From lcottrell at popmail.ucsd.edu Thu Sep 1 00:04:16 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Thu, 1 Sep 94 00:04:16 PDT Subject: Is this person really speaking for Julf (anon.penet.fi)? Message-ID: <199409010703.AAA29022@ucsd.edu> -----BEGIN PGP SIGNED MESSAGE----- I was one of the people who suffered from the anon.penet.fi attack which allocated IDs to so many members of this list. I immediately sent a message to admin at anon.penet.fi asking to have the message removed. I just received the reply below. I am not familiar with this person. Does this person speak for Julf? Is the snakemail.hut.fi site associated with the anon.penet.fi site? Thanks for all help. >From: Mari (Black Panther) Sepp{ >Subject: Re: Unauthorized allocation of annon ID. >To: lcottrell at popmail.ucsd.edu (Lance Cottrell) >Date: Wed, 31 Aug 1994 11:48:56 +0200 (EET DST) >X-Mailer: ELM [version 2.4 PL21] > >> I suspect that you are aware of the attack on your system. Hundreds of IDs >> are being created and the annon and real IDs posted to Alt.test. What can >> we do to have these anon IDs removed. > >Yes, those id's that didn't have passwords were attacked. You can delete >the id by sending me mail from the account id is on. > >> Are the anon IDs directly derivable from the source address, or would I get >> a different ID if I reapplied? Many thanks, and hope things are not going >> too bad there. > >If you send a message to ping at anon.penet.fi after the removal you will get >a new id. > > Zarr > > -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLmWJ7VVkk3dax7hlAQFplwP9HBcC55/UABq3dYoZUfslTQwWHSTVM/GW EdyTPa8UdQk5tGdHhNiK7Auqs5yw8fqU2CkBmV8gESNYn7bLHhAN3Pav7OJwA9uv 3GkPgFx+rGLY+0ZbNaN2ne93EPTjsbdydzL44oIKURflUje964c1dp2f35OPT3bI O4S6BDL0CbM= =KUb4 -----END PGP SIGNATURE----- -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From mimir at io.com Thu Sep 1 02:13:34 1994 From: mimir at io.com (Al Billings) Date: Thu, 1 Sep 94 02:13:34 PDT Subject: Wiretap Bill Alert (fwd) Message-ID: ---------- Forwarded message ---------- Date: Tue, 30 Aug 1994 09:18:10 -0700 From: email list server To: cpsr-announce at Sunnyside.COM Subject: Wiretap Bill Alert Wiretap Bill Alert Voter's Telecommunications Watch (VTW) has issued the attached alert on the pending FBI Wiretap Bill. The Electronic Privacy Information Center (EPIC) is working in conjunction with VTW and other organiza- tions to educate the public on this legislation. Your involvement is crucial -- please contact Rep. Jack Brooks IMMEDIATELY. EPIC is a project of the Fund for Constitutional Government and Computer Professionals for Social Responsibility. =================================================================== Subject: INFO: Status of the Digital Telephony bills (SB 2375 & HR 4922) From: shabbir at panix.com (Shabbir J. Safdar) Date: 29 Aug 1994 23:28:26 -0400 Message-ID: <33u90q$8mk at panix2.panix.com> [updated August 29, 1994 shabbir] ********************************************************************* DISTRIBUTE WIDELY ********************************************************************* Table of contents: Status of the bills Five things you can do RIGHT now to stop Digital Telephony Records of legislators supporting/opposing/wavering on DT Digital Telephony bill FAQ The VTW Press Release Sample Letter To The Editor Who are we and how can you contact us? ------------------------------------------------------------------------------- STATUS OF THE BILLS (updated 8/10/94) Aug 18, 94 HR 4922 reported back to committee (write to Rep. Jack Brooks!) Aug 11, 94 Sen. Leahy & Rep. Edwards hold a joint hearing on the bills in Wash. DC at 1pm in Rayburn 2237. Aug 10, 94 HR 4922 referred to Subcomm. on Civil and Constitutional Rights Aug 10, 94 SB 2375 referred to Subcomm. on Technology and the Law Aug 9, 94 Rep. Hyde officially cosponsors HR 4922 Aug 9, 94 HR 4922 referred to House Judiciary Committee Aug 9, 94 SB 2375 referred to Senate Judiciary Committee Aug 9, 94 Identical House and Senate bills are announced by their respective sponsors, Rep. Don Edwards (D-CA) and Sen. Patrick Leahy (D-VT) EFF states the legislation is "not necessary". VTW will be monitoring this legislation in the same way that we monitored the Cantwell bill, with the blow by blow, day to day updates that cost us significant long distance bills. :-) We're not asking for money though. Don't send us money; we don't want it and it causes us bookkeeping work. Call/write your legislator instead and relay to them the sample communiques below. ------------------------------------------------------------------------------- FIVE THINGS YOU CAN DO *RIGHT* NOW (in their order of importance) 1. Write to the House Judiciary Committee Chairman, Jack Brooks (D-TX) and ask him to oppose the Digital Telephony bill. (HR 4922) 2. Fax/mail a copy of the VTW press release to your local newspaper, tv station, call-in show (everything from NPR to Rush Limbaugh), etc. 3. Write to your legislator (especially if s/he is on the Judiciary Committee (House or Senate) and ask that they oppose the Digital Telephony bills. (SB 2375/HR 4922) 4. Forward a copy of this FAQ to three friends who don't know about it. Or, print it out and place it on a bulletin board at work, at school, hand it out, etc. 5. Write a letter to the editor of your local newspaper, opposing the Digital Telephony bill. 1. CALL/WRITE TO REP. JACK BROOKS, HOUSE JUDICIARY COMM. CHAIRMAN Sample phone Communique: Rep. Jack Brooks Phone: (202) 225-6565 Dear Mr. Brooks, The recent Digital Telephony bills (HR 4922 & SB 2375) disturb me greatly. The FBI has not yet made their case that justifies building wiretap functionality into the telephones of 250 million people to justify the privacy intrusion. Please oppose HR 4922 and SB 2375. Sincerely, _______________________ Sample fax/letter Communique: Rep. Jack Brooks 2449 RHOB Washington, DC 20515 Phone: (202) 225-6565 Fax: (202) 225-1584 The Honorable Jack Brooks, Please oppose Senator Leahy's and Representative Edwards' Digital Telephony bills (HR 4922 & SB 2375). This legislation asks us, the American public, to trade our privacy to ensure law enforcement's future ability to continue to perform wiretaps. Unfortunately, the FBI has yet to make its case to the public to prove that it is unable to administer significant numbers of wiretaps. Telecommunications technology is very new and the change of pace in it is very rapid. The Digital Telephony bills are premature and should not be considered until: -the standards bodies are appointed and include privacy rights groups (not just the Electronic Frontier Foundation) at both the technical and policy levels -the standards are defined and accepted by the three stakeholders (law enforcement, common carriers, and privacy rights groups) -an adequate oversight agency has been given the authority previously allocated to the FCC -the technology has advanced to a point where the effect of such a broad ruling on the undustry can be ascertained. Please oppose HR 4922 & SB 2375. Sincerely, _______________________ If you want to help make legislators responsible for their actions, report this information back to vtw at vtw.org. We'll add their position to our database. 2. Take the press release attached and fax/mail/email it to local tv stations, radio stations, callin shows, newspapers, etc. Drop a note to vtw at vtw.org, where we'll track the coverage. 3. Forward this file to your friends and coworkers. Use it when you phone call-in shows; educate everyone you know. This is literally a "net" effort. Few people outside of the Internet know about this legislation; they would be horrified to discover its existence. Help educate them. 4. Call/write your legislator and ask them to oppose the Digital Telephony bill. Use the sample communiques above. To find your own legislator, contact the League of Women Voters in your area. 5. Write a letter to your local newspaper's editorial page about the Digital Telephony bill. We have attached a sample editorial page letter that you might base your letter upon. Feel free to use significant license. ------------------------------------------------------------------------------- LIST OF LEGISLATORS SUPPORTING/OPPOSING/WAVERING ON DIGITAL TELEPHONY -REPRESENTATIVES All addresses are Washington, D.C. 20515 Dist ST Name, Address, and Party Phone Fax ==== == ======================== ============== ============== 16 CA Edwards, Donald (D) 1-202-225-3072 1-202-225-9460 2307 RHOB House sponsor of the 1994 Digital Telephony bill 6 IL Hyde, Henry J. (R) 1-202-225-4561 1-202-226-1240 2110 RHOB Cosponsor of the 1994 Digital Telephony bill -SENATORS P ST Name and Address Phone Fax = == ======================== ============== ============== D VT Leahy, Patrick J. 1-202-224-4242 na 433 RSOB Washington, D.C. 20510 Senate sponsor of the 1994 Digital Telephony bill ------------------------------------------------------------------------------- DIGITAL TELEPHONY BILL FAQ What are the (DT) Digital Telephony bills and where did they come from? The DT bills were initially introduced by the Bush administration presumably at the request of the FBI. The initial proposals were very unpopular and met with great opposition, preventing them from moving through Congress. The current incarnations of the legislation (SB 2375 & HR 4922) have several features, but basically require the same thing: common carriers must be able to provide law enforcement officers with court orders access to personal communications. (eg, if the FBI presents a court order for a wiretap on your phone calls to NYNEX, NYNEX should be able to provide the FBI with the ability to intercept your communications under the terms of the court order.) To do this will require changes in the telephone equipment we use today. Since this will obviously cost money, the bill appropriates $500 million in Federal money to these carriers to compensate them for the changes. Does this include bulletin boards and Internet sites like Netcom, America OnLine? No, the legislation specifically identifies common carriers. Information Services, such as these above, are not common carriers. How will this affect me? Imagine there's a giant socket on the side of the phone company's equipment that says "FOR FBI USE ONLY" in giant red letters. Imagine if the fine for not implementing that socket was $10,000 per day for the phone company. How many communications carriers do you think will make any noise about the privacy of their customers' communications? Now imagine that you were asked to pay the bill for this. The proposed budget for implementing this functionality is $500 million dollars for 1995-1998. Just how many wiretaps per year are there? In 1992 there were less than 1,000 wiretaps performed. It is important to note that the legislation is targeted towards wiretaps that the government says they cannot implement. Since there is thus far no published evidence of unimplementable wiretaps, turning the nation's phone system into a giant eavesdropping device to prevent a problem which has not yet been documented or become widespread, sacrifies too much privacy for too little gain. Is there ever a legitimate need for law enforcement to conduct wiretaps? Yes, according to the 1992 Government Accounting Office's "Report on Applications for Orders Authorizing or Approving the Interception of Wire, Oral, or Electronic Communications (Wiretap Report)", there were 919 wiretaps authorized in 1992 (there were no requests denied). There were 607 individuals convicted as a result of these wiretaps. Although this is not an excessive amount, it is not ignorable either. However 607 convictions is infinitesmally small when one considers the number of people convicted yearly in the US. Furthermore, the report does not specify if any wiretaps were unimplementable because of advancing technology. The FBI maintains that advancing technology will prevent this, though this has not yet been documented. VTW feels that until the the FBI makes their case to the public, this bill should not be considered as legislation. Why should I be worried about this bill? THE BILL IS VAGUE REGARDING STANDARDS SETTING The bill requires industry standards groups to be formed to work with law enforcement to create technical standards for this functionality. There are a number of problems with this. First is that these standards bodies may not have even been appointed yet, giving incredible power to a presently unnamed group that will be responsible for appointing those bodies. Secondly, these standards bodies do not currently include any public input. There is a delicate balance involved in wiretapping vs. a citizen's privacy. The standards bodies that are proposed do not have any provisions for public input. Public-interest and/or privacy groups should be included at every level (including the technical level) in order to ensure that this balance is found. Without such input, the standards are likely to sacrifice privacy while giving more functionality than is needed by law enforcement to do its job. THE STANDARDS SHOULD BE ACCEPTED BEFORE THE LEGISLATION IS PROPOSED The DT legislation is vague regarding the standards for wiretapping functionality. Many of the questions and problems we have with this legislation stem from the vagueness of the details regarding the standards. The standards body should be appointed (with representatives from law enforcement, industry, and the public at both the technical and high level) and the standards accepted before the legislation is proposed. THE BILL PUTS GREAT POWER INTO STANDARDS AND COMMITTEES THAT DO NOT EXIST YET By empowering standards bodies that do not exist, and mandating standards that do not yet exist, great power is given to those individuals who can appoint the members of the standards bodies. Furthermore, no process is mandated for the appointment of the members of these standards bodies. THE BILL DOES NOT APPOINT AN ADEQUATE OVERSIGHT AUTHORITY In many situations the (FCC) Federal Communications Commission is appointed to be the final arbiter if industry standard bodies cannot agree on technical standards. The FCC currently serves the interest of industry in regulating the communication carriers. Because the Commission serves the interest of both groups, there is a conflict of interest. A different ageny should be appointed and given the FCC's oversight authority. TELECOMMUNICATIONS TECHNOLOGY IS NOT MATURE Telecommunications is a very new technology. Within the last twenty years, we have seen amazing advances in the technology. Ordering the implementation of such a broad privacy- sensitive function will have far-reaching effects on the future of the technology. This legislation should wait until the technology is more stable. ------------------------------------------------------------------------------- PRESS RELEASE [Please fax this to your local newspaper] Voter's Telecommunications Watch invites fellow citizens to join its media awareness campaign by emailing or faxing this press release to one of two media institutions. East of the Mississippi: Burlington Times email: _________ fax: ___________ West of the Mississippi: San Jose Mercury-News email: _________ fax: ___________ VTW is also experimenting with a fax/email chain letter. The document "An Open Letter on Digital Telephony" is currently circulating the Internet. VTW has also prepared an FAQ for Digital Telephony. Point your gopher to panix.com (port 70) and check under the VTW main menu entry, or use the URL: FOR IMMEDIATE RELEASE NEW YORK, NY -- 08/22/94 -- Contrary to popular belief, not all online civil libertarians support the Government's attempts to ensure the FBI can wiretap every citizen. Voter's Telecommunications Watch (VTW), a New York-based online activism group, working in conjunction with the Electronic Privacy Information Center (EPIC) and other privacy advocates, is working to energize and focus the grassroots opposition to the recently introduced Leahy-Edwards Digital Telephony Bill (H.R. 4922, S. 2375). The Digital Telephony Bill would require telecommunications service providers to design all their equipment to allow FBI agents and other government officials to wiretap any telephone conversation -- only if there is a court order permitting it, of course, the FBI promises. Adding this feature to the telecommunications system is costly -- so costly that the bill appropriates $500 million taxpayer dollars to reimburse phone companies for their "reasonable" expenses. "It's objectionable for the FBI to try to make us pay for invading our own privacy," says Alexis Rosen, co-founder of Public Access Networks Corporation, a regional public Internet provider. According to FBI Director Louis Freeh, there were 183 wiretaps in 1993 that would have been facilitated by the digital telephony mandates. "Should we really spend half a billion dollars for a couple of hundred wiretaps that compromise the privacy of two hundred million Americans?" asks Simona Nass, President of the Society for Electronic Access, a New York-based organization devoted to issues of civil liberties and public access. VTW is spearheading a drive to defeat the bill. Using the Internet to keep millions of electronically-connected citizens informed, VTW workers have put together summaries and analyses of the legislation and are tracking the bill's movements through the byzantine halls of Congress. Using this informations, citizens can inundate their representatives at optimum moments. VTW is tracking each influential legislators' position on the Digital Telephony initiative, and periodically publishes a scorecard summary of their positions, party, districts and contact information. To access VTW's anti-Digital Telephony effort, join the VTW electronic mailing list by sending Internet e-mail to vtw-list-request at panix.com. Information is also available via Internet Gopher in the VTW area of gopher.panix.com (port 70). For further information, contact Steven Cherry at 718-596-2851. PRESS CONTACT: Steven Cherry (718) 596-2851(voice mail) stc at acm.org (electronic mail) ------------------------------------------------------------------------------- SAMPLE LETTER TO THE EDITOR [Note, this is Steven Cherry's "Open Letter" on Digital Telephony. Please do not submit it to the New York Times. -Shabbir] An Open Letter Regarding Digital Telephony Digital Telephony, embodied in bills entered into Congress by Sen. Leahy (S.B. 2375) and Rep. Edwards (HR. 4922), would require that telecommunications carriers alter their equipment so as to allow wiretaps and similar surveillance to be performed at the companies' offices, or the offices of law enforcement. In a word, to make telecommunications equipment, "wiretap friendly"; to make a wiretap order executable "at the press of a button." With the help of some civil liberties activists, the bill admirably distinguishes between common carriers and information services. Only the former are subject to its provisions. But the distinction, while clear in the abstract, is hard to make in practice. The mom-and-pop neighborhood bulletin board service or Internet provider is excluded, but even if it is providing store-and-forward message-passing for an individual or other small provider? Indeed, the very definition of common carrier in the proposed legislation is problematic, as the definition relies on that used in the Communications Act of 1934, when just now that Act is being overhauled finally, after sixty years. The bill's authors have sensibly and cleverly left out of the legislation all the details of implementation. It is impossible to object to the bill on the grounds of being unworkable. It is also difficult to object on grounds of the risks to individual privacy, insofar as the risks are largely unquantifiable by virtue of being largely unknown. The very clever lack of any practical detail, however, leads the prudent citizen to question the public expenditure of $500,000,000 -- the figure is likely far too high, or far too low. Indeed, all we know is it is unlikely to be correct, and we therefore object to it as being unrealistic to the needs of the enterprise. In point of fact, one other thing is known about this figure -- it is but a fraction of the total expenditures resulting from the mandates of the bill. The balance will be borne by the common carriers, who, in turn, will either have to raise rates, reduce services, or restrict investment and expansion of their business at the very moment in the history of telecommunications that calls for them to do just the opposite. Indeed, the very forces of technological change that caused law enforcement to request this bill demand that it be defeated. We would like to return to the issue of increased risks for a moment. While unquantifiable, they are equally undeniable. The more facile the system, the more it will be overused and error-ridden. We must of course balance risk with reward. Who would refuse an extra paycheck for fear of getting a papercut? We must ask, what are the rewards of digital telephony? The FBI Director has variously stated the number of cases where a wiretapping was subverted by a digital switch or signal, offering contradictory figures from a low of 80 to a high of 183. The Director has not said all of them, or even any of them, were cases where a conviction was not obtained, or where a conviction could have been obtained with the wiretap, or could only have been attained with a wiretap. Of course, only these last possible instances really lend any justification to digital telephony. It is quite clear that digital technology offers more challenges to law enforcement than digital switches and signals. The object of a wiretap can easily use unbreakable encryption to protect the privacy of his or her communications. While the transmission of a message would be intercepted, the content would still evade the eyes and ears of law enforcement. Indeed, any, or all, of these 80 or 183 cases could have been subsequently frustrated by encryption even had digital telephony solved the initial digital barrier. Let us state the potential rewards as generously as possible -- or even more generously than possible. There were approximately 1000 wiretaps in 1993. Let us imagine, contrary to actual fact, all of these to be subverted by digital technology. Let us imagine the number to double in coming years. (Any or all of which could remain private through encryption.) 