From whitakerNeternity.demon.co.uk.demon.co.uk Mon Sep 21 06:24:27 1992 From: whitakerNeternity.demon.co.uk.demon.co.uk (Russell E. Whitaker) Date: Mon, 21 Sep 1992 13:24:27 +0000 Subject: Long but good: Hammill on encryption Message-ID: <717081867snx@eternity.demon.co.uk.demon.co.uk> The following is the text of a *very* interesting speech given in 1987 by mathematician Chuck Hammill. The Soviet Union is mentioned; while this may be a little dated, there's always China... and Cuba... and a few other places... Enjoy, Russell FROM CROSSBOWS TO CRYPTOGRAPHY: THWARTING THE STATE VIA TECHNOLOGY Given at the Future of Freedom Conference, November 1987 You know, technology--and particularly computer technology--has often gotten a bad rap in Libertarian cir- cles. We tend to think of Orwell's 1984, or Terry Gilliam's Brazil, or the proximity detectors keeping East Berlin's slave/citizens on their own side of the border, or the so- phisticated bugging devices Nixon used to harass those on his "enemies list." Or, we recognize that for the price of a ticket on the Concorde we can fly at twice the speed of sound, but only if we first walk thru a magnetometer run by a government policeman, and permit him to paw thru our be- longings if it beeps. But I think that mind-set is a mistake. Before there were cattle prods, governments tortured their prisoners with clubs and rubber hoses. Before there were lasers for eavesdropping, governments used binoculars and lip-readers. Though government certainly uses technology to oppress, the evil lies not in the tools but in the wielder of the tools. In fact, technology represents one of the most promis- ing avenues available for re-capturing our freedoms from those who have stolen them. By its very nature, it favors the bright (who can put it to use) over the dull (who can- not). It favors the adaptable (who are quick to see the merit of the new( over the sluggish (who cling to time- tested ways). And what two better words are there to de- scribe government bureaucracy than "dull" and "sluggish"? One of the clearest, classic triumphs of technology over tyranny I see is the invention of the man-portable crossbow. With it, an untrained peasant could now reliably and lethally engage a target out to fifty meters--even if that target were a mounted, chain-mailed knight. (Unlike the longbow, which, admittedly was more powerful, and could get off more shots per unit time, the crossbow required no formal training to utilize. Whereas the longbow required elaborate visual, tactile and kinesthetic coordination to achieve any degree of accuracy, the wielder of a crossbow could simply put the weapon to his shoulder, sight along the arrow itself, and be reasonably assured of hitting his tar- get.) Moreover, since just about the only mounted knights likely to visit your average peasant would be government soldiers and tax collectors, the utility of the device was plain: With it, the common rabble could defend themselves not only against one another, but against their governmental masters. It was the medieval equivalent of the armor- piercing bullet, and, consequently, kings and priests (the medieval equivalent of a Bureau of Alcohol, Tobacco and Crossbows) threatened death and excommunication, respec- tively, for its unlawful possession. Looking at later developments, we see how technology like the firearm--particularly the repeating rifle and the handgun, later followed by the Gatling gun and more advanced machine guns--radically altered the balance of interpersonal and inter-group power. Not without reason was the Colt .45 called "the equalizer." A frail dance-hall hostess with one in her possession was now fully able to protect herself against the brawniest roughneck in any saloon. Advertise- ments for the period also reflect the merchandising of the repeating cartridge rifle by declaring that "a man on horseback, armed with one of these rifles, simply cannot be captured." And, as long as his captors were relying upon flintlocks or single-shot rifles, the quote is doubtless a true one. Updating now to the present, the public-key cipher (with a personal computer to run it) represents an equiv- alent quantum leap--in a defensive weapon. Not only can such a technique be used to protect sensitive data in one's own possession, but it can also permit two strangers to ex- change information over an insecure communications channel--a wiretapped phone line, for example, or skywriting, for that matter)--without ever having previously met to exchange cipher keys. With a thousand-dollar com- puter, you can create a cipher that a multi-megabuck CRAY X-MP can't crack in a year. Within a few years, it should be economically feasible to similarly encrypt voice communi- cations; soon after that, full-color digitized video images. Technology will not only have made wiretapping obsolete, it will have totally demolished government's control over in- formation transfer. I'd like to take just a moment to sketch the mathemat- ics which makes this principle possible. This algorithm is called the RSA algorithm, after Rivest, Shamir, and Adleman who jointly created it. Its security derives from the fact that, if a very large number is the product of two very large primes, then it is extremely difficult to obtain the two prime factors from analysis of their product. "Ex- tremely" in the sense that if primes p and q have 100 digits apiece, then their 200-digit product cannot in gen- eral be factored in less than 100 years by the most powerful computer now in existence. The "public" part of the key consists of (1) the prod- uct pq of the two large primes p and q, and (2) one fac- tor, call it x , of the product xy where xy = {(p-1) * (q-1) + 1}. The "private" part of the key consists of the other factor y. Each block of the text to be encrypted is first turned into an integer--either by using ASCII, or even a simple A=01, B=02, C=03, ... , Z=26 representation. This integer is then raised to the power x (modulo pq) and the resulting integer is then sent as the encrypted message. The receiver decrypts by taking this integer to the (secret) power y (modulo pq). It can be shown that this process will always yield the original number started with. What makes this a groundbreaking development, and why it is called "public-key" cryptography," is that I can openly publish the product pq and the number x , while keeping secret the number y --so that anyone can send me an encrypted message, namely x a (mod pq) , but only I can recover the original message a , by taking what they send, raising it to the power y and taking the result (mod pq). The risky step (meeting to exchange cipher keys) has been eliminated. So people who may not even trust each other enough to want to meet, may still reliably ex- change encrypted messages--each party having selected and disseminated his own pq and his x , while maintaining the secrecy of his own y. Another benefit of this scheme is the notion of a "dig- ital signature," to enable one to authenticate the source of a given message. Normally, if I want to send you a message, I raise my plaintext a to your x and take the result (mod your pq) and send that. However, if in my message, I take the plaintext a and raise it to my (secret) power y , take the result (mod my pq), then raise that result to your x (mod your pq) and send this, then even after you have normally "decrypted" the message, it will still look like garbage. However, if you then raise it to my public power x , and take the result (mod my public pq ), so you will not only recover the ori- ginal plaintext message, but you will know that no one but I could have sent it to you (since no one else knows my secret y). And these are the very concerns by the way that are to- day tormenting the Soviet Union about the whole question of personal computers. On the one hand, they recognize that American schoolchildren are right now growing up with com- puters as commonplace as sliderules used to be--more so, in fact, because there are things computers can do which will interest (and instruct) 3- and 4-year-olds. And it is pre- cisely these students who one generation hence will be going head-to-head against their Soviet counterparts. For the Soviets to hold back might be a suicidal as continuing to teach swordsmanship while your adversaries are learning ballistics. On the other hand, whatever else a personal computer may be, it is also an exquisitely efficient copying machine--a floppy disk will hold upwards