Re: Anonymous Nymserver: anon.nymserver.com
Keely McCurry wrote:
From: an7575@anon.nymserver.com Date: Tue, 11 Mar 1997 17:47:31 -0700 (MST)
Kevin McCurry pretended to ask:
I would appreciate any information on the trustworthiness/security of the below named individuals and service. Please, friends, spare me the gratuitous remarks about Sameer, etc., that's not the issue inthis case.
Why are you asking for information on these people and then stating that you don't want 'certain types' of information on Sameer and others? Are you connected in some way to these people, perhaps, and just fishing for compliments that will be supplied by the prepared responses of others?
Firstly, remailers were developed by the cypherpunks as a method of monitoring supposedly private communications of others, in order to increase their own power and wealth. <<<< Well, that is food for thought. It's an angle I had not considered.
The motivation behind the 'generosity' of others should always be considered as a factor.
The communications passing through them remain private and anonymous only to those who aren't running them (or who haven't compromised the system). <<<< The system does involve trust on the side of the senders and integrity on the side of the remailers. That was my question: are there members of this list who can vouch [not swear] for or deny the integrity of the individual running the anon.nymserver.com nymserver?
You are asking for opinions from people you don't personally know for opinions as to the integrity of others whom you do not know, in order to make decisions regarding placing your trust in someone else to guarantee your privacy and/or anonymity?
Is the server I asked about controlled, or not?
Received: (from root@localhost) by shaman.lycaeum.org (Partyon/dude!) Judging from the (Partyon/dude!) in the headers from the server, perhaps questions regarding 'controlled substances' might be more pertinent. As well, the new-user info they send out tells you how to hack the accounts of others on the system, then tells you that the 'protection' against this is defaulted to 'off'. It goes on to say that you should turn it 'on' only if you are 'paranoid' of someone hacking 'your' account. i.e. - if you don't notice or understand the implications of this, then, by default, you are 'fair game' for hackers on their server.
Thirdly, the remailer owners only support compromised cryptography systems such as the newer versions of PGP produced by All-my-charges-mysteriously-disappeared- when-I-agreed-to-switch-to-a-new-system Zimmerman.
What do you mean support? Which "newer versions?" Where does 2.6.2. stand in this hierarchy? Must we use the i versions? I use several versions including the international, and have noticed no difference in the ways the remailers process the versions.
PGP 2.0-->2.3a were released outside of the U.S. and imported into the country. The use of PGP=>2.5 suddenly became a 'non-issue' for use in the U.S. because they use both the algorithm and sub-routines developed by the NSA and the Military. Think about it. TruthMonger
def 2. one who attempts to stir up or spread something that is usually petty or discreditable
Such as blind acceptance of remailers and iconic cryptographical software?
Alan Olsen wrote:> >
At 06:53 AM 3/12/97 CST, Roy M. Silvernail wrote:
an7575@anon.nymserver.com writes:
The use of PGP=>2.5 suddenly became a 'non-issue' for use in the U.S. because they use both the algorithm and sub-routines developed by the NSA and the Military.
If you have an exploit for 2.5+, publish it. Otherwise, you're just blowing FUD.
I always wonder where these people get their information. I know people who know little to nothing about cryptography, but "they know PGP has been broken".
I always wonder why there seem to be so many lame fucks on the cypherpunks list who, rather than responding to the posts on the list, seem to be responding to some broken recording going on in their own head. Naturally, these lame fucks never have a direct quote available to match the words inside their heads that they purport to place in the mouths of others. Why don't 'these people' try actually following a thread and deal with the concepts involved, rather than spouting off their auto-bot, knee-jerk responses to the voices of old wars that they are still fighting inside their heads? TruthMonger
-----BEGIN PGP SIGNED MESSAGE----- At 08:30 PM 3/12/97 -0700, TruthMonger wrote:
Alan Olsen wrote:> >
At 06:53 AM 3/12/97 CST, Roy M. Silvernail wrote:
an7575@anon.nymserver.com writes:
The use of PGP=>2.5 suddenly became a 'non-issue' for use in the U.S. because they use both the algorithm and sub-routines developed by the NSA and the Military.
If you have an exploit for 2.5+, publish it. Otherwise, you're just blowing FUD.
I always wonder where these people get their information. I know people who know little to nothing about cryptography, but "they know PGP has been broken".
I always wonder why there seem to be so many lame fucks on the cypherpunks list who, rather than responding to the posts on the list, seem to be responding to some broken recording going on in their own head. Naturally, these lame fucks never have a direct quote available to match the words inside their heads that they purport to place in the mouths of others.
