December 2003 - cypherpunks-legacy

Re: FOR WHOM THE BELL TOLLS
by Bruce Baugh 17 Dec '03

17 Dec '03

At 10:43 PM 6/5/96 -0400, Duncan Frissell wrote: >Yeah and they busted Jack London for publishing "The Assassination Bureau, Ltd". Do I really have to point out that London was writing the better part of a century ago, in a substantially different legal and cultural environment? (Heck, his socialism made more trouble for him than anything else.) >Advocating the general practice of killing one's opponents is as legal as >church on a Sunday. The War College (or is it the NDU these days) does it >all the time. And they, of course, are The Government, who Protect Us from the Evil Terrorists. Ditto for the heroic BATF agents who only burn bad nasty terrorists, honest. And all the rest. The rest of us (in the US) live in a country where the government can now pretty much declare anyone they like terrorists, and suspend habeus corpus on the flimsiest of grounds, and use evidence against foreigners that doesn't have to be presented to the accused, and all sorts of fun stuff. Hence my concern. I don't think that my direst claims _will_ come true. But I don't think I'm speculating anything that _can't_ happen, and I see much of it as increasingly likely in the light of the ongoing furor over crypto and related matters. -- Bruce Baugh bruce(a)aracnet.com http://www.aracnet.com/~bruce

1 0

Zimmerman/ViaCrypt?
by Bruce Baugh 17 Dec '03

17 Dec '03

Has there been any news recently about what's going on with commercial versions of PGP? I've been toying with the idea of buying the Windows version from ViaCrypt just to have a PGP that doesn't need to shell out to DOS each time it runs, but I'm curious as to where, if anywhere, things seem to be going. -- Bruce Baugh bruce(a)aracnet.com http://www.aracnet.com/~bruce

1 0

Re: FOR WHOM THE BELL TOLLS
by mccoy＠communities.com 17 Dec '03

17 Dec '03

Duncan wrote: > At 10:41 PM 6/4/96 -0700, Bruce Baugh wrote: > >I think there's a non-trivial chance that this list could be shut down and > >anyone who's made interested sounds in the idea brought in to assist the > >police in their inquiries. > > Yeah and they busted Jack London for publishing >"The Assassination Bureau, Ltd".[...] > > Advocating the general practice of killing one's opponents is as legal as > church on a Sunday. The War College (or is it the NDU these days) does it > all the time. As long as that person is not the President of the United States (at least for U.S. citizens.) This was the issue which initiated this thread, the implied threat made by our favorite nutcase. jim

2 1

Re: whitehouse web incident, viva la web revolution
by Bruce Baugh 17 Dec '03

17 Dec '03

At 01:17 PM 6/5/96 -0400, Hallam-Baker wrote: >rather than reasoned argument. His dislike for the Clinton is >well known - he recently accused the administration of being >fascist. I know of no evidence that the Clinton administration >has a genocide policy, it is an insult to the 10 million civilians >murdered by Hitler to use the term facist simply as a term of abuse, >especialy if it is being used as a substitute for an argument. Fascism has no intrinsic link to genocide. It is a theory of economics, basically, in which the state has ultimate authority over production and distribution without (as in socialism) actually _owning_ the means of production or distribution. This is generally accomplished through cartelization, the creatin of industry-wide councils in which the representatives of the most powerful firms set policy in conjunction with the representatives of the government. The US has been at least moderately fascist since the 1920s (Hoover was a big fan of cartelization, and pushed it actively). While the mechanisms of the modern regulatory state aren't those of classic fascist theory, in practice most strongly regulated industries in this country operate _exactly_ the way fascist theory says they should. And various of Clinton's policies have, in fact, been fascist in this sense. The man has no doctrinal commitment to fascism (under that name or any other), but in practical terms virtually all modern Western politics are either fascist or socialist. None of this is secret lore, by the way. -- Bruce Baugh bruce(a)aracnet.com http://www.aracnet.com/~bruce