of 50,000 words of text, and can be copied in a couple of minutes. If this weren't threatening enough, the computer that performs the copy can also encrypt the data in a fashion that is all but unbreakable. Remember that in Soviet society publicly ac- cessible Xerox machines are unknown. (The relatively few copying machines in existence are controlled more inten- sively than machine guns are in the United States.) Now the "conservative" position is that we should not sell these computers to the Soviets, because they could use them in weapons systems. The "liberal" position is that we should sell them, in the interests of mutual trade and cooperation--and anyway, if we don't make the sale, there will certainly be some other nation willing to. For my part, I'm ready to suggest that the Libertarian position should be to give them to the Soviets for free, and if necessary, make them take them . . . and if that doesn't work load up an SR-71 Blackbird and air drop them over Moscow in the middle of the night. Paid for by private sub- scription, of course, not taxation . . . I confess that this is not a position that has gained much support among members of the conventional left-right political spectrum, but, af- ter all, in the words of one of Illuminatus's characters, we are political non-Euclideans: The shortest distance to a particular goal may not look anything like what most people would consider a "straight line." Taking a long enough world-view, it is arguable that breaking the Soviet govern- ment monopoly on information transfer could better lead to the enfeeblement and, indeed, to the ultimate dissolution of the Soviet empire than would the production of another dozen missiles aimed at Moscow. But there's the rub: A "long enough" world view does suggest that the evil, the oppressive, the coercive and the simply stupid will "get what they deserve," but what's not immediately clear is how the rest of us can escape being killed, enslaved, or pauperized in the process. When the liberals and other collectivists began to at- tack freedom, they possessed a reasonably stable, healthy, functioning economy, and almost unlimited time to proceed to hamstring and dismantle it. A policy of political gradualism was at least conceivable. But now, we have patchwork crazy-quilt economy held together by baling wire and spit. The state not only taxes us to "feed the poor" while also inducing farmers to slaughter milk cows and drive up food prices--it then simultaneously turns around and sub- sidizes research into agricultural chemicals designed to in- crease yields of milk from the cows left alive. Or witness the fact that a decline in the price of oil is considered as potentially frightening as a comparable increase a few years ago. When the price went up, we were told, the economy risked collapse for for want of energy. The price increase was called the "moral equivalent of war" and the Feds swung into action. For the first time in American history, the speed at which you drive your car to work in the morning be- came an issue of Federal concern. Now, when the price of oil drops, again we risk problems, this time because Ameri- can oil companies and Third World basket-case nations who sell oil may not be able to ever pay their debts to our grossly over-extended banks. The suggested panacea is that government should now re-raise the oil prices that OPEC has lowered, via a new oil tax. Since the government is seeking to raise oil prices to about the same extent as OPEC did, what can we call this except the "moral equivalent of civil war--the government against its own people?" And, classically, in international trade, can you imag- ine any entity in the world except a government going to court claiming that a vendor was selling it goods too cheaply and demanding not only that that naughty vendor be compelled by the court to raise its prices, but also that it be punished for the act of lowering them in the first place? So while the statists could afford to take a couple of hundred years to trash our economy and our liberties--we certainly cannot count on having an equivalent period of stability in which to reclaim them. I contend that there exists almost a "black hole" effect in the evolution of nation-states just as in the evolution of stars. Once free- dom contracts beyond a certain minimum extent, the state warps the fabric of the political continuum about itself to the degree that subsequent re-emergence of freedom becomes all but impossible. A good illustration of this can be seen in the area of so-called "welfare" payments. When those who sup at the public trough outnumber (and thus outvote) those whose taxes must replenish the trough, then what possible choice has a democracy but to perpetuate and expand the tak- ing from the few for the unearned benefit of the many? Go down to the nearest "welfare" office, find just two people on the dole . . . and recognize that between them they form a voting bloc that can forever outvote you on the question of who owns your life--and the fruits of your life's labor. So essentially those who love liberty need an "edge" of some sort if we're ultimately going to prevail. We obvi- ously can't use the altruists' "other-directedness" of "work, slave, suffer, sacrifice, so that next generation of a billion random strangers can live in a better world." Recognize that, however immoral such an appeal might be, it is nonetheless an extremely powerful one in today's culture. If you can convince people to work energetically for a "cause," caring only enough for their personal welfare so as to remain alive enough and healthy enough to continue working--then you have a truly massive reservoir of energy to draw from. Equally clearly, this is just the sort of ap- peal which tautologically cannot be utilized for egoistic or libertarian goals. If I were to stand up before you tonight and say something like, "Listen, follow me as I enunciate my noble "cause," contribute your money to support the "cause," give up your free time to work for the "cause," strive selflessly to bring it about, and then (after you and your children are dead) maybe your children's children will actu- ally live under egoism"--you'd all think I'd gone mad. And of course you'd be right. Because the point I'm trying to make is that libertarianism and/or egoism will be spread if, when, and as, individual libertarians and/or egoists find it profitable and/or enjoyable to do so. And probably only then. While I certainly do not disparage the concept of poli- tical action, I don't believe that it is the only, nor even necessarily the most cost-effective path toward increasing freedom in our time. Consider that, for a fraction of the investment in time, money and effort I might expend in try- ing to convince the state to abolish wiretapping and all forms of censorship--I can teach every libertarian who's in- terested how to use cryptography to abolish them unilaterally. There is a maxim--a proverb--generally attributed to the Eskimoes, which very likely most Libertarians have al- ready heard. And while you likely would not quarrel with the saying, you might well feel that you've heard it often enough already, and that it has nothing further to teach us, and moreover, that maybe you're even tired of hearing it. I shall therefore repeat it now: If you give a man a fish, the saying runs, you feed him for a day. But if you teach a man how to fish, you feed him for a lifetime. Your exposure to the quote was probably in some sort of a "workfare" vs. "welfare" context; namely, that if you genuinely wish to help someone in need, you should teach him how to earn his sustenance, not simply how to beg for it. And of course this is true, if only because the next time he is hungry, there might not be anybody around willing or even able to give him a fish, whereas with the information on how to fish, he is completely self sufficient. But I submit that this exhausts only the first order content of the quote, and if there were nothing further to glean from it, I would have wasted your time by citing it again. After all, it seems to have almost a crypto-altruist slant, as though to imply that we should structure our ac- tivities so as to maximize the benefits to such hungry beggars as we may encounter. But consider: Suppose this Eskimo doesn't know how to fish, but he does know how to hunt walruses. You, on the other hand, have often gone hungry while traveling thru walrus country because you had no idea