cypherpunks-legacy
Threads by month
- ----- 2025 -----
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1998 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1997 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1996 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1995 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1994 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1993 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1992 -----
- December
- November
- October
- September
December 2003
- 8635 participants
- 56359 discussions
> Under clause 0 of rule XYZ, the following action was taken by the
> Speaker:
>
> H.R. 666. A bill to amend title 0, United States Code, to
> affirm the rights of U.S. persons to breathe the air around
> them and to relax export controls on wind; with an
> amendment; referred to the Committees on Commerce, National
> Security, and the Permanent Select Committee on intelligence
> for a period ending not later than September 5, 1997, for
> consideration of such provisions of the bill and amendment
> reported by the Committee on the Judiciary as fall within the
> jurisdiction of those committees pursuant to clause 0(e) and
> (k), rule XYZ and rule XLVIIIX, respectively.
1
0
-----BEGIN PGP SIGNED MESSAGE-----
Has there been any concideration for the difference between a digital
signature that is used only for authentication and one that is legally
binding??
I would hate for these Digital Signature Laws make every e-mail message I
sent a legally binding document. :(
- --
- ---------------------------------------------------------------
William H. Geiger III http://www.amaranth.com/~whgiii
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html
- ---------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000
iQCVAwUBM7aBbI9Co1n+aLhhAQHsCwP/dUQ6jixcfYCkLLFkZomM5gzCysRjnlr3
rGjXMMDyVZ2OQn2ZjSJ+TmrocbmZy2yNolBquRN0w0PjnGbC8k8ZCFxW8C4xHX9B
CBf7XNGijoFxi3DTVViTv/i+waLX6sfJM1fp9IpUe7Da5fOb6vqf0rXNDPwdVLIB
Sn0rJodgqho=
=+Bcp
-----END PGP SIGNATURE-----
4
3
While reading the latest issue of Dr. Dobbs, I found something of interest...
Dr. Dobbs Essential Books on Cryptography and Security CD-ROM
Price $99.95
Includes the following books:
-- Applied Cryptology, Cryptographic Protocols, and Computer Security
Models by Richard Demillo
-- Applied Cryptography: Protocols, Algorithms, and Source Code in C,
Second Edition by Bruce Schneier
-- Contemporary Cryptology: The Science of Information Integrity edited by
Gustavus J. Simmons
-- Cryptography and Data Security by Dourthy Denning
-- Cryptography: A New Dimension in Computer Data Security by Carl Meyer
-- Cryptography: Theory and Practice by Douglas Stinson
-- Handbook of Applied Cryptography by Paul C. Van Oorschot, Scott A.
Vanstone, and Alfred Menezes
-- Military Cryptanalysis, Volumes I-IV by William Friedman
-- "RSA Laboratories FAQ on Cryptography," "RSA Labratories Technical
Reports," "RSA Laboratories Security Bullitens," and "CryptoBytes Newsletter".
The CD-ROM also boasts having a search engine. (No indication as to what
OS. Probably Wintel only.)
It is supposed to be shipping in July.
It is only available to US customers.
Phone orders: 1-800-992-0549
E-mail: orders(a)mfi.com
Fax: 913-841-2624
Mail:
Dr. Dobbs CD-ROM Library
1601 West 23rd St, Ste. 200
Lawrence, KS 66046-2703
[Disclaimer: I have nothing to do with Dr. Dobbs other than being a
subscriber.]
I plan on getting it as it has at least one book I have been planning on
buying that costs about what the CD-ROM runs... I will tell people how
good it is when I get it.
---
| "That'll make it hot for them!" - Guy Grand |
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: |
| mankind free in one-key-steganography-privacy!" | Ignore the man |
|`finger -l alano(a)teleport.com` for PGP 2.6.2 key | behind the keyboard.|
| http://www.ctrl-alt-del.com/~alan/ |alan(a)ctrl-alt-del.com|
11
11
http://www.master-mall.com/
Everything you will ever need is here,
If you are looking to start a business,need to find a long lost love or
relative,or just like to play games,this is the place,
you will even find "hard to get information" on offshore banking,finding
people,very economical web page creation,and hosting
even bulk email advertising.
This place has it all.
Thanks for your time.
1
0
> Has there been any concideration for the difference between a digital
> signature that is used only for authentication and one that is legally
> binding??
What's the difference? When I sign a contract, I'm simply giving notice
that I accept its terms and conditions.
What I write in snail mail, however, may also be used in a court of law
to show that I actually thought or wrote whatever it was I wrote. Why
would e-mail be any different?
> I would hate for these Digital Signature Laws make every e-mail message I
> sent a legally binding document. :(
That's the rub about nailing down identity...there's no such thing as
plausible deniability anymore.
In a court of law, assuming you could prove to a judge and jury that
digi sigs establish identity beyond a reasonable doubt, I'd imagine
that anything signed, law or no law, would be legally binding insofar
as you actually wrote it.
I think I'm missing something...?
---------------------
"Deities do not fall ten floors to the basement" - Willis
pandemic(a)hotmail.com please contact for PGP public key.
http://www.skylink.net/~bigdaddy
1
0
[I'm planning to show up Friday morning. Anyone else going? --Declan]
*******
READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIB
DEF CON V Convention Announcement #1.19 (06.30.97)
July 11-13th @ the Aladdin Hotel and Casino in Las Vegas
XXXXXXXXXXXXXXXXXXXXXXXX XX DEF CON V Convention Announcement
XXXXXXXxxxxXXXXXXXXXXXXXXX XX DEF CON V Convention Announcement
XXXXXXxxxxxxXXXXXX X X DEF CON V Convention Announcement
XXXXXxxxxxxxxXXXXXXX X DEF CON V Convention Announcement
XXXXxxxxxxxxxxXXXX XXXXXXXXX DEF CON V Convention Announcement
XXXxxxxxxxxxxxxXXXXXXXXXX X DEF CON V Convention Announcement
XXxxxxxxxxxxxxxxXXXXXX XX X DEF CON V Convention Announcement
XXXxxxxxxxxxxxxXXXXXXXX DEF CON V Convention Announcement
XXXXxxxxxxxxxxXXXXXXXX X XX DEF CON V Convention Announcement
XXXXXxxxxxxxxXXXXXXXXXX XX X DEF CON V Convention Announcement
XXXXXXxxxxxxXXXXXXXXX X DEF CON V Convention Announcement
XXXXXXXxxxxXXXXXXXXXXXXXXX DEF CON V Convention Announcement
XXXXXXXXXXXXXXXXXXXXXXXXXXXX X DEF CON V Convention Announcement
READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIB
The only convention with free beer!
IN SHORT:--------------------------------------------------------------------
WHAT: Speakers and partying in Vegas for all hackers
WHEN: July 11th - 13th
WHERE: Las Vegas, Nevada @ the Aladdin Hotel and Casino
COSTS: $30 in advance, $40 at the door
MORE INFO: http://www.defcon.org or email info(a)defcon.org
IN LONG:---------------------------------------------------------------------
It's time to brave Las Vegas again for DEF CON! This is an initial
announcement and invitation to DEF CON V, a convention for the "underground"
elements of the computer culture. We try to target the (Fill in your
favorite word here): Hackers, Phreaks, Hammies, Virii Coders, Programmers,
Crackers, Cyberpunk Wannabees, Civil Liberties Groups, CypherPunks,
Futurists, Artists, Criminally Insane, Hearing Impaired. It seems that
books about the culture are becoming more popular, so of course reporters
are also welcome. You won't be hurt. I promise. Just bring cash for
drinks.
So you heard about DEF CON IV, and want to hit part V? You heard about the
parties, the info discussed, the bizarre atmosphere of Las Vegas and want to
check it out in person? You want to do weird shit _away_ from the hotel
where you can't get me in trouble? You have intimate knowledge of the SWIFT
network, and want to transfer millions of dollars to the Def Con account?
Then you're just the person to attend!
What DEF CON is known for is the open discussion of all ideas, the free
environment to make new contacts and the lack of ego. More people have made
great friends at DEF CON over the years than my brain can conceive of. DEF
CON is also known for letting the "Suits" (Government / Corporate) mix with
everyone and get an idea of what the scene is all about. The media makes an
appearance every year and we try to educate them as to what is really going
on. Basically it has turned into the place to be if you are at all
interested in the computer underground.
[Note]-----------------------------------------------------------------------
Now last year over 800 people showed up and threw my whole program for a
loop. I was thinking 500+ people, but when 800 showed up it got a little
crazy for the planning staff. This year I am planning for 1,000. This
way I will be able to accommodate everyone and have less logistical screw-
ups.
I would also like to apologize to everyone last year who had temporary
badges for half the convention, etc. I will do all that is possible for
maximum coolness, and minimum hassles. Anyway, enough of my shit, on with
the details.
[End Note]-------------------------------------------------------------------
SPEAKERS:--------------------------------------------------------------------
Over the years DEF CON has had many notable speakers. This year there will
be more of an emphasis on technical talks. There will be a separate smaller
room for break-out sessions of more specific topics. While the talks of the
past have been great, it always seems some tech people drop out and general
talks fill in. I will load it tech heavy so when people do drop out there
will still be plenty of meat left for the propeller heads.
There will be some speaking on Friday evening before Hacker Jeopardy, all
day Saturday and Sunday. About 20 people will speak, plus smaller tech
sessions. If you are interested in speaking or demonstrating something
please contact me.
Current speakers include:
[> Nhil - Windows NT (in)security. The challenge response system, NT 5.0
Kerb security services, man in the middle attacks on domain controllers.
This will be a more technical discussion of NT related security.
[> Koresh - Hacking Novell Netware.