3 2

Triple-DES chip idea: built-in 1DES-cracker
by John Gilmore 17 Dec '03

17 Dec '03

It just occurred to me that companies which are designing Triple-DES chips should spend a small chunk of their chip area and design time on building in features for fast single-DES key search. As in Matt Wiener's design, this would include logic to generate a sequence of trial keys, and a circuit to evaluate the likelihood that the trial key was "interesting" after examining the trial plaintext. All of this logic would be on-chip and isolated from the pins of the chip, so it could run at high speed without any impact on the rest of the system. Then, as these chips are deployed into consumer boards or motherboards, a small amount of software plus the Internet will make distributed DES cracking feasible. Whenever the chip wasn't busy doing some "real work" encoding data for the user, it would be spinning its wheels cracking a DES key for fun or profit. There are lots of interesting ways to build the comparison circuitry to examine the trial plaintext. The cheapest is to provide a single 64-bit register with the desired plaintext; that's what Matt's design did. Another cheap way would be to provide two 64-bit registers: a mask and a value. AND with the mask and compare to the value; it's interesting if equal. A second and/or third set of mask and value registers (and another ciphertext register) would permit the test to be across 16 or 24 bytes of ciphertext/plaintext rather than just 8. This would be useful if e.g. your mask is only looking to see that the high order bit of each byte is off in the ciphertext (indicating a probability of ASCII text). 8-byte comparison would give you a false-hit every 256 keys; 16-byte comparison would reduce that to one every 65,536 keys. Matt's chips froze when they got a match. A FIFO on the comparison output would let the chip continue to spin, looking for more matches, before software got around to reading the results of a previous hit. This would permit the chip to do DES-cracking in polled mode, without using interrupts. If the DES-cracking control registers were all disjoint from the ordinary DES operational registers, the DES-cracking could be initiated at any time, independent of the chip's encryption functions, and could then be checked-up on periodically, again without impacting the chip's normal functioning. As an extreme example, it could be started at system boot time, and checked only at system shutdown for hits. If you wanted to get truly fancy, the comparison should have eight 256-bit vectors, one per byte of plaintext. Each vector is indexed by the byte of plaintext, producing a single bit. If it's 1, that byte has an interesting value. So if you set only the bits corresponding to ASCII uppercase letters, then only a plaintext ASCII uppercase letter is interesting. So, the eight trial-plaintext bytes produce eight bits, one from each vector. Mash those together, and use this 8-bit value as an index to a ninth bit vector, which would let you specify which combinations of "interesting" plaintext bytes are truly interesting enough to stop the chip for. E.g. if you insist that all of the ciphertext bytes are ASCII uppercase letters, then all the eight bit-vectors will be set up the same, and this ninth bit vector will have a single 1-bit at index 11111111 (all bytes match). If on the other hand, any six out of the eight being uppercase is good enough for you, you'd put a bunch of 1-bits into the ninth vector (one for each possible way that six of the eight would match, such as 11010111 and 00111111 and 01111110). In nine 256-bit vectors (less than 300 bytes of on-chip storage), you could specify truly complex and useful conditions like "First two bytes of plaintext equals 0x2C07, next three bytes are uppercase ASCII, next byte is a don't-care, following byte is an ASCII digit". This would be great for matching up packet headers or partial plaintext, when looking for the key to encrypted network traffic. However, even these days, adding 300 bytes of static storage to a 3DES chip for this kind of ancillary function doesn't seem likely, until the market for DES-cracker boxes matures. (Each such box tends to consume large numbers of DES chips, making them an attractive target market for a chip vendor.) But some of the simpler des-cracker assists I mentioned should be easy to implement with only a few dozen bytes of static storage, some small circuits and maybe one more address pin, making them suitable for mass-market chips for PC's and such. John Gilmore, gnu(a)toad.com PS: Note that this feature would not affect the exportability of your chip, which was already nil. Design and build it overseas.

