I've been reading the list for a few weeks and, I have to say, I am very disappointed. Cypherpunks used to be a group of individuals who solved problems, discussed solutions, and tackled the hard problems that faced the Internet community. There were flame wars, but they got resolved and the list got in with its business. This current shit surrounding cypher piggie is ridiculous. Who the fuck cares about how rude juan is or if Sea Sea or JY are the same people? It's stupid shit that's distracting the list from real issues that it could be tackling instead of spending endless time arguing with and over an obvious troll. Or maybe that's the whole point. Distraction from real work, real code, real idea discussion. Maybe that's the why. I know it won't do any good, but I appeal to the members of this list who are engaging in these stupid discussions to fucking stop it! Focus on what needs to be done, focus on ideas, focus on getting code written. At last, let me say I'm not jumping into the argument here at all. I'm sure this email will be challenged or someone will say something stupid in response. I won't bother responding to those. But I will engage in serious discussion with anyone who wishes to do so. I don't care about sea sea or juan or John Young or who they 'really' are. I'm here to connect with other REAL cypherpunks who want to get shit done. Not little boy and girl posers who like the idea of tangentially associating themselves with a movement that changed the world. My public key is below should anyone wish to use it to communicate. D -----BEGIN PGP PUBLIC KEY BLOCK----- mQINBFfkVNcBEADFfeLnvegKe/FoKTGT/o5tBfqI0chjoKMEqdrZnqf3SSzteLDy ZbDJ7T9IMJzqF9T+K+KMUswiBqstZ0lxDK1138jWq3QXDXwlAfKtiHG7cTZLEgtf zj0v09gNoLWhsSp0wnTjgV4kdLHAdb5cCLiG+XXhhWmfU+zWfzXZJz5+isLfCQGu H7bPo6embdHFKsfjCGW/07911WM5VpZzrJhJ8pAyxK4nCKOVcKu5fjmOtPu2ZHXQ LDEWzVi+MIJpF9wa6GEcNZTF1qrKuHrlmeIemB0uMgPkf8CdLpXBDLss2WRkXKZc 4lsJ4yssbv5XnStmPxTeKCqLOWo5Gi6bGrqxIeCwL9zkJUwnIEgT/jirbjTLKXKl rjvS61xCdIVj8LDYjcLsbnq7rZKQdiypJ/R6Pb0P18bAhtYCHpUZ/RXVtZ5vmVVD qSFm8c1gb4nRHjrUb+GdWruWrG+onRT8PEnZncsUJdNhGT8IIOwVIfwBsoNwqEG+ jYsm+GDIYX6Bhfmr644PVrbwkWtcxu7BduH2hVqhtjmY3UDwulgJfoPHJvQdbwT1 4y6ZDsrG5jE0jmt/7Na/n3QyqF3L9ifapyVXBaON6UylcqQkOC0djuGDfuRMSljr zQQKvtQ4Yw4G0LkufwQqgukANbjrvIChP+gmbYATiz1MpDm6mbzK6At94QARAQAB tCJEYXZpZCBTbWl0aCA8YW5vbjc0MjdAdHV0YW5vdGEuZGU+iQI/BBMBAgApBQJX 5FTXAhsDBQkB4TOABwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQwpB/ATwg