At 8:43 PM +0000 12/20/05, Gil Hamilton wrote:

Was there some part of the phrase you quoted: "for a period not to exceed fifteen calendar days following a declaration of war by the Congress" that you were unable to understand?

I'm just wondering exactly what part of their collective asses they're going to pull a justification out of, is all. Thank you for playing, and for your keen grasp of the obvious. Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

At 4:38 PM -0500 12/20/05, Perry E. Metzger wrote:

Yes, Bob. For a period not to exceed fifteen calendar days. Following a declaration of war. By the congress.

Again, Perry, expect nothing to come of any of this. Except bleating. Lots of bleating. Write code, dude. Quit bleating. Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

At 6:55 PM -0500 12/20/05, Perry E. Metzger wrote:

The "bleating" has already had a serious effect.

Please. The dogs bark, but the caravan moves on. Now, if wiretapping were as obsolete as cracking wax seals and envelopes, *that* would be something. Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "Camels, fleas, and princes exist everywhere." -- Persian proverb

At 9:10 AM +0100 12/21/05, Eugen Leitl wrote:

You don't have to write code if the bleating succeeds first. And if the bleating doesn't, no amount of code will save our ass.

So...what? Don't write code? Didn't you ever learn any logic? Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

At 7:06 PM +0100 12/21/05, Eugen Leitl wrote:

Write code. Participate in the political process. Both are not mutually exclusive.

One is useful. The other is, at best, masturbatory. Physics causes politics, not vice-versa. Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

And it is still not impossible, not even improbable, that public use of crypto was, is, not a disinfo op to red flag communications that need to be intercepted. Not a hell of a lot has been written lately, if at all, how public crypto came into wide use, the battle to free it from regulation, the rise of belief that some types were mathematically impregnable. There was discussion a few years back here about the disappearance of some able contributors, and wishes they do well in their new, more comfortable habitats. Whether any are aiding and abetting the latest SHAMROCK redux or the SHAMROCK that never died might be clued by the coincidence of the discovery of PK just at the time Church Committee hearings were being held to ostensibly defang NSA. Cypherpunks' role in this dissemination of crypto takeover of the workld is a good place to start that story. No, not the ones written in the early days to prime public interest, cloaked in libertarian camouflage of hollywoodish antiauthoritarianism. What could be informative are the stories about where the crypto-wizards are now employed. Steven Levy might do an update, or a host of others who got a boost parlaying the adventures of the crypto-rebels -- which hooked me via Levy's NY Times mag piece in 1994. How public key crypto, for example, got a toehold on climbing out of GCHQ's and NSA's clampdown. Serendipitous research, says the legend, perhaps aided with hints from the bowels of NSA, or perhaps from elsewhere not yet revealed. It wouldn't be the first time a long-running deception has been used to encourage trust in reputedly impregnable systems. Is NSA regularly cracking all encryption or not, whether or with a foolproof algorithmic tool (again and again discounted by the best and brightest of the cryptographers) is that what the Times will not write about. Or via exploitation of faulty implementation. There are regular calls to trust no infosec system that is not continually monitored by experts. A lesson taught by the government pros as well. Who watches who in this backscratch is not well covered, at least outside classified gatherings -- not that crypto contractors are now regular participants in these, having embraced NDAs as a way of survival, and golden opportunity. 9/11 has lifted many small boats in commerce and education and NGOs. How many crypto-rebels been brought in from the cold to demonstrate implementation vulnerabilities absolutely controlled by NDAs. That, too, would not be the first time. Screaming rebels oft reap the benefits of calling attention to themselves. Those that somehow never go to jail and accuse those who do of being bumbling idiots. There was also discussion years back about who were the most likely coverts on cpunks. The rubric was that it didn't matter, even narcs were welcome for mathematics would defeat their bosses. Impregnable mathematics gradually withered as a protective rationale with the rise of the threat of faulty implementaion, black bag jobs, keystroke loggers, insider betrayal, and the gamut of traditional security failures, the very same ones used to build and maintain the most gigantic expensive national defense system ever, with plenty of contracts to recruit whoever disagreed, well, disagreed enough to get a special invitation or a hint about how to build a superduper security method. Security pros claim you can't be too paranoid, that 100% security is impossible, that, to be sure, is likely to boost demand for their protection racket. Religious faiths have become wealthy preaching that, some even killing infidels to protect market share.

On 12/22/05, John Young <jya@cryptome.net> wrote:

... Is NSA regularly cracking all encryption or not, whether or with a foolproof algorithmic tool (again and again discounted by the best and brightest of the cryptographers) is that what the Times will not write about. Or via exploitation of faulty implementation.

faulty implementations meaning side channels leaking key material. i know that Glenn at Centaur/VIA is concerned about perceived pressures to keep crypto out of processor cores. consider this rumor but i'd love to see someone follow up on this story. with cache/memory timing, differential power analysis, even acoustic side channels weakening software cipher implementations (and hardware to a lesser degree) i can't help but wonder why Intel and AMD have not deployed entropy, digests, block ciphers and Montgomery multipliers in their cores - it takes very little die space and provides a huge return. makes my inner paranoid twitch... </VIA whoring> with that said, i think it's clear that a properly designed crypto system could be considered secure. the government still uses AES256 for their top secret datum, and the NSA license of ECC could be interpreted as a vote of confidence in that PK system. (or is this just another ruse? :)

There are regular calls to trust no infosec system that is not continually monitored by experts. A lesson taught by the government pros as well. ... Impregnable mathematics gradually withered as a protective rationale with the rise of the threat of faulty implementaion, black bag jobs, keystroke loggers, insider betrayal, and the gamut of traditional security failures...

with ciphers and protocols maturing is the next frontier for cypherpunks decentralized reputation and trust metrics applied to process, persons, and systems? the world around these theoretically secure ciphers is full of holes as you describe.

On Tue, 20 Dec 2005, Perry E. Metzger wrote:

Yes, Bob. For a period not to exceed fifteen calendar days. Following a declaration of war. By the congress.

Which declaration we are missing. There is no formal state of war here. -- Yours, J.A. Terranson sysadmin@mfn.org 0xBD4A95BF Just once, can't we have a nice polite discussion about the logistics and planning side of large criminal enterprise? - Steve Thompson