[> Yobie - Emerging infrastructures made possible by Java. He will describe
and talk about Java as the foundation for a global, object-oriented
distributed network. New concepts and computing paradigms will discussed
as well as applications for both applications development or straight-out
hacking.
[> Mudge - System Administrator for L0pht Heavy Industries. He will present
a technical talk on something cool.
[> Clovis - From the Hacker Jeopardy winning team. He will discuss issues
with security and networked object systems, looking at some of the
recent security issues found with activeX and detail some of the
potentials and problems with network objects. Topics will include
development of objects, distributed objects, standards, ActiveX, corba,
and hacking objects.
[> Bruce Schneier - Author of Applied Cryptography and the Blowfish
algorithm - Why cryptography is harder than it looks.
[> FBI Computer Crime Squad - They will make another appearance this year
only if I can bribe them with the audio from last years convention. Can
I do it in time?
[> Richard Thieme - "The Dynamics of Social Engineering: a cognitive map for
getting what you need to know, working in networks, and engaging in
espionage quietly; the uses of paranoia, imagination, and grandiosity
to build the Big Picture.
[> Wrangler - Packet Sniffing: He will define the idea, explain everything
from 802.2 frames down to the TCP datagram, and explain the mechanisms
(NIT, bpf) that different platforms provide to allow the hack.
Wrangler has been programming since seven column paper tape. He is a
loner with the social skills of a California Condor. He has never been
a member of LOD, MOD, or any other group. He has written no books, is
not currently employed, and refuses to discuss what he refers to as "that
credit card provider thing back when I used to do mainframe shit." His
current projects include looking for his next Fortune 100 contract and
writing the DEFCON V virus.
[> Seven - What the feds think of us.
[> Richard K. - Electronic countermeasures, counter espionage, risk
management. Should include a demonstration of electronic
countermeasures equipment as well as a talk on what works, what doesn't,
and the industry.
[> Tom Farley the Publisher of the "Private Line" journal, and Ken
Kumasawa of TeleDesign Management - Toll Fraud in the 90s: Two
perspectives. An overview of phreaking from a hackers point of view and
an industry/security consultants point.
[> Michael Quattrocchi - The future of digital cash and a presentation about
the modernization and state of register-level debit cards; in effect
currently throughout Canada.
[> The Deth Vegetable - "The Cult of the Dead Cow embarks on a new era of
Global Domination for the 21st Century three years early -- if you're
not at Defcon this year, you won't be down with the master plan.
Important announcements and startling new developments that will affect
the entire history of the Computer Underground as you know it."
[> Ira Winkler - Real life case studies of successful and unsuccessful
corporate espionage.
[> Sameer Parekh - c2.net - Why cryptography is harder than it looks, part
two. A look at implementation and production problems facing people and
companies wishing to develope and distribute strong encryption.
[> Carolyn P. Meinel - Moderator of the Happy Hacker Digest and mailing
lists. She will preside over a seperate Happy Hacker discussion
pannel that will cover the topics of wether or not "newbies" should have
information handed to them, or should they learn for themselves?
[> Dan Veeneman - Low Earth Orbit satellites are nearing the launch stage,
and this talk will cover the different systems that are planned and some
of the services they'll offer. A bit on GPS that wasn't covered last
year as well as the ever popular question and answer section.
[> Hobbit - CIFS is a load of CACA - Random SMB CIFS stuff in Microsfot
products.
[> Cyber - An overview and explanation of available crypto-tools. What
tools and programs do what, when to use them and on what platforms.
From someone who has spent lots of time playing around with the
currently available set of applications.
[> Keith - Has some experience writing firmware for embedded
microcontroller applications, and is giving a technical talk on
applications of microcontrollers in the h/p community.
[> James Jorasch - Hacking Vegas - How to games the gamers. From someone
who used to deal with hotel casino security. What really goes on?
SCHEDULE:--------------------------------------------------------------------
FRIDAY: Network Setup, Sign in, Informal PGP Keysigning at the "PGP table",
Lots of Partying. Capture the Flag Contest Starts at 16:00
On Friday there will be the demonstrations of the Radio Burst Cannon, a
"real" rail gun, and an omni-directional cell phone jammer. Times to be
announced.
10:00 - Doors open, sign in starts
10:00 - Movies start in main conference room
16:00 - Capture the Flag II starts
15:30 - Round up and head off for demonstrations of HERF, and
rail gun madness. Nothing may happen, then again..
23:30 - 23:00 James Jorasch - "Hacking Vegas" how to beat the system in
Vegas by someone who knows it inside and out.
23:00 - 03:00 Hacker Jeopardy Starts.
SATURDAY:
10:00 - 10:50 Richard Thieme - The Dynamics of Social Engineering.
11:00 - 11:50 Yobie - Emerging infrastructures made possible by Java.
12:00 - 12:50 Clovis - issues with security and networked object systems.
13:00 - 13:50 FBI Computer Crime Squad -
14:00 - 14:50 Deth Veggie - Global Domination, cDc style.
15:00 - 15:50 Seven - What the feds think of us.
16:00 - 16:50 Richard K. -
17:00 - 17:50 Tom Farley and Ken K. - Toll Fraud in the 90s: Two
perspectives.
Saturday Breakout Tech Sessions:
Koresh - Novell issues.
Mudge - Secure Coding.
Hobbit - Why CIFS is CACA.
Nihil - NT security issues.
Wrangler - Packet Sniffing.
Keith - firmware for embedded microcontroller applications.
24:00 (Midnight) Final rounds of Hacker Jeopardy.
SUNDAY:
10:00 - 10:50 Ira Winkler - Industrial Espionage.
11:00 - 11:50 Sameer - Why cryptography is harder than it looks, part two.
12:00 - 12:50 Cyber - An overview and explanation of available crypto-tools.
13:00 - 13:50 Carolyn Meinel - Happy Hacker Panel.
14:00 - 14:50 Michael Q. - The future of digital cash.
15:00 - 15:50 Dan Veeneman - Low Earth Orbit satellites.
Sunday Breakout Tech Sessions:
Happy Hacker track
Panel: "The Newbie Experiments"
Moderator is Carolyn Meinel, author of the Guides to (mostly) Harmless
Hacking series. Other panel members are:
- Matt Hinze, editor of the Happy Hacker Digest.
- Bronc Buster, who runs a Web forum, IRC server and the New Buckaroos Web
site for his fast-growing band of newbies.
- Mark Biernacki of Shellonly.com will talk about this new ISP which is
designed to make it easy for newbies to learn to hack. Just say "Telnet
port 22!"
- Jericho, who will hold forth on "Let the newbies fend for themselves."
We will allow each panel member to open with a brief presentation of his or
her work, followed by debate first among panel members, followed by Q&A from
the audience. We expect some intense debate:-)
Then if the Aladdin hotel hasn't yet been demolished yet by riots, we will
continue with a series of individual presentations:
- Jon McClintock, editor of Happy-SAD (Systems Administrator Digest) will
demonstrate how to install Linux.
- Bronc Buster will hold forth on the Windows 95 denial of service programs
his Web site offers.
- Carolyn Meinel will demonstrate how to read email headers, create, and
decipher forged email.
Breakout Tech Sessions:
16:00 Awards for Capture the Flag
End of it all, cleanup, etc. See you all next year!
EVENTS:----------------------------------------------------------------------
[> HACKER JEOPARDY:
Winn is back with Hacker Jeopardy!! The third year in the running!
Can the all-powerful Strat and his crypto-minion Erik, whose force
cannot be contained, be defeated?! Will the powers that be allow
Strat-Meister to dominate this beloved event for the third year in
a row?! Can Erik continue to pimp-slap the audience into submission
with a spoon in his mouth?!? Only Skill, Time, and booze will tell
the tail!
The Holy Cow will help supply the beer, you supply the answers.
The first round starts at 12 midnight o'clock on Friday and lasts
until it is done. The second and secret rounds will happen Saturday
at midnight.
6 teams will be picked at random and compete for the final round.
There can be only one! Strat's Team, the winners from last year
will defend if all the members can be found.
[> FREE BEER!
Holy Cow will provide free beer tickets! If you are over 21 prepare
to consume "hacker" beers. Actually it's whatever beer they have on
tap, but it's the best beer in Las Vegas. Follow Las Vegas Blvd. up
until you see the florescent cow with the big sunglasses. All taxi
drivers know of this Mecca. Over 1,000 free beers in all!
[> BLACK AND WHITE BALL:
We've talked it over, and the verdict is in. For the last two years
at DEF CON there has been a sort of unspoken Saturday night dress up
event. People have worn everything from party dresses and Tuxedoes
to AJ's ultra pimp Swank outfit with tiger print kilt. This year it
is official. Wear your cool shit Saturday night, be it gothic or PVC
vinyl or Yakuza looking black MIBs. No prizes, just your chance to
be the uber-bustah pimp.
[> THE TCP/IP DRINKING GAME:
If you don't know the rules, you'll figure 'em out.
[> CAPTURE THE FLAG:
ALL NEW, ALL IMPROVED, MORE CONFRONTATIONAL,
1997 ILLUMINATI INVITATIONAL,
CAPTURE THE FLAG, HACKER STYLE.
The goal is to take over everybody else's server while protecting your
own. To cut down on lag time and federal offences we're providing a
playing field of 5 flag-machine networks connected by a big router in
the middle.
The rules:
1) No taking the network down for more than 60 seconds.
2) No taking any flag machine (including your own) down for more than
3 minutes.
3) In order to be counted in the game, a team's flag machine must
- be directly connected to the network;
- have a text file flag on the machine readable by at least 2
accounts,
- keep at least 3 *normal* services running in a way that a
client could actually get their work done using them.