how to catch the damn things, and they ate most of the fish you could catch. And now suppose the two of you decide to exchange information, bartering fishing knowledge for hunting knowledge. Well, the first thing to observe is that a transaction of this type categorically and unambiguously refutes the Marxist premise that every trade must have a "winner" and a "loser;" the idea that if one person gains, it must necessarily be at the "expense" of another person who loses. Clearly, under this scenario, such is not the case. Each party has gained some- thing he did not have before, and neither has been dimin- ished in any way. When it comes to exchange of information (rather than material objects) life is no longer a zero-sum game. This is an extremely powerful notion. The "law of diminishing returns," the "first and second laws of thermodynamics"--all those "laws" which constrain our possi- bilities in other contexts--no longer bind us! Now that's anarchy! Or consider another possibility: Suppose this hungry Eskimo never learned to fish because the ruler of his nation-state had decreed fishing illegal. Because fish contain dangerous tiny bones, and sometimes sharp spines, he tells us, the state has decreed that their consumption--and even their possession--are too hazardous to the people's health to be permitted . . . even by knowledgeable, willing adults. Perhaps it is because citizens' bodies are thought to be government property, and therefore it is the function of the state to punish those who improperly care for govern- ment property. Or perhaps it is because the state gener- ously extends to competent adults the "benefits" it provides to children and to the mentally ill: namely, a full-time, all-pervasive supervisory conservatorship--so that they need not trouble themselves with making choices about behavior thought physically risky or morally "naughty." But, in any case, you stare stupefied, while your Eskimo informant re- lates how this law is taken so seriously that a friend of his was recently imprisoned for years for the crime of "pos- session of nine ounces of trout with intent to distribute." Now you may conclude that a society so grotesquely oppressive as to enforce a law of this type is simply an affront to the dignity of all human beings. You may go far- ther and decide to commit some portion of your discretion- ary, recreational time specifically to the task of thwarting this tyrant's goal. (Your rationale may be "altruistic" in the sense of wanting to liberate the oppressed, or "egoistic" in the sense of proving you can outsmart the oppressor--or very likely some combination of these or per- haps even other motives.) But, since you have zero desire to become a martyr to your "cause," you're not about to mount a military campaign, or even try to run a boatload of fish through the blockade. However, it is here that technology--and in particular in- formation technology--can multiply your efficacy literally a hundredfold. I say "literally," because for a fraction of the effort (and virtually none of the risk) attendant to smuggling in a hundred fish, you can quite readily produce a hundred Xerox copies of fishing instructions. (If the tar- geted government, like present-day America, at least permits open discussion of topics whose implementation is re- stricted, then that should suffice. But, if the government attempts to suppress the flow of information as well, then you will have to take a little more effort and perhaps write your fishing manual on a floppy disk encrypted according to your mythical Eskimo's public-key parameters. But as far as increasing real-world access to fish you have made genuine nonzero headway--which may continue to snowball as others re-disseminate the information you have provided. And you have not had to waste any of your time trying to convert id- eological adversaries, or even trying to win over the unde- cided. Recall Harry Browne's dictum from "Freedom in an Unfree World" that the success of any endeavor is in general inversely proportional to the number of people whose persua- sion is necessary to its fulfilment. If you look at history, you cannot deny that it has been dramatically shaped by men with names like Washington, Lincoln, . . . Nixon . . . Marcos . . . Duvalier . . . Khadaffi . . . and their ilk. But it has also been shaped by people with names like Edison, Curie, Marconi, Tesla and Wozniak. And this latter shaping has been at least as per- vasive, and not nearly so bloody. And that's where I'm trying to take The LiberTech Project. Rather than beseeching the state to please not en- slave, plunder or constrain us, I propose a libertarian net- work spreading the technologies by which we may seize freedom for ourselves. But here we must be a bit careful. While it is not (at present) illegal to encrypt information when government wants to spy on you, there is no guarantee of what the fu- ture may hold. There have been bills introduced, for exam- ple, which would have made it a crime to wear body armor when government wants to shoot you. That is, if you were to commit certain crimes while wearing a Kevlar vest, then that fact would constitute a separate federal crime of its own. This law to my knowledge has not passed . . . yet . . . but it does indicate how government thinks. Other technological applications, however, do indeed pose legal risks. We recognize, for example, that anyone who helped a pre-Civil War slave escape on the "underground railroad" was making a clearly illegal use of technology--as the sovereign government of the United States of America at that time found the buying and selling of human beings quite as acceptable as the buying and selling of cattle. Simi- larly, during Prohibition, anyone who used his bathtub to ferment yeast and sugar into the illegal psychoactive drug, alcohol--the controlled substance, wine--was using technol- ogy in a way that could get him shot dead by federal agents for his "crime"--unfortunately not to be restored to life when Congress reversed itself and re-permitted use of this drug. So . . . to quote a former President, un-indicted co- conspirator and pardoned felon . . . "Let me make one thing perfectly clear:" The LiberTech Project does not advocate, participate in, or conspire in the violation of any law--no matter how oppressive, unconstitutional or simply stupid such law may be. It does engage in description (for educa- tional and informational purposes only) of technological processes, and some of these processes (like flying a plane or manufacturing a firearm) may well require appropriate li- censing to perform legally. Fortunately, no license is needed for the distribution or receipt of information it- self. So, the next time you look at the political scene and despair, thinking, "Well, if 51% of the nation and 51% of this State, and 51% of this city have to turn Libertarian before I'll be free, then somebody might as well cut my goddamn throat now, and put me out of my misery"--recognize that such is not the case. There exist ways to make your- self free. If you wish to explore such techniques via the Project, you are welcome to give me your name and address--or a fake name and mail drop, for that matter--and you'll go on the mailing list for my erratically-published newsletter. Any friends or acquaintances whom you think would be interested are welcome as well. I'm not even asking for stamped self- addressed envelopes, since my printer can handle mailing la- bels and actual postage costs are down in the noise compared with the other efforts in getting an issue out. If you should have an idea to share, or even a useful product to plug, I'll be glad to have you write it up for publication. Even if you want to be the proverbial "free rider" and just benefit from what others contribute--you're still welcome: Everything will be public domain; feel free to copy it or give it away (or sell it, for that matter, 'cause if you can get money for it while I'm taking full-page ads trying to give it away, you're certainly entitled to your capitalist profit . . .) Anyway, every application of these principles should make the world just a little freer, and I'm certainly willing to underwrite that, at least for the forseeable fu- ture. I will leave you with one final thought: If you don't learn how to beat your plowshares into swords before they outlaw swords, then you sure as HELL ought to learn before they outlaw plowshares too. --Chuck Hammill THE LIBERTECH PROJECT 3194 