That change, along with a simplification of medical billing forms, would literally save billions of dollars that could be used to treat patients, and it looks as if there is growing pressure from the public to actually force the health care industry to take advantage of computer technology that has been available for at least 10 years. If health care reform really does take off, industry insiders say that computer sales, and especially integration services, will really explode, with health care taking on the same sort of high- profile, high-profit role that was, until recently, the sole purview of the military." ------- End of Forwarded Message

1 0

Re: Cypherpunk Cause
by msattler＠netcom.com 17 Dec '03

17 Dec '03

At 17:05 93/10/09 -0400, A1 ray arachelian (library) wrote: >But hey, if there was, it would be easy to remove those who want abortion >to be illegal, or strong crypto, etc. Your presentation is interesting, but I believe your conclusion is based upon a majority sharing your beliefs. You are in good company. The architect of our country, Thomas Jefferson, based his plans on an informed and educated citizenry. What we have, however, is a poorly-educated, easily-swayed populace that considers TV Guide a magazine, makes Married With Children a hit, and only voted Ronald Raygun / George Bush out of office only because they saw all their jobs dissapearing (and not even then understanding it's because of unrestrained spending). ----------------------------------------------------------------------------- Michael S. Sattler msattler(a)netcom.com +1 (415) 358-3058 Digital Jungle Software Encrypt now; ask me how. (finger for PGP key) All that is required for evil to triumph is for {wo}men of good will to do nothing.

2 1

Kiss My Elbow!
by John W. Redelfs 17 Dec '03

17 Dec '03

To those obnoxious codeheads who flipped me off with a suggestion that I do my own port of PGP to the Atari and/or VAX: Kiss my elbow! Anyone ignorant enough to write code before doing a search to see if the code is already available deserves to take your brain dead advice. Foolishly thinking that the cypherpunks were interested in spreading encryption technology on the Internet, I logically assumed an inquiry on this list would be part of such a search. Maybe the cypherpunks are a government front organization set up for _preventing_ the spread of encryption technology on the Internet. Stranger things have happened. --------------- John W. Redelfs, tsjwr(a)acad1.alaska.edu ----------------- --------- All my opinions are tentative pending further data. -----------

1 0

The Bank of the Internet!? (fwd)
by zeek＠IO.COM 17 Dec '03

17 Dec '03

No, I didn't read this entire message, but I thought it may be relevant... Forwarded message: *> From dummy Wed Feb 29 12:12:12 1990 *> X-EB: ------------------------------ *> Date: Fri, 8 Oct 1993 16:01:46 -0700 *> From: Arthur Chandler <arthurc(a)SFSUVAX1.SFSU.EDU> *> Subject: The Bank of the Internet!? *> *> Yesterday I went to hear a very interesting talk by Eric Hughes, one of *> the founding members of the Cypherpunk list/organization. Unlike most *> encryption pop journalists, who seem to limit themselves to PGP, this *> fellow brought up several boggling ideas: *> 1) "Cryptography is all economics." *> In other words, all encryption schemes come down to: how much $ am I *> willing to spend to keep you from getting into my secret info, and how *> much $ are you willing to spend to get it?" *> 2) There are two methods to keeping secrets on the NET (or IRL): trust *> some one, or trust an algorithm. And, in general, human trust is cheaper *> than technology. *> 3) The US government classifies encryption schemes as munitions, and is *> accordingly places all encryption technology under export restrictions *> controlled by the state department. *> 4) Claude Shannon's two basic principles of encryption: confusion and *> diffusion. *> *> He also mentioned something called a "blind signature" -- a special form *> of digital signature that keeps users unknown (through encryption) to both *> the bank they deposit with and sellers they transact with. I didn't *> understand this "blind digital signature" idea. Can anyone out here explain? *> *> But the real boggler is that this fellow Eric is, with the backing of *> the Electronic Frontier Foundation, going to start a Credit Union based on *> up-to-date encryption schemes and using the Internet as the monetary *> highway! It involves using something called digital money -- a system of *> encrypted data that expires over time, but that a highly flexible ability *> to purchase quantities or services. The data itself will be located *> over several nodes, so that no one site has all the info about your *> account, but that any "quorum number" of bank nodes can reconstruct the *> whole picture of your assets. Anyone trying to crack the system would *> have to crack, not just one or two nodes, but a quorum number. Such nodes *> will be distributed internationally, though favoring nations with *> encryption-favorable legislation. *> ************************************** *> I'm oversimplifying all this. But the whole notion of a Bank of the *> Internet, backed by the EFF and running encrypted international monetary *> transactions seems... well, this is Future Culture: what do you think? *>

9 13