2000 cases. Weighed against these are the 200 million Americans whose security and privacy are compromised by digital telephony. Well, what if the number of wiretaps doubles again, and again and again? Don't 20,000 or 30,000 wiretaps, hypothetically, justify? Perhaps. But what kind of society needs so many police listening in on the private lives of so many people? At what point do we regret the lack of a public policy debate on mass wiretapping of the American citizenry? We do not live in a police state nor will we. And so we are back to supposing a massive technological effort at great expense to achieve a modest wiretapping program of small, perhaps almost nonexistent, benefit. To sum up, it is as if the entire city of population 25,000, were to have its telephone system restructured, its citizen's phone privacy compromised, all to make effective a wiretap on a single alleged drug peddler or gangster, which wiretap may or may not help in convicting the offender, if indeed he or she is guilty. All at a cost of $62,500 to the taxpayers, and more to the local telephone companies and their ratepayers. For all these reasons, the unclarity, the expense, the risks to privacy, and the lack of substantive benefits, separately and together, we oppose this bill. Steven Cherry stc at acm.org ------------------------------------------------------------------------------- CONTACT INFORMATION The Voters Telecomm Watch is a volunteer organization dedicated to monitoring federal legislation that affects telecommunications and civil liberties. We are based primarily out of New York, though we have volunteers throughout the US. Voters Telecomm Watch keeps scorecards on legislators' positions on legislation that affects telecommunications and civil liberties. If you have updates to a legislator's positions, from either: -public testimony, -reply letters from the legislator, -stated positions from their office, please contact vtw at vtw.org so they can be added to this list. Voice mail: (718) 596-2851 General questions: vtw at vtw.org Mailing List Requests: vtw-list-request at vtw.org Press Contact: stc at vtw.org Gopher URL: gopher://gopher.panix.com:70/11/vtw WWW URL: We're working on it. :-) --- CPSR ANNOUNCE LIST END --- To alter or end your subscription to this mailing list, write to listserv at cpsr.org. For general information send the message: HELP To unsubscribe, send the message: UNSUBSCRIBE CPSR-ANNOUNCE You need to do this from the same machine you subscribed from. In both cases, leave the subject blank, or at least not resembling an error message. From j.hastings6 at genie.geis.com Thu Sep 1 03:16:56 1994 From: j.hastings6 at genie.geis.com (j.hastings6 at genie.geis.com) Date: Thu, 1 Sep 94 03:16:56 PDT Subject: State Declaration of Ind. Message-ID: <199409011006.AA047183972@relay2.geis.com> Neil admits that the following is not agorist, (or crypto-anarchist), but is a great republican idea: "...here is a ballot initiative I and a couple of other guys drafted while I was in Colorado (well, actually second draft which I did solo) immediately following the passage by the U.S. Senate of the crime bill containing the assault weapons bans. I will be devoting a considerable about of my energies in the forseeable future -- my life, fortune, and sacred honor, in fact -- to trying to get as many states as possible to put this on the ballot and start creating some free countries." *** THE AMERICAN INDEPENDENCE BALLOT INITIATIVE Preface In States where the people may place this initiative on the ballot to amend the State Constitution by direct ballot initiative, the proponents of this initiative should form a committee to do so and to combat legal challenges to the initiative being placed on that State's ballot. In States with no direct initiative procedures, or where legal impediments or challenges prevent this Initiative from being placed on the ballot, a political party may adopt, or be newly formed to adopt, the platform of placing this initiative on the ballot by whatever legal procedure is required in that State in order to effect its consideration. Question Shall [YOUR STATE] declare independence from the United States of America. Purpose The Declaration of Independence adopted by the Continental Congress dated July 4, 1776, states as follows: "We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty, and the pursuit of Happiness. That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed,-- That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness." A long train of abuses by the Congress of the United States, the Judiciary of the United States, and the Executive Branch of the United States having infringed upon the rights, privileges, immunities, and powers of the people of [YOUR STATE], in direct contravention to the purposes of the Declaration of Independence and the rights enshrined in the first ten articles of amendment to the Constitution of the United States, We the People of [YOUR STATE] do hereby resolve, effective immediately, the following: Resolved: That [Your State] does hereby declare itself independent of, and does hereby secede from, the United States of America, declaring itself the free and independent [YOUR STATE] Republic. All persons born in the territory or state of [YOUR STATE] or currently residing in this Republic are hereby deemed citizens of the Republic, and all individuals residing in the Republic or who otherwise are citizens of the Republic who have attained the age of 16 years are declared to be Sovereign Individuals, possessing all rights, privileges, and immunities, and subject to all duties, responsibilities, and penalties, of adults living in a free Republic. The legislature of [YOUR STATE] is hereby dissolved, and the Governor of [YOUR STATE] is hereby appointed President Pro Tem of the Republic and Commander-in-Chief Pro Tem of its State Guard and Militia, which consists of all Sovereign Individuals of the age of 16 or greater capable of bearing arms; however, no individual who conscientiously objects to Militia service shall be required to bear arms. The vote of no Representative or Senator from the state of [YOUR STATE] to the Congress of the United States shall be regarded as binding upon the will of the people of [YOUR STATE] in its relations as an independent Republic with the United States; however, such senators and representatives may retain their seats until the natural expiration of their terms of office, or until their offices are abolished by a Constitutional Convention of the Republic, which ever shall occur first. Within 90 days of the adoption of this Initiative there shall be a Constitutional Convention to propose amendments to the Constitution of [YOUR STATE] in order to enact a permanent Constitution for the Republic, and any Sovereign Individual of the age 21 years or older who holds the proxies for 2500 other Sovereign Individuals of the age of 16 years or older shall be seated as a voting Delegate to the Convention, empowered to elect presiding officers of the Convention, to adopt the Rules of Order, and to decide upon all business that shall come before the Convention, except with the following limitations: that the Declaration of Rights which is enacted as part of this Initiative shall be the permanent and supreme Law of the Land, not subject to repeal, alteration, or abridgement by the Constitutional Convention or any deliberative body which shall follow it; that a Delegate to the Constitutional Convention shall be seated only so long as the sufficient number of proxies is maintained, and such proxies are revocable at any time during the Convention by notice to the recording Secretary of the Convention; that the Convention may be reconvened under these same limitations to propose new amendments at any time after ratification of the Convention by a majority of those voting in a popular initiative, and that all proceedings of this and subsequent Constitutional Conventions shall be available for public viewing and broadcast. Each Delegate to the Convention shall have one vote on the floor of the convention, irrespective of the number of proxies that Delegate holds in excess of the minimum number required to be seated. The proposed Constitution ratified by a majority vote of seated Delegates shall be submitted to a popular referendum within 120 days of the seating of the [a number representing 10% of your state's population]th Delegate, which shall be a quorum for the Constitutional Convention to begin. Every Sovereign citizen of the Republic having attained the age of 16 shall be entitled to vote in this referendum, and a majority vote in this referendum shall adopt the Constitution, which shall go into effect immediately. Within 90 days from the adoption of the Constitution, but in no event later than 180 days from the adoption of this Ballot Initiative declaring independence, all currently held elected, appointed, and civil offices of [YOUR STATE], including the presidency-pro-tem, shall expire, and the Republic shall hold such general elections as are mandated by this Ballot Initiative and created by the Constitution of the Republic. If the people have failed to approve a Constitution within 180 days from the adoption of this ballot initiative, then all legislative, judicial, and executive authority of the Republic shall remain with the Constitutional Convention or, respectively, with the people in popular referenda, until such time as a Constitution is approved by the people. The Constitutional Convention shall as its first order of business after the election of presiding officers and adoption of Rules of Order appoint an Ambassador to the United States of America to open communications for the purpose of discussing such subjects as are of interest to the people of the United States of America and the people of the Republic, to seek a peaceful divorce and coexistence. Any other State, Province, or Republic which shall adopt the following Declaration of Rights in total and without alteration may join in free Confederation with this Republic; and the Sovereign Individuals of those States, Provinces, and Republics shall be entitled to all privileges and immunities of the Republic; and all public acts, records, and judicial proceedings, of such a State, Province, or Republic shall be given full faith and credit by the Republic. Alternatively, if the several states of the United States of America should adopt this Declaration of Rights into the Constitution of the United States of America in total and without alteration, the Republic shall, by popular initiative, vote whether it shall rejoin the United States. DECLARATION OF RIGHTS All Individuals within the borders of the Republic, and those of its Sovereign citizens abroad, are hereby declared to hold the following unalienable Rights, and this Declaration of Rights shall be the Supreme Law of the Land of this Republic, not subject to repeal, abridgement, or amendment; and all laws or regulations of the State of [YOUR STATE], or of the United States of America, which are repugnant to these Rights are immediately null and void: To be free from laws respecting an establishment of religion or taxing or prohibiting the free exercise thereof; or taxing or abridging freedom of speech, or of the press, or of communication public or private; or peaceably to assemble, or to petition the Government for a redress of grievances; or to travel freely domestically or abroad. A standing Army being repugnant to the people's Liberty and creating a likelihood of foreign military adventures, and public liberty and security being predicated on the ability of Sovereign Individuals to act on behalf of their individual liberties and personal safety, a popular Militia is the natural defense of a Free Society, and posse comitatus drawn from such Militia is the best protector of public order and safety; however, no individual who conscientiously objects to Militia service shall be required to bear arms. The Right of all Individuals to keep, own, and carry, openly or concealed, any arms for defense of themselves, the public peace, and the Republic shall not be called into question in any place in the Republic, except for those persons being held to answer for an infamous crime or those who having been convicted of an infamous crime have had restrictions placed on their liberty as a condition of probation or parole, or in places where such persons may be incarcerated; nor, other than requirements that may be enacted for training of the Militia, shall the government place any burdens on the acquisition, possession, or ownership of arms; nor shall privately owned arms be enumerated or registered with any authority by force of law; nor shall any taxes, tariffs, fees, or regulations be placed on the manufacture of or trade in personal or militia arms; nor shall any Individual be held criminally or civilly liable for any reasonable act in defense of life, liberty, property, or the public peace; nor shall any sworn police or peace officer have any greater Rights or powers than those available to any Sovereign Individual. Neither slavery nor involuntary servitude, except in punishment for a crime whereof the party be duly convicted, shall exist in the Republic or any place subject to its jurisdiction. No Sovereign Individual in the Republic may be denied or have abridged by law, public, or official act, any Right, privilege, or immunity held by the people as a whole; and any official, elected, appointed, or otherwise receiving remuneration from public funds, who violates the least of these Rights, even to proposing or supporting a law that would violate the Rights set forth in this Declaration, shall be held personally liable, criminally or civilly, for any damage or dishonor against any or all Sovereign Individuals of the Republic; and upon conviction of Criminal Violation of Sovereign Rights may as part of punishment be further barred from holding any office or position of public trust in the Republic thereafter. No military or government personnel shall be quartered in any house without the consent of the Owner. The right of all Individuals to be secure in their persons, houses, documents, files, private communications, and effects shall not be violated, nor any warrants shall issue, but upon probable cause, supported by Oath or affirmation, by a Grand Jury elected yearly by the People, and particularly describing the place to be searched and the Individuals or things to be seized, and if such Warrant shall have come about by perjury, malice, manufacture of false evidence, or malfeasance by any Individual, such individual shall be held to answer, criminally and civilly, for such malfeasance. and Individuals not charged, or adjudicated to be innocent, shall be compensated in full from public funds for any costs or damages resulting from such a search, seizure, charges, or trial resulting therefrom. No Individual shall be held to answer for a capital or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury elected yearly by the People, except in cases arising in the Militia when in actual service in time of war or public danger; nor shall any act be a crime in which it can not be proved that one or more actual Individuals was caused harm or could likely have been caused harm; nor shall any individual be held to answer as an adult for a capital or otherwise infamous crime who has not enjoyed the full rights, privileges, and immunities of an adult; nor shall any Individual be subject to charges arising from the same offense to be twice put in jeopardy of life, limb, or loss of property after an acquittal or failure of a Jury in a criminal trial to reach a conviction; nor shall anyone be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property without due process of law. Any Sovereign Individual in the Republic may petition a Grand Jury to bring criminal charges against any public official he believes has violated his Rights; and if the person who might be charged sits upon that Grand Jury, that Grand Juror shall be recused and the charges considered by the remaining Grand Jurors. No magistrate may impose a punishment upon any Individual for Contempt of Court except by presentment or indictment by a Grand Jury and conviction on the charge in a criminal trial by Jury. No private property shall be taken for public use without full and just compensation, upon a vote of two-thirds of those voting in a popular referendum and for no other purpose than a clear and present danger to the Sovereign Individuals of the Republic or equally grave public purpose. Neither the Republic nor any of its subdivisions may have title to real property, nor may the Republic demand public use of private property, with the exception of rights of way necessary to the public's right to travel and engage in free commerce and recreation, national cemeteries, embassies and consular offices; and the devolution of public property into private ownership shall balance the public interest with the conservative advantages of private stewardship. In all criminal prosecutions the accused shall enjoy the Right to a speedy and public trial by an impartial jury of the district wherein the crime shall have been committed, which district shall have been previously ascertained by law; and to be informed of the nature and cause of the accusation; to be confronted with the witnesses against him; to have compulsory process for obtaining witnesses in his favor, and to have the assistance of competent and energetic Counsel for his defense. Furthermore, in all criminal prosecutions and civil matters each jury shall be selected from a pool of rational Sovereign Individuals who have demonstrated in their lives common sense, courage, a knowledge of the law in general and of the issues of the specific crimes being charged or issues being litigated, and shall be of a sufficient moral stature to overcome any preconceptions or prejudices that may have arisen in their minds from public discussion of the case prior to the commencement of trial; and each jury shall have the power to rule both upon the facts of the case and to nullify any charge or law for that case they consider to be unjust, and shall not be bound to the precedents established in any prior case; and the judge for each trial shall be elected by the jury and no fact or issue of law shall be considered except in open court with the full jury present. Excessive bail shall not be required nor excessive fines be imposed nor cruel and unusual punishments inflicted, nor shall punishment be the primary purpose of criminal law except that it seeks redress on behalf of victims for harms caused by a criminal act. In suits at common law, where the value in controversy shall exceed five troy ounces of .999 fine gold, the Right of trial by jury shall be preserved, and no fact tried by a jury shall be otherwise reexamined in any Court of the Republic, than according to the rules of the common law. No law, treaty or contract shall exist in the Republic unless written in plain language understandable to an Individual of average intelligence and literacy; and all laws and treaties under consideration in any deliberative governmental body shall be made available free for examination to all Sovereign Individuals in the Republic; nor shall any law or treaty be enacted that is of such excessive length, or which has been so recently drafted, that the public has not had time to contemplate its effects. No law shall exist whose purpose is to prevent an adult individual from causing harm solely to himself or his own property, nor conversely from seeking to enhance his own health or well-being by chemical, medical, herbal, physical, or other means; nor shall the possession of medicinal substances, herbs, or materials used in growing or preparation of them be prohibited or burdened; nor shall any Individual be taxed to pay for his own future needs; nor shall the practice of medicine, or of the law, or of any other Profession or livelihood be licensed or regulated by the Republic or subdivisions thereof; nor shall any private and discreet religious, economic, or sexual practice between or among consenting adults be a subject of law. No law shall exist in the Republic that shall prohibit the termination of a pregnancy except that the fetus be healthy and viable apart from its mother's womb and there exists an individual capable of and committed to the adoption of the fetus when born and to assume all costs of support for the mother through the birth of the child, any costs relating to the birth, any costs of care for the mother and any of her other dependent children resulting from the continuation of the pregnancy to term, and burdens of parenthood for the fetus when born, in which case an abortion of such a fetus shall be tried as homicide; but in the event that no qualified person has committed to all these costs and responsibilities, then no criminal or civil charges for the abortion of even a viable and healthy fetus shall be permitted. No law shall prohibit any Sovereign Individual from using as a medium of exchange any legal commodity, nor require any Sovereign Individual to accept any note as legal tender, nor shall the Republic issue any currency not backed by a commodity in the Republic's treasury, nor shall the Republic or any of its subdivisions contract a bond or debt mortgaged upon the government's ability to collect future revenues except in time of war or public disaster. No tax shall be levied without the majority of the people voting in a direct referendum; and furthermore no tax may be levied except that it is to be used for a specific public purpose and no revenue raised for one purpose may be used for another without the majority of the people voting in a direct referendum; and no tax may be enacted such that it requires burdensome accounting or is ambiguous in its requirements or requires professional assistance to understand or comply with it; nor shall any Sovereign Individual suffer any criminal penalty for failure to pay a tax or evasion thereof. In all tax cases or other civil cases in which the government shall be a plaintiff against a Sovereign Individual or private property, all protections accorded to a defendant in a criminal proceeding shall be afforded to the defendant or property owner; neither shall there be any civil forfeiture of private property to the government except after judgment in a jury trial. The government may neither operate any enterprise in competition with a private enterprise; nor by grant of monopoly, subsidy, or other advantage to a private enterprise discourage free competition in any service or product offered to the public; nor prohibit or burden any private enterprise which would provide a service or product previously offered by a unit of government or enjoying an advantage due to government privilege. The enumeration in this Declaration of certain Rights shall never be construed to deny or disparage others retained by the People; and while no Rights here enumerated may be abolished or abridged by constitutional amendment or law, nothing here shall be constructed to prevent additional limitations on public power to enhance the protection of the people from tyrannical abuse. In all questions relating to the Construction of these Rights, let decisions be ruled according to the original intent of the framers of this Declaration, that Individual private powers be nurtured and the Sovereign Individual be protected from the natural tendency of any government to expand the sphere of public power. The protection of these Rights shall be the first and last duty of all persons holding any office of public trust, and the interpretation of these Rights shall firstly and lastly be decided by the Sovereign Individuals of the Republic, as expressed in their acts as members of juries and Grand Juries. First draft of this Initiative and Declaration of Rights was submitted by Scott Paul Graves, J. Neil Schulman, and Timothy H. Willis on August 26, 1994. This draft submitted by J. Neil Schulman, August 28, 1994. Reply to: J. Neil Schulman Mail: P.O. Box 94, Long Beach, CA 90801-0094 Voice Mail: (on AT&T) 0-700-22-JNEIL (1-800-CALL-ATT to access AT&T) Fax: (310) 839-7653 JNS BBS: 1-310-839-7653,,,,25 Internet: softserv at genie.geis.com Post as filename: BALLOT.TXT Blame this very long post on Kent - j.hastings6 at genie.geis.com From sommerfeld at orchard.medford.ma.us Thu Sep 1 05:40:03 1994 From: sommerfeld at orchard.medford.ma.us (Bill Sommerfeld) Date: Thu, 1 Sep 94 05:40:03 PDT Subject: Cyberspatial governments? In-Reply-To: <199409010045.RAA07345@servo.qualcomm.com> Message-ID: <199409011222.IAA00420@orchard.medford.ma.us> > Indeed, many government policies can be understood only from this > perspective. Clipper is a perfect example. Key escrow exists only > because the NSA doesn't want to risk blame if some terrorist or drug > dealer were to use an unescrowed NSA-produced algorithm. If this is indeed the case, Matt Blaze's results should be particularly devastating to them. - Bill From ravage at bga.com Thu Sep 1 06:05:51 1994 From: ravage at bga.com (Jim choate) Date: Thu, 1 Sep 94 06:05:51 PDT Subject: State Declaration of Ind. In-Reply-To: <199409011006.AA047183972@relay2.geis.com> Message-ID: <199409011305.IAA05299@zoom.bga.com> What a waste of time. There is no way that any reasonable person will accept or support such an action. Wake up and smell the roses dude... If you really want to fix the problem them how about reading the Constitution and demanding that your EXISTING representatives uphold the sacred oath they have sworn to uphold. Yes, this