Queensbury Drive Los Angeles, California 90064 310-836-4157 [The above LiberTech address was updated June 1992, with the permission of Chuck Hammill, by: Russell Earl Whitaker whitaker at eternity.demon.co.uk Communications Editor 71750.2413 at compuserve.com EXTROPY: The Journal of Transhumanist Thought AMIX: RWHITAKER Board member, Extropy Institute (ExI) [.sig revised 11 September 1992 /// Send mail to eternity node] -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.0 mQCNAiqwg10AAAEEAMVNMI766ljeuW01xqXKYYV5lmDPvb+6dCQK3m1iBQdan0no pm35j1DIRp3UJZogAe5eimsQg1TALDhTq310OZs9+L6B/HxeX3+4BadIDad4g+xI lvaFY1Ut/hMdZNkw0tzNZOdUPiO4jYIyirReAUiMCm6jXzkTRITj7/vxxWtPAAUR tDNSdXNzZWxsIEUuIFdoaXRha2VyIDx3aGl0YWtlckBldGVybml0eS5kZW1vbi5j by51az4= =LOCL -----END PGP PUBLIC KEY BLOCK----- That's it from here. Over. Ono-Sendai Corporation From hughesNsoda.berkeley.edu Mon Sep 21 22:47:51 1992 From: hughesNsoda.berkeley.edu (Eric Hughes) Date: Mon, 21 Sep 92 22:47:51 PDT Subject: No Subject Message-ID: <9209220543.AA25094@soda.berkeley.edu> Welcome to the cypherpunks mailing list. We have a real mailing list now, and not just a mail alias on my account. Thanks to John Gilmore for space on hoptoad and Hugh Daniel for setting things up. Mail to the list members at cypherpunks at toad.com Request additions or deletions, talk to the list maintainer (me, Eric Hughes) at cypherpunks-request at toad.com Tell your friends about the list and have them join if they wish, and have them do the same, but please do not post the list address yet. We'd like to have a core group working before we advertise to avoid diffusion of interest at the outset. ---------------------- ANNOUNCEMENT Second Meeting -- October 10, 1992 The second meeting will be held at the new Cygnus offices. Exact address and directions to follow. We do not have an exact agenda yet, but one should be arriving in the next few days. Please mark you calendars now and start telling your friends. For this meeting and until further announced, we are using a transitive trust system for invitations. Invite anybody you want and let them invite anybody they want and so on. The crypto-anarchy game we tried out at the first meeting was as good a success as we could have hoped for from an untested idea. The game seems useful and fun enough to warrant continued play and play testing, so we'll be playing again at this and future meetings. We observed several interesting emergent behaviors in the first session, including resellers and reputation behaviors. We'll play a two hour session this time and discuss it afterwards. Eric From gnu Tue Sep 22 12:17:43 1992 From: gnu (gnu) Date: Tue, 22 Sep 92 12:17:43 PDT Subject: Radio program on wiretaps and encryption: Wednesday at noon Message-ID: <9209221917.AA02319@toad.com> Newsgroups: sci.crypt,alt.privacy,alt.activism Subject: Radio program on wiretaps and encryption: Wednesday at noon Message-Id: <35449 at hoptoad.uucp> Date: 22 Sep 92 19:15:19 GMT The Telecommunications Radio Project at KPFA is producing a series of thirteen hour-long radio programs on issues in communications. The first program is on the FBI's `Digital Telephony' e-z-wiretap proposal and the politics of encryption. The first half-hour will be an introduction and a panel discussion, featuring Jim Bidzos of RSA Data Security; Jim Kalstrom, head of investigative technology for the FBI; and me, representing the Electronic Frontier Foundation. You can phone in questions and comments in the second half of the show. The call-in number is: +1 800 464 5732 This program will be broadcast live on Wed, September 23, at noon, on these California stations: KPFA Berkeley KPFK Los Angeles KHSU Arcata These other stations will be picking up the broadcast, and probably transmitting it at a later time. Phone the station to find out when it's scheduled. KMUD Redway, California KCBL Sacramento, California KPBS San Diego, California WMNF Tampa, Florida KSUI Iowa City, Iowa KSAI Minneapolis, Minnesota KSMU Springfield, Missouri WCPN Cleveland, Ohio WYSO Yellow Springs, Ohio WBAI New York, New York WXXI Rochester, New York WEOS Geneva, New York KRCL Salt Lake City, Utah KPBX Spokane, Washington KUOW Seattle, Washington If you are not with in reach of a station that is broadcasting the Communications Revolution, please call your local station and pitch it to the program director. Have them call the Telecommincations Radio Project at KPFA, at +1 510 848 6767 x263 or x264. Future shows (Wednesdays at noon) will cover isses like how the concept of libraries is changing; what information is availible to (and held back from) the public; and electronic democracy where the voters can feed back directly to goverment agencies or change the outcome of an election via computer networks. Please tune in, and phone in good questions. See you in the airwaves! -- John Gilmore gnu at toad.com -- gnu at cygnus.com -- gnu at eff.org "It isn't given to us to know those rare moments when people are wide open and the lightest touch can wither or heal." From tcmay at netcom.com Wed Sep 23 13:25:19 1992 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 23 Sep 92 13:25:19 PDT Subject: KPFA interview went well Message-ID: <9209232007.AA03117@netcom.com> This is my first test of this list...hope it works...and a brief opinion on the KPFA (etc.) interview with our own John Gilmore, representing the EFF, Jim Bidzos, of RSA Data Security, and Jim Kellstrom (sp?) of the FBI. I made a tape of it and can bring it to the 10/10/92 crypto meeting. John did an excellent job of raising the constitutional issues, while the FBI guy basically said "Trust us." Jim Bidzos of RSA Data Security didn't say much, as the thrust of the discussion was more on wiretapping and the proposed Digital Telephony bill, with not much of substance said about RSA and public key cryptography. I waited on the 1-800-464-5732 line to ask about the status of use of encryption, especially with RSA and RSA-like systems, but the show ran out of time before I could get on. This series seems timely. Every Wednesday at noon on KPFA. Check your local listings and the announcement list John sent out a few days ago. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | RSA MailSafe Public Key: by arrangement From nobody at soda.berkeley.edu Wed Sep 23 17:28:41 1992 From: nobody at soda.berkeley.edu (nobody at soda.berkeley.edu) Date: Wed, 23 Sep 92 17:28:41 PDT Subject: New! Eric's Cheap Remailing Service. Free! Message-ID: <9209240027.AA27179@soda.berkeley.edu> Pssst. You don't know where you heard this. There's a new service available, and it's free. If you send mail to hughes at soda.berkeley.edu with a header line of the form Request-Remailing-To: then the software will strip off all the header lines (except the Subject: line) and remail it to the addressee of your choice. But there's this rumor that he's saving all the message that pass through. Damn. Mr. Crypto From cliff_stoll at harvard.edu Wed Sep 23 22:53:12 1992 From: cliff_stoll at harvard.edu (cliff_stoll at harvard.edu) Date: Wed, 23 Sep 92 22:53:12 PDT Subject: Fake Mail Message-ID: <9209240552.AA04259@atdt.org> Pssst! I have a nice fake mail program that interfaces with emacs. I'll send it along to anyone who wants it. PS: Have you seen my latest chocolate chip cookie recipe? Too bad about Martha. Maybe people like me are wed to science...and great cookies. ADFGVX From osendai at well.sf.ca.us Thu Sep 24 00:45:30 1992 From: osendai at well.sf.ca.us (Mark Pesce) Date: Thu, 24 Sep 92 00:45:30 PDT Subject: Interesting post to alt.cyberpunk.tech Message-ID: <199209240744.AA20447@well.sf.ca.us> Thought ya'll might be interested in this.... From pozar at kumr.lns.com Thu Sep 24 10:28:07 1992 From: pozar at kumr.lns.com (Tim Pozar) Date: Thu, 24 Sep 92 10:28:07 PDT Subject: KPFA interview went well In-Reply-To: <9209232007.AA03117@netcom.com> Message-ID: Timothy C. May wrote: > This is my first test of this list...hope it works...and a brief > opinion on the KPFA (etc.) interview with our own John Gilmore, > representing the EFF, Jim Bidzos, of RSA Data Security, and Jim > Kellstrom (sp?) of the FBI. > [...] Thanks for your input. If anyone else wants to feed back to the program, they can send me email and I will pass it along to the producers. I am also the technical consultant to the show, so your mail will not be falling on deft ears... Tim -- Internet: pozar at kumr.lns.com FidoNet: Tim Pozar @ 1:125/555 UUCP: ...!uunet!kumr.lns.com!pozar Snail: Tim Pozar / KKSF / 77 Maiden Lane / San Francisco CA 94108 / USA Voice: +1 415 788 2022 From hughes at soda.berkeley.edu Thu Sep 24 11:10:30 1992 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Thu, 24 Sep 92 11:10:30 PDT Subject: No Subject Message-ID: <9209241809.AA23637@soda.berkeley.edu> How to Make an Automated Remailer in Your Copious Spare Time with Easy to Find and Inexpensive Software Tools You May Have Lying Around. The basic remailer illustrates how to hook in automated software processing into the Unix mail system. Here are the basic elements. 