- run a web server if technically possible.
4) No goonery/summoning of elder gods/Mickey Finns/physical
coercion... you get the idea. ( You had the idea, but we're
trying to prevent you from using it. )
The field of play :
Each network will have a "server" of some kind on it, called the flag
machine. At the start of the game, these servers will be stock
installations a lot like what you'd see on the average academic/secret
cabal/military/megacorp network. Each of these machines will have a
PGP private key, named root.flag, and a web server.
There will also be a machine to provide DNS, called the scoreboard.
Teams:
Teams can be one human or more. In order to be a team, you have
to generate 20 256bit PGP key pairs, have a DEFCON goon pgp-sign
them and put the public keys on the scoreboard webserver. We'll
generate a hundred key pairs in advance, so the first five teams can
just grab a floppy disk (if they're trusting).
To prove that you've hacked a flag machine, PGP - sign a message with
the root.flag from the hacked machine, then with one of your own.
Post the doubly-signed message on the scorekeeper web server, and
you've captured that flag (and invalidated the captured root.flag).
When you've captured a flag, decide between conquest and
condescension: either take over the server yourself, or hand it back
to its not-so-eleet owners. To conquer, put one of your PGP private
keys on the captured server to become the next root.flag. (Of
course, you have to properly secure the server to maintain your new
territory.)
To condescend, just wait until the original owners see their shame
spread across the scoreboard. (It would sure be a pity if
they had to put up a new key before they figured out how you got in
last time, wouldn't it?)
Two Ways to Win:
#1 EVIL EMPIRE: Whoever has the most servers responding with their
teams' private keys at the end wins.
#2 PIRATE: Fabulous prizes will also be given to whoever racks up the
highest total number of flags captured.
Rough game mechanics (why is everyone so untrusting?):
Once every 5 minutes or more, the scoreboard machine will post a
plaintext challenge. Every team that claims to own a server has to
PGP-sign that challenge with the private key registered for that
server and post the signed version on their machine. If a server
can't respond within 3 minutes, then nobody owns it, and it's fair
game to be taken back over by the goons.
Specific rules will be available in print at DefCon before the game
begins.
This was a message from The People
[> QUAKE COMPETITION:
http://www.ctive.com/ntech/defcon.htm
This year knightPhlight contacted me and wanted to organize a single
elimination Quake competition to find out who that badest ass 'mo 'fo
is. Check out the web site to get the rules, sign up, or to
donate a computer the greater good of destruction.
It is IMHO that Quake by id Software rules 3D action gaming. But who
rules Quake? We'll find out this July 11th-13th at the DefCon
Conference in Las Vegas. This isn't going to be a networked game
intent on quickly eliminating as many players as possible in a single
round. Rather, one-on-one games will be played to absolutely
determine who the best really is.
Of course, you already know your the best so why would you feel
obligated to prove it? Because we'll give the first place winner
$750. Now, being the wily person you are, I bet you would like to
know where I got the money for the prizes. It'll come from your
registration fee of $7.50. Any half wit can do the math and see the
10,000% return for the winner. But just for entering you'll be in a
drawing for really kewl stuff. If you don't think its kewl you can
just give us your email address and we'll be happy to send you a
couple hundred thousand messages explaining why the prizes are great.
[> NET CONNECTION AND TOPOLOGY:
DefCon 5 Network Plan (v.99)
Telecommunications
------------------
Media Type: T1 ESF/B8ZS (not D4/AMI)
Service Provider: Las Vegas Digital Internet
Telco: Sprint
Equipment needed Equipment on-hand
---------------- ----------------------------------------------
CSU/DSU Verilink AS2000's with NCC 2301 cards (JC)
Router Cisco 2501 (Lock)
Net Admin server (Lock )
10bT Hubs 16-port from Lock - need more to populate the room
10bT Cable (miles) Everybody bring their own - will need some extra
to link hubs
Network Services:
-----------------
Web Server
CU-reflector
RealAudio Server
IRC server?
This year we are pre-building many of the network boxes so the net
can go up first thing Friday. It looks like we will have a T1 line
and we will break it out to 10 BaseT hubs. If you want in on the
network bring along the appropriate cables and adapters.
More Net Madness! The T1 bandwidth will allow us to do the
following cool stuff:
- Have several color quickcams and a CU-SeeMe reflector site set
up so people not at the con can check out what's going on. During
the convention check out the DEF CON web site to get the location
of the reflector site. You should get and install the software
needed to view CU-SeeMe streams in advance!
- Have a RealAudio server set up to stream the speakers talks to
those who can not attend.
- Potentially play a competitive multi user game(s) over the net.
NOTE! If you wish to participate interactively with the convention
please e-mail me and we can coordinate something. It would be
great to get people from all over the world involved.
[> 5th ANNUAL SPOT THE FED CONTEST:
The ever popular paranoia builder. Who IS that person next to you?
"Like a paranoid version of pin the tail on the donkey, the
favorite sport at this gathering of computer hackers and phone
phreaks seems to be hunting down real and imagined telephone
security and Federal and local law enforcement authorities who the
attendees are certain are tracking their every move.. .. Of course,
they may be right."
- John Markhoff, NYT
Basically the contest goes like this: If you see some shady MIB
(Men in Black) earphone penny loafer sunglass wearing Clint Eastwood
to live and die in LA type lurking about, point him out. Just get
my attention and claim out loud you think you have spotted a fed.
The people around at the time will then (I bet) start to discuss the
possibility of whether or not a real fed has been spotted. Once
enough people have decided that a fed has been spotted, and the
Identified Fed (I.F.) has had a say, and informal vote takes place,
and if enough people think it's a true fed, or fed wanna-be, or
other nefarious style character, you win a "I spotted the fed!"
shirt, and the I.F. gets an "I am the fed!" shirt.
NOTE TO THE FEDS: This is all in good fun, and if you survive
unmolested and undetected, but would still secretly like an "I am
the fed!" shirt to wear around the office or when booting in doors,
please contact me when no one is looking and I will take your
order(s). Just think of all the looks of awe you'll generate at
work wearing this shirt while you file away all the paperwork
you'll have to produce over this convention. I won't turn in any
feds who contact me, they have to be spotted by others.
DOUBLE SECRET NOTE TO FEDS: This year I am printing up extra "I
am the Fed!" shirts, and will be trading them for coffee mugs,
shirts or baseball hats from your favorite TLA. If you want to
swap bring along some goodies and we can trade. Be stealth about
it if you don't want people to spot you. Agents from foreign
governments are welcome to trade too, but I gotta work on my mug
collection and this is the fastest way.
[> RAIL GUN DEMONSTRATION: (Friday)
On Friday afternoon there will be a demonstration of a hand held
rail gun. This garage project should be able to fire a graphite
washer very, very fast.
[> OMNIDIRECTIONAL CELL PHONE JAMMER DEMONSTRAITON: (Friday)
Another interesting creation to be tested on Friday in the desert.
Come along and watch you cell phone antenna explode with power!
See control channels crumble before you.
[> RADIO BURST CANNON DEMONSTRATION: (Friday)
While not quite a HERF gun, this should come close. The RBC should
be able to produce up to or less than one MegaWatt for up to or less
than one second. What will this do? Who knows! Come and find out.
Obviously the above demonstrations will take place away from the
local hospitals and casinos out in the desert someplace, so be
prepared.
HOTELS:----------------------------------------------------------------------
[> Book your room NOW!!! We have a block of rooms, but it is first come,
[> first served. Rooms get released about one month before the convention.
[> Book by June 9th or risk it. The room rates are quite cool this year.
PRIMARY HOTEL: The Aladdin Hotel and Casino
3667 Las Vegas Blvd. South, Las Vegas, Nevada
Built in 1966 it is one of the oldest hotels in Las Vegas that
hasn't been blown up to make room for newer ones. It is quite nice
and has Tennis courts, two swimming pools, Chinese, Vietnamese and
Korean. A Seafood and steakhouse, Joe's Diner and a 24 hour coffee
shop too. It's located next to the MGM Theme park on the strip.
PHONE: 1-800-634-3424, reference the "DC Communications conference"
for reservations. 702-736-0222
RATES: Single & Double rooms are $65 in the Garden section, $85 for
the Tower. Suites are $250 to $350. All costs are plus 8% room tax.
Rollaway beds are available for an additional $15 a night.
STUFF IN VEGAS:--------------------------------------------------------------
URLs
Listings of other hotels in Las Vegas, their numbers, WWW pages, etc.
http://www.intermind.net/im/hotel.html
http://vegasdaily.com/HotelCasinos/HotelAndCasinos/CasinoList.html
VENDORS / SPONSORS / RESEARCH:-----------------------------------------------
If you are interested in selling something (shirts, books,
computers, whatever) and want to get a table contact me for costs.
If you have some pet research and you want to have the participants
fill out anonymous questioners please contact me for the best way
to do this.
If you want to sponsor any event or part of DEF CON V in return for
favorable mentions and media manipulation please contact me. For
example in the past Secure Computing has sponsored a firewall
hacking contest.
MORE INFO:-------------------------------------------------------------------
[> DEF CON Voice Bridge (801) 855-3326
This is a multi-line voice bbs, VMB and voice conference system.
There are 5 or so conference areas, with up to eight people on each
one. Anyone can create a free VMB, and there are different voice
bbs sections for separate topics. This is a good neutral meeting
place to hook up with others.
The Voice bridge will be changing numbers soon, but the old number
will refer you to the new location. The new spot won't suffer from
"Phantom" bridges!