country has problem. No, they are nowhere near bad enough to render the union. Get a clue. From bdolan at well.sf.ca.us Thu Sep 1 06:31:10 1994 From: bdolan at well.sf.ca.us (Brad Dolan) Date: Thu, 1 Sep 94 06:31:10 PDT Subject: Art Gallery on internet needs PGP signatures Message-ID: <199409011330.GAA19093@well.sf.ca.us> Hey PGP gurus: A Mr. Ken Nahan (of New York, *I think*) was on the NBC Today show this morning, discussing his plans to set up a commercial art gallery on the internet. He intends to set up some kind of server with graphic images and text descriptions of works of art which are for sale. He also wants to be able to accept bids via the internet. Some knowledgeable person should talk to him about digital signatures, PGP, etc. Regards, Brad bdolan at well.sf.ca.us  From perry at imsi.com Thu Sep 1 06:35:02 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 1 Sep 94 06:35:02 PDT Subject: Bad govt represents bad people? In-Reply-To: <1994Aug31.161253.1181968@gorgias.ilt.tc.columbia.edu> Message-ID: <9409011333.AA16822@snark.imsi.com> Rachel_P._Kovner at gorgias.ilt.columbia.edu says: > perry at imsi.com wrote: > >Actually, as public choice economic theory has shown, bad government > >tends to be the inevitable result of the evolutionary pressures on > >government and government officials. This is not to say that some > >government programs are not occassionally well run or that some > >government officials are not legitimately "trying their best", but > >that the pressure on the whole system is to go towards maximum > >corruption, just as the evolutionary pressure on organisms is to only > >follow survival-prone strategies. > > I would agree with you that there is a natural evolutionary trend > towards bad government - however, I do not think of this process as > inevitable. The "eternal vigilance" quote I cited was merely my way > of saying that "bad government" -will- come about if people do not > protect their rights, because of this 'evolutionary pressure' of > which you speak. Therefore, it's very important for a society to > resist this evolutionary pressure. No society thus far has succeeded. Every government in history to date has descended into corruption or warfare and fallen one way or another within at most a few hundred years. I place my faith in what I can see, not on what I can speculate about. Thus far no one has succeeded in stopping this sort of decay, and I have no reason to believe the U.S. is any different. "Eternal Vigilance" is a nice phrase, but it doesn't appear that its ever happened. Its fine to say that it would be nice for the people to guard their own rights -- but since they never do, one might as well talk about how it would be nice if everyone was morally perfect. > There will always be people out there who will attempt to encroach > on our liberties - sometimes they will succeed, sometimes they will > fail. It depends on how much support they have and how much > resistance they encounter. They've never failed -- thats the thing. France has had five or six or seven governments since its revolution depending on how you count them. Italy's government was barely a few years old following the last war when it became nothing more than a graft generator. Of all the nations of Europe, only England in some sense can be said to have survived more than the last sixty or seventy years without a major change of government -- and it might be said that England's government changed radically following the reforms of the last century and the Parliament Act of 1911. (Well, some of the Scandanavian countries are also partial exceptions, but not especially big ones.) Europe is considered the "advanced" part of the workd, ladies and gentlemen. The U.S.'s record of surviving over 200 years without a major upheaval is quite an unusual thing. > It is up to the people of a country to resist bad government - > otherwise, although they will be the victims of bad government, they > will have contributed to bringing it upon themselves. But the people almost never resist. Usually, they want the bad government -- it needs them to survive. From Rachel_P._Kovner at gorgias.ilt.columbia.edu Thu Sep 1 08:24:45 1994 From: Rachel_P._Kovner at gorgias.ilt.columbia.edu (Rachel_P._Kovner at gorgias.ilt.columbia.edu) Date: Thu, 1 Sep 94 08:24:45 PDT Subject: Bad govt represents bad people? Message-ID: <1994Sep01.061638.1184863@gorgias.ilt.tc.columbia.edu> perry at imsi.com wrote: >They've never failed -- thats the thing. France has had five or six or >seven governments since its revolution depending on how you count >them. Italy's government was barely a few years old following the last >war when it became nothing more than a graft generator. Of all the >nations of Europe, only England in some sense can be said to have >survived more than the last sixty or seventy years without a major >change of government -- and it might be said that England's government >changed radically following the reforms of the last century and the >Parliament Act of 1911. (Well, some of the Scandanavian countries are >also partial exceptions, but not especially big ones.) Europe is >considered the "advanced" part of the workd, ladies and gentlemen. >The U.S.'s record of surviving over 200 years without a major upheaval >is quite an unusual thing. I agree with you that the U.S. is unusual in this way - but I would say that part of the reason the US has been so successful in warding off 'bad government' is because Americans have traditionally been very concious and protective of their liberties, more so than the French and Italians, and even more so than the Brits. I would suggest that this supports my 'eternal vigilance' statement, because it is only the country that has been most protective and concious of its rights that still has it's rights. (Having a written Constitution has helped a bit, too...) >But the people almost never resist. Usually, they want the bad >government -- it needs them to survive. Well, that's an awfully pessimistic attitude, but I think you would certainly agree that some countries in the world have worse government than others. I would say that the government reflects the people - the countries with the best government tend to be those with the citizenry which is most aware of the dangers of big government. Even if those countries eventually succumb to bad government, they will have succumbed because they cease to resist the big G. My point is this - G(g)overnment reflects the people in that it is the people who ultimately must insure that their rights are protected. If they don't, history has shown, 'bad Government' will take over. American liberties have survived in some form for so long because Americans have made efforts to maintain them - not because the forces which try to restrict/remove our liberties are not their. By the same coin, since these forces are always there, when the US gives into them it will be because our citizenry is no longer vigilant in resisting these forces. rk ---------------------------------------------- Delivered by the NLTL Internet Gateway From tcmay at netcom.com Thu Sep 1 11:18:45 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 1 Sep 94 11:18:45 PDT Subject: Art Gallery on internet needs PGP signatures In-Reply-To: <199409011330.GAA19093@well.sf.ca.us> Message-ID: <199409011818.LAA09850@netcom13.netcom.com> > A Mr. Ken Nahan (of New York, *I think*) was on the NBC Today show > this morning, discussing his plans to set up a commercial art gallery > on the internet. He intends to set up some kind of server with graphic > images and text descriptions of works of art which are for sale. He > also wants to be able to accept bids via the internet. > > Some knowledgeable person should talk to him about digital signatures, > PGP, etc. There's an interesting connection between art, forgeries, and public key crypto. I heard about this some years ago, and not since, so I guess the idea never really caught on. A company in L.A., "Light Signatures" as I recall, was selling a system that took an optical scan, a line scan from one corner of an object to another. (On a paiting, for example.) The resulting bit sequence (of pixel values) could then be encrypted with the private key of the creator, or appraiser, or whatever. This would be the "provenance" of the work. Out in the "field," in the auction houses, for example, the signature could be verified by taking the digital signature, applying the _public_ key, which would then generate the sequence of pixel values, and comparing it what a field scanner actually saw. (The idea is the familiar one, applied slightly differently.) A main use was predicted to be making "unforgeable" machine parts, like crankshafts, engine blocks, etc. The pattern of scratches, surface marks, etc., could be 'signed' by Harley-Davidson, Ferrari, etc. (apparently they are plagued by forgeries). There are some obvious technical issues of error tolerance (have to tolerate a few new scratches, marks without compromising the security), where to stamp the number, etc. I thought it a novel idea, back in 1988, and I'm somewhat surprised the idea seems to have never reached commercialization. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From ravage at bga.com Thu Sep 1 11:39:24 1994 From: ravage at bga.com (Jim choate) Date: Thu, 1 Sep 94 11:39:24 PDT Subject: Revisionist History of the US....:( Message-ID: <199409011839.NAA22563@zoom.bga.com> Hi all, I am not going to name names but I would like to address the comment that several folks have made (or agreed with) that the US has gone 200 years w/o a major upheaval. Maybe I am taking a alternate History than you folks but I believe the Civil War can be considered a major internal upheaval and it occured 4 score and 7 years (87 years) after the birth of our country. Since then we have also had the civil rights upheaval (if you don't want to consider deaths of folks like MLK major that is your business) in the late 50's and early 60's as well. Especially when you consider the political and social turmoil that occured because of the Vietnam War. What I find most interesting about this chronology is that the upheavals occur approximately every hundred years since our founding. The fact that the present problems we are having w/ the administration recognizing and the general populace demaning their civil liberties/rights is apparently early by approximately 70 years. Perhaps the present administration is really as progressive as they claim...:) Take care. From blancw at pylon.com Thu Sep 1 13:15:29 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Thu, 1 Sep 94 13:15:29 PDT Subject: Problems with anonymous escrow 2--response Message-ID: <199409012015.NAA08436@deepthought.pylon.com> Responding to msg by solman at MIT.EDU The skills of an entity without any reputation capital are absolutely worthless. But usually an anonymous entity will come around brandishing all sorts of certifications (reputation capital). .......................................................... Well, I was thinking that certifications & reputations wouldn't mean all that much to me, nor either knowing or being unfamiliar with someone's identity (or pseudonymity). I would be more convinced with a demo. Something which could demostrate facility or ability would be more valuable to me than a second-hand proof. I realize some professions cannot provide such demonstrations, but I myself would rather have a way of making decisions based on the excercise of first-hand judgement whenever possible. This anonymity/identity and certification/reputation business looks to me like trying to have one's cake and eat it, too, as the expression goes. A featureless landscape with remote associations to actual substance so as to both please the aloof-ers & appease the uncertain. It's a bit odd, because for every method which is found by which to hide, another method is found by which to reveal what was heretofore undetectable in Nature. While scientists push back the envelope & reveal what was previously 'invisible' to our eyes, others work to effect stealth techniques against the tools of Consciousness. Kind of strange, though interesting. Blanc From blancw at pylon.com Thu Sep 1 13:15:33 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Thu, 1 Sep 94 13:15:33 PDT Subject: Alt.Gvmt.Bad.Bad.Bad Message-ID: <199409012015.NAA08437@deepthought.pylon.com> Responding to msg by Michael Conlen: Theft could be from thoes who do not protect there property and from thoes who do not respect others property, so can it also be said that 'bad government' can be from people not protecting there rights and people who have no respect for the rights of others? ............................................................... What should really be said is that theft does not happen of its own accord; someone must decide to accomplish the so-called criminal act. To describe theft as the result of another's inaction is to imply that human action of any kind is mostly automatic, that there is a pull like gravity which will cause action upon intelligence the way gravity affects inanimate objects, and that nothing better could be or should be expected from it. It is also to imply that the possession of intelligence is negligible because any opportunity for taking advantage of another's vulnerability will be irresistible to humans, as if they were basically scavengers looking for the spoils of other people's negligence. In which case, rather than speaking of bad government, the subject should be a question on the existence of intelligence & the possibility for morality. I don't know who would be qualified to discuss it, though, without the possession of the one and an appreciation of the other. Blanc From blancw at pylon.com Thu Sep 1 13:43:35 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Thu, 1 Sep 94 13:43:35 PDT Subject: (Fwd) Re: Alt.Gvmt.Bad.Bad.Bad Message-ID: <199409012044.NAA09073@deepthought.pylon.com> Responding to msg by Michael Conlen: Theft could be from thoes who do not protect there property and from thoes who do not respect others property, so can it also be said that 'bad government' can be from people not protecting there rights and people who have no respect for the rights of others? ............................................................... What should be said is that theft does not happen of its own accord; someone must decide to accomplish the so-called criminal act. To describe theft as the result of another's inaction is to imply that human action of any kind is mostly automatic, that there is a pull which will evoke action upon intelligence the way gravity affects inanimate objects, and that nothing better could be or should be expected from it. It is also to imply that the possession of intelligence is negligible because any opportunity for taking advantage of another's vulnerability will be irresistible to humans, as if they were basically scavengers looking for the spoils of other people's negligence. In which case, rather than speaking of bad Government, the aim should be to question the existence of intelligence & the possibility for morality. I don't know who would be qualified to discuss it, though, without the possession of the one and an appreciation of the other. Blanc From blancw at pylon.com Thu Sep 1 13:43:41 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Thu, 1 Sep 94 13:43:41 PDT Subject: (Fwd) Re: Problems with anonymous escrow 2--response Message-ID: <199409012044.NAA09075@deepthought.pylon.com> Responding to msg by solman at MIT.EDU The skills of an entity without any reputation capital are absolutely worthless. But usually an anonymous entity will come around brandishing all sorts of certifications (reputation capital). .......................................................... Well, I was thinking that certifications & reputations wouldn't mean all that much to me, nor either knowing or being unfamiliar with someone's identity (or pseudonymousness). I would be more convinced with a demo. Something which could demostrate facility or ability would be more valuable to me than a second-hand proof. I realize some professions cannot provide such demonstrations, but I myself would rather have a way of making decisions based on the excercise of first-hand judgement whenever possible. This anonymity/identity and certification/reputation business appears something like trying to have one's cake and eat it, too, as the expression goes. A featureless landscape with remote associations to actual substance so as to both please the aloof-ers & appease the uncertain. It's a bit paradoxical that for every method which is found by which to hide, another method is found by which to reveal what was heretofore undetectable in Nature. While scientists push back the envelope & reveal what was previously 'invisible' to our eyes, others work to effect stealth techniques against the tools of Consciousness. Kind of strange, though interesting. Blanc From jkreznar at ininx.com Thu Sep 1 14:13:08 1994 From: jkreznar at ininx.com (John E. Kreznar) Date: Thu, 1 Sep 94 14:13:08 PDT Subject: Bad govt represents bad people? In-Reply-To: <1994Sep01.061638.1184863@gorgias.ilt.tc.columbia.edu> Message-ID: <9409012112.AA02543@ininx> -----BEGIN PGP SIGNED MESSAGE----- Rachel_P._Kovner at gorgias.ilt.columbia.edu writes: > perry at imsi.com wrote: > >But the people almost never resist. Usually, they want the bad > >government -- it needs them to survive. > Well, that's an awfully pessimistic attitude,... Well, look around you. Examples abound. One of the origins of this thread was Phil Karn's observation that it's the ham radio operators themselves who demand curtailment of other hams' freedoms. One of the biggest threats to freedom right now is the government takeover of health care. Is this being pushed by a ruling elite on a recalcitrant population? No! Most of the driving force is coming from the people themselves, each trying to get his neighbor to pay the bill. The list goes on and on. Ending bad government begins with refusing to accept its ``benefits''. Unfortunately, lots of people gratuitously accept those benefits or even actively solicit them, oblivious of the resulting destruction of freedom. John E. Kreznar | Relations among people to be by jkreznar at ininx.com | mutual consent, or not at all. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLmZCssDhz44ugybJAQHkVgP8DGfnus2oSFPhkGlxx8qZORBX2CTFY03B Sl9B2sirJZI07q6hYMtNmXSq4tnYilCY0dY8u4+/03eaO5ufu8deFy/jmSh/xGnZ fLGCLFaIm93s84WJrOi/phaPZIFSJYhgGJJWhJDmWhWYgN8JscuQDojsRkL3Kspu 4/KOs2cymEs= =9UZh -----END PGP SIGNATURE----- From jamesd at netcom.com Thu Sep 1 14:15:13 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 1 Sep 94 14:15:13 PDT Subject: Is the following digicash protocol possible? Message-ID: <199409012115.OAA16764@netcom8.netcom.com> A question about offline digicash: Is it possible to arrange digicash as follows: If A, the original issuer, issues a unit of digicash to to B, and B gives it to C, and C gives it to D, and D, gives it to E, and E cashes it with A, -- and everyone colludes except C and D, it is impossible to prove that C got this unit from D. If A, the original issuer, issus a unit of digicash to to B, and B gives it to C, and C gives it to D, and D, gives it to E, and E cashes it with A, -- and C double spends it to D', who then gives it to E' who then attempts to cash it with A, -- then A will detect the double spending and rebuff the attempt, E' will complain to D', and D', with information supplied by E' and A, can then prove that C dishonorably double spent the money, without discovering that C gave the money to D, and hence without discovering that D gave the money to E. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From ianf at simple.sydney.sgi.com Thu Sep 1 15:35:26 1994 From: ianf at simple.sydney.sgi.com (Ian Farquhar) Date: Thu, 1 Sep 94 15:35:26 PDT Subject: Government and Repression In-Reply-To: Message-ID: <9409020832.ZM1895@simple.sydney.sgi.com> On Aug 31, 4:08pm, yusuf921 wrote: > If someone tries to blow my brains half way across the room I don't care > if he's 17 because his birthday was yesterday or 16 because his birthday is > day after tomarrow. > Play like the big boys--PAY like the big boys. But he doesn't play like the "big boys". For one thing, the kid doesn't enjoy the full rights of an adult in other respects - voting and representation - and so has not had the right to vote draconian and immoral laws (the very laws you want to subject him to) out of existance. Slightly off topic, but I have always felt that the quality of the education system could be IMMENSELY improved by giving kids the vote at age 10 or 12, and thus making the politicians realise that there were political implications in treating the education system as a barely necessary irritation. Of course, you've got to question whether capital punishment is _ever_ justified, and I would argue that it isn't. This is way, way off the topic of cypherpunks, and I don't intend to get into that discussion on this forum. I am very glad to live in a country which has signed international conventions which prohibit it indulging in brutal and callous judicial murder of a person, despite the occasional state government loony who pines for the good old days. > > And let's not forget the rather unpleasant physical and sexual > > assault statistics which are noticed in prisons worldwide, which includes > > the USA. > do you have some statistics which says the USA has a significantly higher > rate to compensate that free dental plan? I don't believe that it has: from memory it was pretty much average in this regard. My point was that the original poster's statement that the US has the most "pleasant" prisons in the world when this can happen at all is utterly ridiculous. Ian. From ianf at simple.sydney.sgi.com Thu Sep 1 15:52:56 1994 From: ianf at simple.sydney.sgi.com (Ian Farquhar) Date: Thu, 1 Sep 94 15:52:56 PDT Subject: $10M breaks MD5 in 24 days In-Reply-To: <199408260001.TAA00715@omaha.omaha.com> Message-ID: <9409020849.ZM1914@simple.sydney.sgi.com> On Aug 25, 7:01pm, alex wrote: > Subject: Re: $10M breaks MD5 in 24 days > > One of the more interesting papers had a claim (with little detail, > > unfortunately) that for ten million dollars you could build a machine that > > would "break" MD5, in the sense of finding another message which would > > hash to the same as a chosen one, in 24 days. > This in itself wouldn't give an attacker much of anything would it? I > mean, once they discovered a message which hashed to a given value, the > new message wouldn't be in the proper format, would it? Wouldn't it just > be noise, instead of text in english, crypto keys, etc.? Not necessarily. If you're forging some packet, certificate or file, it is often adequate to have just a couple of fields (potentially a few bits) which contain data you want, and the rest can be garbage. If your search engine could fix these and play with the rest of the packet, the chances are good (but decreasing with the more bits you use for a fixed size packet) that you will find a packet which will have the correct signature _and_ contain the forged data you need. If you can play with the packet size, then your chances of finding a match increase. Ian. From hfinney at shell.portal.com Thu Sep 1 16:29:46 1994 From: hfinney at shell.portal.com (Hal) Date: Thu, 1 Sep 94 16:29:46 PDT Subject: Is the following digicash protocol possible? In-Reply-To: <199409012115.OAA16764@netcom8.netcom.com> Message-ID: <199409012329.QAA28368@jobe.shell.portal.com> jamesd at netcom.com (James A. Donald) writes: >A question about offline digicash: >Is it possible to arrange digicash as follows: (I have rearranged James' two paragraphs) >If A, the original issuer, issus a unit of digicash to >to B, and B gives it to C, and C gives it to D, and D, >gives it to E, and E cashes it with A, -- and >C double spends it to D', who then gives it to E' >who then attempts to cash it with