nVhg7hAAjvHLo7i3PBmHjvuk53NFt2shDVbN5PPao/wPYWILcO5TjdC0VtaCZFiQ ee0aMSnCjzuEM5vQpeUjPCkjRLJ3cCmk9xrh+y6OoEQTjohNSMpJhafSp+2+IzAG KTfRCfAOzs7tzlHDdx9XUMMjJF3nNAaDFySG8KCDdoOnhStMW3+wUfCeJLaIr71V 3zA7vJ3to1uyc4gX9Ev5bfWetB+OP/eX9jgv9fDCqAkayAjsXwmMD1CtGxklGFiv RGblz6kZO3TKrK+FjKodTp7OlbuwIffH79B4qH2t2n91w1mccePP8ywngJ97X/Gz +3bU/JAfQyLxV12FNbGs9+R5rjZg2hxYIBRFNa5mHBUDwtzRHY5xRV6r4xHlprIE ZRIRN+tcxvEYSuy8Tza30qEhSrAM52iS3XYGj+Si1p7EvxGUVwLYRpgEWNKS5oa+ MyF/QwgrjcWVvW9zeRqVaMpTHY1ulGainSrK6Pou12TbxIi5mk7PcMe7ZNQOgcjK jodCs9h+r+Sh4h62h9BVeFqVGInMRxbwGM6lzaBVXed5wpUAQ0agmYSSodskpoJf Ut+fpU2igRkVrjNa1FX+1rgF7aJBTREyPzlHO2oINuFkFGXUHfB4PTNBPyrE8/K9 0yREZAb2CjQYvTZEQp8XUgExOvQx+qDo4HaIFcVTl2dkkeh3yOG5Ag0EV+RU1wEQ ANSESHhop5V+2hNKFXbk65XrBOW0rw8eSzZj3//yJOEFkcYe2/BcMR17O877NTnH ehMzDgACTRgxjfODoM7/0h4hziC6UIIKxUo9QcC+aToBtybhXqWfRJnUSaACgrg3 rEqlJGPF/G6f159sdtw24n2FkHoE1wozWbSv1jar+bbGsgkkukADcY7uab2EYzS8 FcsbXuNIPK0DbzfQnt7GAO1GtyGMbEKcIJZ+oRtDrGX23e3WN+tN6hpEs+si68tI B16M6o6w/z5PaKumJmVMNKtYXUEDOnpHhWvMC5oKsp4PT4C4EbsMqpxaDo21U37C o9YMPo3qmEZlDPaeC+4amEHKAu7PCkwPGav+eBCLFH/Xv6kyzBZABIORDujvsRfS NzTgcXl58aOmV02ipJD4EWWMWQwVzYjRxwkonBsR6KCSNXKmFCHxulWNf1WL6isn 43HF+yFMUL1UU+rZxuJs6lZuQ1fKL//CW5R1WWtgy4pYpMueDJ9/mVrXnX/arZDV p+or342EiqGzmIhOX/zJfcEbb+evqQcWjs4oUn+tOimb5AqlCTYdv3w2XcGFmQcE 8HnV4QEzlAYHMwP7DN9e6DoqL+l+oNCDLiPpRQHdH13Q+G5XOro5mepSsOBqkYzF aTGyJyJs4QnpViFhZN/15diCEF/+zgUyhDsyr6caxvChABEBAAGJAiUEGAECAA8F AlfkVNcCGwwFCQHhM4AACgkQwpB/ATwgnVh2Wg//Znrp6qV0EtITKtsh+nQ07D/C omtocd+8Qujq4q93tgeGot++XHE3r9tycLBC5SthzJVtHprVICQBOu3b+qN1LWt6 kiKrlWrLmZyA5k8+2PImPyEGYiwV5shaRlUwMMrBah3yF6gmQuSNjK0u0+BzMARu lRJeIa3CFirrA09Jfk7zb3Ys8FXAzP5Oz0XZqpZKOZDML8XyLo6tQLC8ENXuQE6D 1jrmN781LIDXaz7PppAoSjqn/QV4tfHWdHCsq/4sQD/kPBznOal0P5ahvSEffRH+ ru0Kc6ozKw8cMG9h4W/HI3jSTCSy9EzzINdT9DRpe1c9VlM5ihlZdFq7PhsPAyGf 72FGud4R2JfaeUsEiwE+IWQHW79vdUrDypSlDdQsbhuJMup8Xu+XeBFJtyq+I5Dd Wq29WSxsRwFXyoDnhhVMNfI8OcIx9kMU3Px8EYJKUN2/NbWD/yWL5/JZBjc590cl nnyWDmx6rkLVOBLZgNM52zi+f0ormmMBHfK8PkCDY+cWLYQqS5SEpVK1wHOdrFUQ z3OnCLzefSLosQchnLzkycT/AVZxoFTFYI0dgfG9O2m0hDHQRYCuZ/5kb+VHHbcs X4z8OBIC0yz1d0bQSEEjbnL5kCEfyGL0OaigMwrfL3pYJ/Yb9gVjjwlK5ie95nH9 IIVufvT+PqfMzsaPvfg= =gVFm -----END PGP PUBLIC KEY BLOCK----- D
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/23/2016 02:06 PM, David Smith wrote:
Over the last few months the volume of posts has been way up, the quality way down. I use junk mail settings to send oinker-grams and etc. to their very own folder, out of sight and out of mind. I ignore most of the longer threads.