[> MAILING LIST
send emial to majordomo(a)merde.dis.org and in the body of the message
include the following on a separate line each.
subscribe dc-stuff
dc-announce is used for convention updates and major announcements,
dc-stuff is related to general conversation, planning rides and
rooms, etc.
[> WWW Site http://www.defcon.org/
Convention updates and archives from previous conventions are housed
here. Past speakers, topics, and stuff for sale. Also a growing
section of links to other places of interest and current events.
[> The Third Annual California Car Caravan to DEF CON!
http://www.netninja.com/caravan
There are also some resources (links to other web sites and text
files) generally related to DefCon--not specifically the California
Caravan. These resources are available at:
http://www.netninja.com/caravan/resources.html
[> The DEF CON V Car ride sharing page: Use this site to arrange ride
sharing to the convention from all over North America. If you can
spare a seat for someone, or need to leech a ride go to the ride
sharing page set up by Squeaky.
http://garbage.bridge.net/~defcon/defcon.html
[> EMAIL dtangent(a)defcon.org
Send all email questions / comments to dtangent(a)defcon.org. It has
been said that my email is monitored by various people. If you want
to say something private, please do so with my pgp key (At the
bottom of this announcement) I usually respond to everything, if
not I'm swamped or had a system problem.
[> GIVE ME MONEY! SNAIL MAIL PRE-REGISTRATION
Send all written materials, pre-registrations, etc. to:
DEF CON, 2709 E. Madison, Seattle WA, 98112
If you are pre-registering for $30 please make payable to DEF CON
and include a name to which you want the registration to apply.
I don't respond to registrations unless you request.
DO YOU WANT TO HELP?---------------------------------------------------------
Here is what you can do if you want to help out or participate in
some way:
Donate stuff for the continuous giveaways and the various contests.
Got extra ancient stuff, or new cool stuff you don't use anymore?
Donate it to a good cause! One person was very happy over winning
an osborne "portable" computer.
ORGANIZE sharing a room or rides with other people in your area.
Join the mailing list and let people know you have floor space or
some extra seats in your car. Hey, what's the worst that can
happen besides a trashed hotel room or a car-jacking?
CREATE questions for hacker jeopardy (you know how the game is
played) and email them to winn(a)infowar.com. No one helped out last
year, so this year let's try. Everything from "Famous narks" to
"unix bugs" is fair game.
BRING a machine with a 10bt interface card, and get on the local
network, trade pgp signatures, etc.
FINAL CHECK LIST OF STUFF TO BRING:------------------------------------------
From: Enigma
Here is a list of items to bring to DefCon. These are only
suggestions. Your mileage may vary. :)
Items to bring to DefCon
~~~~~ ~~ ~~~~~ ~~ ~~~~~~
Clothing
- Comfortable shirts and pants/shorts
- Socks, underwear, etc
- Bathing suit
- Toiletries (deodorant, toothbrush, comb, hair spray,..., giant
tub of hair grease, Oxy pads, etc)
- An extra towel (don't leave home without it. Anyway, doesn't
it always seem that you run out of clean towels in the
bathroom?)
- Something cool, hip, pimp-o-matic, or ninja-riffic to wear
Saturday night at the Black and White Ball
You can skip the deodorant and extra clothing if all you are going
to do is play "Magic: The Gathering" and "Quake." Everyone else
does.
Stuph
- Your shades. Vegas is hot. The sun is bright. 'Nuff said.
(If you wear eye glasses, I hear the clip-on, flip-up sunglasses
are quite the fashion statement)
- Sunscreen of at least SPF 100. After spending hundreds of hours
in front of the monitor, who needs the sun to ruin their ghostly
white tan?
- A hat--preferably with a cool logo or catchy phrase like "Gandalf
Routers," "Netscape," "Microsoft [with "sucks" scrawled below it
in permanent marker]", "I [heart] [insert government institution:
Cops, Feds, etc]"...you get the idea
- Note book, palmtop, or laptop to take notes on during the speeches
- [Micro]casette recorder to record the speeches (or everyone
getting drunk in your room Saturday night, not knowing what they
are saying, with no hope of remembering it...excellent blackmail
material!)
- Camcorder (see above...<>)
- Digital camera--for all of the above reasons PLUS you can
instantly upload the images through the T1 onto the net
- Fake ID for all of you under 18/21
- Fake ID for everyone else, if you're planning something illegal
- Your best jokes (Nooooo! Not the superman joke! Not the pink
joke)
- Your best hacking stories...these are all about something "your
friend" did, aren't they? You wouldn't admit to doing anything
illegal, now, would you?
- Someone else's--oops, I mean "your" credit card numbers
Fun
- Your drug(s) of choice -- From caffeine to pot to speed to acid
- Zippo and extra fuel. And while you're at it, put an extra flint
(assuming you can find one in the back of your junk drawer) in
the bottom. You always run out at just the wrong time.
- Extra smokez (Splurge: get some cigars or cloves for the weekend)
- Leather
- Handcuffs and chains, nipple clamps, etc.
- Saran wrap, duct tape, electrical tape, gaffer's tape
- Candles (the drippy kind)
- Incense
- Oils
- Your copy of "The Pocket Kama Sutra" (ISBN 0-7894-0437-0)
- That corn starch and water "slime" that Light Ray (I believe) and
others believed to be the ultimate thing, several DefCon's back.
Tech
- Laptop w/ Ethernet card
- Extra laptop battery
- A zip drive with a stack of disks containing all your soooper
k-rad haxing utilities and g-files
- 10bt/10b2 cabling
- A small hub
- You did remember to put a packet sniffer on your zip disk, right?
Just checking.
- Every power cord you could possibly need
- A serial cable with a plethora of adapters so you can get each
end to be male/female, 9pin/25pin, null-modem/straight
- Cable to connect the above mentioned digital camera to the laptop
- Scanner (modded, of course)
- Frequency counter (I hear the "Scout" is pretty good)
- HAM radio. Any band, any frequency. You didn't modify it to
transmit on arbitrary frequencies, did you? Naughty monkey!
- An assortment of tuned antennas
- That zip disk has the FCC frequency allocations on it, right?
- Your uber-elite organizer (the DOS based HP palmtops are quite
cool) to collect handles and email addresses from people
- High energy weapons ("Is that an unlicensed nuclear accelerator
on your back?" "No, it's just a HERF gun." "Oh.")
- Laser pointer (don't get kicked out of the hotel again, youz
doodz)
- Your "white courtesy phone" that you stole from the Monte Carlo
last year
- A microbroadcasting station with plenty of tuneage
- Your lock picks or lock picking gun
- A pocket-sized tool kit containing a modular screwdriver and
plenty of attachments (flathead, philips, torx, hex, etc)
- A pocket knife, pliers and wire cutters--or alternatively a
Leatherman's tool
- Hell, while you're at it: why not some bring bolt cutters, a
sledge hammer, and a hack saw?
- Telephone handset with alligator clips. Or, if you're uber-
31337, you have a lineman's butt set (with the serial number
and telco logo filed off)
- Bubble gum or epoxy putty--anything maleable and hardens.
This is good for fixing hoses under the hood of your car.
It's also useful to jam mechanical sensors (What would happen
if the microwave always though it's door was open? Or if the
elevator always thought there was someone blocking the path
of the door? Wouldn't hotel security be pissed if they
couldn't get into their security room because someone jammed
a toothpick into the keyhole with krazy glue?)
- An alabi
- Spam
- Multimeter
- Cordless electric soldering iron
- Parts box
MY PGP KEY:------------------------------------------------------------------
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.1
mQCNAy6v5H8AAAEEAJ7xUzvdRFMtJW3CLRs2yXL0BC9dBiB6+hAPgBVqSWbHWVIT
/5A38LPA4zqeGnGpmZjGev6rPeFEGxDfoV68voLOonRPcea9d/ow0Aq2V5I0nUrl
LKU7gi3TgEXvhUmk04hjr8Wpr92cTEx4cIlvAeyGkoirb+cihstEqldGqClNAAUR
tCZUaGUgRGFyayBUYW5nZW50IDxkdGFuZ2VudEBkZWZjb24ub3JnPg==
=ngNC
-----END PGP PUBLIC KEY BLOCK-----
1
0
[I'm planning to show up Friday morning. Anyone else going? --Declan]
*******
READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIB
DEF CON V Convention Announcement #1.19 (06.30.97)
July 11-13th @ the Aladdin Hotel and Casino in Las Vegas
XXXXXXXXXXXXXXXXXXXXXXXX XX DEF CON V Convention Announcement
XXXXXXXxxxxXXXXXXXXXXXXXXX XX DEF CON V Convention Announcement
XXXXXXxxxxxxXXXXXX X X DEF CON V Convention Announcement
XXXXXxxxxxxxxXXXXXXX X DEF CON V Convention Announcement
XXXXxxxxxxxxxxXXXX XXXXXXXXX DEF CON V Convention Announcement
XXXxxxxxxxxxxxxXXXXXXXXXX X DEF CON V Convention Announcement
XXxxxxxxxxxxxxxxXXXXXX XX X DEF CON V Convention Announcement
XXXxxxxxxxxxxxxXXXXXXXX DEF CON V Convention Announcement
XXXXxxxxxxxxxxXXXXXXXX X XX DEF CON V Convention Announcement
XXXXXxxxxxxxxXXXXXXXXXX XX X DEF CON V Convention Announcement
XXXXXXxxxxxxXXXXXXXXX X DEF CON V Convention Announcement
XXXXXXXxxxxXXXXXXXXXXXXXXX DEF CON V Convention Announcement
XXXXXXXXXXXXXXXXXXXXXXXXXXXX X DEF CON V Convention Announcement
READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIBUTE & READ & DISTRIB
The only convention with free beer!