A, -- then A >will detect the double spending and rebuff the attempt, >E' will complain to D', and D', with information >supplied by E' and A, can then prove that C dishonorably >double spent the money, without discovering that C gave >the money to D, and hence without discovering that D >gave the money to E. There are protocols to do essentially this, although they get rather complicated. It is necessary for each person in the chain to have some knowledge of the person he is passing the money to, so that he can confirm that that person is in fact revealing something about himself that will incriminate him if he double-spends. If all parties in the transactions are totally anonymous then there is no hope of tracking down a double-spender. >If A, the original issuer, issues a unit of digicash to >to B, and B gives it to C, and C gives it to D, and D, >gives it to E, and E cashes it with A, -- and >everyone colludes except C and D, it is impossible >to prove that C got this unit from D. My reading of Chaum's paper "Transferred Cash Grows in Size" is that if you have a system to satisfy the 1st paragraph, it cannot also satisfy this. It appears that if B, E and the bank collude, and B knows he gave the cash to C and E knows that he got it from D, then they can tell that C gave it to D. Basically B recognizes the money E got from D, with the bank's help. Although Chaum wrote as though his results applied to any conceivable transferrable double-spending-detecting cash system, it wasn't clear to me how general his results really were. Hal Finney From chen at intuit.com Thu Sep 1 16:45:43 1994 From: chen at intuit.com (Mark Chen) Date: Thu, 1 Sep 94 16:45:43 PDT Subject: Revisionist History of the US....:( (fwd) Message-ID: <9409012344.AA16736@doom.intuit.com> Jim choate writes: > I am not going to name names but I would like to address the comment that > several folks have made (or agreed with) that the US has gone 200 years > w/o a major upheaval. > > Maybe I am taking a alternate History than you folks but I believe the > Civil War can be considered a major internal upheaval and it occured > 4 score and 7 years (87 years) after the birth of our country. Since then > we have also had the civil rights upheaval (if you don't want to consider > deaths of folks like MLK major that is your business) in the late 50's and > early 60's as well. Especially when you consider the political and social > turmoil that occured because of the Vietnam War. We might also add Shay's Rebellion, Bacon's Rebellion, the Hudson River Renters' Uprising, the Pullman Strike, the Homestead Strike, the Ludlow Massacre, the Lawrence Textile Strikes, etc., etc. Many of these were full-scale insurrections. This country's "progress" is really just a series of grudging concessions made by authoritarian power structures to various nearly catastrophic crises. > What I find most interesting about this chronology is that the > upheavals occur approximately every hundred years since our > founding. The fact that the present problems we are having w/ the > administration recognizing and the general populace demaning their > civil liberties/rights is apparently early by approximately 70 > years. Perhaps the present administration is really as progressive > as they claim...:) Take care. Good observation about periodicity, Jim, but I'd say that the typical span is much shorter than 100 years. - Mark - -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From jya at pipeline.com Thu Sep 1 17:27:46 1994 From: jya at pipeline.com (John Young) Date: Thu, 1 Sep 94 17:27:46 PDT Subject: Government and Repression Message-ID: <199409020027.UAA17306@pipe1.pipeline.com> Responding to msg by ianf at simple.sydney.sgi.com ("Ian Farquhar") on Fri, 2 Sep 8:32 AM >Of course, you've got to question whether capital >punishment is _ever_ justified, and I would argue that >it isn't. This is way, way off the topic of >cypherpunks, and I don't intend to get into that >discussion on this forum. I am very glad to live in a >country which has signed international conventions >which prohibit it indulging in brutal and callous >judicial murder of a person, despite the occasional >state government loony who pines for the good old >days. An enlightened view like this is never off topic where nuclear weapons and molten spray in tank hulls are chatted up with relish. State-mandated homicide gotta have its dehumanized professionals to do the dirty work. And your suggestion of giving kids the vote at an earlier age adds sane countervalence to the parent / teacher / caseworker / cop / prison guard / executioner escape from responsibility algorithm. John From jya at pipeline.com Thu Sep 1 18:29:42 1994 From: jya at pipeline.com (John Young) Date: Thu, 1 Sep 94 18:29:42 PDT Subject: Revisionist History of the US....:( (fwd) Message-ID: <199409020129.VAA28894@pipe1.pipeline.com> Responding to msg by chen at intuit.com (Mark Chen) on Thu, 1 Sep 4:47 PM >This country's >"progress" is really just a series of grudging >concessions made by authoritarian power structures to >various nearly catastrophic crises. > >Good observation about periodicity, Jim, but I'd say >that the typical span is much shorter than 100 years. Jim and Mark, Sound remarks about domestic upheavals. Parallel to these, it should be added that internal strife has declined as US foreign interventions have increased. From Teddy Roosevelt forward, whenever domestic strain builds, there just happens to be an urgent matter somewhere else that needs patriotic attention to our "national interests". Soothing, addictive, social and economic bribes flow from warmaking -- industrial growth, jobs, education, research, technological advances. A bitching citizenry is a happy citizenry where domestic Government affairs are concerned, but the most obedient people are those united against a foreign foe. Lesson 1 of world affairs leadership. John From RBARCLAY at TrentU.ca Thu Sep 1 18:40:01 1994 From: RBARCLAY at TrentU.ca (Ross Barclay) Date: Thu, 1 Sep 94 18:40:01 PDT Subject: PGP WinFront 3.0 Now Available! (New Windows front end for PGP) Message-ID: <01HGM2KXF3LE000ESK@TRENTU.CA> -----BEGIN PGP SIGNED MESSAGE----- Announcing PGP WinFront 3.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ A freeware Windows front end for PGP 2.3a and 2.6 Copyright 1994 Ross Barclay (rbarclay at trentu.ca) WHAT IT IS: - PGP WinFront is the most fully featured free (or otherwise) Windows front end available. It will make using PGP easy for beginners, and it will drastically increase the speed at which experts use it too. PGP WinFront is now into is third revision and I have tried to implement as many of the suggestions that I received as possible. PGP WinFront was designed by its users, but was coded by me. Features: - Supports secret key ring placement on floppy drive - Support en/decryption to/from clipboard - Move / Copy / Delete files - Online hypertext help - Online hypertext PGP help - Keyring reader to pick names, view key characteristics - Keyring reader supports less-often used "huge" keyrings - Signature Checker - Very configurable - over 25 user-definable settings - more . . . This program does too much to list here. And it's free! This version is a complete rewrite of the popular PGP WinFront 2.0. The feature-set has largely been set by users who sent in suggestions. Please read the file README.TXT and peruse the help files. Please send me your comments. HOW TO GET IT: At the moment, there are 2 ways to get this program: 1) Via FTP - The PGP WinFront 3.0 filename is called PWF30.ZIP. - It has been uploaded to the incoming directories of the following FTP sites: ftp.cica.indiana.edu ftp.eff.org ftp.wimsey.bc.ca black.ox.ac.uk soda.berkeley.edu ftp.informatik.uni-hamburg.de ftp.ee.und.ac.za ftp.demon.co.uk - Hopefully, they will be slotted into the PGP directories soon. On CICA, it will be placed into \pub\pc\win3\utils. That is where PWF20.ZIP was placed. - Once you get the program, please upload it to other FTP sites! 2) From Colorado Catacombs BBS - dial (303)772-1062. The file is called PWF30.ZIP - once you get the program, please upload it to other BBSs. *** The mail access system I had was discontinued. This is because the file was too big to fit into my account. However, you can still register PWF and request certain PGP and PWF related items using my mail access system. Details of these are on the "About" screen of PWF 30. - --Ross Barclay - ------------------------------------------------------------------------- Ross Barclay (rbarclay at trentu.ca), Assistant Editor | To receive my PGP | public key, send PC NEWS Review: Windows Edition | me e-mail with the Bellevue, WA (206) 399-8700 | subject: GET KEY - ------------------------------------------------------------------------- To receive PC NEWS Review, send me e-mail with the subject: GET PNR. - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLmZ7fdgpRteEZ9JhAQFeXgIAxIpvJQeMsx7YecNgtusBDMqL662XFeX2 qL0qF8HcN4ReZ9MYjtn9t8N1zWGxkPOXQEI3KfM7uk8JTzxjZ5LG2g== =gSYT -----END PGP SIGNATURE----- From justpat at phantom.com Thu Sep 1 19:16:50 1994 From: justpat at phantom.com (Agent of Change) Date: Thu, 1 Sep 1994 19:16:50 -0700 Subject: Did I send you this??????? Message-ID: <1P7ZRc4w165w@mindvox.phantom.com> THE REAL HONEST-TO-GOD PURPOSE OF THE SECOND AMENDMENT "A well-regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear Arms, shall not be infringed" -Second Amendment to the U.S. Constitution "This declaration of rights, as I take it, is intended to secure the people against the mal- administration of government." -Eldbridge Gerry Massachusetts Delagate to the Constitutional Convention August 17, 1789 Rock on, baby. It might be difficult to convince Buford T. Public of this fact, but the Second Amendment was never intended to allow him to keep rapid fire assualt rifles in his trailer so he could shoot every crack-addicted baby-raper that dares to set foot onto the 30 square yards Buford calls his own. No matter how much good ol' Buford may consider that a public service. No, the Second Amendment is much deeper than that. During the Constitutional Convention of 1787, the Anti-Federalists (the ones who thought that the Articles of Confederation, the joke under which our government was running at the time, were just fine, thank you, and any attempt at making a strong federal government would lead to tyranny) were against a permanent army because from their experience, it was much easier for a tyrant (or a tyrannical political party) to get control of a government when it has the support of the military. A permanent army would be able to keep an unarmed population under control with relative ease. To the Anti-Federalists, an unarmed population was virtually a guarantee of tyranny. Even the Federalists, the ones who saw that Britian and Spain were laughing their asses off at our Articles of Confederation, and would continue to do so until we developed a real manly government, never wanted a big army. They advocated only that army that was necessary to prevent other countries and wild Indians from invading us. Their chief fear was that a large peacetime army, standing around with nothing to do, will draw us into war just to justify their existance. (Can you say "JFK-Oliver Stone-Military-Industrial-Complex Theory"?) The Federalists accepted the necessity of a permanent army, but they and the Anti-Federalists made certain that Congress had to debate the needs and requirements of this army every two years. During the dealmaking of the Constitutional Convention, the Anti-Federalists more or less won on the issue of national defense. The new nation would not have an army during peacetime; it was up to the citizens to protect themselves from other governments and from their own. Why is this important nowadays? We already have a permanent military, and if they can't protect us from invasion, there's not a lot that good old Buford and his Uzis can do. Military hardware is just too powerful. Likewise, exchanging gunfire with the military as a way of expressing your distaste for what you feel is tyranny is just going to make Janet Reno pissed at you. You know how she gets. So if we can't fight, let's hide. Hide our records, our writings, our past and our future. Not from each other, baby, (that makes no sense) but from the government. There's nothing that says that you have to make it easy for the government to read your mail and tap your phone. The key issue behind any interpretation of the Second Amendment is not "Does Buford have the right to own another grenade launcher?", but rather "Do we as citizens have the right to defend ourselves against our government?" From solman at MIT.EDU Thu Sep 1 20:08:53 1994 From: solman at MIT.EDU (solman at MIT.EDU) Date: Thu, 1 Sep 94 20:08:53 PDT Subject: Is the following digicash protocol possible? In-Reply-To: <199409012115.OAA16764@netcom8.netcom.com> Message-ID: <9409020308.AA10953@ua.MIT.EDU> > A question about offline digicash: > > Is it possible to arrange digicash as follows: > > If A, the original issuer, issues a unit of digicash to > to B, and B gives it to C, and C gives it to D, and D, > gives it to E, and E cashes it with A, -- and > everyone colludes except C and D, it is impossible > to prove that C got this unit from D. I assume you mean the last line to read "to prove that D got this unit from C". Chaum has demonstrated (In a paper I discussed here a little over a month ago) that when A, B and E collude they can be sure that the cash D gave to E is part of the same banknote that B gave to C. HOWEVER, it is possible to design a protocol such that it is NOT possible for A, B and E to be sure that C gave his money directly to D. (i.e. a protocol can be designed such that A, B and E can not rule out the possibility that the cash went from C to F to G to H to I to J to D. Thus, the solution for entities that are worried about having their cash marked is to exchange banknotes anonymously with randomly selected entities before using them again. > If A, the original issuer, issus a unit of digicash to > to B, and B gives it to C, and C gives it to D, and D, > gives it to E, and E cashes it with A, -- and > C double spends it to D', who then gives it to E' > who then attempts to cash it with A, -- then A > will detect the double spending and rebuff the attempt, > E' will complain to D', and D', with information > supplied by E' and A, can then prove that C dishonorably > double spent the money, without discovering that C gave > the money to D, and hence without discovering that D > gave the money to E. Anonymous e-cash can be created such that the identity of the cheat is immediatelly known as soon as the second copy of the banknote (or of a part of the banknote) reaches A. I should think that any protocol which requires backtracking would be highly undesirable (i.e. D' and idealy E' should not be bothered). Cheers, Jason W. Solinsky From roy at sendai.cybrspc.mn.org Thu Sep 1 22:06:30 1994 From: roy at sendai.cybrspc.mn.org (Roy M. Silvernail) Date: Thu, 1 Sep 94 22:06:30 PDT Subject: State Declaration of Ind. In-Reply-To: <199409011305.IAA05299@zoom.bga.com> Message-ID: <940901.205941.4v5.rusnews.w165w@sendai.cybrspc.mn.org> -----BEGIN PGP SIGNED MESSAGE----- In list.cypherpunks, ravage at bga.com writes: > What a waste of time. There is no way that any reasonable person will accept > or support such an action. Wake up and smell the roses dude... No? I lived in Alaska for 21 years. During this time, no less than 3 efforts were fielded to secede from the Union. All 3 got a large (although non-binding) number of signatures (including mine, FWIW). > If you really want to fix the problem them how about reading the Constitution > and demanding that your EXISTING representatives uphold the sacred oath they > have sworn to uphold. > > Yes, this country has problem. No, they are nowhere near bad enough to render > the union. Ever since the breakup of the former Soviet Union, I have wondered just what _is_ holding the USA together. Within our borders, I think we show far more diversity than the former USSR had. Yet we remain "unified", even in the face of ever-growing erosion of citizens' rights. I think if a few states were to secede, it would be a great wake-up call! The FedGov would have to react somehow. If they aquiesced, end of problem and we become a loosly allied group of independent republics. (maybe... or perhaps we don't ally at all) If they retaliate with force (which, unfortunately, I think is the more likely outcome), they will be showing their true totalitarian stripe. > Get a clue. That looked like a mighty good clue to me. - -- Roy M. Silvernail [] roy at sendai.cybrspc.mn.org It's just this little chromium switch....... -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLmaI5xvikii9febJAQF6VAP/dz86B4B7g9zC4ZhiRSHiXTAYWrZVBX64 gxIhRG2Ni6qcSFhNOo2nxtgMZqZFR4mwsZQw9QhrM0nMtOqaLCB5FE6E66HB/Gg6 e716iy3uk1w/WGKF+iZxGDvJASccvi+igw2A9H17P67zs7pACspeAi6bR+vmGxlm PN9G7XYm1PM= =OZJj -----END PGP SIGNATURE----- From shamrock at netcom.com Thu Sep 1 23:21:36 1994 From: shamrock at netcom.com (Lucky Green) Date: Thu, 1 Sep 94 23:21:36 PDT Subject: Cabel TV's new specs require leaky encryption Message-ID: <199409020621.XAA15351@netcom7.netcom.com> Cablelabs, a reasearch institute for US cable companies, whose members provide 85% of the cable service in the US and 70% in Canada, has release their "Request For Proposals for a Telecommunications Delivery System over a Hybrid Fiber/Coax (HFC) Architecture" This RFP contains the final specs for a new multimedia architecture the cable companies intend to deploy. Here are some quotes: ".c4.11.7.1.1 Security System Objectives: The Offeror shall specify [..] whether it is possible to hide information in the digital signature number of which the signer would be unaware, which could conceal information. " Such as parts of the key? and under .c3.11.7.2 Privacy: " It should be possible to manage encryption keys and provide them to law enforcement agencies on demand." Big Brother is watching you. Through your TV. The full doccument is available at ftp://ftp.cablelabs.com//pub/RFIs/Telecom_RFP.MSWord -- Lucky Green PGP public key by finger From cactus at bb.com Thu Sep 1 23:51:30 1994 From: cactus at bb.com (L. Todd Masco) Date: Thu, 1 Sep 94 23:51:30 PDT Subject: State Declaration of Ind. In-Reply-To: <940901.205941.4v5.rusnews.w165w@sendai.cybrspc.mn.org> Message-ID: <346i9k$6rk@bb.com> In article <940901.205941.4v5.rusnews.w165w at sendai.cybrspc.mn.org>, Roy M. Silvernail wrote: >Ever since the breakup of the former Soviet Union, I have wondered just >what _is_ holding the USA together. Within our borders, I think we show >far more diversity than the former USSR had. Yet we remain "unified", >even in the face of ever-growing erosion of citizens' rights. Yah. I've wondered about this myself; If one goes through the Federalist Papers, all the arguments made for the formation of the Republic are obselete (unless you believe Canada or Mexica is a real threat: I don't). Many of the SF writers forecast a future where something big has grown out of the US to be first some sort of western (or northern) hemisphere giant, and then futher. I think this is way off the mark. I have great hopes for computer networking as a technology: There are those who don't realize or who deny that the social impact of this technology will be huge: they probably would have said that the printing press wouldn't have a large impact, either. -- L. Todd Masco | "Which part of 'shall not be infringed' didn't cactus at bb.com | you understand?" From tcmay at netcom.com Fri Sep 2 00:59:25 1994 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 2 Sep 94 00:59:25 PDT Subject: More signs that key escrow is coming In-Reply-To: <199409020621.XAA15351@netcom7.netcom.com> Message-ID: <199409020759.AAA23653@netcom2.netcom.com> Things seem awfully quiet on the list the past 24 hours.... Lucky Green wrote: > This RFP contains the final specs for a new multimedia architecture the > cable companies intend to deploy. ... > ".c4.11.7.1.1 Security System Objectives: > The Offeror shall specify [..] whether it is possible to hide information > in the digital signature number of which the signer would be unaware, which > could conceal information. " > > Such as parts of the key? This sounds like it's a concern about subliminal channels in the DSS/DSA signatures, a la the concerns raised by Gus Simmons last year. I don't know what the use would be, unless it's concern (by whom?) that viewing preferences could be back-propagated. > and under .c3.11.7.2 Privacy: > " It should be possible to manage encryption keys and provide them to law > enforcement agencies on demand." Well, this definitely fits with other signs that the Feds have been "jawboning" with various industry groups. Key escrow, or "GAK." If they're putting this kind of thing into their spec plans, somebody has "suitably incentivized" them to. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From M.Gream at uts.EDU.AU Fri Sep 2 05:12:25 1994 From: M.Gream at uts.EDU.AU (Matthew Gream) Date: Fri, 2 Sep 94 05:12:25 PDT Subject: Aust crypto regulations Message-ID: <9409021215.AA04190@acacia.itd.uts.EDU.AU> I posted this to clarify some possible misconceptions, and ended it with a `teaser'. Since I'm sure it'll be of interest to readers here, here goes a forward (some headers elided): ---- begin include ---- From: M.Gream at uts.edu.au (Matthew Gream) Newsgroups: aus.computers.ibm-pc,alt.security.pgp Subject: Re: PGP for Oz users Date: 2 Sep 1994 11:58:42 GMT Vesselin Bontchev (bontchev at fbihh.informatik.uni-hamburg.de) wrote: > Actually, it seems that the Australian laws are not much better. A > colleague of mine there told me that he had to apply for an export > license even for his program that does only cryptographic checksums, > no encryption. That sounds bogus to me, at least from the information you've given me there. I've had the pleasure of being routed from our `Australian Trade Commission' through a number of channels to get to the `Defence Industry Development Branch' who furnished me with information relating to export of `Dual Use Technologies'. Having been informed first hand, and given the appropriate paperwork, I'm fairly confident in saying that there are no export restrictions on software (specific clause stating that mass market, public domain and "unsupported after installation" software is not covered by the Industrial List). There do exist restrictions on hardware. All of these restrictions are a direct result of our adherence with COCOM regulations (enacted through amendments to our Customs Act) -- and even so, export licences are required only for "certain" countries. The documentation relating to export guidelines is dated September 1992, I received it early 1994 and was informed that it was still "current". I have heard "on the net" (how's that for credibility ? :-), that the COCOM agreements are going to be abandoned, but as the software project I'm involved with isn't complete, I haven't looked into the matter since the initial investigation. I will do so when the time comes, or suitably motivated. I should also mention that in response to one of several questions I put to our Cwth Attorney General's Department, I received: ``Your third question concerns restricting [sic] on the production, export and import of cryptographic software and hardware. I note your familiarity with the Customs (Prohibited Exports) Regulations. I am not aware of any other legislation dealing particularly with cryptographic software and hardware.'' -- Steven Marshall, A/g Assistant Secretary, National Security Branch. Security Divison, Attorney General's Department, Commonwealth of Australia. personal correspondence, 26 May 1994. Getting back to the export guidelines, I have it with me here and I'll quote something interesting that may apply in this circumstance (whoever wrote this didn't seem pleased either, but it still got the Minister's seal of approval): ``United States of America Re-export Controls Exporters should be aware that authorities of the United States of America claim control over many exports from other countries, including Australia, where the goods are of US origin, include components of US origin, or were produced using US-origin technology. In such cases, under US export regulations, a US re-export licence may be required whether or not an Australian export licence is needed or has been granted. Although such US regulations are not valid in Australian law, the US authorities commonly penalise foreign companies which do not comply, by denying them access to US goods or technology in the future. Where a company has a presence in the US, legal action may lead to the imposition of fines and other penalties. Enquiries regarding re-export approval should be directed to the US Consulate in Sydney or Melbourne. The contact numbers are listed in Annex C.'' -- "Australian controls on the export of technology with civil and military applications" -- "a guide for exporters and importers" September 1992, Department of Defence, Canberra. pg 4. The question here is whether "US-origin technology" covers algorithms and conceptual systems (RSA for example). I'd be interested to hear about these apparent US prosecutions. Matthew. -- Matthew Gream -- Consent Technologies, (02) 821-2043 Disclaimer: From? \notin speaking_for(Organization?) [cfqx103] ---- end include ---- -- Matthew Gream -- Consent Technologies, (02) 821-2043 Disclaimer: From? \notin speaking_for(Organization?) [cfqx103] From meconlen at IntNet.net Fri Sep 2 06:03:23 1994 From: meconlen at IntNet.net (Michael Conlen) Date: Fri, 2 Sep 94 06:03:23 PDT Subject: Alt.Gvmt.Bad.Bad.Bad In-Reply-To: <199409012015.NAA08437@deepthought.pylon.com> Message-ID: On Thu, 1 Sep 1994 blancw at pylon.com wrote: > What should really be said is that theft does not happen of its > own accord; someone must decide to accomplish the so-called > criminal act. To describe theft as the result of another's > inaction is to imply that human action of any kind is mostly > automatic, that there is a pull like gravity which will cause > action upon intelligence the way gravity affects inanimate > objects, and that nothing better could be or should be expected > from it. Some belive that human action is automatic, while semming to be by choice, that the past of this persones life defines how they will react to a certin situation. I do however agree that someone does decide on there own that they will commit a criminal act, however if people protected themselves would they be acted apon? If you use PGP does someone else read your E-Mail? If not what happens? (assumming that you are writing something that someone else will want to intercept, ect.) > It is also to imply that the possession of > intelligence is negligible because any opportunity for taking > advantage of another's vulnerability will be irresistible to > humans, as if they were basically scavengers looking for the > spoils of other people's negligence. I have known many people to be this way. They will and DO take every advantage of any situation they can. > In which case, rather than speaking of bad government, the > subject should be a question on the existence of intelligence & > the possibility for morality. I don't know who would be > qualified to discuss it, though, without the possession of the > one and an appreciation of the other. The United States is made up of ignorant people who know what they need to get by in life, and do not want to take the time to do what it takes to improve themselves, ie. vote. As for morality, I feel it is somthing that we all wish to be but find it hard to be. I know I find it hard to be moral. Groove on Dude Michael Conlen From solman at MIT.EDU Fri Sep 2 06:38:45 1994 From: solman at MIT.EDU (solman at MIT.EDU) Date: Fri, 2 Sep 94 06:38:45 PDT Subject: Cabel TV's new specs require leaky encryption In-Reply-To: <199409020621.XAA15351@netcom7.netcom.com> Message-ID: <9409021338.AA20390@ua.MIT.EDU> > ".c4.11.7.1.1 Security System Objectives: > The Offeror shall specify [..] whether it is possible to hide information > in the digital signature number of which the signer would be unaware, which > could conceal information. " > > Such as parts of the key? Yup, that's why you always want to know who implemented your authentication scheme. But the fact that an algorithm is capable of doing sumliminal messaging does not speak badly about it. In fact, I think it is an extremelly good sign that this was placed in the RFP. It shows that they are aware of the potential problem and are trying to avoid it (IMNSHO). If a cable company actually tried to leak your key in this manner, it would create an enourmous potential liability for them. > and under .c3.11.7.2 Privacy: > " It should be possible to manage encryption keys and provide them to law > enforcement agencies on demand." Cable companies would like to offer some services as a common carrier (although they clearly want avoid having the entirety of their business designated as such). That means that they are going to have to comply with the digital telephony act. Cheers, Jason W. Solinsky From jya at pipeline.com Fri Sep 2 06:43:37 1994 From: jya at pipeline.com (John Young) Date: Fri, 2 Sep 94 06:43:37 PDT Subject: OFFSHORE DIGITAL BANKS Message-ID: <199409021342.JAA29122@pipe1.pipeline.com> Responding to msg by tcmay at netcom.com (Timothy C. May) on Wed, 31 Aug 4:8 PM >I'm not sure what John wants me to expand on here. >Others have noted the same sorts of things. Here are >some random, brief points: [Elision of US foreign interventions] >Is this enough of an expansion? As a newcomer to this list I'm interested your views, and those of others, on how crypto and related topics may be used in responding to US interventions abroad and their domestic consequences. Blending these views into discussions on other matters is just fine; I'll continue to pick out the parts that catch my eye. Much list discussion seems to focus on internal affairs of the US with periodic comments from those members outside. My sense is that our laments about internal abuses of the USG will not be answered until we address the external policies that are used to justify these abuses. Since so much of the power of the USG derives from "national security" responsibilities -- diplomacy, military, intelligence -- and because these have repeatedly been used to justify invasive policies, both domestic and foreign, I wish to learn more on what might be done through c'punks' activities to ventilate the secrecy cloak that shields such affairs from the public. Most of my recent posts have tried to raise queries along these lines whether about crypto anarchy, digicash or varieties of government. This follows my query a while back about how c'punks think US scientists and their technology may be redirected away from national security affairs, where the best and brightest have thrived in the last two generations, toward the needs of civil society, in the US and abroad. So you won't think this is an idle interest, I'll mention that I've been pursuing these topics, with others, for some 27 years in the NYC area in a public planning and development context, as we have waited for the Cold War squandering of surplus wealth to end so that more of these resources might go toward dealing with civil shortcomings, especially through non-governmental programs. Sorry for soapboxing, but this is from a long-time worker among NYC's richest and poorest wondering how long these worlds can be kept apart by the fictions of "national interests". John From jya at pipeline.com Fri Sep 2 07:40:33 1994 From: jya at pipeline.com (John Young) Date: Fri, 2 Sep 94 07:40:33 PDT Subject: Cable TV's new specs require leaky encryption Message-ID: <199409021439.KAA07075@pipe1.pipeline.com> Responding to msg by shamrock at netcom.com (Lucky Green) on Thu, 1 Sep 11:22 PM > >Big Brother is watching you. Through your TV. Yeah, that's what the guy that blew away the NBC worker here in NYC believed. Maybe he read about tiny surveillance cameras and mikes that can be hidden in the VCR or cable box, so advertisers say, and transmit by cable or radio. John From ravage at bga.com Fri Sep 2 08:08:43 1994 From: ravage at bga.com (Jim choate) Date: Fri, 2 Sep 94 08:08:43 PDT Subject: Revisionist History of the US....:( (fwd) In-Reply-To: <199409020129.VAA28894@pipe1.pipeline.com> Message-ID: <199409021508.KAA03334@zoom.bga.com> > > Jim and Mark, > > Sound remarks about domestic upheavals. > > Parallel to these, it should be added that internal strife has > declined as US foreign interventions have increased. From > Teddy Roosevelt forward, whenever domestic strain builds, there > just happens to be an urgent matter somewhere else that needs > patriotic attention to our "national interests". > The only point here is that it doesn't address what causes the internal strife. A populace that gets what it wants is obviously not going to be full of strife. It seems to me, what needs to be addressed is the issue(s) that are causing the strife. In the case of both the Civil War and the Vietnam War it was economic in nature. In the Civil War it was the difference that abolishing slavery would have caused to the plantation systems in teh south and the industrial systems in the north. The Vietnam case is a little(!) more complicated in that we may still be historicaly too close to it to get a clear picture of the cause/effects. However, I do believe that the failure of the industrial - military - political machine to provide the kinds of freedoms and inexpensive life that people were expecting may have played a major role in the events of the 60's. > Soothing, addictive, social and economic bribes flow from > warmaking -- industrial growth, jobs, education, research, > technological advances. > I think we all agree the political - military complex is run by back scratching of herculian proportions. This may be a little difficult to analyze because it is involved in both the cause and the result in such a major way. > A bitching citizenry is a happy citizenry where domestic > Government affairs are concerned, but the most obedient people > are those united against a foreign foe. Lesson 1 of world > affairs leadership. > Lesson 2 should be that the 'external' threat won't last forever and at some point the real issues will blow up to such an extent that the poplace will not be concerned about external events because they are so busy trying to stay alive and make a living. From ravage at bga.com Fri Sep 2 08:15:07 1994 From: ravage at bga.com (Jim choate) Date: Fri, 2 Sep 94 08:15:07 PDT Subject: Revisionist History of the US....:( (fwd) In-Reply-To: <9409012344.AA16736@doom.intuit.com> Message-ID: <199409021513.KAA03549@zoom.bga.com> > > We might also add Shay's Rebellion, Bacon's Rebellion, the Hudson > River Renters' Uprising, the Pullman Strike, the Homestead Strike, the > Ludlow Massacre, the Lawrence Textile Strikes, etc., etc. Many of > these were full-scale insurrections. This country's "progress" is > really just a series of grudging concessions made by authoritarian > power structures to various nearly catastrophic crises. > I have a hard time comparing any of these histricaly important but comparatively minor events to the half a million dead of the Civil War or the 50,000+ dead of Vietnam. Perhaps you have extended the analogy a little too far?... > > What I find most interesting about this chronology is that the > > upheavals occur approximately every hundred years since our > > founding. The fact that the present problems we are having w/ the > > administration recognizing and the general populace demaning their > > civil liberties/rights is apparently early by approximately 70 > > years. Perhaps the present administration is really as progressive > > as they claim...:) Take care. > > Good observation about periodicity, Jim, but I'd say that the typical > span is much shorter than 100 years. > Considering that (taking my example) there have been only 2 'major' upheavals since the founding fight we probably have way too few data points to draw any real comparison about periodicity. I was making the comment more to goad others to respond than to make any absolute statement about the periodicity. Also, one must be careful about how you defind 'major' upheaval. This country has had lots of turmoil in its history and as long as that will continue to be allowed I suspect we have a good chance of staying around as a union. The reality is that while many of the turmoils have had national import they were not at the time of the event of national range. From blancw at pylon.com Fri Sep 2 08:24:53 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Fri, 2 Sep 94 08:24:53 PDT Subject: Alt.Gvmt.Immorality Message-ID: <199409021524.IAA29904@deepthought.pylon.com> Responding to msg by Michael Conlen: The United States is made up of ignorant people who know what they need to get by in life, and do not want to take the time to do what it takes to improve themselves, ie. vote. As for morality, I feel it is somthing that we all wish to be but find it hard to be. I know I find it hard to be moral. ........................................................ On the note, I offer this quote which is always amusing to me: "The only claim made for any organized ideas of human nature is that everybody everywhere needs them in order to tell what is human, what is natural, what is worth knowing, what is worth having and how to get it, and all the other information necessary for getting through the day, week, year and lifetime. .....That is human nature - to organize the data of human nature into a body of knowledge or working model. That is what a working model or organized idea of human nature does: it gives you the story about where everything belongs, and how and when and why it belongs there. And as for people who wear comfortable shoes and assume nothing, they are usually killed very young while trying to cross the street. Such people have no idea whatsoever about where anything belongs, or how and when and why it belongs there. That makes it very difficult to stay alive, let alone to locate the real fact. People who assume nothing have no working model of human nature to begin with and thus no way to assemble even the true story with its moral about what to pay attention to. ..... So that is how a working model of human nature works. It provides you with a frame of meaning and puts you in the picture. And once you are there, you can see where you stand on such diverse issues as life and death. You can find your point of view about taxes and clothing. You can fix your position with regard to the schoolhouse, the alehouse, the whorehouse, the courthouse, and the electric chair. In other words, a working model of human nature makes things visible, and you visible as well." - from "The Human Nature Industry", by Ward Cannel and June Macklin Blanc From blancw at pylon.com Fri Sep 2 10:02:53 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Fri, 2 Sep 94 10:02:53 PDT Subject: Revisionist Reinterpretation Message-ID: <199409021703.KAA01444@deepthought.pylon.com> Responding to msg by Jim choate, quoting another: >> We might also add Shay's Rebellion, Bacon's >Rebellion, the Hudson >> River Renters' Uprising, the Pullman Strike, the >Homestead Strike, the >> Ludlow Massacre, the Lawrence Textile Strikes, etc., >etc. Many of >> these were full-scale insurrections. This country's >"progress" is >> really just a series of grudging concessions made by >authoritarian >> power structures to various nearly catastrophic >crises. I have a hard time comparing any of these histricaly important but comparatively minor events to the half a million dead of the Civil War or the 50,000+ dead of Vietnam. Perhaps you have extended the analogy a little too far?... .......................................................... I think he was talking about the Principle of the deal, Jim - about what this means regarding the relationship of the citizenry to the big G. Put all of those insurrections together and what do they spell? F _ _ _ _ _ F Blanc From juola at suod.cs.colorado.edu Fri Sep 2 10:10:56 1994 From: juola at suod.cs.colorado.edu (Patrick Juola) Date: Fri, 2 Sep 94 10:10:56 PDT Subject: Needed for a computer ethics class Message-ID: <199409021709.LAA00722@suod.cs.colorado.edu> Does anyone have a concise, citeable statement about why anonymous remailers are a good thing? Some sort of position statment by Julf would be ideal. Similarly, if anyone has something for the *other* side of the coin, I'd love to see that. I'm in the process of writing a course on computer ethics for the University of Colorado at Boulder and I think anonymous remailers would be a good subject for an essay assignment, but I need enough material (ideally, primary source material) to lay the groundwork first. Patrick From chen at intuit.com Fri Sep 2 10:57:24 1994 From: chen at intuit.com (Mark Chen) Date: Fri, 2 Sep 94 10:57:24 PDT Subject: Revisionist Reinterpretation Message-ID: <9409021753.AA19398@doom.intuit.com> Blanc writes: > Responding to msg by Jim choate, quoting another: > > >> We might also add Shay's Rebellion, Bacon's > >Rebellion, the Hudson > >> River Renters' Uprising, the Pullman Strike, the > >Homestead Strike, the > >> Ludlow Massacre, the Lawrence Textile Strikes, etc., > >etc. Many of > >> these were full-scale insurrections. This country's > >"progress" is > >> really just a series of grudging concessions made by > >authoritarian > >> power structures to various nearly catastrophic > >crises. > > I have a hard time comparing any of these histricaly > important but comparatively minor events to the half a > million dead of the Civil War or the 50,000+ dead of > Vietnam. Perhaps you have extended the analogy a > little too far?... > .......................................................... > > I think he was talking about the Principle of the deal, Jim - > about what this means regarding the relationship of the > citizenry to the big G. > Put all of those insurrections together and what do they spell? > > F _ _ _ _ _ F Blanc is right. You are correct, Jim, in that in terms of destruction, the wars you mention surpass in magnitude the other events that I listed (though I'll point out that if we count Indochinese dead, Vietnam's cost was far higher than 55,000, even if we add in the more than 60,000 who committed suicide in the aftermath). What I am really saying is that we are not, even in "normal" times, the slightly rambunctious but contented citizenry that popular mythology makes us out to be. This country has serious problems, and it always has. I think that we may be in agreement on this. Another good point that you've made elsewhere is the importance of economics as a motivator. I believe that you are exactly right. I'd like to add more, and also to say something about the perceptive comments from John Young, but I think I have a flu, so I'll go home and pick this up again on Monday. Meanwhile, wishing you all a good weekend. . . . - Mark - -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From talon57 at well.sf.ca.us Fri Sep 2 11:15:38 1994 From: talon57 at well.sf.ca.us (Brian D Williams) Date: Fri, 2 Sep 94 11:15:38 PDT Subject: minor humor: telco's vs cable companies Message-ID: <199409021806.LAA14699@well.sf.ca.us> We at TPC like to put it to people quite simply, " Do you want your cable service to be like your phone service, or do you want your phone service to be like your cable service?" Brian Williams Extropian Cypherpatriot "Cryptocosmology: Sufficently advanced communication is indistinguishable from noise." --Steve Witham "Have you ever had your phones tapped by the government? YOU WILL and the company that'll bring it to you.... AT&T" --James Speth From ravage at bga.com Fri Sep 2 11:48:41 1994 From: ravage at bga.com (Jim choate) Date: Fri, 2 Sep 94 11:48:41 PDT Subject: Revisionist Reinterpretation In-Reply-To: <199409021703.KAA01444@deepthought.pylon.com> Message-ID: <199409021848.NAA13576@zoom.bga.com> > > I think he was talking about the Principle of the deal, Jim - > about what this means regarding the relationship of the > citizenry to the big G. > Put all of those insurrections together and what do they spell? > > F _ _ _ _ _ F > > > Blanc > The problem I have with this interpretationis that it overlooks, to me, a bigger point... Mainly that these conflicts dealt with disagreements within the 'big G' and were not directly about the people - big G dichotomy that you refer to. Personaly, I still feel that the people of this country are the true government of this nation. We have representatives who are in a position where they approach their office as a 'job' and not a sacred duty to every individual they meet on the street every day. They see their oath to uphold the Constitution as a minor point and not THE point. Section 1401 and 1402 of the Crime Bill (aptly named since it is a crime) which regard the seizure of private property for funding during a criminal investigation. I go the Constitution and it says that if you take private property for public use you have to recompense the private owner. There is no caveat dealing with whether it is a crime or not or whether it was used in a crime. From my point of view if a 'official' takes your property and does not send you a check (you agreed a priori) for it then they have committed a crime that is in direct and clear violation of the Constitution. All criminal seizure programs are clearly unconstitutional. From ravage at bga.com Fri Sep 2 11:50:42 1994 From: ravage at bga.com (Jim choate) Date: Fri, 2 Sep 94 11:50:42 PDT Subject: Revisionist Reinterpretation In-Reply-To: <199409021703.KAA01444@deepthought.pylon.com> Message-ID: <199409021850.NAA13695@zoom.bga.com> > > I think he was talking about the Principle of the deal, Jim - > about what this means regarding the relationship of the > citizenry to the big G. > Put all of those insurrections together and what do they spell? > > F _ _ _ _ _ F > > > Blanc > As to putting them all together, you do a diservice in my eyes. They did not occur together and they certainly did not occur in the same social milieu that the Civil War or the Vietnam War - Civil Disobedience did. There were national events that effected every person. The events that you refer to were local events that eventually effected every person on a national scale. Slightly different animals. From CCGARY at MIZZOU1.missouri.edu Fri Sep 2 11:59:47 1994 From: CCGARY at MIZZOU1.missouri.edu (Gary Jeffers) Date: Fri, 2 Sep 94 11:59:47 PDT Subject: Arizona state email...privacy Message-ID: <9409021859.AA19223@toad.com> Netsurfer, "Why is State property theft?" More precisely, I should have said that govt. property is extorted rather than stolen. In a democracy, the sham that taxes are sanctioned by the people is used to justify state extortion of wealth - taxation. Right now, full taxation is approx. 45% of U.S. wealth. I don't remember giving anybody the ok to take this giant amount of money for state purposes. Even if most people would assent to 45% taxation, there would be a large minority that would not. Also, we don't agree where the money should be spent. In this giant representative democracy, policy seems to be determined by a huge number of minorities instead of a majority. Each lobbying group, minority political group, & ruling elite gets legislation & policies that favor their interests. For that reason, we are governed by huge numbers of special interests rather the "common good" as willed by a majority. For that reason, we don't even meet the criteria of majority rule. Not that I see any right that a majority has to rule us. As generally a Liberterian & specifically an Anarchist, I don't agree to be ruled. PUSH EM BACK! PUSH EM BACK! WWWAAAYYY BBBAAACCCK! BBBEEEAAATTTT STATE! Gary Jeffers From jamesd at netcom.com Fri Sep 2 12:22:01 1994 From: jamesd at netcom.com (James A. Donald) Date: Fri, 2 Sep 94 12:22:01 PDT Subject: State Declaration of Ind. In-Reply-To: <940901.205941.4v5.rusnews.w165w@sendai.cybrspc.mn.org> Message-ID: <199409021921.MAA27071@netcom8.netcom.com> Roy M. Silvernail writes > Ever since the breakup of the former Soviet Union, I have wondered just > what _is_ holding the USA together. Within our borders, I think we show > far more diversity than the former USSR had. Yet we remain "unified", > even in the face of ever-growing erosion of citizens' rights. Habit, inertia, and indoctrination. Same as held the Soviet Union together for 25 years after belief faded. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From prz at acm.org Fri Sep 2 12:37:15 1994 From: prz at acm.org (Philip Zimmermann) Date: Fri, 2 Sep 94 12:37:15 PDT Subject: PGP 2.6.1 release from MIT Message-ID: -----BEGIN PGP SIGNED MESSAGE----- To: All PGP users Date: 2 Sep 94 Re: PGP 2.6.1 release MIT will be releasing Pretty Good Privacy (PGP) version 2.6.1 real soon now. By tomorrow, I think. The MSDOS release filename will be pgp261.zip, and the source code will be in pgp261s.zip. The MIT FTP site is net-dist at mit.edu, in the pub/PGP directory. Be sure to adhere to US export restrictions when you redistribute PGP after getting it from MIT. Since Compuserve has an unfortunate restriction of 6-character filenames, I don't know how they will handle the name collision of the source archive filename. I suggest that anyone who uploads the sources to Compuserve rename the file pg261s.zip. Just for Compuserve only. This new version has a lot of bug fixes over version 2.6. I hope this is the final release of this family of PGP source code. We've been working on an entirely new version of PGP, rewritten from scratch, which is much cleaner and faster, and better suited for the future enhancements we have planned. All PGP development efforts will be redirected toward this new code base, after this 2.6.1 release. There are some important changes to the 2.6.1 manual, especially in the Legal Issues section. Please read the "Freeware Status and Restrictions" section. Especially those of you who want to make changes to PGP. I hope all PGP users are switching to the official MIT releases, now that the new data formats have become effective on 1 Sept. PGP 2.6, as well as this new 2.6.1, will always be able to read messages, signatures and keys produced by the older versions. See the manual for details. PGP has many really cool new features planned in its future, and these new features will require more new data formats to support them. Stay compatible by keeping up to date with the official PGP releases from MIT. This message may be reposted to all interested newsgroups. - --Philip Zimmermann prz at acm.org -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLmd9jGV5hLjHqWbdAQGSsAP/RVrmYG3rrVQPlrA4Qf4w5kTyB3RJNLr/ QSOX6C0Lqj3bczCDeyBRlvfydlkSYhwe955OXjF3/tyUdQ/aLyTkz/Sc50yXXxZ8 xfEyaaSDAGkkZPVzvA4dOpDdcgWiYf2q5C7iHM/MbVUUAIX+B6Xh7+3RNKR9U1kh D7QvXd9P1M8= =WqZF -----END PGP SIGNATURE----- From shamrock at netcom.com Fri Sep 2 12:39:11 1994 From: shamrock at netcom.com (Lucky Green) Date: Fri, 2 Sep 94 12:39:11 PDT Subject: More signs that key escrow is coming Message-ID: <199409021939.MAA12297@netcom7.netcom.com> Tim wrote: >Things seem awfully quiet on the list the past 24 hours.... > >Lucky Green wrote: > >> This RFP contains the final specs for a new multimedia architecture the >> cable companies intend to deploy. >... >> ".c4.11.7.1.1 Security System Objectives: >> The Offeror shall specify [..] whether it is possible to hide information >> in the digital signature number of which the signer would be unaware, which >> could conceal information. " >> >> Such as parts of the key? > >This sounds like it's a concern about subliminal channels in the >DSS/DSA signatures, a la the concerns raised by Gus Simmons last year. >I don't know what the use would be, unless it's concern (by whom?) >that viewing preferences could be back-propagated. > The RFP is not just for a system that sends Multimedia to the subscriber. The specs call for Homeshopping, private financial transactions, encrypted credit card transaction, etc. Just what info do they intend to conceal that the "the signer would be unaware" of? Just wondering, -- Lucky Green PGP public key by finger From warlord at MIT.EDU Fri Sep 2 13:15:56 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Fri, 2 Sep 94 13:15:56 PDT Subject: PGP 2.6.1 release from MIT In-Reply-To: Message-ID: <9409022015.AA20287@toxicwaste.media.mit.edu> Small correction to Phil's mail: > pgp261.zip, and the source code will be in pgp261s.zip. The MIT FTP > site is net-dist at mit.edu, in the pub/PGP directory. The FTP site is net-dist.mit.edu, not net-dist at mit.edu. More information as it happens.... -derek From ravage at bga.com Fri Sep 2 13:21:08 1994 From: ravage at bga.com (Jim choate) Date: Fri, 2 Sep 94 13:21:08 PDT Subject: State Declaration of Ind. In-Reply-To: <199409021921.MAA27071@netcom8.netcom.com> Message-ID: <199409022020.PAA18658@zoom.bga.com> > > Roy M. Silvernail writes > > Ever since the breakup of the former Soviet Union, I have wondered just > > what _is_ holding the USA together. Within our borders, I think we show > > far more diversity than the former USSR had. Yet we remain "unified", > > even in the face of ever-growing erosion of citizens' rights. > > Habit, inertia, and indoctrination. Same as held the Soviet > Union together for 25 years after belief faded. > > > -- > --------------------------------------------------------------------- > We have the right to defend ourselves and our > property, because of the kind of animals that we James A. Donald > are. True law derives from this right, not from > the arbitrary power of the omnipotent state. jamesd at netcom.com > > I suspect that the reason we are still a union is we share a commen idealism relating to life, liberty, and the pursuit of happiness. Idealistic but perhaps applicable... From jya at pipeline.com Fri Sep 2 13:55:45 1994 From: jya at pipeline.com (John Young) Date: Fri, 2 Sep 94 13:55:45 PDT Subject: Revisionist History of the US....:( (fwd) Message-ID: <199409022055.QAA24441@pipe1.pipeline.com> Responding to msg by ravage at bga.com (Jim choate) on Fri, 2 Sep 10:8 AM >Lesson 2 should be that the 'external' threat won't >last forever and at some point the real issues will >blow up to such an extent that the poplace will not be >concerned about external events because they are so >busy trying to stay alive and make a living. Yes. The external threat to the US has diminished, let's hope, to where some resources, human and material, can be applied to ways to make an advanced society serve its citizenry without resorting to fear of foreign boogies. The way that the surveillance satellite systems of the US and the USSR helped to reduce fear of military planners is instructive. This non-lethal technology, though expensive, made, and continues to make, accidental nuclear war less likely, and seems to me to be a great service to the world's population. Aggressive weapons systems may be similarly replaced by non-lethal technology as scientists and technologists are asked to device such apparatus. Fear of economic and social deprivation might also benefit from the talents of those who once produced the tools of the Cold War and hot regional conflicts you mention. Further, this list offers other ways to envision a society less dependent on the national security rubric of big Government, and may thereby support alternative local initiatives for economic and civil affairs. Kudos for this non-lethal work. John From tcmay at netcom.com Fri Sep 2 16:04:36 1994 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 2 Sep 94 16:04:36 PDT Subject: Black Market in Russia Message-ID: <199409022304.QAA05442@netcom11.netcom.com> The MacNeil-Lehrer Newshour, a PBS television show (for you non-U.S. residents), has a good report tonight on the black market in Russia. Mostly an emphasis on the "shuttle traders" who take chartered flights down to Dubai and stock up on massive amounts of stuff to sell back in Moscow. (An inefficient system, compared to the systems of shippping and mega-malls we have, but encouraging to see.) The traders then pay off customs inspectors, etc. Apparently Russians are doing better than official stats would indicate, similar to the way Italians are much wealthier than tax stats would suggest. I was heartened to see this report. All Cypherpunks, of course, are encouraged to see thriving black markets (or markets of color, to be politically correct about it). --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From claborne at microcosm.sandiegoca.NCR.COM Fri Sep 2 16:59:01 1994 From: claborne at microcosm.sandiegoca.NCR.COM (Claborne, Chris) Date: Fri, 2 Sep 94 16:59:01 PDT Subject: PGP 2.6.1 release from MIT Message-ID: <2E67949E@microcosm.SanDiegoCA.NCR.COM> ---------- > From: Philip Zimmermann > ---------------------------------------------------------------------------- -- > > -----BEGIN PGP SIGNED MESSAGE----- > > To: All PGP users > Date: 2 Sep 94 > Re: PGP 2.6.1 release > > This new version has a lot of bug fixes over version 2.6. I hope this is > the final release of this family of PGP source code. We've been working > on an entirely new version of PGP, rewritten from scratch, which is much > cleaner and faster, and better suited for the future enhancements we have > planned. All PGP development efforts will be redirected toward this > new code base, after this 2.6.1 release. Anyone have an idea of what these "enhancements" will be? New data formats? 2 -- C -- ... __o .. -\<, chris.claborne at sandiegoca.ncr.com ...(*)/(*). CI$: 76340.2422 PGP Pub Key fingerprint = A8 FA 55 92 23 20 72 69 52 AB 64 CC C7 D9 4F CA Avail on Pub Key server. From jamesd at netcom.com Fri Sep 2 16:59:29 1994 From: jamesd at netcom.com (James A. Donald) Date: Fri, 2 Sep 94 16:59:29 PDT Subject: State Declaration of Ind. In-Reply-To: <199409022020.PAA18658@zoom.bga.com> Message-ID: <199409022349.QAA26049@netcom8.netcom.com> Roy M. Silvernail writes > > Ever since the breakup of the former Soviet Union, I have wondered just > > what _is_ holding the USA together. Jim choate writes > I suspect that the reason we are still a union is we share a commen idealism > relating to life, liberty, and the pursuit of happiness. Idealistic but > perhaps applicable... Beliefs held by most of the citizens, but no longer taken seriously by the government. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jdwilson at gold.chem.hawaii.edu Fri Sep 2 18:43:40 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Fri, 2 Sep 94 18:43:40 PDT Subject: Quick item re cellular encryption Message-ID: This was parsed off Edupage - anyone know what type of encryption they are using? -NetSurfer BEWARE CELLULAR CONFIDENCES Lawyers who use cellular phones to discuss private matters with clients are increasingly turning toward encryption technology to protect confidential information. Boston-based SafeCall, a company that guarantees secure cellular conversations by routing the calls through its scrambler, says its largest and fastest growing contingent of customers is lawyers. Meanwhile, a six-step set of how-to instructions for turning a Motorola flip-phone into a cellular call receiver was posted on the Internet. (Wall Street Journal 9/1/94 B1) From blancw at pylon.com Fri Sep 2 19:13:55 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Fri, 2 Sep 94 19:13:55 PDT Subject: Reinterpretation Reprised Message-ID: <199409030214.TAA14349@deepthought.pylon.com> Responding to msg by Jim choate: As to putting them all together, you do a diservice in my eyes. They did not occur together and they certainly did not occur in the same social milieu that the Civil War or the Vietnam War - Civil Disobedience did. There were national events that effected every person. The events that you refer to were local events that eventually effected every person on a national scale. Slightly different animals. ............................................................. Do you mean that a Majority Happening is the only thing which is important in your eyes? That the individual is insignificant when s/he is affected by legislation on a personal basis? That if only one person feels discomfitted by it then it's no big deal because no one else has realized that they've been violated? That life, liberty & the pursuit of happiness is only important when carried out by large groups? That the standard of Good Government is a National Event rather than the quality of individual existence? That a Rose by any other name or any lesser multiplicand is not a rose? Blanc From 0x7CF5048D at nowhere Fri Sep 2 19:50:19 1994 From: 0x7CF5048D at nowhere (0x7CF5048D at nowhere) Date: Fri, 2 Sep 94 19:50:19 PDT Subject: How do I choose constants suitable for Diffe-Hellman? Message-ID: <199409030207.AA17919@xtropia> -----BEGIN PGP SIGNED MESSAGE----- How do I choose constants suitable for Diffe-Hellman? According to _Applied Cryptography_ n should be prime, also (n-1)/2 should also be prime. g should be a primitive root of unity mod n. n should be 512 or 1024 bits long. Are there any other requirements? How can I choose such numbers? Are such numbers published anywhere? -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLmNv5g2Gnhl89QSNAQEnOQQAq8N8NyL9aTFEFq7BfhmXp4J/K8cSiIZU pP+yaIymt69Ne4fqxv2R26wqgRtqSw/jENgmCOJpK1SIeqeRX0/X4WikAh/v+4uC UhvJ48aBiS5Yosct6I2NiFMINS91m0IoCicqNU2IyRG8mzSSzKUWvSivIGSy87VR 8LPgC/AvH8Q= =iDBs -----END PGP SIGNATURE----- From warlord at MIT.EDU Fri Sep 2 20:03:45 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Fri, 2 Sep 94 20:03:45 PDT Subject: PGP 2.6.1 release from MIT In-Reply-To: <2E67949E@microcosm.SanDiegoCA.NCR.COM> Message-ID: <9409030303.AA21931@toxicwaste.media.mit.edu> Well, I haven't seen the code, but some ideas I'd have for enhancements are: - signatures at the end of the packets for one-time data passes - signature revocations - userID revocations - real database key management - extensions for alternative encryption and message digest algorithms - modularization of the code - a PGP library and API - much of the wish list Vesselin Bontchev has created -derek From khijol!erc at apple.com Fri Sep 2 20:06:12 1994 From: khijol!erc at apple.com (Ed Carp [Sysadmin]) Date: Fri, 2 Sep 94 20:06:12 PDT Subject: Quick item re cellular encryption In-Reply-To: Message-ID: > a six-step set of how-to instructions for turning a Motorola flip-phone > into a cellular call receiver was posted on the Internet. (Wall Street Anyone know where this was posted? -- Ed Carp, N7EKG Ed.Carp at linux.org, ecarp at netcom.com Finger ecarp at netcom.com for PGP 2.5 public key an88744 at anon.penet.fi If you want magic, let go of your armor. Magic is so much stronger than steel! -- Richard Bach, "The Bridge Across Forever" From anonymous at extropia.wimsey.com Fri Sep 2 20:20:22 1994 From: anonymous at extropia.wimsey.com (anonymous at extropia.wimsey.com) Date: Fri, 2 Sep 94 20:20:22 PDT Subject: Program to circumvent the Sep 1 Legal Kludge part 1/5 In-Reply-To: Message-ID: <199409030237.AA18100@xtropia> -----BEGIN PGP SIGNED MESSAGE----- Tom Jennings Writes: > >Can you please stop mailing me these unidentifyable, undecodable >files from a person I cannot identify, nor detect the reason for >the anonymity? Ok, I won't send that file anymore. Hal writes: > >I've been receiving these, too. It seems to be a program which has the >same effect as a one-line shell script to add the "+legal_kludge" option >to the command line for PGP2.6, so that it generates backwards-compatible >messages without violating anyone's license agreements. Well not exactly, because of a bug in pgp, the +legal_kludge=off does not work by itself. What does work is +CERT_DEPTH=0 +LEGAL_KLUDGE=OFF +CERT_DEPTH=4 Where 4 is the value that you actually want for CERT_DEPTH. I did not want my program to change the behavior of pgp with respect to CERT_DEPTH. So I had my program scan config.txt to find the value there. It then sets the final value of CERT_DEPTH to be the value found there. If no value can be found for CERT_DEPTH then it uses pgp's hardcoded default which is 4. > It's easy to >do such a shell script in Unix. Which shell language? I understand that unix has several although I am not a UNIX expert. > Is there a good way in DOS to add a few >command-line arguments in front of the ones the user has supplied? I wanted to have a program that could be drop in replaceable in a dos environment. I wanted it to be possible to have existing pgp shells continue to work with the SEPT 1 kludge disabled. In DOS, there are common library calls that only spawn executables (.exe files) and do not spawn .bat files. The same is true of OS/2. If any of the commonly avaiable pgp shells used these calls, I wanted my program to be an executable so that it would work as a replacement which would disabled the kludge. I do not see how one could write a dos .bat file that could scan config.txt for the users choice of CERT_DEPTH. If you could do it, it would be sure to be slow. Some Dos users do not use microsoft's command.com, so it is hard to see how a .bat file could be fully portable in DOS. > If >so that would seem easier (and smaller) to distribute. > >Hal > > In short, I think my program could be useful to some people who must send messages to people with old versions of pgp. I wish that someone would make it available at an ftp site. I won't send it out anymore and I am sorry I bothered you. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLl42Zw2Gnhl89QSNAQFgeQP9ESyltO1ilDje2WLrJxzgRU7M+AFE58aO KgL3V9cFkRnkrqgW0Itj9adG3MV77OI8g5xlaQNnVuOD061ly5Yt6hsCMGj8VTIw PLASysn84dsYqVItLD0+mCkLzO7Fw/PgJZ3rhJl+1v7AZZeluHaOSFH5egUs5S9X OmX4e/RKV+Q= =Ieoj -----END PGP SIGNATURE----- From 0x7CF5048D at nowhere Fri Sep 2 20:20:37 1994 From: 0x7CF5048D at nowhere (0x7CF5048D at nowhere) Date: Fri, 2 Sep 94 20:20:37 PDT Subject: Hiding conventionally encrypted messages in PGP messages to someelse. Message-ID: <199409030238.AA18130@xtropia> -----BEGIN PGP SIGNED MESSAGE----- I have been thinking about steganography lately. Correct me if I am wrong, but it seems to me that if one wants to hide encrypted data, then all this public key encryption stuff becomes irrelevant. It seems that the sender and the recipient must agree on a way to hide the data. The time of this agreement is a perfect time to exchange conventional key(s). Speaking of conventional encryption, PGP uses conventional encryption (IDEA). RSA is only used to transmit a conventional encryption key, after it has been randomly chosen. So if we wish to hide conventionally encrypted data, why not use the purloined letter method, and hide it as the conventionally encrypted data in a PGP encrypted file? Then, when Darth Vader finds the PGP encrypted file, we can say that we can not decrypt the file, because it was encrypted for obiwan at galaxy.far.far.away. If the RSA headers confirm this, Darth will have no reason to disbelieve us. Hopefully, obiwan will be out of Darth's reach. To create such a file, we would simply create as PGP usually does, except that we specify or record the conventional IDEA key used. Then to decrypt the file, we simply ignore the RSA headers and use the specified or recorded conventional IDEA key. We could even insure that the IDEA key in the RSA encrypted headers is wrong. So, obiwan can not reveal the data even if Darth can seize him. I have created a hack to PGP ui to do all of the above! The hack works exactly like ordinary PGP except that there are 3 new configuration parameters which may only be specified only on the command line. These parameters are +DISPLAYIDEAKEY +SPECIFYIDEAKEY and +WRONGIDEAKEY. +DISPLAYIDEAKEY=on causes the IDEA key used to be displayed in hex. +SPECIFYIDEAKEY is used to specify the idea key. It can be specified as a passphrase or as a hexadecimal string. +WRONGIDEAKEY=on causes the wrong idea key to be encrypted into the RSA blocks so that the nominal recipient can not decrypt the file. Examples: pgp "+SPECIFYIDEAKEY=my pass phrase" -eat file obiwan at galaxy.far.far.away We will be able to decrypt the encrypted file even though we are not obiwan by: pgp "+SPECIFYIDEAKEY=my pass phrase" file.asc If we wish to encrypt as above but we do not want obiwan to be able to decrypt we would say: pgp +WRONGIDEAKEY=on "+SPECIFYIDEAKEY=my pass phrase" -eat file obiwan at galaxy.far.far.away obiwan will not be able to decrypt (but we will), because the wrong idea key (chosen randomly) will be RSA encrypted in the headers. We can use the +DISPLAYIDEAKEY=on parameter to display the idea key used. pgp +DISPLAYIDEAKEY=on -eat file obiwan at galaxy.far.far.away This will print the idea key in hex. We will be able to decrypt by specifying the displayed key in hex. pgp +SPECIFYIDEAKEY=0X7ee723d686cf5aac8d4b3fd091a00e3e file.asc We can use the parameter +SPECIFYIDEAKEY=PROMPT (upper case) to cause the hacked PGP to prompt for the pass phrase or hex string from the terminal. If you use any of the above be sure that +SELF_ENCRYPT is off. It will not do to have your own name in the RSA headers when Darth comes for you. To create a hacked version of the program, do the following steps: 1) Run this message thru pgp to restore the cutmarks. 2) unpack the pgp 2.6 ui sources to a directory. 