1 0

Re: Micropayments: myth?
by frantz＠netcom.com 17 Dec '03

17 Dec '03

At 7:57 PM 6/5/96 -0700, Nick Szabo wrote: >Some electronic commerce projects promise dramatically lower transaction >costs, so that we can achieve "micropayments", "microintermediation", >and so forth. Is this achievable? > >Consider a feature fairly independent of the particular payment system: >the statement of charges. Here lies a tradeoff here between completeness >and complexity. On the one hand, merely summarizing charges creates >the opportunity for salami frauds, allowing widely distributed false or >exaggerated microcharges to go undetected. Furthermore, parties reading >only the summaries get no feedback by which they can adjust their behavior >to minimize costs. On the other hand, a statement too complex to >be easily read also allows fraud, error, and inefficient usage to >go unrecognized, because one or both parties cannot understand the >rationale for the charges in relation to the presumed agreement on >terms of service and payment. This is, of course, an opportunity for agents (programmed, or two legged) to use their superior knowledge of the service/technology/business to optimize service for ordinary people. > >There seems to lie here a fundamental cognitive bottleneck, creating a >limit to the granularity of billable transaction size whether electronic >or physical. One proposed solution to this has been "intelligent >agents". But since these agents are programmed remotely, not by the >consumer, it is difficult for the consumer to determine whether the agent >is acting the consumers' best interests, or in the best interests >of the counterparty -- perhaps, necessarily, at least as difficult >as reading the corresponding full statement of charges. By >sleight of hand we may have merely transformed the language of >the transaction as it needs to be understood by the party, without >reducing the complexity to be understood. Furthermore, the user >interface to enable consumers to simply express their sophisticated >preferences to an agent is lacking, and may represent another fundamental >cognitive bottleneck. I think that agent providers would gain reputations. Many consumers might trust an agent from Consumer's Union for example. If there end up being only a few types of agent, then I would expect to see an "arms race" between charging systems and agents. The providers would try to devise charges which maximize their profit, while the agents would try to get the best combination of service and cost for their users. This race would be similar to the situation we see in the telephone industry, with its continuously changing "special long distance deals". I assume any user interface will be in terms of the user's interests. Since these interests will change over time as the environment and user's knowledge change, the UI will be a hard problem. However, the UI will be another factor in the user's agent selection process. > >Telephone companies have found billing to be a major bottleneck. >By some estimates, up to 50% of the costs of a long distance call >are for billing, and this is on the order of a $100 billion per year >market worldwide. Internet providers have been moving to a flat fee in >order to minimize these costs, even though this creates the incentive for >network resource overusage. With the current low speed dialup connections, the savings on billing costs are probably greater than the costs of bandwidth "over use". > >A micropayments system assumes a solution to the billing problem. >If somebody could actually solve the this problem, rather >than merely claiming to have solved it via some mysterious >means ("intelligent agents", et. al.), the savings would be >enormous even in existing businesses such as long distance and >Internet service -- never mind all the new opportunities made >possible by micropayments. Even a cash based payment system will have costs. The lowest cost IP payment system I know of, Norm Hardy's Digital Silk Road, has the cost of increasing the complexity of the IP routers. There is no free lunch here. Whether you call it accounting, billing, or micropayment; it is an additional function which must be performed by a piece of code with stringent performance requirements. Regards - Bill ------------------------------------------------------------------------ Bill Frantz | The CDA means | Periwinkle -- Computer Consulting (408)356-8506 | lost jobs and | 16345 Englewood Ave. frantz(a)netcom.com | dead teenagers | Los Gatos, CA 95032, USA

1 0

Re: FOR WHOM THE BELL TOLLS
by jim bell 17 Dec '03

17 Dec '03

At 07:54 PM 6/6/96 -0700, Timothy C. May wrote: >However, recall that Senator Jesse Helms elliptically threatened President >Clinton by saying that Clinton had probably better be wearing a >bullet-proof vest if he ever visited Helms' part of the country. (Even the >Republicans were shocked by this, and, I surmise, cast Helms into the outer >darkness, as Helms has been keeping a low profile for the past 18 months.) However, Helms is a politician and he's supposed to be on his best behavior. (What Helms' "best behavior" is, is certainly debateable.) >* Third, while I am bored with Bell's "single note" point of view ("I have >a solution for this") Bored? You're bored? Maybe I'm going to have to figure out something to spice it up, huh? By the time everybody is as bored as you are today, then I will have won. >and while I feel his "assassination politics" is both naive "naive"? In what way? > and derivative, Technically, it wasn't derived from anything directly, or for that matter even indirectly. However, since there's nothing new under the sun, similarities exist...with your material as well. Consider this a bow to you, I suppose. > I don't think his advocacy of AP constitutes a direct threat to anyone. Even so, given how much noise we've been hearing out of DC on the subject of the Internet, digital cash, and good encryption, I'd say SOMEBODY is getting a bit worried. I haven't exactly been keeping this stuff a secret: What do you think their reaction has been, so far? When those government-types start considering various scary scenarios, what do you think they are imagining? >He is not actually setting up the betting markets which >would make AP more of a reality, Not quite yet, anyway. I'm very disappointed to have waited over a year for some slick lawyer to show me how I'd be violating some law or another to do so. >nor is he calling for the killing of any particilar persons. I generally don't feel the need to name specific people. I'm sure each reader has his own pet list to fall back on. >* Fourth, merely discussing alternative political systems is not enough to >trigger legal action, at least not today. Wait a year or two. Jim Bell jimbell(a)pacifier.com

3 2

Re: is the list active??
by jim bell 17 Dec '03

17 Dec '03

At 09:36 PM 6/5/96 -0500, Syl Miniter wrote: >I recently re-subscribed --several days ago and have not received any >traffic??? >I am wondering if the list is still active as I checked and I am subscribednso >I am sending this note to this list to test if anyone is out there There are many dozen messages per day on CP. Jim Bell jimbell(a)pacifier.com