IN SHORT:--------------------------------------------------------------------
WHAT: Speakers and partying in Vegas for all hackers
WHEN: July 11th - 13th
WHERE: Las Vegas, Nevada @ the Aladdin Hotel and Casino
COSTS: $30 in advance, $40 at the door
MORE INFO: http://www.defcon.org or email info(a)defcon.org
IN LONG:---------------------------------------------------------------------
It's time to brave Las Vegas again for DEF CON! This is an initial
announcement and invitation to DEF CON V, a convention for the "underground"
elements of the computer culture. We try to target the (Fill in your
favorite word here): Hackers, Phreaks, Hammies, Virii Coders, Programmers,
Crackers, Cyberpunk Wannabees, Civil Liberties Groups, CypherPunks,
Futurists, Artists, Criminally Insane, Hearing Impaired. It seems that
books about the culture are becoming more popular, so of course reporters
are also welcome. You won't be hurt. I promise. Just bring cash for
drinks.
So you heard about DEF CON IV, and want to hit part V? You heard about the
parties, the info discussed, the bizarre atmosphere of Las Vegas and want to
check it out in person? You want to do weird shit _away_ from the hotel
where you can't get me in trouble? You have intimate knowledge of the SWIFT
network, and want to transfer millions of dollars to the Def Con account?
Then you're just the person to attend!
What DEF CON is known for is the open discussion of all ideas, the free
environment to make new contacts and the lack of ego. More people have made
great friends at DEF CON over the years than my brain can conceive of. DEF
CON is also known for letting the "Suits" (Government / Corporate) mix with
everyone and get an idea of what the scene is all about. The media makes an
appearance every year and we try to educate them as to what is really going
on. Basically it has turned into the place to be if you are at all
interested in the computer underground.
[Note]-----------------------------------------------------------------------
Now last year over 800 people showed up and threw my whole program for a
loop. I was thinking 500+ people, but when 800 showed up it got a little
crazy for the planning staff. This year I am planning for 1,000. This
way I will be able to accommodate everyone and have less logistical screw-
ups.
I would also like to apologize to everyone last year who had temporary
badges for half the convention, etc. I will do all that is possible for
maximum coolness, and minimum hassles. Anyway, enough of my shit, on with
the details.
[End Note]-------------------------------------------------------------------
SPEAKERS:--------------------------------------------------------------------
Over the years DEF CON has had many notable speakers. This year there will
be more of an emphasis on technical talks. There will be a separate smaller
room for break-out sessions of more specific topics. While the talks of the
past have been great, it always seems some tech people drop out and general
talks fill in. I will load it tech heavy so when people do drop out there
will still be plenty of meat left for the propeller heads.
There will be some speaking on Friday evening before Hacker Jeopardy, all
day Saturday and Sunday. About 20 people will speak, plus smaller tech
sessions. If you are interested in speaking or demonstrating something
please contact me.
Current speakers include:
[> Nhil - Windows NT (in)security. The challenge response system, NT 5.0
Kerb security services, man in the middle attacks on domain controllers.
This will be a more technical discussion of NT related security.
[> Koresh - Hacking Novell Netware.
[> Yobie - Emerging infrastructures made possible by Java. He will describe
and talk about Java as the foundation for a global, object-oriented
distributed network. New concepts and computing paradigms will discussed
as well as applications for both applications development or straight-out
hacking.
[> Mudge - System Administrator for L0pht Heavy Industries. He will present
a technical talk on something cool.
[> Clovis - From the Hacker Jeopardy winning team. He will discuss issues
with security and networked object systems, looking at some of the
recent security issues found with activeX and detail some of the
potentials and problems with network objects. Topics will include
development of objects, distributed objects, standards, ActiveX, corba,
and hacking objects.
[> Bruce Schneier - Author of Applied Cryptography and the Blowfish
algorithm - Why cryptography is harder than it looks.
[> FBI Computer Crime Squad - They will make another appearance this year
only if I can bribe them with the audio from last years convention. Can
I do it in time?
[> Richard Thieme - "The Dynamics of Social Engineering: a cognitive map for
getting what you need to know, working in networks, and engaging in
espionage quietly; the uses of paranoia, imagination, and grandiosity
to build the Big Picture.
[> Wrangler - Packet Sniffing: He will define the idea, explain everything
from 802.2 frames down to the TCP datagram, and explain the mechanisms
(NIT, bpf) that different platforms provide to allow the hack.
Wrangler has been programming since seven column paper tape. He is a
loner with the social skills of a California Condor. He has never been
a member of LOD, MOD, or any other group. He has written no books, is
not currently employed, and refuses to discuss what he refers to as "that
credit card provider thing back when I used to do mainframe shit." His
current projects include looking for his next Fortune 100 contract and
writing the DEFCON V virus.
[> Seven - What the feds think of us.
[> Richard K. - Electronic countermeasures, counter espionage, risk
management. Should include a demonstration of electronic
countermeasures equipment as well as a talk on what works, what doesn't,
and the industry.
[> Tom Farley the Publisher of the "Private Line" journal, and Ken
Kumasawa of TeleDesign Management - Toll Fraud in the 90s: Two
perspectives. An overview of phreaking from a hackers point of view and
an industry/security consultants point.
[> Michael Quattrocchi - The future of digital cash and a presentation about
the modernization and state of register-level debit cards; in effect
currently throughout Canada.
[> The Deth Vegetable - "The Cult of the Dead Cow embarks on a new era of
Global Domination for the 21st Century three years early -- if you're
not at Defcon this year, you won't be down with the master plan.
Important announcements and startling new developments that will affect
the entire history of the Computer Underground as you know it."
[> Ira Winkler - Real life case studies of successful and unsuccessful
corporate espionage.
[> Sameer Parekh - c2.net - Why cryptography is harder than it looks, part
two. A look at implementation and production problems facing people and
companies wishing to develope and distribute strong encryption.
[> Carolyn P. Meinel - Moderator of the Happy Hacker Digest and mailing
lists. She will preside over a seperate Happy Hacker discussion
pannel that will cover the topics of wether or not "newbies" should have
information handed to them, or should they learn for themselves?
[> Dan Veeneman - Low Earth Orbit satellites are nearing the launch stage,
and this talk will cover the different systems that are planned and some
of the services they'll offer. A bit on GPS that wasn't covered last
year as well as the ever popular question and answer section.
[> Hobbit - CIFS is a load of CACA - Random SMB CIFS stuff in Microsfot
products.
[> Cyber - An overview and explanation of available crypto-tools. What
tools and programs do what, when to use them and on what platforms.
From someone who has spent lots of time playing around with the
currently available set of applications.
[> Keith - Has some experience writing firmware for embedded
microcontroller applications, and is giving a technical talk on
applications of microcontrollers in the h/p community.
[> James Jorasch - Hacking Vegas - How to games the gamers. From someone
who used to deal with hotel casino security. What really goes on?
SCHEDULE:--------------------------------------------------------------------
FRIDAY: Network Setup, Sign in, Informal PGP Keysigning at the "PGP table",
Lots of Partying. Capture the Flag Contest Starts at 16:00
On Friday there will be the demonstrations of the Radio Burst Cannon, a
"real" rail gun, and an omni-directional cell phone jammer. Times to be
announced.
10:00 - Doors open, sign in starts
10:00 - Movies start in main conference room
16:00 - Capture the Flag II starts
15:30 - Round up and head off for demonstrations of HERF, and
rail gun madness. Nothing may happen, then again..
23:30 - 23:00 James Jorasch - "Hacking Vegas" how to beat the system in
Vegas by someone who knows it inside and out.
23:00 - 03:00 Hacker Jeopardy Starts.
SATURDAY:
10:00 - 10:50 Richard Thieme - The Dynamics of Social Engineering.
11:00 - 11:50 Yobie - Emerging infrastructures made possible by Java.
12:00 - 12:50 Clovis - issues with security and networked object systems.
13:00 - 13:50 FBI Computer Crime Squad -
14:00 - 14:50 Deth Veggie - Global Domination, cDc style.
15:00 - 15:50 Seven - What the feds think of us.
16:00 - 16:50 Richard K. -
17:00 - 17:50 Tom Farley and Ken K. - Toll Fraud in the 90s: Two
perspectives.
Saturday Breakout Tech Sessions:
Koresh - Novell issues.
Mudge - Secure Coding.
Hobbit - Why CIFS is CACA.
Nihil - NT security issues.
Wrangler - Packet Sniffing.
Keith - firmware for embedded microcontroller applications.
24:00 (Midnight) Final rounds of Hacker Jeopardy.
SUNDAY:
10:00 - 10:50 Ira Winkler - Industrial Espionage.
11:00 - 11:50 Sameer - Why cryptography is harder than it looks, part two.
12:00 - 12:50 Cyber - An overview and explanation of available crypto-tools.
13:00 - 13:50 Carolyn Meinel - Happy Hacker Panel.
14:00 - 14:50 Michael Q. - The future of digital cash.
15:00 - 15:50 Dan Veeneman - Low Earth Orbit satellites.
Sunday Breakout Tech Sessions:
Happy Hacker track
Panel: "The Newbie Experiments"
Moderator is Carolyn Meinel, author of the Guides to (mostly) Harmless
Hacking series. Other panel members are:
- Matt Hinze, editor of the Happy Hacker Digest.
- Bronc Buster, who runs a Web forum, IRC server and the New Buckaroos Web
site for his fast-growing band of newbies.
- Mark Biernacki of Shellonly.com will talk about this new ISP which is
designed to make it easy for newbies to learn to hack. Just say "Telnet
port 22!"
