Re: Internet Privacy Guaranteed ad (POTP Jr.)
At 6:46 PM 2/20/96, IPG Sales wrote:
Hedging, hedging, hedging - why? I did not noitice this <...>
IPG, why don't you sit down and draw up the terms of a challenge? Specify: * what information and/or materials IPG will release * to whom it will release them and when * who is or isn't elligible * what you will and won't accept as "breaking your system" * the arbitrating body * a starting time and a deadline * the award You'd do well to be _very_ thorough in these terms, since any perception that IPG was trying to throw the game would draw that much more fire. You'd also do well to make terms terms conform to real-world circumstances: for example, if someone hacking the office machines on which which you generate, store, and/or disseminate RNs is a practical threat to your product, then admit that as an acceptable part of a "break." Ted
On Tue, 20 Feb 1996, t byfield wrote:
At 6:46 PM 2/20/96, IPG Sales wrote:
Hedging, hedging, hedging - why? I did not noitice this <...>
IPG, why don't you sit down and draw up the terms of a challenge? Specify:
B> * what information and/or materials IPG will release
* to whom it will release them and when * who is or isn't elligible * what you will and won't accept as "breaking your system" * the arbitrating body * a starting time and a deadline * the award
You'd do well to be _very_ thorough in these terms, since any perception that IPG was trying to throw the game would draw that much more fire. You'd also do well to make terms terms conform to real-world circumstances: for example, if someone hacking the office machines on which which you generate, store, and/or disseminate RNs is a practical threat to your product, then admit that as an acceptable part of a "break."
Ted
It seems to me that Cypherpunks, the mailing list of individuals, has a very practical solution to the argument - Derek asked for certain things - we agreed fully with those terms - we will provide the complete set of algorithms employed - we will also provide a free demo system(s) - > Unlike Mr. Silvernail, we have a much simplier definition of what we mean by a one time pad - given a message/file of length N, where N is a finite practical number say less than 10 to the 1000th power, that the encrypted ciphertext can be any of the N to the 256th power possibile clear/plain text messages/files. To prove that the IPG system does not work, all you have to do is to prove that is not the case - that our system, without artifically imposed boundary conditions will generate a subset of those possibilities - that is simple and strsight forward - not hyperbole but action - everyone stated how simple it was to break the system, now everyone is back paddling aa fast as they can, like Mr. Metzger and some of the other big bad cyphermouths. Put up or shut up - why is everyone all of a sudden backing away from what Derek proposed - because we proposed a two way street - operhaps that is the real underlying problem - you are suddenly afraid that you are wrong - some of the cyphermouths want to argue semantics and abstract theory but no one wants to prove anything one way or the other - this is also my answer to Mr. Metzger - do as you like, I have absolutely no ability to force you to do anything, just like you have no ability to prove us wrong, absolutely zero ability, just talk, talk, and more talk - no substamce anymore - just talk - talk - we are the big bad wolf, doctor, that is going to kill our patients, you have the power to prevent that Perry - why don't you do it? You had rather sit omn the sideliunes and tell everyone how great you are - you are not concerned about the patients like you claimed yesterday, you are only concerned about youself - You have the ability to try to prove us wrong - do it. How about some action from someone, we have two taker - now, anymore? I do not want to argue semantics with Mr. Silvernail, or Mr. Metzger - they have an opinion - that does not prove them right - they are entitled to their opinion - but they would rather castigate us out of hand than prove us wrong - they want to talk, talk, talk but not do anything. It is obviously that both are dodging the issue, by taking their own narrow minded view of what is and is not the truth - both are all talk but no action - a lot of bull and arbitrary posturing, but that is all itis, pure unadultarated bull - . They are afraid they may be wrong and they most assuredly are - I believe our offer to be fair, let us hear what Derek has to say when he gets around to it. Let Derek, Inccarth, and Adam be the aribtion committee, decide whether the system is fataklly flawed or not - we will accept their findings subject to only one caveat, that they have the intellectual honesty to tell the truth. I believe that since Mr. Silvernail and Mr. Metzger have exluded themselves, that Derek, Inccarth and Adam do have that intellectual honesty to tell the truth - is that weighted too much in IPGs favor. Also, let them decide and report to the other Cypherpunks, whether we were justified in witholding broad dissemination of certain materials - the onlu caveat there is that they wait threee months, or until they break the system to make that report, and again conform to a high standard of intellectual honesty. What can be more fair than that, you own members can be the entire judging committee - are you afraid of the truth - if you cannot accept that you are. Tthat could be your only real reason fornot facing it. I believe that many of you are now backtracfking because you are afraid of the truth - we invite whatever number you might choose to try - if some subset of Cyberpunks break the system, then they can publish everything - Sigh -