1 0

Re: FOR WHOM THE BELL TOLLS
by Duncan Frissell 17 Dec '03

17 Dec '03

At 09:55 PM 6/5/96 -0700, Bruce Baugh wrote: >Do I really have to point out that London was writing the better part of a >century ago, in a substantially different legal and cultural environment? >(Heck, his socialism made more trouble for him than anything else.) It was more restrictive in censorship terms than our current environment. >>Advocating the general practice of killing one's opponents is as legal as >>church on a Sunday. The War College (or is it the NDU these days) does it >>all the time. > >And they, of course, are The Government, who Protect Us from the Evil >Terrorists. Ditto for the heroic BATF agents who only burn bad nasty >terrorists, honest. And all the rest. But I can advocate killing commies too. It's like when this dumb California (State) Senator advocated outlawing groups that advocate violence back in 1980 or so, I pointed out that the Public Schools and the Army were then doomed since both of these groups "advocate violence." Obviously the California State Senate "advocates violence" as well in the enforcement of laws. Military types even plan war against friends. The War Department developed Plan Red in the '20s for a war with the British Empire. Called for an amphibious assault on Halifax and a tank assault via Buffalo to secure Toronto as part of a conquest of Canada. Note too that under the Nurenberg principles, I may be legally compelled (or legally permitted) to kill my superior officers or government leaders if they are committing war crimes. And even the Sainted Ronald Reagan and his government was convicted of war crimes by the International Court of Justice for mining the harbor that serves Managua, Nicaragua. (Air-sown mines.) 'War Crimes' are vague, meaningless, and ex post facto and thus justify quite a lot of enforcement actions in theory (which is why Senator Robert A. Taft opposed US participation in the Nurenberg trials. "Yes, your honor, I'd like to pay taxes and everything but I'm afraid that I might risk conviction at future war crimes trials of aiding and abetting the criminal acts of my government." -- From 101 Flaky Anti Tax Arguments (which may become a web site if I can teach myself forms. >The rest of us (in the US) live in a country where the government can now >pretty much declare anyone they like terrorists, Just foreigners and such designation just affects fundraising. (I've often wondered why Hamas uses/used couriers for getting funds to Israel when Israel has a great ATM network with international links.) >and suspend habeus corpus on the flimsiest of grounds, The Anti Terrorism bill doesn't suspend Habeas Corpus it restricts mandatory federal court review of state convictions to one try. One can still submit an unlimited number of Petitions for Writ of Habeas Corpus and any state or federal court that wants to can grant one of them just as before. >and use evidence against foreigners that doesn't have to be presented to the accused, In deportation proceedings. And then they'll have to go to all the trouble of turning around and coming back like the other million illegal entrants a year. DCF

1 0

NDcrypt available for Newtons
by Declan McCullagh 17 Dec '03

17 Dec '03

---------- Forwarded message ---------- Date: Wed, 5 Jun 1996 22:49:26 -0700 From: Tom Collins <tom(a)newts.com> To: declan(a)well.com Subject: Revisiting an old subject... ** ENCRYPTION TOOL NOW NEWTON 2.0 SAVVY ** Geert Jadoul <76271.2121(a)CompuServe.COM> reports that he has finally finished a Newton 2.0 savvy version of NDcrypt. NDcrypt 2.0 Light is an improved version of NDcrypt v1.6. It has become a US$15 shareware utility with a trial period of 4 weeks. After 4 weeks the "Encrypt" and "UnReadable" buttons will disappear until you fill in the registration code in the preferences window. You will still be able after 4 weeks to "Decrypt" notes or make them "Readable" again, so you will not lose any data. The name "NDcrypt 2.0 Light" also infers that Geert is working on a NDcrypt 2.0 Pro version. This version will have better incorporation of NDcrypt in the system; overview and search functions; and viewing Notes (decrypt a Note to view it but keep it encrypted in the Notes app). NDcrypt 2.0 Light is available at <ftp://newton.uiowa.edu/submissions> with the name "NDcry2Li.sit" and on Compuserve <GO NEWTON> under "NOS 2.0 ONLY". Tom Collins|Innovative Computer Solutions| <http://www.newts.com/> tom(a)newts.com| 1075 North Miller Rd., #142 | <ftp://ftp.newts.com/> pagetom(a)newts.com| Scottsdale, Arizona 85257 |<phone://(602)970-1032/>

1 0