1. .forward 2. slocal and .maildelivery 3. remail.perl 4. /usr/lib/sendmail -------------------------------------------- 1. .forward Unix mail provides a way to have accounts on many different machines but to receive all your mail in one place. That facility is the .forward file, which resides in the home directory. The file is one line long and contains the email address to which the mail will be forwarded. But the .forward file has another mode of operation. If the string begins with the pipe character '|', the mail will be piped through the program listed. Enclose the string with double quotes if you need spaces included. Here is my .forward file: "| /usr/local/lib/mh/slocal -user hughes" Thus all my mail gets processed by the slocal program, described next. I don't know where the man page for .forward is. Perhaps someone could provide a reference. --------- 2. slocal and .maildelivery The software system MH contains a bunch of useful tools for handling mail, only one of which we need. For details on MH, do 'man mh'. MH has a nice little mail hook processor called slocal. Its docs can be found by 'man mhook'. slocal can conditionally perform operations on mail messages and consider them either delivered or not. It allows multiple operations on individual mail messages. slocal reads the file .maildelivery when it starts up for instructions. Here is my .maildelivery file: # # field pattern action/ string # result (quote included spaces) # Request-Remailing-To "" pipe R "perl remail.perl" Request-Remailing-To "" file R archive.remailer The various pieces of the .maildelivery file are fully documented in the man page. I'll just explain what mine does. Each line describes one operation to be performed on each incoming mail message. Fields are separated by whitespace, so if you need to include spaces, use quotes. The first field, labelled field, is the mail header field to look for. slocal can selectively process on any header line. If the header line does not exist, then the mail does not match this line and no operation is performed. If the header line does exist, processing continues. The second field, pattern, is a text string to match with the contents of that header line, i.e. with everything after the colon. In my case, I put the empty string in, which matches everything. You need the pair of quotes to have a placeholder for the field contents. The next field, action, tells what to do with the message. 'pipe' sends the message to the standard input of the named program. 'file' appends the message to an archive or log file. A useful pipe command for testing is "tee foo", which makes a copy of the message in file foo, but does not append, so that you get an exact copy of what slocal is going to pass to your pipe. This allows testing of the pipe program without sending yourself mail all the time. The next field, result, tells what to do with the message after processing. I am currently using R for Regardless to indicate that this action should always be performed no matter what. The code R indicates that the mail should be considered not delivered after processing; thus slocal writes the mail back into my local spool and I see it as normal. Later, after I'm sick of looking at all the forwarded mail, I'll change this code to A, meaning if the processing succeeds, then the mail is considered delivered. The archive file will always remain R. The last field, string, is the parameter to the action. It is a file name or program. Use quotes to include spaces. The name of my mail processor is "perl remail.perl", which is to run the perl script remail.perl on the mail. The .maildelivery file is also the place to put encryption hooks to automatically decrypt the bodies of messages. More on that in a future version. --------- 3. remail.perl Perl is a wonderful language for doing all sorts of useful work like processing mail headers. Do 'man perl' for details, or get the O'Reilly book and really learn how to use it. The perl script, in summary, strips off the mail headers, saving the Subject: line, rewrites a new header, and appends the body of the previous message. Here is the script: --------- cut here --------- while (<>) { last if /^$/ ; $subject = $_ if /^Subject:/ ; if (/^Request-Remailing-To:/) { chop ; s/^.*:// ; $addressee = $_ ; } } #open( OUTPUT, ">foo" ) || die "Cannot open 'foo'." ; open( OUTPUT, "| /usr/lib/sendmail " . $addressee ) ; select( OUTPUT ) ; print "To:" . $addressee . "\n" ; print "From: nobody\n" ; print $subject ; print "Remailed-By: Eric Hughes \n" ; print "\n" ; while (<>) { } continue { print ; } --------- cut here --------- Here is a summary of the operation. To really understand this, you'll have to learn perl. The while loop processes standard input. 'last' terminates the loop as soon as a blank line is seen. A blank line separates the header from the body. The subject line, if seen, sets the subject variable to the whole subject line. The Request- header line has its final newline removed, the contents up to the colon substituted into nonexistence, and saves the rest in the addressee variable. Next the pipe to sendmail is opened and its output is selected so that all print commands will go to the pipe. There is a comment for a different output channel to the file foo which can be commented in for testing. Next the remailed header is constructed out of print statements. Lastly the rest of the standard input is passed through unmodified to the output channel. The while loop terminates when there is no more input. --------- 4. sendmail sendmail is the backend mailer; it expects complete mail messages and does not usually generate any line itself except for the first "From" (with no colon) line. Any header you construct will thus get passed through mostly unmodified. Hence you can put in any "From:" line you want and any other header info, such as my "Remailed-By:" line. sendmail expects the name of the addressee on its command line, otherwise it puts an "Apparently-To:" line in the header. Any mail processor which remails should probably go through sendmail, although it would also be possible to talk to an SMTP port directly, were you so motivated. MH also has some remailing programs; see 'man mhook'. --------- A few words for tinkerers. -- You can always send mail to yourself. Especially after you've done one kind of mail processing and want to pass the mail through the filters again. -- When getting started, create an empty .maildelivery file first and then get your .forward file working. Test it by sending messages to yourself. If you're not getting them, they are going into the bit bucket. All your other mail will as well, in this case, so if you can't afford to lose mail, do it right the first time or work on a spare account. -- Any mail slocal does not process will get delivered as normal. Running a remailer will not interfere with your other work. -- Remember to use quote marks. -- You don't need to be a sysadmin to run this kind of remailer. There is nothing, however, to prevent a sysadmin from running this sofware under an alias. The sysadmin is also a 'trusted user' to sendmail and can get rid of pesky "From"-no-colon lines. -- Perl has a random function which could be used to automatically choose various "From:" lines from a database. Remember to include yeltsy at kremvax.rus. -- postnews or inews could be substituted for sendmail. Different header lines would have to be created. Such a service could run in parallel with a remailer. You too can now repost to alt.sex.bondage! Enjoy. And watch for interesting improvements like encryption. Eric From hughes at soda.berkeley.edu Thu Sep 24 11:13:21 1992 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Thu, 24 Sep 92 11:13:21 PDT Subject: The aural Tim Pozar In-Reply-To: Message-ID: <9209241811.AA23823@soda.berkeley.edu> Tim Pozar writes: >I am also the technical consultant to the show, so your mail will not be >falling on deft