I don't know about Futplex, but Derek and I are well paid for our time. In order to find the time to fairly judge this system, I would expect to be compensated for time spent, in advance. After all, I wouldn't want to see your bank account disapear should your system be broken and the company sold. I would be happy to not let this money influence my judging. After all, the money is in pocket, and I've already expressed doubts about the system. So, if IPG is really interested in retaining me as a judge, lets discuss terms & conditions. Adam IPG Sales wrote: | Let Derek, Inccarth, and Adam be the aribtion committee, decide whether | the system is fataklly flawed or not - we will accept their findings | subject to only one caveat, that they have the intellectual honesty to | tell the truth. I believe that since Mr. Silvernail and Mr. Metzger have | exluded themselves, that Derek, Inccarth and Adam do have that | intellectual honesty to tell the truth - is that weighted too much in | IPGs favor. -- "It is seldom that liberty of any kind is lost all at once." -Hume
I do not recall that I said that we would retain you - The question was asked about unbiased judges - we simply stated that we would agree to you, Derek, and Immcarth as Judges - As I recall, it was Derek who asked for the Algorithms employed for investigation by the Cypherpunks, as he referred to them as a loose knit organization - but if you prefer, we will call them a mailing list - running fakers like us out of business should be its own reward Please do as you choose - you too seem to be skating - please put up or shutup - I do not mean to be rude, and apolgise, but everytime we agree to something, everyone wants more - Appreciatively, Ralph The greater our knowledge increases, the greater our ignorance unfolds - John F. Kennedy at Rice University
I did not agree to be a judge. If I seem to be skating, skidding, or otherwise not in contempt of the snake oil you're selling, I apologize. I see your system as smoke and mirrors, and will continue to do so until respected cryptographers tell me its not. If you'd like me to sit down and read the stuff you're spewing, I'd be happy to. For a fee. Failing that, I'll maintain my opinion with no further investigation. Close minded? I don't investigate UFO sightings. To reiterate, I don't care about your system until cryptographers I respect tell me its worth looking at, or cryptographically interesting. (I'll allow any two cryptographers with two or more publications in the proceedings of an IACR sponsored conference as respectable.) Adam | I do not recall that I said that we would retain you - The question was | asked about unbiased judges - we simply stated that we would agree to | you, Derek, and Immcarth as Judges - As I recall, it was Derek who asked | for the Algorithms employed for investigation by the Cypherpunks, as he | referred to them as a loose knit organization - but if you prefer, we | will call them a mailing list - running fakers like us out of business | should be its own reward | | Please do as you choose - you too seem to be skating - please put up or | shutup - I do not mean to be rude, and apolgise, but everytime we agree | to something, everyone wants more - -- "It is seldom that liberty of any kind is lost all at once." -Hume
IPG Sales writes: [garbage about what a one time pad is] Er, you guys redefine the word "Oxygen" to mean "A brown liquid produced by fermenting barley and hops", too? A one time pad crypto system requires that the length of the completely random key (not "practically random", not "nearly random") is equal to the length of the plaintext, and that which said key is used once and *only once*. Using a key to produce a pseudo-random sequence which is used to encrypt is *NOT* a one-time pad, and any claim that it is constitutes fraud, pure and simple, just like a claim that sugar water pills are antibiotics or that drops of red dye in a mixture of grain alchohol and water are French red wine.
this is also my answer to Mr. Metzger - do as you like, I have absolutely no ability to force you to do anything,
Of course not. However, I'll point out that you've annoyed me by peddling merchandise that can potentially harm your clients and bring a bad name to the field of cryptography. People do have the ability to go to your state's Attorney General, you know. Keep marketing this crap and believe me, someone will -- very possibly even me. I am almost sure that defrauding customers continues to be against the law everywhere in the United States. Perry
Perry, fractions of what you say are true, but only small fractions, Stubborness and stupidity are twins - Save all those lives you were talking about a few days agao, show us how easy it is to break the system - and reqad the messages form others - you are spouting a bunch of supercilious crap and everyone else knows that, except maybe you, you are obviously too stupid to recognize that - please save all those lives at stake On Wed, 21 Feb 1996, Perry E. Metzger wrote:
IPG Sales writes: [garbage about what a one time pad is]
Er, you guys redefine the word "Oxygen" to mean "A brown liquid produced by fermenting barley and hops", too?