That would be a Good Thing. Lately I been thinking about the absence of direct support & discussion of actual software projects here, vs. in the old days. I think two factors are involved: The spin-off cryptography list gets the technical discussion of cryptographic matters. And most applications that deploy cryptography in a userland context are /huge/ productions these days, compared to (for instance) PGP, Scramdisk, etc., and the teams working on them have their own internal mailing lists, wikis, budget meetings, HR issues, etc. These factors reduce relevance of the cypher- side of the present list to real world coding projects, while the -punk side runs rampant. Radical politics in the Libertarian vs. Anarchist range has been on-topic since ever, as the context of end user network security in a world of totalitarian regimes. I do see some useful news & information relevant to network security issues here from time to time. Less reactionary bullshit and troll feeding would be nice.
The price of changing the world is that the world beats a path to your door. So far this list has been spared the worst of that. But public awareness of the "issues" raised by the CPunk community is at an all time high and still growing, as a product of the Snowden Saga and growing overt Fascism in the former Western Democracies. Anyone looking for a "ground zero" of counter-surveillance, counter-censorship, anonymous digital currencies and related technologies is likely to land here. This may sound snarky but I'm quite serious: If people want to see higher quality posts on the list, they can start making them. If people want to start a moderated list of their very own, nobody can stop them. :o) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJX5atHAAoJEECU6c5Xzmuqwk4H/jyDI/u28cAhOl+f0f+9R3TT 00ja6gHuYs5iztHpFjh7TssHWngUG2UH7OhtF9gmjTSluyJd+6BqIEZqR4shaaIo ZMMhFCYdr8bErNY+o5Vn/Uj8yrpJMQNZrDyZhbCyow1fIbYzn7pBCeWMFUYEkdYa BWAPJqXft8aizt0hORYiNJ5D2/1i6pggE22lzj73PPYr+ZEfrO3um2T/zkVuadTZ 0cS61A8mEVBgnPFCY5yC4et9xZh03zm4Q9N+G7P1+E5kykeRHGYKdAQgbnGRCBoC kyS2CdjkzqcTVIvBhVYKZc5LgnDExHc4mBojqulYWKgO0Wp0ZqZk5O4vC3BE+iE= =YA+m -----END PGP SIGNATURE-----
I've been toying with libgcrypt, lately. Mostly to refresh my 'C' after a long, long love affair, turned dirty mouth-spitting fuck-fest with python. It's been a long time since I had to do so much fucking book keeping. I remember why I left C behind. I'm turning over some ideas for a FUSE-based encrypted filesystem. To start, I'm building an unencrypted system (so I can hex the block file and make sure shit is getting stored correctly). The passphrase gets hashed such that it is used to specify the location in the file for the root dir entry. Different passwords get you pointed to different roots. Files are essentially linked lists, pointing to the next block. Allocation will be intentionally fragmented/random. Once the allocation and filesystem primitives are debugged, and painted with robust error checking, it will be trivial to add AES. Chaf data can be added by making a dir/files with a random password, containing random data. Or hell, keep the password, and be able to delete the chaf if you needed to free up space. I'm toying with how I might use Shamir's secret sharing scheme as well. You'd need N-of-M images (all mountable separately and usable) but when brought together, allow you to decrypt a root dir that you wouldn't be able to decrypt separately. So, from a deniability standpoint, you can choose to claim you have no "random" chaff meant to thwart cryptanalysis. You have your encrypted dir (which you were forth-coming with), and the other data requires a different file, which you don't have. Provides for some more nuanced game theory at the interrogation phase when being coerced into giving up keys. And usable secret sharing at an FS level is cool by itself. As of now the plan is to have a plaintext descriptive header, and allocation table. I can't think of any ways that an allocation table would be useful for cryptanalysis. In the end, all it really does is let you ignore the blocks containing 000's (wiping/secure deletion by default).. and you'd be ignoring them anyhow..