ears... Just for the record, Tim's _are_ deft, but they are _not_ deaf. Eric From pozar at kumr.lns.com Thu Sep 24 16:42:21 1992 From: pozar at kumr.lns.com (Tim Pozar) Date: Thu, 24 Sep 92 16:42:21 PDT Subject: The aural Tim Pozar In-Reply-To: <9209241811.AA23823@soda.berkeley.edu> Message-ID: Eric Hughes wrote: > Tim Pozar writes: > > >I am also the technical consultant to the show, so your mail will not be > >falling on deft ears... > > Just for the record, Tim's _are_ deft, but they are _not_ deaf. Thanks... :-) Tim -- Internet: pozar at kumr.lns.com FidoNet: Tim Pozar @ 1:125/555 UUCP: ...!uunet!kumr.lns.com!pozar Snail: Tim Pozar / KKSF / 77 Maiden Lane / San Francisco CA 94108 / USA Voice: +1 415 788 2022 From Mailer-Daemon at atdt.org Thu Sep 24 16:49:37 1992 From: Mailer-Daemon at atdt.org (Mail Delivery Subsystem) Date: Thu, 24 Sep 92 16:49:37 PDT Subject: Returned mail: Unable to deliver mail Message-ID: <9209242349.AB06629@atdt.org> ----- Transcript of session follows ----- 554 cypherpunks at toad.com... Recipient names must be specified ----- Unsent message follows ----- Return-Path: Received: by atdt.org (5.61+++/JLK-atdt) id AA06629; Thu, 24 Sep 92 19:49:05 -0400 Date: Thu, 24 Sep 92 19:49:05 -0400 From: cypherpunks at toad.com Message-Id: <9209242349.AA06629 at atdt.org> To: cypherpunks at toad.com Subject: Information Brokers ____________________________________________________________________________ SYDNEY MORNING HERALD August 13 1992 HUGE TRADE IN PERSONAL FILES By MALCOLM BROWN Westpac, National Australia Bank, NRMA Insurance Ltd, Custom Credit and Citicorp are some of the big names in a damning report by the ICAC Assistant Commissioner, Mr Adrian Roden, QC, on the unauthorised release of confidential government information. Mr Roden found that there was a multi-million-dollar trade in such information which involved public servants, including police, and private inquiry agents. ""Information, from a variety of State and Commonwealth government sources and the private sector has been freely and regularly sold and exchanged for many years," he said. "NSW public officials have been heavily involved." Mr Roden heard 446 witnesses in public and private hearings over 168 days before compiling his 1,300-page report. Even so, he said, it was necessary to be selective; thousands of private and commercial inquiry agents had not examined. Mr Roden found that more than 250 people had participated in the illicit trade or had contributed to it. OOf these, 155 had engaged in corrupt conduct. A further 101 had engaged in conduct which allowed, encouraged or caused the occurrence of corrupt conduct. Many are NSW and Commonwealth public servants who sold information collected by the agencies where they work, including the Roads and Traffic Authority (RTA), police force, Telecom and Sydney County Council. The Attorney-General, Mr Hannaford, announced that the Director of Public Prosecutions had set up a task force to consider laying charges against more than 100 people named in the report. HHe said many of the public servants named could expect to lose their jobs and that the heads of all the government departments involved had been told to examine the report and take action against those involved. The Assistant Police Commissioner, Mr Col Cole, confirmed yesterday that five police officers had been suspended and announced that three task forces had been set up and computer security upgraded. Mr Hannaford foreshadowed the introduction of privacy legislation to make the unauthorised use of confidential information a criminal offence. The major banks said that they could not condone what their staff had done but said the staff had believed that they were acting in the best interests of their employers and the community. None of the banks was planning to sack staff found to be corrupt although several said the staff had been counselled or "educated". MMr Roden said the trade involved banks, insurance companies and other financial institutions which had provided "a ready market". The link was provided by private and commercial inquiry agents. With some banks, codes had been used to conceal the nature of the transactions. "As they have gone about their corrupt trade, commercial interest has prevailed over commercial ethics, greed ha~ prevailed over public duty; laws and regulations designed to protect confidentiality have been ignored," Mr Roden said. "Frequently the client, generally an insurance company, bank or other financial institution, ordered the information from the agent with a full appreciation of how it was to be obtained. ""The evidence disclosed that in the collection and recovery departments of a number of those institutions, it has long been standard practice to use confidential government information . . . as a means of locating debtors." Some finance and insurance companies had directed agents to keep all references to the trade off invoices and reports. "Some even directed that the agents falsely state the source of the information in their reports," Mr Roden said. "Some solicitors in private practice have sought and purchased confidential government information in circumstances in which they must have known that it could not have been properly obtained." Mr Kevin Rindfleish, an unlicensed private inquiry agent, had sold Department of Motor Transport/Roads and Traffic Authority and social security information "on a large scale". His principal client had been the ANZ Bank. AA private investigator, Mr Terence John Hancock, and his company, All Cities Investigations Pty Ltd, had sold confidential government information to the National Australia Bank and Westpac on a regular basis. Two employees of the NAB had used prior contacts to provide the bank with access to RTA, social security, Australia Post and immigration information. Between them, the employees also provided silent numbers and information on electricity consumers. The Advance Bank had "over a period of years" obtained information improperly released from the RTA, the Department of Social Security and the Department of Immigration. The practice was "known and approved at least to senior management level". New Zealand Insurance and Manufacturers Mutual had bought confidential government information from private investigators. NRMA Insurance Ltd and the Government Insurance Office were "found to have participated as freely in the illicit trade in confidential government information as their more commercially orientated competitors". "Evidence relating to NRMA Insurance Ltd established not only that it purchased confidential government information through private investigators, but also that investigators were required to obtain relevant government information by unauthorised means if they were to retain the company's work." EEsanda Finance Corporation Ltd had bought confidential information over at least 23 years. Custom Credit Corporation Ltd which had engaged in the illicit trade over "many years", had maintained false records to conceal how it obtained information. Alston de Zilwa, former underwriter and operations manager of Citicorp Ltd and later, Toyota Finance Australia Limited's credit operations manager, had established for each of the two companies a system for obtaining confidential information. The companies would seek information directly from employees of the DMA and RTA and pay a private inquiry agent, Mr Kevin Robinson, who would "launder" it, then invoice the companies for the corresponding sum. Mr Roden said that hundreds of thousands of dollars had changed hands in the trade uncovered. One agent had estimated that he had paid $40,000 to $50,000 a year for Social Security information alone. Another had said he received $100,000 over two years for government information. YYet another had, according to records, charged a bank $186,000 for "inquiry services" over a period of 18 months. From nobody at soda.berkeley.edu Thu Sep 24 19:32:44 1992 From: nobody at soda.berkeley.edu (nobody at soda.berkeley.edu) Date: Thu, 24 Sep 92 19:32:44 PDT Subject: through mr. crypto Message-ID: <9209250231.AA10851@soda.berkeley.edu> ** I am also the technical consultant to the show, so your mail will not be ** falling on deft ears... Awwww.... it wasn't that badly engineered. sho3t From stjude at well.sf.ca.us Fri Sep 25 03:02:38 1992 From: stjude at well.sf.ca.us (Judith Milhon) Date: Fri, 25 Sep 92 03:02:38 PDT Subject: secretions Message-ID: <199209251001.AA16909@well.sf.ca.us> "The alternative