- Jericho, who will hold forth on "Let the newbies fend for themselves."
We will allow each panel member to open with a brief presentation of his or
her work, followed by debate first among panel members, followed by Q&A from
the audience. We expect some intense debate:-)
Then if the Aladdin hotel hasn't yet been demolished yet by riots, we will
continue with a series of individual presentations:
- Jon McClintock, editor of Happy-SAD (Systems Administrator Digest) will
demonstrate how to install Linux.
- Bronc Buster will hold forth on the Windows 95 denial of service programs
his Web site offers.
- Carolyn Meinel will demonstrate how to read email headers, create, and
decipher forged email.
Breakout Tech Sessions:
16:00 Awards for Capture the Flag
End of it all, cleanup, etc. See you all next year!
EVENTS:----------------------------------------------------------------------
[> HACKER JEOPARDY:
Winn is back with Hacker Jeopardy!! The third year in the running!
Can the all-powerful Strat and his crypto-minion Erik, whose force
cannot be contained, be defeated?! Will the powers that be allow
Strat-Meister to dominate this beloved event for the third year in
a row?! Can Erik continue to pimp-slap the audience into submission
with a spoon in his mouth?!? Only Skill, Time, and booze will tell
the tail!
The Holy Cow will help supply the beer, you supply the answers.
The first round starts at 12 midnight o'clock on Friday and lasts
until it is done. The second and secret rounds will happen Saturday
at midnight.
6 teams will be picked at random and compete for the final round.
There can be only one! Strat's Team, the winners from last year
will defend if all the members can be found.
[> FREE BEER!
Holy Cow will provide free beer tickets! If you are over 21 prepare
to consume "hacker" beers. Actually it's whatever beer they have on
tap, but it's the best beer in Las Vegas. Follow Las Vegas Blvd. up
until you see the florescent cow with the big sunglasses. All taxi
drivers know of this Mecca. Over 1,000 free beers in all!
[> BLACK AND WHITE BALL:
We've talked it over, and the verdict is in. For the last two years
at DEF CON there has been a sort of unspoken Saturday night dress up
event. People have worn everything from party dresses and Tuxedoes
to AJ's ultra pimp Swank outfit with tiger print kilt. This year it
is official. Wear your cool shit Saturday night, be it gothic or PVC
vinyl or Yakuza looking black MIBs. No prizes, just your chance to
be the uber-bustah pimp.
[> THE TCP/IP DRINKING GAME:
If you don't know the rules, you'll figure 'em out.
[> CAPTURE THE FLAG:
ALL NEW, ALL IMPROVED, MORE CONFRONTATIONAL,
1997 ILLUMINATI INVITATIONAL,
CAPTURE THE FLAG, HACKER STYLE.
The goal is to take over everybody else's server while protecting your
own. To cut down on lag time and federal offences we're providing a
playing field of 5 flag-machine networks connected by a big router in
the middle.
The rules:
1) No taking the network down for more than 60 seconds.
2) No taking any flag machine (including your own) down for more than
3 minutes.
3) In order to be counted in the game, a team's flag machine must
- be directly connected to the network;
- have a text file flag on the machine readable by at least 2
accounts,
- keep at least 3 *normal* services running in a way that a
client could actually get their work done using them.
- run a web server if technically possible.
4) No goonery/summoning of elder gods/Mickey Finns/physical
coercion... you get the idea. ( You had the idea, but we're
trying to prevent you from using it. )
The field of play :
Each network will have a "server" of some kind on it, called the flag
machine. At the start of the game, these servers will be stock
installations a lot like what you'd see on the average academic/secret
cabal/military/megacorp network. Each of these machines will have a
PGP private key, named root.flag, and a web server.
There will also be a machine to provide DNS, called the scoreboard.
Teams:
Teams can be one human or more. In order to be a team, you have
to generate 20 256bit PGP key pairs, have a DEFCON goon pgp-sign
them and put the public keys on the scoreboard webserver. We'll
generate a hundred key pairs in advance, so the first five teams can
just grab a floppy disk (if they're trusting).
To prove that you've hacked a flag machine, PGP - sign a message with
the root.flag from the hacked machine, then with one of your own.
Post the doubly-signed message on the scorekeeper web server, and
you've captured that flag (and invalidated the captured root.flag).
When you've captured a flag, decide between conquest and
condescension: either take over the server yourself, or hand it back
to its not-so-eleet owners. To conquer, put one of your PGP private
keys on the captured server to become the next root.flag. (Of
course, you have to properly secure the server to maintain your new
territory.)
To condescend, just wait until the original owners see their shame
spread across the scoreboard. (It would sure be a pity if
they had to put up a new key before they figured out how you got in
last time, wouldn't it?)
Two Ways to Win:
#1 EVIL EMPIRE: Whoever has the most servers responding with their
teams' private keys at the end wins.
#2 PIRATE: Fabulous prizes will also be given to whoever racks up the
highest total number of flags captured.
Rough game mechanics (why is everyone so untrusting?):
Once every 5 minutes or more, the scoreboard machine will post a
plaintext challenge. Every team that claims to own a server has to
PGP-sign that challenge with the private key registered for that
server and post the signed version on their machine. If a server
can't respond within 3 minutes, then nobody owns it, and it's fair
game to be taken back over by the goons.
Specific rules will be available in print at DefCon before the game
begins.
This was a message from The People
[> QUAKE COMPETITION:
http://www.ctive.com/ntech/defcon.htm
This year knightPhlight contacted me and wanted to organize a single
elimination Quake competition to find out who that badest ass 'mo 'fo
is. Check out the web site to get the rules, sign up, or to
donate a computer the greater good of destruction.
It is IMHO that Quake by id Software rules 3D action gaming. But who
rules Quake? We'll find out this July 11th-13th at the DefCon
Conference in Las Vegas. This isn't going to be a networked game
intent on quickly eliminating as many players as possible in a single
round. Rather, one-on-one games will be played to absolutely
determine who the best really is.
Of course, you already know your the best so why would you feel
obligated to prove it? Because we'll give the first place winner
$750. Now, being the wily person you are, I bet you would like to
know where I got the money for the prizes. It'll come from your
registration fee of $7.50. Any half wit can do the math and see the
10,000% return for the winner. But just for entering you'll be in a
drawing for really kewl stuff. If you don't think its kewl you can
just give us your email address and we'll be happy to send you a
couple hundred thousand messages explaining why the prizes are great.
[> NET CONNECTION AND TOPOLOGY:
DefCon 5 Network Plan (v.99)
Telecommunications
------------------
Media Type: T1 ESF/B8ZS (not D4/AMI)
Service Provider: Las Vegas Digital Internet
Telco: Sprint
Equipment needed Equipment on-hand
---------------- ----------------------------------------------
CSU/DSU Verilink AS2000's with NCC 2301 cards (JC)
Router Cisco 2501 (Lock)
Net Admin server (Lock )
10bT Hubs 16-port from Lock - need more to populate the room
10bT Cable (miles) Everybody bring their own - will need some extra
to link hubs
Network Services:
-----------------
Web Server
CU-reflector
RealAudio Server
IRC server?
This year we are pre-building many of the network boxes so the net
can go up first thing Friday. It looks like we will have a T1 line
and we will break it out to 10 BaseT hubs. If you want in on the
network bring along the appropriate cables and adapters.
More Net Madness! The T1 bandwidth will allow us to do the
following cool stuff:
- Have several color quickcams and a CU-SeeMe reflector site set
up so people not at the con can check out what's going on. During
the convention check out the DEF CON web site to get the location
of the reflector site. You should get and install the software
needed to view CU-SeeMe streams in advance!
- Have a RealAudio server set up to stream the speakers talks to
those who can not attend.
- Potentially play a competitive multi user game(s) over the net.
NOTE! If you wish to participate interactively with the convention
please e-mail me and we can coordinate something. It would be
great to get people from all over the world involved.
[> 5th ANNUAL SPOT THE FED CONTEST:
The ever popular paranoia builder. Who IS that person next to you?
"Like a paranoid version of pin the tail on the donkey, the
favorite sport at this gathering of computer hackers and phone
phreaks seems to be hunting down real and imagined telephone
security and Federal and local law enforcement authorities who the
attendees are certain are tracking their every move.. .. Of course,
they may be right."
- John Markhoff, NYT
Basically the contest goes like this: If you see some shady MIB
(Men in Black) earphone penny loafer sunglass wearing Clint Eastwood
to live and die in LA type lurking about, point him out. Just get
my attention and claim out loud you think you have spotted a fed.
The people around at the time will then (I bet) start to discuss the
possibility of whether or not a real fed has been spotted. Once
enough people have decided that a fed has been spotted, and the
Identified Fed (I.F.) has had a say, and informal vote takes place,
and if enough people think it's a true fed, or fed wanna-be, or
other nefarious style character, you win a "I spotted the fed!"
shirt, and the I.F. gets an "I am the fed!" shirt.
NOTE TO THE FEDS: This is all in good fun, and if you survive
unmolested and undetected, but would still secretly like an "I am
the fed!" shirt to wear around the office or when booting in doors,
please contact me when no one is looking and I will take your
order(s). Just think of all the looks of awe you'll generate at
work wearing this shirt while you file away all the paperwork
you'll have to produce over this convention. I won't turn in any
feds who contact me, they have to be spotted by others.
DOUBLE SECRET NOTE TO FEDS: This year I am printing up extra "I
am the Fed!" shirts, and will be trading them for coffee mugs,
shirts or baseball hats from your favorite TLA. If you want to
swap bring along some goodies and we can trade. Be stealth about
it if you don't want people to spot you. Agents from foreign
governments are welcome to trade too, but I gotta work on my mug
collection and this is the fastest way.
