On the T-shirt which some poeple are starting to view as an overplayed joke: I'd agree that we on cypherpunks have probably heard enough on the subject, to the extent that it was creating a lot of noise a while back, but the idea I think is to create publicity wherein ITAR is ridiculed by demonstrating that the State Departments ITAR related decisions are inconsistent, and arbitrary. This I think is a similar tactic to that used by Phil Karn, with the Applied Crypto case, and by MIT with the MIT PGP source code book and CJR on that. Also the SSL 88+40 brute force was mostly a political demonstration, most anyone could have predicted the approximate MIPs required, and that it was ridiculously weak. Yet much of the media attention widely ignored the fact that it was a simple fact, 40 bits isn't enough, and chose instead to play on wording such as "French Student Hacker breaks Netscape", which of course is wildly inaccurate on numerous counts. As to the accusation that a T-shirt is silly, sure, I absolutely agree, but it's *supposed to be* silly, the point being to get a decision from the state department, and say, look the decisions these people are making with extreme weight of law ($1,000,000 fines &c) are ridiculously inconsistent, and arbitrary, and cost the US software industry 100s of millions of dollars each year in lost trade. With a silly example, I would have thought you would be more likely to get positive editorials from the press. I mean if you say PGP, some people are sucked in by the crypto scare stories Freeh and co put out. If it's a T-shirt you'd have a hard time saying it was a dangerous item, or that the info was dangerous. If unclear fabric printing is the issue, put it on a floppy disk (would take less than one sector), print the program on the disk label and try that too. Also my uk printed shirts, and Don Henson's (other US supplier) have a simply huge barcode (Joel's is around 1/2 the size) the aim being to remove all doubt about readability. See pictures (mine (UK), and Don's (US) respectively): http://www.dcs.ex.ac.uk/~aba/uk-shirt.html http://www.colossus.net/wepinsto/wsft_f/wspp_f/tshirt1.html You could probably transcribe that barcode by hand the stripes are that fat. The ITAR docs themselves don't seem to make the case that machine readability is significant, that was to my understanding just an arbitrary decision they displayed with Phil Karn's Applied Crypto disk set. No to the disks due to being more machine readable than the book, or something. The reason for the barcode was to try to encourage banning of the T-shirt by pandering to thier apparent prediliction to ban machine readable forms of things freely available in print form. On the "has been declared a munition by State Department", this is clearly incorrect. Don Henson used this in his earlier ads, and I corrected him on this wording, and he now says something different. The wording on the shirt (Joel Furr's shirt which is what Raph mailed I understand) the caption is: "This shirt is a munition" and you can see a picture of this shirt it, here: http://www.danger.com/ad-perl.html I don't think saying this shirt is a munition is that misleading. It is arguable, and of course no decision has been obtained from the State Department, but if anyone is so sure about it I'd invite them to make a public demonstration of exporting it in any medium they fancy (paper, disk, internet, T-shirt). Another candidate: export snuffle without asking permission. I hear that it is only 10 lines of C code. Adam -- Munitions T-shirt home page: http://www.obscura.com/~shirt/ #!/bin/perl -s-- -export-a-crypto-system-sig -RSA-3-lines-PERL $m=unpack(H.$w,$m."\0"x$w),$_=`echo "16do$w 2+4Oi0$d*-^1[d2%Sa 2/d0<X+d*La1=z\U$n%0]SX$k"[$m*]\EszlXx++p|dc`,s/^.|\W//g,print pack('H*',$_)while read(STDIN,$m,($w=2*$d-1+length($n)&~1)/2)