The problem is burden of proof. You made a claim with no evidence or facts to back it up. You made the statement that PGP >2.5 was comprimised. When asked for something more that assertion, you go off on a screed. Are you retracting that claim? Do you have something you want to share with the rest of the class? Unless you have something to back up that claim, we will treat you like any of the other loons ranting about black helicopters, the Greys, and the rest of the FUD.
Why don't 'these people' try actually following a thread and deal with the concepts involved, rather than spouting off their auto-bot, knee-jerk responses to the voices of old wars that they are still fighting inside their heads?
Believe it or not, I am trying to deal with the thread you started. It might not be the subject you want to address, but hey, you are the one who opened his mouth... If you are going to spread rumors, you might as well, as least have something to back them up.
TruthMonger
An oxymoron if I have ever heard one... -----BEGIN PGP SIGNATURE----- Version: 4.5 iQEVAwUBMyg0cOQCP3v30CeZAQGKCQf+NBahYJjSnzOYZ7wPgMSFTPqovtOJWJKz dh+t5ZjY7dPMhNBKHpPXdwsHh0LEr7AoCCdwESjNW+tS2rOWeS8E5Wiw/VDfGGJR omr0Kbc8DawsvL09TL7+cYP8cuGzPd5fiv/GHGP1UUG8gpPaExpwSMX272tmGrqQ sqe55Ot4wMSrd56qUiX8JHQiS6ULWwxFS9Ty7OzatI9prhJFmOpKw3Ud8uD8cQCM nwse1h4Y6u4ZzoHUA1VSF1VNlj/ttsSTRc3WtrMUk/VrOPHX1J9etZ3YKPe1w/ht FPjY88Zt1W9Dh/pHCzSe/X6vfvqNp/bPldSXNouZ7aIOKZWfBYGWNQ== =N2EK -----END PGP SIGNATURE----- --- | "Mi Tio es infermo, pero la carretera es verde!" | |"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: | | mankind free in one-key-steganography-privacy!" | Ignore the man | |`finger -l alano@teleport.com` for PGP 2.6.2 key | behind the keyboard.| | http://www.ctrl-alt-del.com/~alan/ |alan@ctrl-alt-del.com|
Alan Olsen hunt and pecked:
At 08:30 PM 3/12/97 -0700, TruthMonger wrote:
Alan Olsen wrote:> >
an7575@anon.nymserver.com writes:
> The use of PGP=>2.5 suddenly became a 'non-issue' for use in the U.S. because they use both the algorithm and sub-routines developed by the NSA and the Military.
I always wonder where these people get their information. I know people who know little to nothing about cryptography, but "they know PGP has been broken".
I always wonder why there seem to be so many lame fucks on the cypherpunks list who, rather than responding to the posts on the list, seem to be responding to some broken recording going on in their own head. Naturally, these lame fucks never have a direct quote available to match the words inside their heads that they purport to place in the mouths of others.
The problem is burden of proof. You made a claim with no evidence or facts to back it up. You made the statement that PGP >2.5 was comprimised. When asked for something more that assertion, you go off on a screed. Are you retracting that claim? Do you have something you want to share with the rest of the class?
Now that you seem to have actually read what I have written, perhaps you might consider reading what you, yourself, have written. I stated my case for contending that PGP=>2.5 has been compromised, and got back wild-eyed demands for proof of that which I did not claim, mainly, that PGP had been 'broken.' To reiterate my original observations: 1. The development of RSA was funded and controlled by the spooks. i.e. - The National Science Foundation and the Navy. 2. The campaign of persecution against Phil Zimmerman ground to a halt once he agreed to PGP using the spook-developed RSAREF subroutines to implement the RSA functions, instead of PGP's original subroutines. If people with guns came to me and told me that software I had written now had to use their subroutines, instead of my own, then I would consider my software 'compromised', regardless of whether or not I could immediately discern any anomalies in it. It is far, far easier to 'build' a back-door, than to 'find' one. It never fails to amaze me how the back-doors that software makers intentionally build into their products for their own convenience suddenly become 'bugs' when hackers, among others, take advantage of them. One hacker I know used to find most of his hacks into AT&T UNIX by screwing up his system (i.e. - corrupting the passwd file) and then calling in the AT&T support techs and observing their tricks and techniques (and then improving on them). In regard to the question of whether RSA's spookware has some type of back-door, or has been 'broken', the answers to these questions are moot, from my point of view, because I do not intend to base my privacy and security only on programs developed by even the most well-intentioned of others. TruthMonger
participants (2)
-
Alan Olsen -
TruthMonger