[> RAIL GUN DEMONSTRATION: (Friday)
On Friday afternoon there will be a demonstration of a hand held
rail gun. This garage project should be able to fire a graphite
washer very, very fast.
[> OMNIDIRECTIONAL CELL PHONE JAMMER DEMONSTRAITON: (Friday)
Another interesting creation to be tested on Friday in the desert.
Come along and watch you cell phone antenna explode with power!
See control channels crumble before you.
[> RADIO BURST CANNON DEMONSTRATION: (Friday)
While not quite a HERF gun, this should come close. The RBC should
be able to produce up to or less than one MegaWatt for up to or less
than one second. What will this do? Who knows! Come and find out.
Obviously the above demonstrations will take place away from the
local hospitals and casinos out in the desert someplace, so be
prepared.
HOTELS:----------------------------------------------------------------------
[> Book your room NOW!!! We have a block of rooms, but it is first come,
[> first served. Rooms get released about one month before the convention.
[> Book by June 9th or risk it. The room rates are quite cool this year.
PRIMARY HOTEL: The Aladdin Hotel and Casino
3667 Las Vegas Blvd. South, Las Vegas, Nevada
Built in 1966 it is one of the oldest hotels in Las Vegas that
hasn't been blown up to make room for newer ones. It is quite nice
and has Tennis courts, two swimming pools, Chinese, Vietnamese and
Korean. A Seafood and steakhouse, Joe's Diner and a 24 hour coffee
shop too. It's located next to the MGM Theme park on the strip.
PHONE: 1-800-634-3424, reference the "DC Communications conference"
for reservations. 702-736-0222
RATES: Single & Double rooms are $65 in the Garden section, $85 for
the Tower. Suites are $250 to $350. All costs are plus 8% room tax.
Rollaway beds are available for an additional $15 a night.
STUFF IN VEGAS:--------------------------------------------------------------
URLs
Listings of other hotels in Las Vegas, their numbers, WWW pages, etc.
http://www.intermind.net/im/hotel.html
http://vegasdaily.com/HotelCasinos/HotelAndCasinos/CasinoList.html
VENDORS / SPONSORS / RESEARCH:-----------------------------------------------
If you are interested in selling something (shirts, books,
computers, whatever) and want to get a table contact me for costs.
If you have some pet research and you want to have the participants
fill out anonymous questioners please contact me for the best way
to do this.
If you want to sponsor any event or part of DEF CON V in return for
favorable mentions and media manipulation please contact me. For
example in the past Secure Computing has sponsored a firewall
hacking contest.
MORE INFO:-------------------------------------------------------------------
[> DEF CON Voice Bridge (801) 855-3326
This is a multi-line voice bbs, VMB and voice conference system.
There are 5 or so conference areas, with up to eight people on each
one. Anyone can create a free VMB, and there are different voice
bbs sections for separate topics. This is a good neutral meeting
place to hook up with others.
The Voice bridge will be changing numbers soon, but the old number
will refer you to the new location. The new spot won't suffer from
"Phantom" bridges!
[> MAILING LIST
send emial to majordomo(a)merde.dis.org and in the body of the message
include the following on a separate line each.
subscribe dc-stuff
dc-announce is used for convention updates and major announcements,
dc-stuff is related to general conversation, planning rides and
rooms, etc.
[> WWW Site http://www.defcon.org/
Convention updates and archives from previous conventions are housed
here. Past speakers, topics, and stuff for sale. Also a growing
section of links to other places of interest and current events.
[> The Third Annual California Car Caravan to DEF CON!
http://www.netninja.com/caravan
There are also some resources (links to other web sites and text
files) generally related to DefCon--not specifically the California
Caravan. These resources are available at:
http://www.netninja.com/caravan/resources.html
[> The DEF CON V Car ride sharing page: Use this site to arrange ride
sharing to the convention from all over North America. If you can
spare a seat for someone, or need to leech a ride go to the ride
sharing page set up by Squeaky.
http://garbage.bridge.net/~defcon/defcon.html
[> EMAIL dtangent(a)defcon.org
Send all email questions / comments to dtangent(a)defcon.org. It has
been said that my email is monitored by various people. If you want
to say something private, please do so with my pgp key (At the
bottom of this announcement) I usually respond to everything, if
not I'm swamped or had a system problem.
[> GIVE ME MONEY! SNAIL MAIL PRE-REGISTRATION
Send all written materials, pre-registrations, etc. to:
DEF CON, 2709 E. Madison, Seattle WA, 98112
If you are pre-registering for $30 please make payable to DEF CON
and include a name to which you want the registration to apply.
I don't respond to registrations unless you request.
DO YOU WANT TO HELP?---------------------------------------------------------
Here is what you can do if you want to help out or participate in
some way:
Donate stuff for the continuous giveaways and the various contests.
Got extra ancient stuff, or new cool stuff you don't use anymore?
Donate it to a good cause! One person was very happy over winning
an osborne "portable" computer.
ORGANIZE sharing a room or rides with other people in your area.
Join the mailing list and let people know you have floor space or
some extra seats in your car. Hey, what's the worst that can
happen besides a trashed hotel room or a car-jacking?
CREATE questions for hacker jeopardy (you know how the game is
played) and email them to winn(a)infowar.com. No one helped out last
year, so this year let's try. Everything from "Famous narks" to
"unix bugs" is fair game.
BRING a machine with a 10bt interface card, and get on the local
network, trade pgp signatures, etc.
FINAL CHECK LIST OF STUFF TO BRING:------------------------------------------
From: Enigma
Here is a list of items to bring to DefCon. These are only
suggestions. Your mileage may vary. :)
Items to bring to DefCon
~~~~~ ~~ ~~~~~ ~~ ~~~~~~
Clothing
- Comfortable shirts and pants/shorts
- Socks, underwear, etc
- Bathing suit
- Toiletries (deodorant, toothbrush, comb, hair spray,..., giant
tub of hair grease, Oxy pads, etc)
- An extra towel (don't leave home without it. Anyway, doesn't
it always seem that you run out of clean towels in the
bathroom?)
- Something cool, hip, pimp-o-matic, or ninja-riffic to wear
Saturday night at the Black and White Ball
You can skip the deodorant and extra clothing if all you are going
to do is play "Magic: The Gathering" and "Quake." Everyone else
does.
Stuph
- Your shades. Vegas is hot. The sun is bright. 'Nuff said.
(If you wear eye glasses, I hear the clip-on, flip-up sunglasses
are quite the fashion statement)
- Sunscreen of at least SPF 100. After spending hundreds of hours
in front of the monitor, who needs the sun to ruin their ghostly
white tan?
- A hat--preferably with a cool logo or catchy phrase like "Gandalf
Routers," "Netscape," "Microsoft [with "sucks" scrawled below it
in permanent marker]", "I [heart] [insert government institution:
Cops, Feds, etc]"...you get the idea
- Note book, palmtop, or laptop to take notes on during the speeches
- [Micro]casette recorder to record the speeches (or everyone
getting drunk in your room Saturday night, not knowing what they
are saying, with no hope of remembering it...excellent blackmail
material!)
- Camcorder (see above...<>)
- Digital camera--for all of the above reasons PLUS you can
instantly upload the images through the T1 onto the net
- Fake ID for all of you under 18/21
- Fake ID for everyone else, if you're planning something illegal
- Your best jokes (Nooooo! Not the superman joke! Not the pink
joke)
- Your best hacking stories...these are all about something "your
friend" did, aren't they? You wouldn't admit to doing anything
illegal, now, would you?
- Someone else's--oops, I mean "your" credit card numbers
Fun
- Your drug(s) of choice -- From caffeine to pot to speed to acid
- Zippo and extra fuel. And while you're at it, put an extra flint
(assuming you can find one in the back of your junk drawer) in
the bottom. You always run out at just the wrong time.
- Extra smokez (Splurge: get some cigars or cloves for the weekend)
- Leather
- Handcuffs and chains, nipple clamps, etc.
- Saran wrap, duct tape, electrical tape, gaffer's tape
- Candles (the drippy kind)
- Incense
- Oils
- Your copy of "The Pocket Kama Sutra" (ISBN 0-7894-0437-0)
- That corn starch and water "slime" that Light Ray (I believe) and
others believed to be the ultimate thing, several DefCon's back.
Tech
- Laptop w/ Ethernet card
- Extra laptop battery
- A zip drive with a stack of disks containing all your soooper
k-rad haxing utilities and g-files
- 10bt/10b2 cabling
- A small hub
- You did remember to put a packet sniffer on your zip disk, right?
Just checking.
- Every power cord you could possibly need
- A serial cable with a plethora of adapters so you can get each
end to be male/female, 9pin/25pin, null-modem/straight
- Cable to connect the above mentioned digital camera to the laptop
- Scanner (modded, of course)
- Frequency counter (I hear the "Scout" is pretty good)
- HAM radio. Any band, any frequency. You didn't modify it to
transmit on arbitrary frequencies, did you? Naughty monkey!
- An assortment of tuned antennas
- That zip disk has the FCC frequency allocations on it, right?
- Your uber-elite organizer (the DOS based HP palmtops are quite
cool) to collect handles and email addresses from people
- High energy weapons ("Is that an unlicensed nuclear accelerator
on your back?" "No, it's just a HERF gun." "Oh.")
