At 8:28 pm 12/23/94, Black Unicorn wrote:
Who the hell are you to define the position of cypherpunks? Who the hell are any of us to do this?
Both interesting questions... and self-cancelling ones. As far as I know, Cypherpunks define their own personal positions and don't impose theirs on any one else, as you yourself seem to have done, Uni. Your argument, much like your "standard" is somewhat suspect in my view. Regarding your language: please tone it down a little? Rely less on ad hominem flames and the word "shit" and more on the strength of your arguments and I'd be more inclined to respect your opinions. Once I pick through your invective, you "seem" to have a point, but you really do go on a bit, making it a lot of work... are you sober as you write these things? On the topic: let me relay an interesting little tidbit I heard recently on radio (Fresh Air/NPR): the forensic psychiatrist who interviewed Jeffery Dhaumer (sp?) noted that he declines in his book(s) to describe the precise methods utilized by the killers he investigates in his book, because he feels that this will provide specific information directly to other psychopaths on how to be more effective in committing horrible crimes and eluding law enforcement. I think this rather closely parallels the posting of specific information on how to compromise the security of systems. Personally, I support his practice: while he does a very good job of describing things so that you can understand _why_ a killer did his deeds and possibly something of _how_ so that _you_ can avoid being killed by someone trying the same things, he doesn't compromise his responsibility as a physician. An interesting parallel. Privacy is Privacy, even if it's your intimate friend's privacy. Just because someone trusts you, it doesn't give you any rights to their personal data. I've had supposed "friends" try to break into my personal files before, so I wouldn't presume to pontificate on who deserves more privacy: everyone does. The free flow of information on system security is important, but when it sacrifices someone's privacy. If you intend to post information on how a system can be compromised, it seems to me that the responsible thing to do (as a cypherpunk or a physician) is to first notify the sysadmin or password-owner so as to make sure they've been able to close their doors, and THEN post the info to others judiciously using only enough detail as is necessary for educational purposes (like the doctor above). Uni, you don't work at a nuclear site, do you? ;) Ahem. Let's move on... __________________________ BTW, a collective "thanks" to the few of you who have so far sent in Q&A material for the Beginner's PGP-FAQ. By and large, they are all helpful suggestions. My only feedback for now is to remind you all that this has to be VERY basic conceptual material. As the rest of you (hopefully) send me stuff, please keep this in mind. Imagine you're explaining WHY crypto to a five-year-old, and HOW PGP to a six-year-old. :) We really have to aim low on this one. I'll be working on this for a while and will post a draft for you all to review as soon as it's ready. dave ___________________________________________________________________________ "Rudeness is the penultimate refuge of the Incompetent; violence, the last"