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Now that's a project relevant to CPunk interests: Rubber Hose was never finished, The hidden container feature in Truecrypt is unstable and unreliable (therefore also "unfinished") per my experience. The file system you describe seems to provide a real solution. Being able to hand off keys harmlessly when some border control officer wants to turn your electronics inside out: Priceless. :o) On 09/23/2016 09:14 PM, xorcist@sigaint.org wrote:
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJX5dcOAAoJEECU6c5XzmuqLNsH/2bg1FaOI90CO/PegjBZqqtz hNSQqeU3ShTlZrR6W0hbPzrBwuLcfTIjr7273M50MBZ5IABCwafdWQ2lryZZddQb rBY1v+pMtWGAONYq/tL6gObwmqouY/YXCTGBg51CZT6Ce9wWXbJn8XmxAyyXULSS 2ABRUhpnmK7chjtkd2H2ZodaKCY2LlFffzIMta0SkSxfNBPbF25OsGsrpMhtTGmE 25pif4sfa0rPXm5DgtmpMR7SUS1Izl01YMBZpxY2GNxixQJTw431rtbkvzDrOage FEyFnENOwU7OQLL/AdENLkVPOG/K5i3DFQGIwLIX+n+6d3503x/Lqc55KNPlQYE= =mayf -----END PGP SIGNATURE-----
Being able to hand off keys harmlessly when some border control officer wants to turn your electronics inside out: Priceless.
Yup. This can be achieved quite simply without anything exotic, though. Tar your truly secret plaintext all up, and encrypt it with a header-less symmetric algorithm, to create a ciphertext. Store that ciphertext on a USB key. Create a decoy tarball, and XOR it with the ciphertext, essentially using the ciphertext as a one-time pad, and store the result on your laptop. When asked what these random encrypted files are, you XOR them together to produce the decoy. Simply deny that there is a passphrase involved at all. For clueless border control, this would be sufficient. Even for crypto-savvy interrogators, it may be nice: you're using no special software or algorithms, so its perhaps easier to plausibly deny any other secrets. Dedicated deniable encryption systems are really only worthwhile when, upon capture, you're going to try to game your interrogators, and feed them disinformation, and keep them guessing.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/23/2016 10:45 PM, xorcist@sigaint.org wrote:
That is /very/ clever indeed.
Or just make them believe you gave up something "personally embarrassing" but not actionable under duress. Got to give them a win to report. :o) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJX5f+5AAoJEECU6c5XzmuqqGQH/13Yv6o4laGKDNS8t46Tx0oa 3rk2uWBUY+qJfPWgs9jaVz9mTa//5Nu5mPFAwuvwPkZDlZfczqWQUFpkvsl2jDj1 ccfkJq9d2vBYZeGmMyAVX6McPh20jdYc/73OSGEL4FX9joAAs/Ypk5Ki1ZcZvbKv M0LN8Dmo01C6eyIIFwz59eSfOW0S1S8+HVEgITyVJfvNb2UgVG6hVYsK6Rqld2cY Ek13dWOyQXjxD8jHtXRX/LKmliagxxw9zjW+ui6bfBqrQyPQhAUEphkijXdzkip4 B2vMUWCi7bPrwTXZqZ181dvx6gcgjyLGn4rMJ3zHdzIcWUU1kvHovIZCh3zyZBM= =yTXf -----END PGP SIGNATURE-----
That is /very/ clever indeed.
Why thank you.
Yeah, I was always partial to having something personally embarrassing as a first level involving weird porn, and then a richly eloquent "fuck you" letter to whoever is reading it chastising, basically saying "if you made it this far, you must be a sick pervert looking for more porn", as a second level. That might be fun for certain circumstances. But for covert agents, criminals, terrorists, shit like that.. if you're being interrogated, they probably have good evidence to hold you beyond wanting to look at your plaintext. That's the case where one needs the strategy angle. Not that I personally need to concern myself with such things.. but I find mathematics and game theory fascinating, so.. it passes the time and keeps me from drinking or watching TV. That's a plus.
On Sep 23, 2016 3:13 PM, "David Smith" <anon7427@tutanota.de> wrote:
Not little boy and girl posers who like the idea of tangentially
associating themselves with a movement that changed the world. I am just a lawyer, who loves Technology and Science a lot. I am not a good cypherpunk. I am not a good anarchist. I am not a good coder. I am still learning about all these subjects and about real privacy, security, a lot of things. I make part of crypto and privacy groups, cryptoraves and cryptoparties without being a good crypto activist yet, because, someday, I swear I will be a really good one and the people who knows me, feel it very well. I need more time, studies and, uff, much more material resources, but I will learn and, in the future, I will teach people like me, trying to learn alone. I swear I am trying to learn, to study in my free time, even some people say I am too retard for it or just a "little girl poser". I never said "I am cypherpunk" to any person in this world. I am not using the movement in any sense, don't worry. sea sea
participants (4)
-
Cecilia Tanaka -
David Smith -
Steve Kinney -
xorcist@sigaint.org