(Note: This started out as a comment on why I've been mostly silent during this latest of several efforts to disrupt the list, but I segued into a discussion of what this list talks about, and why, and why it can never be all things to all people. Pardon the length, but these are things I feel the need to say. Astute readers who've been on the list for several years will know that I've written a few other essays like this, usually about one per year. I suppose I should try to find my older essays and repost them, but I rarely repost old articles anymore....) THE LATEST ATTEMPT TO DISRUPT THE LIST I've been keeping my mouth shut lately on this whole Vulis--spam--Timmy--etc. thing, figuring that the one thing Vulis really wants to see is the list distracted by endless back-and-forth about whether "Timmy" really does the things Vulis and his "tentacles" claim, whether the list should be closed to non-subscribers, and on and on. But there comes a point where I need to speak up. (By the way, somebody even sent me a bizarre message, saying: "I am not quite sure why you have not shot back at Dr Virmin and his cause. Maybe that is the best way? Or are you guilty as charged?" So, to some, my silence means I might be guilty. Jeesh.) LET'S NOT BLOCK NONSUBSCRIBERS! A few comments on one of the recent messages: At 3:51 PM 9/24/96, Ray Arachelian wrote:

There is no reason we can't allow posts from those who are not subscribed to the list. There's also no reason that we can't have someone moderate those posts before they make it to the list to remove the spams - mind you not to moderate the contents, but to remove repeating annoying spam and advertisement.

Blocking posts from non-subscribers would of course block all anonymous posts, something I don't think the Cypherpunks would be setting a good precedent in doing! Not only are most (all?) of the existing remailers essentially "our technology," but we believe (as an emergent consensus) that anonymous and pseudonymous speech is a Good Thing. "Cypherpunks block anonymous posts" would not be a good message to send, especially in these perilous times. (Sure, there are some workarounds. Stable nyms could be subscribed, as Black Unicorn and Lucky Green demonstrate. And nyms through nymservers. But not trivially, to add additional "allowed subscribers" without also sending them copies of messages.) MODERATION CONSIDERED HARMFUL As to moderation, let's nuke this idea right now. I know of no moderated list, except perhaps "RISKS," that's an improvement of unmoderated, open versions. (And RISKS is the personal project of Peter Neumann, who puts incredible effort into keeping it on track...I no of no person on our list who could or would do the same job, though I suspect some would jump at the chance to volunteer to do so, then probably let things fizzle out....) ... NO DEFENSE NEEDED On defending _me_ against the charges of Vulis and (one has to presume) his anonymous "Timmy warnings," don't bother. Please, don't bother. I don't need testimonials from others or votes of support. It just adds to the noise. If Vulis is ignored, he'll likely eventually go away, as some other well-known net.personalities have done. (Vulis claims we "drove away" Rich Salz, John Gilmore, Eric Hughes, etc. But do we then get credit for "driving away" Dr. Fred C. Cohen, Dr. David Sternlight, and Lawrence Detweiler? Fair is fair, after all. Not that I think the decisions people make to remain on mailing lists or in discussions, or in marriages for that matter, are usually the fault of others.) THE NATURE OF THE CYPHERPUNKS LIST Look, this list now has something like 1400 subscribers, according to something someone posted a few weeks ago. (I suspect at least a few hundred of those names are merely passive reflectors. And I certainly only "see" a few hundred names appearing here as posters, and only a few dozen as _active voices_ in debates. So I tend to view the list as being a few hundred moderately active readers, with the other thousand or so as nonsubscribers, effectively.) With hundreds of active readers, all sorts of things will get said. Some bizarre, some insulting, some insightful, some tangential, etc. Some of them are not liked by Vulis, some not like by Perry Metzger, some not liked by me. And as Eric Hughes noted, the list changes, and we change. Certainly the topics of today cannot be the same fresh, new topics of four years ago, when many of the basics were being discussed for the first time. Perforce, the list talks about things of current interest---the security measures in the wake of TWA 800 are a perfectly good, list-related topic. This is just one example, of many. While some folks would rather we talked only about "crypto," just how many times can basic questions about Diffie-Hellman, or RSA, or elliptic curves be discussed? At some point these issues become esoteric research topics, and are unlikely to be casually discussed on a mailing list such as ours. (And many of the ostensibly on-topic pure crypto questions are actually just banal questions about topics covered in any crypto textbooks! Which is not surprising, actually.) THE RAISON D'ETRE FOR CYPHERPUNKS And as I was there at the initial planning meeting in July of '92, and then at the first physical meeting, I can assure you that what soon became "Cypherpunks" was never intended to be an announcement list for research discoveries in mathematical cryptography! Much as some have been shrilly claiming "This list is for crypto and programming discussions only," this was *never* the intent. And, judging from the topics people have brought up over the past four years, the constituency for _only_ talking about mathematical cryptography and programming issues appears to be rather small. Nothing