to mutual trust, which is indeed a risky gamble, is the security of the police state." -- Alan Watts This text may be published in MONDO2000 as my regular column, Irresponsible Journalism. Eric Hughes suggested the coda with the toad address, adding that it would be amusing to have it almost completely blotted by magic marker, as if inadequately censored. I don't want to be the venom in this toad. the idea is to draw in other useful minds. we can assume the WRONG PEOPLE already know the address. lady ada won't apologize for the gonzo wrapping for the ideas; she is concerned only that they be correct and clearly stated. clarifications, expansions, corrections are welcome. also abuse and threats, for that matter... any feedback, please feed me... THE CYPHERPUNK MOVEMENT by St. Jude I don't face-to-face all that much. And I don't like clubs. I was in the Black Hole for a reason: The Screamin' Memes were in town for one night only -- Thursday, of course. Thursday's the night, now that the weekend has annexed Fri. and Mon. I was lurking in the back, hoping not to see anybody, when the Jones brothers staked me out. Damn. They are deep into the street drugs. Keeping up with the Joneses is nigh impossible; their most trivial chitchat is an exercise in decryption. Eddy -- or maybe he was being Ellis that night -- was implying something about somebody when my right foot detonated down to its steel toe. I looked up -- way up -- to a face that wasn't there at all. Just a dome of black cloth, with goggles. Three-eyed goggles. Ah: a Chador. I'd heard of that. I screamed: "You stomped my foot FLAT!" "Sorry." "Are you okay?" "Oh maaaang." Many overlapping voices, all of them synthesized, blurted from above. Out of two tiny speakers hanging like earrings off a basketweave headband like a cop's belt. The head bowed, bringing it almost within biting range. "Gah. Ow. Ooo." Pretending to be demented with pain, I lurched deep into the Chador. But I was cool: I was rootling in there for clues. Ha! Male pheromones. Hardish male torso. I was jostling this lumpy equipment hanging off him, trying to get a good feel of it without alerting him. Nuh uh: _I_ meant electronics... what did _you_ think? Okay: I had some data to work with. Male with gadgets. Quelle surprise. "What the hell have you got on your feet? HORSESHOES?" A voice like rushing water: "Kothurni." The Chador shifted a little... and under his full black skirts I saw them: big weighted club-foot boots with concealed lifts, to disguise the wearer's height. Wicked. The pain and the espionage cleared my head. I was ready to deal. "So you're protecting your meat identity, right?" The Chador seemed to teeter a little. It goggled down at me as if I were a smear on a slide. Its third-eye goggle was a lens. Check. Out of the ambient murk loomed another Chador. Exactly the same height. Right. "How come you guys are in full drag?" "We're here for a... uh... party." The voice from the other Chador was a flanged saxophone, but I could swear it had a Texas accent. "Rubbish. You're having a cell meeting, right? " The near Chador, the one I had groped, seemed to teeter again. What sounded like a tape player on fast-forward came faintly from its interior. An earphone? The saxophone honked: "If I said I even understood what you meant, what kind of a chump would that make me?" "I could hazard a guess. I think you're cryptoanarchists -- what I'd call cypherpunks!" My Chador cracked up. I could tell. The farther one seemed to stiffen; I think it was giving me a hate stare. Hard to manage behind the whole 9 yards o' cloth. "Is that clever or what? I'm onto you like psilocybe on cowshit, dudes. You want to take over the world. Haha hahaha haaaaa." Both of them rocked back a little. I went in after them. "You want to talk encryption schemes? Let's talk cryptic. Tales from the cryp'ed. But make it fast: The Memes are comin' on." Oh, I was bluffing. I don't know much about cryptography. I was just 'tuding them from tech envy. Damn: Chadors. And me without the first widget. From the far guy came a cello, very suave: "The world has already been taken over. You may have noticed this. We're just trying to get some of it back." And the accent was -- Dutch? Bob's yr uncle. Gotcha. I hadn't been certain. Maybe chadors were now trendy club gear -- what do I know? "Hey -- that cello's another guy? How many you PACKIN' in there?" Out of my Chador a sawtooth rasped: "Variable. People are ringing in and out." "You're on line?" "This is a bridge. International." Sawtooth again. The cello resumed, an annoyed cello: "We don't believe in takeovers. In fact, we are working to make things UNTAKEOVERABLE." A theremin quivered, "And to make the world safe for anarchy. _We want the air-waves, baby_." It snickered across many frequencies. The Tejana saxophone chuckled, (and an eerie treat that was, too): "Problem is, how to guarantee privacy for pseudonyms. So you can have a pseudonymous economy." A toad croaked: "So, full-RSA encrypted EVERYTHING. No back doors. Secure digital money. Swiss bank accounts for the millions." The theremin: "A global monetary system that makes governments obsolete. Down come the governments. Goodbye the feds." It sang, whoopingly: "BYE BYE, LAWWww." Horrible broad-band snickering. The toad croaked: "Er... yes. Real freedom of speech, too. Libertech!" The Dutch cello was all business: "Okay, what does it take? You need real-time protocols to prove you own your pseudonym. And your pseudonyms have online reputations, via people you've done biz with -- like a distributed credit rating system. With maybe designated angels -- Fair Witnesses." I was charmed. "And you wear the chador when you face-to-face somebody who knows your handle!" The theremin wheeped: "Actually, unmasking your real identity could be the ultimate collateral -- your killable, _torturable_ body. Even without kids, you've got a hostage to fortune -- your own meat." I was reeling. "Oh yas yas. As Dylan said: 'They asked me for some collateral/ and I pulled down my pants'." Orchestral chuckles rained down on me. Was I an international hit? But at that exact moment The Memes hit the stage. The crowd did a 9.1 Richter lurch and the other Chador pitched onto my LEFT toe, maybe denting the steel. "AAIEEeeee. That's great COVERT GEAR you got there, guys. You couldn't sneak up on Helen Keller in a HAILSTORM." I was trying to spin down. "And dudes -- this is not the neighborhood for flashing the hardware. Getting rolled by winos is pretty LOW TECH." A spike-knuckled glove slithered out of the farther guy, clutching what looked, in the near-dark, like an electric razor. "_Gonna menace 'em with a clean shave_?" The sax: "Stunner. Bottom of the line. But." A hot line of pure energy cracked across its little trodes. Of course. Rushing water: "See ya." And they did a fade into the smoke. The Screamin' Memes were worthless. To hell with clubs. To hell with lots o' things, maybe. I am now sensing my roots, mahn; dey who are my bredren. Nerds. Nerds as mainstreamed by the grainy but still fetching Robt Redford in Sneakers... Nerds who will have their revenge at last, by making the online realer than our current regrettable reality... No, I'm not quite delusional. I've heard the cypherpunks are already distributing their encrypted email software, which is quick and slick. I might even join the revolution, which is, heh, already in progress. Yeah. Why not? Give me libertech or give me... _DES_? --------------------------------------------------------------------------- ------------------------- St. Jude, aka Lady Ada Lovelace, wrote "The Spook in the Machine" for MONDO #1, describing the enforcement of DES, the Data Encryption Scam with the handy backdoor. She can be reached online as stjude at well.sf.ca.us. Note: a definitely false rumor is now circulating that the revolutionists can be contacted via cypherpunks at toad.com. -------------------------------------------------------------------------- feed me? >jude< From hughes at soda.berkeley.edu Fri Sep 25 11:37:12 1992 From: hughes at soda.berkeley.edu (Eric Hughes) Date: Fri, 25 Sep 92 11:37:12 PDT Subject: the hopping remailer is done Message-ID: <9209251835.AA00599@soda.berkeley.edu> The hopping remailer is finished. I wrote it this morning. The change to make a hopping remailer is very easy. Here's the new perl script: --------- cut here --------- while (<>) { last if /^$/ ; $subject = $_ if /^Subject:/ ; if (/^Request-Remailing-To:/) { chop ; s/^.