A one time pad crypto system requires that the length of the completely random key (not "practically random", not "nearly random") is equal to the length of the plaintext, and that which said key is used once and *only once*. Using a key to produce a pseudo-random sequence which is used to encrypt is *NOT* a one-time pad, and any claim that it is constitutes fraud, pure and simple, just like a claim that sugar water pills are antibiotics or that drops of red dye in a mixture of grain alchohol and water are French red wine.
this is also my answer to Mr. Metzger - do as you like, I have absolutely no ability to force you to do anything,
Of course not. However, I'll point out that you've annoyed me by peddling merchandise that can potentially harm your clients and bring a bad name to the field of cryptography. People do have the ability to go to your state's Attorney General, you know. Keep marketing this crap and believe me, someone will -- very possibly even me. I am almost sure that defrauding customers continues to be against the law everywhere in the United States.
Perry
-----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, ipgsales@cyberstation.net writes:
Unlike Mr. Silvernail, we have a much simplier definition of what we mean by a one time pad
First of all, I note to the list that I have exchanged some email with IPGsales, whence this reference comes. I had hoped there would be enough integrity in IPGsales that sie would note the difference between private mail and mail to the list. The gist of my mail has been that IPGsales likes to redefine accepted terms of art to their own benefit. I didn't (and don't) define what a one time pad is. I simply noted that PRNG-based systems are not one time pads, and asked that IPGsales refrain from mislabeling their system as such.
I do not want to argue semantics with Mr. Silvernail, or Mr. Metzger - they have an opinion - that does not prove them right - they are entitled to their opinion - but they would rather castigate us out of hand than prove us wrong -
Any castigation I offered was far from "out of hand". IPGsales is promoting a system using plainly incorrect terminology. IMHO, this choice of terminology speaks volumes about the crypto expertise (or lack thereof) they have brought to the table.
they want to talk, talk, talk but not do anything. It is obviously that both are dodging the issue, by taking their own narrow minded view of what is and is not the truth - both are all talk but no action - a lot of bull and arbitrary posturing, but that is all itis, pure unadultarated bull - .
Consider it, then, a response in kind to your own unadulterated bull.
I believe that since Mr. Silvernail and Mr. Metzger have exluded themselves, that Derek, Inccarth and Adam do have that intellectual honesty to tell the truth - is that weighted too much in IPGs favor.
I'll guess here that my refusal to accept IPGsales' new definitions for accepted terms has been taken as 'excluding myself'. So be it. Perhaps IPGsales is miffed that I said I would advise my clients against their product.
What can be more fair than that, you own members can be the entire judging committee - are you afraid of the truth - if you cannot accept that you are. Tthat could be your only real reason fornot facing it. I believe that many of you are now backtracfking because you are afraid of the truth - we invite whatever number you might choose to try - if some subset of Cyberpunks break the system, then they can publish everything -
(can anyone else parse this?) BTW, this ain't alt.cyberpunk. More problems with terminology? I don't have to break the IPG system. It was born broken. I am not about to trust my key generation to people who can't even get basic technical terms correct, much less trust them not to send copies of the keys offsite to the NSA^H^H^H^H^H^H^H^H^H^H^H for disposal. (recall that IPGsales said no copies of the keys were retained _by them_) Snake oil is only good if you have a squeaky snake. - -- Roy M. Silvernail, writing from roy@cybrspc.mn.org "Ah, man.. you hit the nails right on the heads there. However, I think you drove them right into your own forehead." -- datsun@wasteland.spam.org (Datsun Q. Wanderer) -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMSsdlhvikii9febJAQEXIwP/bEIyYaP8/meDg5Hdlg48vDlubHRVPJOL q88FrEdbu/EQa+WFcDmAwPRxg1M5BWGVgerFG+mYZnguPDr/qZ2vMEbuAzjhe4M2 iNdtE6C+JvrZfnRWDnGDywIrRXf9BYmWAZgkj2T4inP7thANcF8El0attCe7553M xC4lXeDLtaA= =xZEt -----END PGP SIGNATURE-----
participants (5)
-
Adam Shostack -
IPG Sales -
Perry E. Metzger -
roy@sendai.cybrspc.mn.org -
tbyfield@panix.com