- Laser pointer (don't get kicked out of the hotel again, youz
doodz)
- Your "white courtesy phone" that you stole from the Monte Carlo
last year
- A microbroadcasting station with plenty of tuneage
- Your lock picks or lock picking gun
- A pocket-sized tool kit containing a modular screwdriver and
plenty of attachments (flathead, philips, torx, hex, etc)
- A pocket knife, pliers and wire cutters--or alternatively a
Leatherman's tool
- Hell, while you're at it: why not some bring bolt cutters, a
sledge hammer, and a hack saw?
- Telephone handset with alligator clips. Or, if you're uber-
31337, you have a lineman's butt set (with the serial number
and telco logo filed off)
- Bubble gum or epoxy putty--anything maleable and hardens.
This is good for fixing hoses under the hood of your car.
It's also useful to jam mechanical sensors (What would happen
if the microwave always though it's door was open? Or if the
elevator always thought there was someone blocking the path
of the door? Wouldn't hotel security be pissed if they
couldn't get into their security room because someone jammed
a toothpick into the keyhole with krazy glue?)
- An alabi
- Spam
- Multimeter
- Cordless electric soldering iron
- Parts box
MY PGP KEY:------------------------------------------------------------------
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.1
mQCNAy6v5H8AAAEEAJ7xUzvdRFMtJW3CLRs2yXL0BC9dBiB6+hAPgBVqSWbHWVIT
/5A38LPA4zqeGnGpmZjGev6rPeFEGxDfoV68voLOonRPcea9d/ow0Aq2V5I0nUrl
LKU7gi3TgEXvhUmk04hjr8Wpr92cTEx4cIlvAeyGkoirb+cihstEqldGqClNAAUR
tCZUaGUgRGFyayBUYW5nZW50IDxkdGFuZ2VudEBkZWZjb24ub3JnPg==
=ngNC
-----END PGP PUBLIC KEY BLOCK-----
1
0
This report was finally obtained (after suing the Australian government
under Freedom of Information laws) by Electronic Frontiers Australia.
I haven't seen it yet; this is the first I'd heard that it is released.
The first paragraph does its best to scare people, but the gist is all
correct: if you escrow authentication keys, digital signatures don't work.
If you don't escrow authentication keys, then key escrow doesn't work.
John Gilmore
Forwarded-by: Hal Abelson (I don't know the original source).
By John Davidson
Governments will be forced to completely undermine the emerging global
electronic commerce system if they want to prevent it being used by
criminals and for tax evasion, one of Australia's leading data
security experts has warned.
Professor William Caelli, head of the school of data communications at
Queensland University of Technology, said yesterday that it was all
but technically impossible to satisfy the competing needs of law
enforcement and international trade.
The difficulty was in allowing encrypted data passing along the
Internet to be monitored by law enforcement agencies, while at the
same time giving legal status to the digital signatures that will
underpin electronic trade.
A suppressed government report into encryption, written by a former
deputy director-general of ASIO, Mr Gerard Walsh, has agreed with
Professor Caelli.
The Commonwealth should abandon as "doomed to failure" attempts to
control encryption by keeping a copy of the passwords, or keys, in
escrow, Mr Walsh told The Australian Financial Review yesterday.
The field of cryptography is generally divided into encryption, where
data is scrambled for confidentiality; and authentication, where an
electronic document is scrambled or signed to prove who it came from
for legal purposes.
Policy under consideration in Australia, the US and the UK calls for a
separation of the two key types, with law-enforcement agencies having
some sort of access to all encryption keys while individual's
authentication keys are kept strictly private.
It is widely accepted that escrowing authentication keys would render
them legally useless for signing documents.
"If you ever allow people to get near authentication keys you'll
corrupt the administration of justice," said Mr Walsh.
The problem facing governments, according to Professor Caelli, is that
it is technically impossible to separate the two key types, since they
are both just very long numbers.
The thinking with the most currency, known as "key tagging", involves
adding extra data to the start or end of a digital key to identify
what it would be used for.
But key tagging can't work in a PC environment, Professor Caelli
claims. PC operating systems don't have enough security to prevent
users from simply taking the tag off an authentication key and adding
it to an encryption key, thereby bypassing government attempts to
escrow all encryption keys.
If, as it was likely, a dual-key infrastructure proved impossible in a
PC world, governments would either have to escrow all keys, rendering
digital certification meaningless, or escrow no keys at all, rendering
data surveillance totally ineffectual, he said.
Mr Steve Orlowski, a leading Government expert on cryptography,
acknowledged that it was now impossible to build a secure dual-key
infrastructure, but said that it was "possible that someone could make
a breakthrough".
"We're encouraging research into that area so we'll be able to make
the distinction," he said.
The US National Institute of Standards and Technology recently made a
worldwide plea for cryptography algorithms that can be used for
authentication and not for encryption.
Mr Walsh's report, commissioned by the federal government to look into
how it must legislate to satisfy security and privacy needs in the
face of strong cryptography, has only now come to light following a
successful Freedom of Information action by Electronic Frontiers
Australia.
The 96 page report, Review of policy relating to encryption
technologies, was due to be published in October last year, and called
for a period of public discussion about cryptography issues.
However, it was never released, and was only made available to the EFA
this week with 20 paragraphs deleted.
A second report prepared at the same time but with specific
recommendations is still secret, however.
According to Mr Walsh, trying to put the lid on encryption with key
escrow would be "an exercise in futility" because it would miss the
very target it was intended to catch: organised crime, money
laundering operations and terrorists.
These groups would either refuse to escrow their keys, or simply embed
a further level of encryption in their messages, he said.
He also said in the report that it would also be futile to try to
regulate the length of crypto keys on a nation-by-nation basis because
"the notion of fixed national borders is simply anachronistic" thanks
to the Internet.
"It's not in the interests of the community's rights to privacy, nor
the needs of the business community, to . . . limit the strength of
cryptography simply to catch the occasional minnow," he said.
Law enforcement considerations should not automatically leapfrog
privacy considerations, and the government would have to mount a
"damned strong argument" every time it wanted to access someone's
encryption keys, he said.
Mr Walsh said he was uncertain why his report had been suppressed,
given that anything that might have been controversial was restricted
to the secret report he also submitted.
"I wrote (the first report) in the clear expectation that it would be
publicly released," he said.
1
0
Fourth of July Special!!!!!! Call 1-800-767-0160 to order.
Brand New Hewlett Packard Toner Cartridges at Wholesale Prices!!!
Part # Printer Type Price
92298A EP-E Series 4, 4M, 4+, 4, 5N, 5M $89.00
92295A EP-S Series II, III $69.00
92275A EP-L Series IIP, IIIP $76.00
92274A EP-P Series 4L/4P $65.00
92291A EP-N Series IIISi/4Si $99.00
C3900A EP-B Series 4V/4MV $125.00
C3903A EP-V Series 5P, 5MP, 6P, 6MP $76.00
C3906A EP-A Series 5L $59.00
C3909A EP-W Series 5Si, 5SiMX, Mopier $145.00
FX-1 Canon Fax L700 Series $81.00
FX-2 Canon Fax 5000/5500 $71.00
FX-3 Canon Fax L4000 $71.00
51626A InkJet DeskJet, DeskJet+, 500C/
500J/505J/520/540/550C
560C/700 $27.95
Order 10 or more cartridges and receive free shipping!!!!!
Ask about our other specials on Brand New Laser and InkJet Cartridges for your Printers, Faxes and Copiers.
Save up to 35% by using our 100% Guaranteed Remanufactured Cartridges
To Order: via email: ctn(a)idp.net
via FAX: 703-449-7904; 703-449-7905; 703-449-7906; 703-803-9887
Toll Free: 1-800-767-0160
snail mail: Cartridge Technology Network, Inc.
14110 Sullyfield Circle
Chantilly, Virginia 22046
FAX ORDER FORM
Name________________________________________________________________________
Company Name________________________________________________________________
Address______________________________________________________________________
City/State/Zip_________________________________________________________________
Phone____________________________________FAX________________________________
EMAIL_______________________________________________________________________
Part #______________ Quantity __________ Part #______________ Quantity __________
Part # _____________ Quantity __________ Part # _____________ Quantity __________
Credit Card #:______________________________________________ Exp._______________
Signature:____________________________________________________________________
VISA/MC/Discover/American Express Accepted
Corporate Purchase Orders Accepted, please call 1-800-767-0160.
IF YOU DO NOT WISH TO RECEIVE FUTURE EMAIL, PLEASE REPLY TO 'ctn(a)idp.net' AND PLEASE PLACE 'REMOVE' IN THE SUBJECT AREA.
1
0
PLEASE READ THIS IF YOU WOULD LIKE TO
EARN EXTRA CASH USING YOUR COMPUTER!!!
(Now in Mac format, too!)
If you have even a basic knowledge of computers, you could be
making money in your spare time. There are many opportunities
including: contract typing; data entry; advertising on your own Web
page; and even testing new games. Send for the packet, "Home
Computer Income" which contains all the information you need to get
started. Included is a listing of several companies that offer this type
of work. Order today, all you need is a few hours a week to create an
excellent second source of income!
-Please print (or write out) this order form and mail to-
------------------------------------------------------------------------------
M.E.C.
P.O. Box 2188
La Mesa, CA 91943-2188
[ ] Yes, I would like to get started. Please rush me the
information. Enclosed is $14.95 (plus $2.00 for shipping and
handling, $16.95 total.) If I am not completely satisfied, I
have 30 days to return the packet for a full refund (less S+H).
Please allow 5-7 business days for checks to clear.
Name/E-Mail Address___________________________________
Address_______________________________________________
City,State,Zip__________________________________________
[] Send packet to my e-mail address (omit S&H.)
[] Send packet on 3.5" / 5.25”" / Mac disk. (circle one.)
(disc is compatible with all word processors.)
-----------------------------------------------------------------------------------
1
0