*:// ; $addressee = $_ ; } } #open( OUTPUT, ">foo" ) || die "Cannot open 'foo'." ; open( OUTPUT, "| /usr/lib/sendmail " . $addressee ) ; select( OUTPUT ) ; print "To:" . $addressee . "\n" ; print "From: nobody\n" ; print $subject ; print "Remailed-By: Eric Hughes \n" ; # # check to see if there are header lines in the body to collapse # into the full header. # if ( $_ = <> ) { if (/^##$/) { # do nothing if the pasting token appears # the rest of the body will be directly appended # this allows for extra header lines to be added } else { # normal line print "\n" ; print $_ ; } } else { # empty body exit ; } while (<>) { } continue { print ; } --------- cut here --------- Short explanation. The 'print "\n" ;' line was moved inside the new if statement. The if statement reads a line of the body and stops the script if there is no body. The line read is tested to see if it contains the two characters "##" alone on the line. "##" is the ANSI C token pasting operator. If there is no pasting, a blank line is printed to mark the end of the header and the first line of the body is printed. If there is pasting, then the conditional does nothing, which has the effect that the body is appended directly onto the end of the header, allowing you to add more header lines after the header is rewritten. Here is a sample message that I sent myself after the new script was installed: --------- cut here --------- To: hughes Subject: multiple hops Request-Remailing-To: hughes ## X-Hop: 1 Request-Remailing-To: hughes ## X-Hop: 2 Request-Remailing-To: hughes ## X-Hop: 3 This is a test message of multiple hops. Eric --------- cut here --------- I received four pieces of mail after sending this to myself. The first was the actual letter, which is still delivering normally and not being filtered. The next two were the first and second remailings; they had X-Hop: 1 and 2. The last message was the final one, had X-Hop: 3 in its header and was delivered normally. At each stage, the header got rewritten and a new Request-Remailing-To: line inserted. When that mail got delivered, it was again rewritten, with a new remailing request. This process is extensible up to the 50K or so practical limitatation on mail size. Note that this system is not at all secure by itself. But if each message body were encrypted first, and the message first decrypted before the header re-write took place, the routing instructions as a whole would be hidden from prying eyes. That's the next project. Eric From osendai at well.sf.ca.us Fri Sep 25 16:27:24 1992 From: osendai at well.sf.ca.us (Mark Pesce) Date: Fri, 25 Sep 92 16:27:24 PDT Subject: Pointing out the obvious.... Message-ID: <199209252326.AA19540@well.sf.ca.us> Hey, Kidz.... I don't mean to point out the obvious, but when you mention a certain scheme for secure transfer (3 initials, you guess), or a certain organization dedicated to keeping it from the public (3 initals, you guess again), THEY READ IT. OK? Did I make my point? If not, we're going to unsubscribe from this list like a bat out of hell. Over, OS Corp. From not_root at nowhere.com Fri Sep 25 17:27:32 1992 From: not_root at nowhere.com (not_root at nowhere.com) Date: Fri, 25 Sep 92 17:27:32 PDT Subject: Hints Message-ID: <9209260027.AA08573@atdt.org> Most internet traffic is archived (and later Grep'd) anyway. If you're really that worried about it, then we should have been speaking in Aramaic all this time, or using encrypted e-mail (and I'm sure traffic which mentions the characters "crypt" draws attention as well, and most of the msgs on this mailing list have already violated that one.) I'm interested to see the PGP addition to the re-mailer. -- Concerned, yet not overly unrealistic about it. From fen at genmagic.com Mon Sep 28 21:01:24 1992 From: fen at genmagic.com (Fen Labalme) Date: Mon, 28 Sep 92 21:01:24 PDT Subject: SEIZING THE MEDIA- A NETWOR Message-ID: <9209290409.AA25631@relay2.UU.NET> Mail*Link( Remote SEIZING THE MEDIA: A NETWORKER CONGRESS from PeaceNet ACTIV-L: Date: Sat, 26 Sep 1992 23:33:10 CDT Sender: Activists Mailing List From: "(Rich Winkel)" Subject: PAX: SEIZING THE MEDIA: A NETWORKER CONGRESS To: Multiple recipients of ACTIV-L /** gen.media: 141.0 **/ ** Topic: SEIZING THE MEDIA: NETWORKER CONGR ** ** Written 6:39 pm Sep 25, 1992 by openmedia in cdp:gen.media ** SEIZING THE MEDIA: A NETWORKER CONGRESS A weekend of activity to discuss, self-educate, and put into practice the creation of subversive media. 1:30pm Saturday 24 October to 6pm Sunday 25 October 1992 Media and resource exchange; slides, fax, posters, pamphlets, computer files, ideas, proposals, tactics Practical action on billboard improvement and removal; Big Art and postering E-mail and fax facility to receive material to be discussed and implemented during the weekend Documentation to all participants Materials supplied: photocopier reproduction/enlargement and the streets of Oxford Bloomin Arts, Princes Street, Cowley Road, Oxford, OX4, U.K. If you can't make it in person, you can take part in the Seizing the Media Congress by post, fax, E-mail. Send documents, comments, proposals, art, ideas, and posters. Post to: BM Jed, London WC1N 3XX, United Kingdom Fax to: (011 441) 0865 72 4317 E-Mail to: Eastoxcomcen at GN.APC.ORG Accommodation and other information are available from Friday night onwards. To make arrangements or get more information, get in touch with Oxfin between 1-4pm Mondays to Fridays at: (0865) 240545 >From the United States: 011 41865 240 545 Background: SEIZING THE MEDIA is the title of pamphlet written by the Immediast Underground and first released in Amsterdam , New York City, and Seattle in early 1992. The 26 pamphlet combines theory, graphics, research and proposals that examine: * Information control * Propaganda and advertising * CIA * Mind control * Immediast counter-offensives * tactics, subversive networking, public empowerment * multi-media * Public production libraries * the liberation of public space ...Just when Jesse Helms thought he made the world safe from poetic terrorism, along come the Immediasts, a cadre of media hackers who are fed up with the ecology of coercion that surrounds them. Their booklet SEIZING THE MEDIA proposes an all-out artistic assault on coercive communication, cultural monologue, and media control. They want all media insurgents to take back the airwaves with pirate radio, cable access TV, altering ads and billboards, and otherwise hacking the datasphere to break the spell of State/corporate media control. . . . from Gareth Branwyns STREET NOISE, Issue 7 of Mondo 2000 SEIZING THE MEDIA Version 1.1 is available for $3 from Open Media PO Box 2726 Westfield New Jersey 07091 USA THE IMMEDIAST UNDERGROUND is a centerless network of artists, writiers, hackers, culture jammers, pirate broadcasters, and posterists who connect with one another through information systems, mail art, networker congresses, and the underground press, and who communicate with the public through actions against all forms of coercive communication, space infringement, and media control. For more info contact: Immediast U. PO Box 2726 Westfield New Jersey 07091 USA DECENTRALIZED WORLD-WIDE NETWORKER CONGRESSES Since the beginning of the year, members of alternative info-nets, artists, insurgents, and cultural workers have been holding networker congresses, transnational engagements in cultural production, dialogue, collaborations, open exchange, subversive brainstorming, and collective disruptions of dominant culture. THE NETWORKER, A NEW PERCEPTION In societies where information is money and media is power, public access is as controlled as the corporate states grip on communication law, censorship, commerce, covert action and surveillance. In this context, uninhibited public communication, expression, and cultural production are acts of freedom, sovereignty, and defiance. Rooted in the drive to connect and exchange with others, Networker Congress engage in culture and media as the battleground for greater openness and freedom. MORE INFORMATION about NETWORKER CONGRESSES contact: H.R. Fricker Buro fur kunsterische Umtriebe CH 9043 Trogen Switzerland Retrofuturism PO Box 2278 Iowa City, Iowa 52244 Face of the Congress FaGaGaGa Po Box 1382 Youngstown, Ohio 44501 Peter Kaufman Bergenwissenstrasse 11 CH-8123 EbmatigenDecentralized Networker Congresses Switzerland Decentralized Networker Congresses Netshaker PO Box 978 Hanover, New Hampshire 03766 ** End of text from cdp:gen.media **