is stopping those who call for discussing only crypto and programming to do exactly that: discuss only crypto and programming. The serious crypto researchers, e.g., the Matt Blazes, the Whit Diffies, and the Carl Ellisons of the world, have various channels they use to communicate in. Conferences several times a year, limited mailing lists, other channels, etc. That they have all been members of the Cypherpunks list but are not any longer is their choice. There are lots of reasons people make the decision they can't cope with another mailing list, or that filtering it is taking too long, etc. For one thing, in the past few years the explosion of the Web and increased interest in things cryptographic has made it more difficult to find time for any of the channels of communication to be followed. And, as I noted, some of the discussions which were "fresh" a few years ago no longer are. This last point is not something any forum can do much about. Just as there are certain ecological truths about "large, hungry predators are never numerous," so, too, are there basic information-theoretic truths about the decline in freshness of topics: "not everything remains fresh and new forever." REAPING THE HARVEST When the Cypherpunks group and list got started, we reaped the harvest of work done from the mid-70s to the early 90s, with basic encryption (1976), secret-sharing (1980), digital mixes (1981), digital cash (1985), and various other abstract results ready to be *combined* with the parallel development of the Net, e-mail, Perl, and the Bay Area hacker community (from whom Eric and I drew for the organization of our first gathering...the response was tremendous). We felt there was a golden opportunity to take some of the academic research in the cryptographic community and "deploy" it on the Net. Deploy it in furtherance of various stated and unstated political and social beliefs we had. (I was a vocal libertarian, part of the "techno-libertarian" vanguard. Eric was less closely associated with libertarianism, though his actions were certainly consistent with this outlook. John Gilmore was, well, John. Active in forming the EFF and in fighting for various causes. Hugh Daniel, another early founder, was also a long-term activist in hypertext, networking, and libertarian issues. So, the several of us were much interested in deploying cryptographic protocols to implement interesting new social and political possibilities...at the very first meeting there were exciting discussions about new banking systems, an Italian scheme where the survivor of an N-person group gets a payoff (and we discussed how this could be implemented with Chaumian digicash), remailers (we tested models for remailers, and the Hughes/Finney remailer appeared within a month or two), and so on.) (Having attended the Crypto conference (in 1988), and having read "The Journal of Cryptology," the Eurocrypt, Asiacrypt, and Crypto Proceedings, I can tell you that the first Cypherpunks meeting (not named by Jude Milhon for another month or two) had a dramatically different "feel" to it. It was _not_ just another forum for releasing research results, or for discussing Unix hacks.) "YOU GUYS ARE JUST A BUNCH OF CYPHERPUNKS" As we talked about what we were doing, and who we were, various names popped up. "The Crypto Freedom League." "Privacy Hackers." "The Crypto Cabal." And so on. Jude Milhon's "You guys are just a bunch of cypherpunks," a wonderful pun on "cyberpunk" and the British spelling of "cipher," was accepted by acclamation. Though "punk" has some negative connotations, so do nice, staid names like "The Foundation for Unrestricted Cryptography," or "The Crypto Programmer's League." (We've had debates on the suitability of the name at least half a dozen times over the years. It ain't gonna change. The most that could happen is that some faction would claim to be the One True Faction and would call themselves by something more respectable (or less respectable, I guess). But the rest of us would still be Cypherpunks. Get used to it. Too late to change now.) THE INEVITABLE DECLINE IN FRESHNESS OF TOPICS Over the years, as remailers got deployed, as PGP spread, as "crypto" appeared more and more often in the popular press, the topics which were once so new and fresh inevitably had been through many, many cycles of discussion. We had 10 rounds of discussion of DC-Nets, 7 rounds of discussion of random number generators, 11 rounds of discussions of whether the NSA reads all mail, and so on. Not much can be done about this...new people join the list and ask questions, old-timers jump in with speculations, and sometimes news events trigger a debate. How else could it be? A moderated list with only announcements of new results? (This would likely generate about two messages per week, tops, and such a list would have few subscribers, and no interesting debate. Also, plenty of other fora exist for this, including the Usenet itself, e.g., sci.crypt.research.) WHAT IT IS No, for all its noise and faults, the list is what it is. Not perfect, but, then, few things are. And about as good as I've seen. (I've been on several other mailing lists, and the usual death of lists comes from disinterest and boredom, not from overuse. Filters are able to remove noise, but filters can't add signal.) That's all I have to say for now. By all means, try to contribute signal. But don't carp about how low the S/N ratio is, and don't carp about worthless messages. And don't chime in with unneeded "defenses" of me or anyone else attacked by kooks and nebbishes. --Tim May, whose reputation is, like the list, whatever it is, for whatever reasons, and who thus needs no defenders We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."