3) apply the context diffs (below) using patch. patch ignore ) key[count] = idearand() ^ try_randombyte(); /* Write out a new randseed.bin */ *************** *** 501,507 **** return IDEAKEYSIZE; } ! word32 getpastlength(byte ctb, FILE *f) /* Returns the length of a packet according to the CTB and - --- 501,510 ---- return IDEAKEYSIZE; } ! int make_random_ideakey(byte key[IDEAKEYSIZE+RAND_PREFIX_LENGTH]) ! { ! return make_random_ideakey_ign(key,0); ! } word32 getpastlength(byte ctb, FILE *f) /* Returns the length of a packet according to the CTB and *************** *** 2075,2081 **** { FILE *f; /* input file */ FILE *g; /* output file */ ! byte ideakey[16]; struct hashedpw *hpw; if (verbose) - --- 2078,2084 ---- { FILE *f; /* input file */ FILE *g; /* output file */ ! byte ideakey[IDEAKEYSIZE+RAND_PREFIX_LENGTH]; /* 16 + 8 */ struct hashedpw *hpw; if (verbose) *************** *** 2099,2105 **** /* Get IDEA password, hashed to a key */ if (passwds) ! { memcpy(ideakey, passwds->hash, sizeof(ideakey)); memset(passwds->hash, 0, sizeof(passwds->hash)); hpw = passwds; passwds = passwds->next; - --- 2102,2110 ---- /* Get IDEA password, hashed to a key */ if (passwds) ! { ! make_random_ideakey_ign(ideakey,IDEAKEYSIZE); ! memcpy(ideakey, passwds->hash, sizeof(passwds->hash)); memset(passwds->hash, 0, sizeof(passwds->hash)); hpw = passwds; passwds = passwds->next; *************** *** 2140,2145 **** - --- 2145,2183 ---- /*======================================================================*/ static byte (*keyID_list)[KEYFRAGSIZE] = NULL; + int display_key(byte ideakey[24]) + { + int i; + for(i=0;i In article <199409030238.AA18130 at xtropia> you wrote: > -----BEGIN PGP SIGNED MESSAGE----- > I have been thinking about steganography lately. Correct me if I am > wrong, but it seems to me that if one wants to hide encrypted data, then > all this public key encryption stuff becomes irrelevant. It seems that > the sender and the recipient must agree on a way to hide the data. The > time of this agreement is a perfect time to exchange conventional > key(s). > Speaking of conventional encryption, PGP uses conventional > encryption (IDEA). So if we wish to hide conventionally encrypted > data, why not use the purloined letter method, and hide it as the > conventionally encrypted data in a PGP encrypted file? > To create such a file, we would simply create as PGP usually does, > except that we specify or record the conventional IDEA key used. Then to > decrypt the file, we simply ignore the RSA headers and use the specified > or recorded conventional IDEA key. We could even insure that the IDEA > key in the RSA encrypted headers is wrong. So, obiwan can not reveal > the data even if Darth can seize him. > I have created a hack to PGP ui to do all of the above! Isn't this what pgp -c does? From vince at dsi.unimi.it Sat Sep 3 04:31:52 1994 From: vince at dsi.unimi.it (David Vincenzetti) Date: Sat, 3 Sep 94 04:31:52 PDT Subject: your mail In-Reply-To: <199409030237.AA18101@xtropia> Message-ID: <9409031105.AA11913@goblin.dsi.unimi.it> Some anonymous user sent me a message which is divided in three parts. I am sorry but I did not receive the first one. Can this anon guy please send me the first part again? Thank you. From jya at pipeline.com Sat Sep 3 08:27:42 1994 From: jya at pipeline.com (John Young) Date: Sat, 3 Sep 94 08:27:42 PDT Subject: NY Times Fears C'punks Message-ID: <199409031519.LAA23930@pipe1.pipeline.com> The New York Times Magazine, p. 23 September 4, 1994 Method and Madness Nicolas Wade [Subhead] Little Brother Not so long ago, high technology was seen as the likely handmaiden of totalitarian government, with surveillance systems and central computers tracking every citizen from cradle to grave. By a strange turn of events, what is now in progress is the very opposite of that nightmare. So many powerful technologies are streaming into private hands that Government is struggling to protect even the bare minimum of its legitimate domains. Once only governments could launch photoreconnaissance satellites; now the C.I A. is anxiously trying to curb commercial systems that can discern objects as small as a yard across, high-enough resolution to interest generals as much as geologists. A fleet of navigational satellites designed to give military commanders their exact position anywhere in the world is now in essence available to anyone; the Pentagon has let the public listen in on a degraded signal, but commercial vendors with clever algorithms can restore it to near-military accuracy. The computers that tie together the Government's information systems have become increasingly porous. The better their security systems, the more tempting the challenge. Earlier this year the Pentagon discovered that a coterie of computer hackers had penetrated large parts of its sensitive though unclassified computer network and had even taken control of several military computers. Think tanks and academics have warned for years, quite erroneously, that terrorists would avail themselves of nuclear, chemical or biological weapons; it hasn't happened, because none of these items are easy to use and simpler means have always been available. But the samples of stolen Russian uranium and plutonium that have recently been captured in Germany are a clear warning that this blithe era of security may now be over. The samples seem to have come from reactor fuel and laboratories, not nuclear warheads. But that is small comfort, especially in view of new calculations that only one kilogram (2.2 pounds) of plutonium is needed to make a bomb, not eight kilograms as was generally assumed. And the smugglers caught by the German police were hawking four kilograms for a mere $250 million. Perhaps the most surprising democratization of high technology is that of cryptography, once an elite art of those who guarded Government's most precious secrets. The first serious challenge to the National Security Agency's ability to crack almost everyone else's ciphers came from an ingenious coding approach created in academe in the mid-1970's and known as the public key cryptosystem. The commercial sponsor sold the program to American companies but was not allowed to export it. Then in 1991, a Colorado computer expert, Philip R. Zimmermann, produced a program apparently based on this system, which he named Pretty Good Privacy. A copy of Pretty Good Privacy found its way onto the Internet, free to takers from all countries, and all of a sudden Government-class security became available to everyone. Zimmermann's next project is to develop a pretty secure citizen's phone that scrambles conversations. At this point, of course, it's possible to wonder if the humiliation of Big Brother isn't being taken beyond reasonable limits. Some Government monopolies are not so bad: the use of force, for one. If you believe the F.B.I. is bugging your conversations, you'll want to see Zimmermann in the inventors' hall of fame; if terrorism and organized crime seem the more immediate threats, the universal right to absolute privacy looks less compelling. Is it possible for the state to get too weak in relation to its possible adversaries? That's the last thought that occurs to Americans across a wide spectrum of opinion, from free market economists to civil libertarians. From a variety of motives, they persistently call for governmental power to be curbed. The present headlong democratization of high technology is the flower of a decade of economic deregulation, and of the fading influence of military procurement as a driver of technical progress. The state is so familiar a political structure that its endurance is hard to doubt. For economists and political analysts, it is the only unit of account. Yet in his recent book, "The Transformation of War," the noted military historian Martin van Creveld argues that since modern states are no longer able to fight each other for fear of nuclear war, conventional warfare, too, has become outmoded. Since the purpose of states (at least in the view of military historians) is to fight each other, states that cannot do so must sooner or later yield to organizations that will, like sects, tribes and cults. "In North America and Western Europe, future war-making entities will probably resemble the Assassins, the group which ... terrorized the medieval Middle East for two centuries," van Creveld predicts. Regular armed forces, as has happened in Lebanon, will degenerate into police forces or mere armed gangs; the day of the condottieri will return. Van Creveld is not the only analyst to fear for the state. From quite different reasoning, the political scientist Samuel P. Huntington argued in a widely read essay in Foreign Affairs last year that world politics would be shaped in future by clashes between cultures and religions. As the West loses its military and economic predominance, the counterresponse from the rest of the world will be couched in religious and cultural terms: "The fault lines between civilizations will be the battle lines of the future," he wrote. Even without fully embracing these forecasts of the state's eclipse, it's hard to ignore such recent incidents as the bombing of the World Trade Center or the car bombings of Jewish organizations in Buenos Aires and London. Terrorists with secure phones, satellite maps, accurate positioning and a sophisticated understanding of modern communications systems could bring down not just a few buildings but large sections of a modern economy. Big Brother is dead. The only serious likelihood of his resurrection lies in reaction to the chaos and disintegration that an era of Little Brothers might bring. ------------------- END From hfinney at shell.portal.com Sat Sep 3 08:38:29 1994 From: hfinney at shell.portal.com (Hal) Date: Sat, 3 Sep 94 08:38:29 PDT Subject: Problems with anonymous escrow 2--response In-Reply-To: <199409012015.NAA08436@deepthought.pylon.com> Message-ID: <199409031538.IAA03232@jobe.shell.portal.com> I thought Blanc Weber made a good point when he wrote: >Well, I was thinking that certifications & reputations wouldn't >mean all that much to me, nor either knowing or being >unfamiliar with someone's identity (or pseudonymity). I would >be more convinced with a demo. Something which could >demostrate facility or ability would be more valuable to me >than a second-hand proof. This is similar to Tim May's suggestion for a credential-less society (as far as possible). Rather than trying to carry around a lot of baggage in the form of certifications, credentials, reputations, etc. (anonymous or not), people structure their affairs in such a way that transactions can be completed using just the information at hand. Blanc's idea for immediate demos to demonstrate competency could tie into this nicely. >This anonymity/identity and certification/reputation business >looks to me like trying to have one's cake and eat it, too, as >the expression goes. A featureless landscape with remote >associations to actual substance so as to both please the >aloof-ers & appease the uncertain. I didn't quite follow the rest of Blanc's message (a problem I have, I'm afraid, with many of his postings) but I do agree that there are problems with the use of reputations as a catch-all to solve the problems of anonymity. Faced with the ease of unpunished cheating in an anonymous relationship, people introduce the idea of reputations, sometimes called "reputation capital", and assert that cheaters would in fact be punished by damage to their reputations, the loss of reputation capital. What is this stuff, reputation capital? What does it look like? How can it be measured? How much is it really worth? I think this concept needs to be clarified and examined if it is to serve as one of the principle foundations of pseudonymous commerce. (I know there is a concept in modern finance which attempts to measure the economic value of a firm's reputation, called, I think, "good will", but I don't know how similar that would be to what we are talking about.) One question is, to the extent that a "piece of reputation capital" is an actual object, a digital signature or token of some sort, how heavily linked is it to a given owner? If I run two pseudonyms, Bert and Ernie, and Ernie earns a piece of reputation capital, can he securely transfer it to Bert and have Bert show it as his own? On the one hand, we would not want this to be so (or, expressed in less normative terms, people would probably be uninclined to put much value on reputation capital which had this mathematical structure). If the purpose of reputation capital is to, in effect, punish cheaters, this is defeated to a large extent if it can be transferred. Ernie can earn a reputation, cheat, and then have Bert show the good aspects of Ernie's reputation while being unlinkable to the bad. Going back to the earlier discussion of anonymous escrow agents this would seem to make it far too easy for dishonest agents to succeed. On the other hand, untransferrable credentials are undesirable from the point of view of privacy. That was the whole point of Chaum's work on pseudonyms and credentials. If pseudonym credentials are untransferrable we have a problem where information builds up about a pseudonym that is very nearly as bad as a completely identified system. It is true that at least the ultimate linkage between pseudonym and physical body is broken, but to the extent that your on-line activities _are_ your pseudonym, it is no more desirable to allow dossiers to be built up about your on-line personality than your off-line life. Chaum's system worked in large part because it was ultimately grounded in an identity-based system. People could have credentials and transfer them, but there were limits on the types and numbers of pseudonyms you could have. I think these kinds of restrictions could limit some of the problems which arise with transferrable reputation credentials, although the general problem of "negative credentials", which is really another word for the problem of punishing cheaters, was not fully solved by Chaum's approach, at least not in a way that I understood (he wrote as though he had solved it). One final point I'd make is that Tim's idea about avoiding credentials, along with the points Blanc made, is attractive but there do seem to be a lot of situations where credentials are shown in life. When that is necessary it is tempting to fall back on a trusted authority, the anonymous escrow agent or perhaps Jason Solinsky's cyberspace government, but I think you still have the problem of those authorities proving their honesty. So the problems of credentials and reputations are still present. Hal From hfinney at shell.portal.com Sat Sep 3 08:59:03 1994 From: hfinney at shell.portal.com (Hal) Date: Sat, 3 Sep 94 08:59:03 PDT Subject: How do I choose constants suitable for Diffe-Hellman? In-Reply-To: <199409030207.AA17919@xtropia> Message-ID: <199409031558.IAA03708@jobe.shell.portal.com> 0x7CF5048D at nowhere.toad.com writes: >How do I choose constants suitable for Diffe-Hellman? >According to _Applied Cryptography_ n should be prime, >also (n-1)/2 should also be prime. g should be a primitive >root of unity mod n. n should be 512 or 1024 bits long. >Are there any other requirements? These requirements are slightly overkill, IMO. n does have to be prime, but what you really want is to have g generate a "large enough" sub-group of the numbers from 1 to n. One way to achive this is to have (n-1)/2 also be prime, in which case the order of g (the length of g^0,g^1,...,1) is either 1, n-1, 2, or (n-1)/2. The odds of it being 1 or 2 are practically nil, so you could really use a random g since a period of (n-1)/2 is more than good enough. Or, you could test g by raising it to the (n-1)/2 power and if the answer is 1 reject it and try another g. That way you get one with period n-1 which is maximal. There was a program posted here last time we discussed this (maybe four months ago?) which sieved for both n prime and (n-1)/2 prime. It was pretty fast. One thing you can do which IMO is just as good is to choose a g with a considerably smaller period. There are two known ways to solve discrete logs; one depends on the size of n and the other depends on the size of the order of g(|g|). The second one is much weaker so if you choose the size of |g| to provide about as much security as the method based on the size of n you get something like n=512, |g|=140. This is used in the DSS, I believe. The advantage of this is that it is faster to exponentiate g^x in DH since x will be only 140 bits. So, to use this, pick a prime q of 140 bits, then find a prime n equal to kq+1 for some k, such that n is 512 bits. This assures that there are some generators g which have a period of q. There is an easy trick to find one: pick a random number a < n, and set g = a ^ ((n-1)/q). It follows that g^q equals 1 (since it is a^(n-1)), and since q is prime it must be the order of g. As I said, you can always use the full DH, but you would be in good company using the small-q version. One question is the size of q to use for n=1024. I haven't seen a clear answer to that, but the general principle is that if solving discrete logs becomes X times harder, you should increase q by a factor of X^2. So if DH is a million times harder for n=1024 than for n=512 (it's hard to tell with all of the O(1) factors in the formulas) then q should be 40 bits longer or about 180 bits. Hal From tcmay at netcom.com Sat Sep 3 11:49:58 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 3 Sep 94 11:49:58 PDT Subject: Credentials, Reputations, and Anonymity In-Reply-To: <199409031538.IAA03232@jobe.shell.portal.com> Message-ID: <199409031850.LAA02876@netcom16.netcom.com> Hal Finney wrote: > I thought Blanc Weber made a good point when he wrote: I learned a while back that Blanc is a woman. She's never corrected this public misperception, that I recall seeing, so maybe I'm out of place doing it here, but I've gone and done it anyway. (Blanc's point elided) > This is similar to Tim May's suggestion for a credential-less society > (as far as possible). Rather than trying to carry around a lot of > baggage in the form of certifications, credentials, reputations, etc. > (anonymous or not), people structure their affairs in such a way that > transactions can be completed using just the information at hand. > Blanc's idea for immediate demos to demonstrate competency could tie > into this nicely. Yes, I think "locality" is generally a big win. Locality means local clearing, immediacy, and self-responsibility. Caveat emptor, and all that. Not perfect, of course, but generally better than a non-local, non-immediate system in which contracts are negotiated, credentials must be produced (often demanded by the government--here in Santa Cruz one needs a license to be a palm reader!). There are cases where time-binding is needed, where contracts must be negotiated, but the modern trend to make everything into a non-local, accounting-centered deal seems wrong-headed. > I didn't quite follow the rest of Blanc's message (a problem I have, I'm > afraid, with many of his postings) but I do agree that there are problems > with the use of reputations as a catch-all to solve the problems of > anonymity. Faced with the ease of unpunished cheating in an anonymous > relationship, people introduce the idea of reputations, sometimes called > "reputation capital", and assert that cheaters would in fact be punished > by damage to their reputations, the loss of reputation capital. I don't think reputations solve all problems. Enforcement of contracts with threats of sanctions (economic, physical, etc.) is often needed. One doesn't pay $20,000 for a new car, not get the car because the dealer welched, and simply say: "Boy, his reputation is mud now." (I won't go into the various common-sense ways of dealing with this, nor point out that such massive frauds are rare, for various reasons.) My main point is a simple one: Let there be no laws which dictate what protocols people use for transactions. If Alice and Bob are content to use each others' "reputations" as a basis for doing business, let no third party step in and force them to use "credentials." How it all works out, with flaws and all, is not something we can predict. I'm not saying Hal's doubts about how reputation will work are unwarranted, or unwelcome...indeed, such questioning is needed. > What is this stuff, reputation capital? What does it look like? How can > it be measured? How much is it really worth? I think this concept needs > to be clarified and examined if it is to serve as one of the principle > foundations of pseudonymous commerce. (I know there is a concept in > modern finance which attempts to measure the economic value of a firm's > reputation, called, I think, "good will", but I don't know how similar > that would be to what we are talking about.) Economists ought to be thinking about these things, a point economist David Friedman agreed with me on a couple of years or so ago. The study of anonymous markets, in which conventional sanctions are difficult to apply, should be an exciting area to explore. > One question is, to the extent that a "piece of reputation capital" is an > actual object, a digital signature or token of some sort, how heavily > linked is it to a given owner? If I run two pseudonyms, Bert and Ernie, > and Ernie earns a piece of reputation capital, can he securely transfer > it to Bert and have Bert show it as his own? "Webs of trust" are partial examples of this, with Alice signing Bob's key and thus saying "I trust this key, so if you trust me, you should also trust Bob." While this does not yet extend to more substantive issues (such as saying "I vouch for this transaction"), it gives us a hint about how this may work. We've had some good discussions in Cypherpunks physical meetings, with noted agorists Dean Tribble, Norm Hardy, Mark Miller, etc., on this very topic: the transitive properties of reputation capital. It seems to work, based on analogies with criminal markets (where they obviously can't go to the courts), and with comparisons to primitive trading societies. The "Law Merchant," as you'll recall (Benson's "The Enterprise of Law") was extra-national, and only "my word as a captain is my bond" worked to ensure completion of trade arrangements. It worked well, too. (As I've said before, the fallback position of relying on the State has displaced ordinary concepts of trust and honor...it is no longer a "fallback" position, and so trust and honor (= reputation) has become a joke. I am optimistic that crypto anarchy will see a restoration of these concepts, back-stopped of course with cryptographic protocols and unforgeable signatures.) > On the one hand, we would not want this to be so (or, expressed in less > normative terms, people would probably be uninclined to put much value on > reputation capital which had this mathematical structure). If the > purpose of reputation capital is to, in effect, punish cheaters, this is > defeated to a large extent if it can be transferred. Ernie can earn > a reputation, cheat, and then have Bert show the good aspects of Ernie's > reputation while being unlinkable to the bad. Going back to the earlier > discussion of anonymous escrow agents this would seem to make it far too > easy for dishonest agents to succeed. An unresolved issue, I suspect. Almost no work has been done here, so we have only our intuitions about how things will work. I have to be honest here, but I feel no shame about not knowing the answers to Hal's good points--this is just an area that has had little study, theoretically or empirically. A clarion call for more work. > On the other hand, untransferrable credentials are undesirable from the > point of view of privacy. That was the whole point of Chaum's work on > pseudonyms and credentials. If pseudonym credentials are untransferrable > we have a problem where information builds up about a pseudonym that is > very nearly as bad as a completely identified system. It is true that at > least the ultimate linkage between pseudonym and physical body is broken, > but to the extent that your on-line activities _are_ your pseudonym, it > is no more desirable to allow dossiers to be built up about your on-line > personality than your off-line life. Practically, I see almost no way that credentials would *not* be transferrable. One obvious way is for Len and Mack to share bank accounts, money, etc. Len could have a large bank account (a credential of one sort) and could then "transfer" it (the access codes) to Mack. Voila! Credentials got transferred. More generally, two agents, related or not, can arrange transfers. In one extreme from, Len could transfer *all* of his codes and numbers to Mack, allowing Mack to effectively become Len. This is certainly a transfer of reputation! (And a concern several have raised, a la "But how do you know who you are *really* dealing with?") > Chaum's system worked in large part because it was ultimately grounded in > an identity-based system. People could have credentials and transfer > them, but there were limits on the types and numbers of pseudonyms you > could have. I think these kinds of restrictions could limit some of the > problems which arise with transferrable reputation credentials, although > the general problem of "negative credentials", which is really another > word for the problem of punishing cheaters, was not fully solved by > Chaum's approach, at least not in a way that I understood (he wrote as > though he had solved it). I agree that much more work is needed. In fact, it's a situation analogous to the nanotechnology field, where one researcher dominates a field (Chaum in this stuff, Drexler in nanotech) and the great mystery is why no more Chaums or Drexlers have appeared! > One final point I'd make is that Tim's idea about avoiding credentials, > along with the points Blanc made, is attractive but there do seem to be a > lot of situations where credentials are shown in life. When that is > necessary it is tempting to fall back on a trusted authority, the > anonymous escrow agent or perhaps Jason Solinsky's cyberspace government, > but I think you still have the problem of those authorities proving their > honesty. So the problems of credentials and reputations are still > present. Even with the implications not fully explored, my main point is (again) that there be no restrictions on *my* ability to try to deal with other agents on this basis. That there may be some messy situations is not enough reason to outlaw anonymity; we see messy situations in our credential-happy society today, with "permission slips" needed for increasing numbers of transactions. Anonymity and unlinkable, untraceable transactions gives us the opportunity to explore these issues, and probably answer Hal's questions. A fair trade, I'd say. Even if I don't have a credential authorizing me to make that statement. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From roy at sendai.cybrspc.mn.org Sat Sep 3 14:21:07 1994 From: roy at sendai.cybrspc.mn.org (Roy M. Silvernail) Date: Sat, 3 Sep 94 14:21:07 PDT Subject: NY Times Fears C'punks In-Reply-To: <199409031519.LAA23930@pipe1.pipeline.com> Message-ID: <940903.152223.7n1.rusnews.w165w@sendai.cybrspc.mn.org> -----BEGIN PGP SIGNED MESSAGE----- In <199409031519.LAA23930 at pipe1.pipeline.com>, jya at pipeline.com passes along a New York Times article. Yep, they're sounding scared. I saw definite pleading of the government's case in there. They left out pedophiles, but they got terrorists, drug dealers and nuclear weapons smugglers. Was it just me, or did the tone get a little more frantic when they started talking about crypto? And what are they really saying in that closing paragraph? > Big Brother is dead. The only serious likelihood of his resurrection > lies in reaction to the chaos and disintegration that an era of Little > Brothers might bring. Is this the NYT being out of touch, or are they just showing off their tentaclehood? To me, that reads like a threat against those who oppose the Government Private Agenda. - -- Roy M. Silvernail -- roy at sendai.cybrspc.mn.org "Usenet: It's all fun and games until somebody loses an eye." --Jason Kastner -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLmjdnhvikii9febJAQGWUQQAosUtEx0cy9UHm2BeoRf/uVGPDCiup6Ug /LONLcBBDOqFCe58eBHnPJ1Hs7mF4FjPNpLBbt6ME+RzQHnh8RBGXAi9tWqqUo56 87SJaLW3CIrbRAns25C8O5qzgVkScNr7OUklvIUstYRqssS34MpeWI+5TCs5Ala8 9GPzxatyT6o= =dt5k -----END PGP SIGNATURE----- From brains at male.org Sat Sep 3 14:37:30 1994 From: brains at male.org (brains at male.org) Date: Sat, 3 Sep 94 14:37:30 PDT Subject: NY Times Fears C'punks Message-ID: >-----BEGIN PGP SIGNED MESSAGE----- > >In <199409031519.LAA23930 at pipe1.pipeline.com>, jya at pipeline.com passes >along a New York Times article. Yep, they're sounding scared. I >saw definite pleading of the government's case in there. They left out >pedophiles, but they got terrorists, drug dealers and nuclear weapons >smugglers. > >Was it just me, or did the tone get a little more frantic when they >started talking about crypto? If you, then me, too :-\ > >And what are they really saying in that closing paragraph? > >> Big Brother is dead. The only serious likelihood of his resurrection >> lies in reaction to the chaos and disintegration that an era of Little >> Brothers might bring. > >Is this the NYT being out of touch, or are they just showing off their >tentaclehood? To me, that reads like a threat against those who oppose >the Government Private Agenda. My vote is out of touch - with a threat tossed in for good measure. FWIW, I sent them a nice (hah!) reply, poking holes in some of their premises. Likely won't do any good, but made me feel better. Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From jamesd at netcom.com Sat Sep 3 15:31:35 1994 From: jamesd at netcom.com (James A. Donald) Date: Sat, 3 Sep 94 15:31:35 PDT Subject: Problems with anonymous escrow 2--response In-Reply-To: <199409031538.IAA03232@jobe.shell.portal.com> Message-ID: <199409032231.PAA02510@netcom6.netcom.com> Hal writes > What is this stuff, reputation capital? What does it look like? How can > it be measured? How much is it really worth? Obviously none of these questions are answerable: So what? If you are arguing that intangibles do not exist, and therefore cannot affect real things, then this is obviously false. > I think this concept needs > to be clarified and examined if it is to serve as one of the principle > foundations of pseudonymous commerce. No it should not be "clarified and examined" or you will wind up with the supreme court declaring that such and such an act should dock your reputation thirty points, and that it is cruel and unusual punishment for people to have their reputations docked for acts committed more than seven years ago. We already know what reputations are. "Defining" them is going to make them into meaningless nominalist hot air. > (I know there is a concept in > modern finance which attempts to measure the economic value of a firm's > reputation, called, I think, "good will", but I don't know how similar > that would be to what we are talking about.) Not that similar, which is why they did not call it reputation. > One question is, to the extent that a "piece of reputation capital" is an > actual object, a digital signature or token of some sort, how heavily > linked is it to a given owner? Since a reputation is not a digital signature or token this is not a sensible question. A reputation belongs to a person identified by signature or token. > If I run two pseudonyms, Bert and Ernie, > and Ernie earns a piece of reputation capital, can he securely transfer > it to Bert and have Bert show it as his own? No. That is why corporations like to have one logo on all their products. > On the other hand, untransferrable credentials are undesirable from the > point of view of privacy. Life's a bitch, and then you die. > If pseudonym credentials are untransferrable > we have a problem where information builds up about a pseudonym that is > very nearly as bad as a completely identified system. It is true that at > least the ultimate linkage between pseudonym and physical body is broken, > but to the extent that your on-line activities _are_ your pseudonym, it > is no more desirable to allow dossiers to be built up about your on-line > personality than your off-line life. If your on line personality is selling something, it would seem highly desirable to have dossiers built up about it. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From matsb at sos.sll.se Sat Sep 3 17:35:58 1994 From: matsb at sos.sll.se (Mats Bergstrom) Date: Sat, 3 Sep 94 17:35:58 PDT Subject: Credentials, Reputations, and Anonymity In-Reply-To: <199409031850.LAA02876@netcom16.netcom.com> Message-ID: Just some thoughts (I haven't done much reading or thinking on these issues so possibly this is just to show how little I understand): > One doesn't pay $20,000 for a new car, not get the car because the > dealer welched, and simply say: "Boy, his reputation is mud now." No, one gets a receipt and keys to the car when paying (in whatever way) and drives away in the purchase. The receipt can be one-way anonymous and the car can be paid for in paper cash. (Then there are problems of registration and insurance interfering with anonymity, not relevant to what is discussed here). If necessary I can prove in court that I bought the car, showing the receipt (in theory still anonymously). Now, if I want to pay for the car in on-line cash I guess I could connect to my anonymous bank account with my private key, transfer the money to a bank account of the seller's choice, his bank giving my bank a receipt, and drive away in my new car. So, when buying hardware I only have to trust the digital banking system, not the seller? Well, if the seller is anonymous to his bank also, what can be proved is only that anonX paid anonY the sum Z (or possibly what the purchase was about - a description of the merchandise - if the seller instructed his bank to sign this into the receipt). What if the seller reveales his identity to a court, shows a paper receipt to prove that he has bought the merchandise and claims never to have sold it to me? No one can force him to produce the private key connecting him to the account that received on-line payment. It doesn't help to 'outlaw' paper receipts - still, he can prove that he bought the car by producing the key (password) to an account that paid for it but deny connection to the account that received payment from me. By revealing my connection to my paying bank account I can prove that I 'paid for' the car (possibly time-stamped at a later date) but who is to say that I am not the owner of the receiving account also? Thus, if the seller is identifying himself, an anonymous buyer can use on-line cash to pay for a car and still be 'safe' with a receipt (paper or on-line have similar value in preserving the buyer's pseudonymity). But if both seller and buyer are anonymous, then receipts mean nothing (like in criminal business) but reputations everything. Mats From paul at hawksbill.sprintmrn.com Sat Sep 3 18:01:27 1994 From: paul at hawksbill.sprintmrn.com (Paul Ferguson) Date: Sat, 3 Sep 94 18:01:27 PDT Subject: PGP 2.6(1) Message-ID: <9409040204.AA02587@hawksbill.sprintmrn.com> ... is obviously not available yet. I just took a look on net-dist.mit.edu and only vanilla 2.6 is still available. Any clues on when 2.6(1) will be available? - paul From ravage at bga.com Sat Sep 3 19:29:47 1994 From: ravage at bga.com (Jim choate) Date: Sat, 3 Sep 94 19:29:47 PDT Subject: Reinterpretation Reprised In-Reply-To: <199409030214.TAA14349@deepthought.pylon.com> Message-ID: <199409040229.VAA04290@zoom.bga.com> > > Do you mean that a Majority Happening is the only thing which > is important in your eyes? That the individual is > insignificant when s/he is affected by legislation on a > personal basis? That if only one person feels discomfitted by > it then it's no big deal because no one else has realized that > they've been violated? That life, liberty & the pursuit of > happiness is only important when carried out by large groups? > That the standard of Good Government is a National Event rather > than the quality of individual existence? That a Rose by any > other name or any lesser multiplicand is not a rose? > > Blanc > A person has certain inalienable rights. The rights of teh majority in this country are DEFINED by the Constitution. If the right or responsibility is not SPECIFICALY detailed in that document then the Federal govt. does not have that right, unless it is added as an amendment by the states. I oppose any move by the majority to remove a possible action or belief system from the individual that does not directly lead to the damage of a person or their property without their prior consent. ] Is that clear enough as to what I believe? Behind this view is an avowed Pantheist. As to the rose, call it whatever is convenient... Take care. From stjude at well.sf.ca.us Sat Sep 3 20:05:21 1994 From: stjude at well.sf.ca.us (Judith Milhon) Date: Sat, 3 Sep 94 20:05:21 PDT Subject: re 2nd amendment Message-ID: <199409040305.UAA26932@well.sf.ca.us> any comments, please reply to me personally... From warlord at mit.edu Sat Sep 3 20:11:33 1994 From: warlord at mit.edu (Derek Atkins) Date: Sat, 3 Sep 94 20:11:33 PDT Subject: PGP 2.6(1) In-Reply-To: <9409040204.AA02587@hawksbill.sprintmrn.com> Message-ID: There is no PGP 2.6(1). However, PGP 2.6.1 should be released soon, once we make sure that there are no problems with the distribution, etc. Mail will be sent out when the release happens. Unfortunately Phil tends to jump the gun on things like this, and sent out mail before we were ready to release. Sorry for the inconvenience. We'll let you know when the release is made. -derek From tcmay at netcom.com Sat Sep 3 20:46:23 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 3 Sep 94 20:46:23 PDT Subject: "Reputations" are more than just nominalist hot air In-Reply-To: <199409032231.PAA02510@netcom6.netcom.com> Message-ID: <199409040346.UAA17897@netcom14.netcom.com> James Donald writes: (quoting Hal Finney) > > I think this concept needs > > to be clarified and examined if it is to serve as one of the principle > > foundations of pseudonymous commerce. > > No it should not be "clarified and examined" or you will wind up > with the supreme court declaring that such and such an act should > dock your reputation thirty points, and that it is cruel and unusual > punishment for people to have their reputations docked for acts > committed more than seven years ago. Why not try to clarify and examine such an important concept? Where's the danger in gaining a better understanding? Jumping forward to speculations about what the Supremes might do with such knowledge (were they to subscribe to our list and thus gain this knowledge :-}) and from this concluding that such research should not be done seems unwarranted. To put it mildly. > We already know what reputations are. "Defining" them is going > to make them into meaningless nominalist hot air. James, I can only conclude you were in a bad mood when you wrote this, as surely the study of how reputations work, how they get increased and decreased, etc., cannot be a bad thing. > > If I run two pseudonyms, Bert and Ernie, > > and Ernie earns a piece of reputation capital, can he securely transfer > > it to Bert and have Bert show it as his own? > > No. My close friend and frequent collaborator, Sue D. Nym, known to you also as S. Boxx, as Pablo Escobar, and as an12070, has been researching this issue very carefully. His analysis of pseudospoofing is precisely on target here, and answers this question affirmatively. (In this paragraph, I have just "spent" some of my "reputation capital" in this praise of Detweiler. Depending on the views you readers have about my reputation, and Detweiler's reputation, and how serious you think I was here, my reputation could get better or worse, and Detweiler's could get better or worse. This is one way the reputation of one agent can be transferred to another. It happens all the time, in reviews of movies, books, restaurants, and pseudonyms.) The study of reputations and how they change is an important one. It is more than just "nominalism" to see how things tick, what the key features are, what the conserved quantities are (if any), and so forth. This I think was the thrust of Hal's questions. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From hfinney at shell.portal.com Sat Sep 3 20:50:51 1994 From: hfinney at shell.portal.com (Hal) Date: Sat, 3 Sep 94 20:50:51 PDT Subject: Problems with anonymous escrow 2--response In-Reply-To: <199409032231.PAA02510@netcom6.netcom.com> Message-ID: <199409040350.UAA07837@jobe.shell.portal.com> jamesd at netcom.com (James A. Donald) writes: >Hal writes >> What is this stuff, reputation capital? What does it look like? How can >> it be measured? How much is it really worth? >Obviously none of these questions are answerable: So what? >If you are arguing that intangibles do not exist, and therefore >cannot affect real things, then this is obviously false. No, my questions were not rhetorical at all. I do think that various people have come up with ideas for what they call reputation capital that are much more formalized and structured than what you are referring to. This doesn't mean that they are right and you wrong, just that there are a lot of different concepts floating around under this umbrella of a term. As one example, consider how signed endorsements could be used to create and validate a reputation. We already see that today with celebrity endorsements in advertising. I once sold a product where the main competitor had (years ago) collected a favorable comment by Dvorak, the well-known computer columnist. I'll bet a lot of people had never heard of that company but when they saw Dvorak's quote the image of that company was improved a great deal. This endorsement could be called reputation capital. In a very real sense, it was one of the principal assets of that company. I believe many conceptions of reputation capital consist of collections of such endorsements, along with an infrastructure to support them (similar perhaps to the PGP web of trust). >> I think this concept needs >> to be clarified and examined if it is to serve as one of the principle >> foundations of pseudonymous commerce. >No it should not be "clarified and examined" or you will wind up >with the supreme court declaring that such and such an act should >dock your reputation thirty points, and that it is cruel and unusual >punishment for people to have their reputations docked for acts >committed more than seven years ago. There is always the danger of legislative interference in any action but I really don't think our discussions here are likely to bring disaster down on us. >We already know what reputations are. "Defining" them is going >to make them into meaningless nominalist hot air. On the contrary, I think that a pseudonymous/anonymous world calls for a re-examination of the concept of reputations. Today there is no implementation of a transferrable credential, where I could for example prove that company XYZ considers me a good credit risk, without XYZ linking my present nom de guerre with the one I used when with them. Today there is no use made of blind signatures. A few years ago public-key encryption was almost unknown in the private sector. All of these technologies could have significant impact on business relationships. Things are changing, and we on this list are some of the few people who are interested in talking about the effects of these changes. >> If pseudonym credentials are untransferrable >> we have a problem where information builds up about a pseudonym that is >> very nearly as bad as a completely identified system. It is true that at >> least the ultimate linkage between pseudonym and physical body is broken, >> but to the extent that your on-line activities _are_ your pseudonym, it >> is no more desirable to allow dossiers to be built up about your on-line >> personality than your off-line life. >If your on line personality is selling something, it would seem highly >desirable to have dossiers built up about it. Right, I did discuss this point. This helps prevent people from certain kinds of cheating. But the down side is that sellers have to give up some (all?) privacy. And, after all, practically everyone is selling something, even if just their labor. Is the solution that we have privacy as consumers but not as sellers? I don't think this is the only possible answer. It is worth considering whether privacy can be provided to sellers as well. As another example, consider the case of someone applying for credit. Here the bank is, in a sense, selling money. OTOH the applicant is selling something, too - his ability to pay. Do we just say that "of course" dossiers of people's credit history and banks' lending history are the desirable and correct way to solve this problem, as we have today? I would prefer to see whether solutions could be derived in which more privacy is provided to the participants. Obviously total anonymity would make such lending virtually impossible, but perhaps there is some middle ground between that and a system of total identification. This is where Chaum is coming from with his credentials. His solutions have problems, granted, but I don't think it is necessarily time to give up and say that the kinds of dossiers we have today are the best way things can work. Hal From tcmay at netcom.com Sat Sep 3 21:06:57 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 3 Sep 94 21:06:57 PDT Subject: Problems with anonymous escrow 2--response In-Reply-To: <199409040350.UAA07837@jobe.shell.portal.com> Message-ID: <199409040407.VAA19812@netcom14.netcom.com> Hal's reply to James Donald went out within minutes of mine, and made roughly the same points I made (his "endorsement" by Dvorak example is eerily similar to the example I used, about endorsing Detweiler). Maybe Detweiler was right...maybe we _are_ tentacles! --Tim the Tentacle -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From jamesd at netcom.com Sat Sep 3 23:51:49 1994 From: jamesd at netcom.com (James A. Donald) Date: Sat, 3 Sep 94 23:51:49 PDT Subject: "Reputations" are more than just nominalist hot air In-Reply-To: <199409040346.UAA17897@netcom14.netcom.com> Message-ID: <199409040651.XAA07075@netcom14.netcom.com> > James Donald writes: > > We already know what reputations are. "Defining" them is going > > to make them into meaningless nominalist hot air. Timothy C. May writes > James, I can only conclude you were in a bad mood when you wrote > this, as surely the study of how reputations work, how they get > increased and decreased, etc., cannot be a bad thing. Hal wished to have answers to certain questions about reputations. The questions he was asking have no answers. If one provided answers to such questions, the thing that one is calling a reputation would not be a reputation, it would be something more formal, and more subject to centralized control. Were such a definition generally accepted, this would have consequences radically different to those that we desire. I really do not want to digress onto the issue of nominalism and legal positivism, which is seriously off topic, but a similar approach on other matters has led to the catastrophic collapse of societies in the past, and I would claim that it is having something of that effect in the present. It is legitimate and desirable to ask such questions about credentials. To ask them about reputations is harmful and dangerous. You may ask: How can a mere question be dangerous? Answer: Because some questions imply false definitions, and false definitions are dangerous. To take an extreme example, consider the labor theory of value. The labor theory of value defines what capitalists do (organize labor so as to maximize value and minimize labor) as non existent. It therfore leads to the false conclusion that capitalists can be forcibly eliminated without their functions being taken over by a totalitarian nomenclatura, because the definition defines capitalists to have no function. A nominalist definition of reputation, which was what Hal's questions would necessarily lead to, would lead to analogous conclusions -- the need for a formal system of credentialing in cyberspace -- to serve *in the place of* real reputations.. If such a system was to serve the function that reputations now serve in the real world, it would lead to consequences very different from those intended or desired by Hal. From jkreznar at ininx.com Sun Sep 4 03:52:50 1994 From: jkreznar at ininx.com (John E. Kreznar) Date: Sun, 4 Sep 94 03:52:50 PDT Subject: Problems with anonymous escrow 2--response In-Reply-To: <199409031538.IAA03232@jobe.shell.portal.com> Message-ID: <9409041052.AA03370@ininx> -----BEGIN PGP SIGNED MESSAGE----- Hal writes: > On the other hand, untransferrable credentials are undesirable from the > point of view of privacy. ... It is true that at > least the ultimate linkage between pseudonym and physical body is broken, > but to the extent that your on-line activities _are_ your pseudonym, it > is no more desirable to allow dossiers to be built up about your on-line > personality than your off-line life. But is this really true? If a seller is using the pseudonym just to defend himself against uninvited third parties such as tax collectors, it would seem that accumulation of a dossier would be useless as long as the physical seller can't be found. What would be gained by transferring the credential (the evidence of the seller's marketable skills or whatever he's selling) to a new pseudonym? I assume that the seller receives payment by some anonymous method, perhaps electronic cash. Am I missing something? John E. Kreznar | Relations among people to be by jkreznar at ininx.com | mutual consent, or not at all. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLmmPh8Dhz44ugybJAQHBBgP7BOyYR6qWoR4rM4KKbA/G6zjoGKoyaKuH Xp8VL57VPo+k8h1onolU9MoIpnBKMK45CL7atwRkgtNgSVzINgiCkl5xaeviVd15 +fv/xYdJz8evaINwxTA5AM5KCOxF90CsKlLqgyF/ZoGeMfwTYi4us1dHtJDr8Ot3 84RR3vFdYkk= =oWFz -----END PGP SIGNATURE----- From jya at pipeline.com Sun Sep 4 09:08:13 1994 From: jya at pipeline.com (John Young) Date: Sun, 4 Sep 94 09:08:13 PDT Subject: \"Reputations\" are more than just nominalist hot air Message-ID: <199409041602.MAA02685@pipe1.pipeline.com> Responding to msg by jamesd at netcom.com (James A. Donald) on Sat, 3 Sep 11:51 PM >I really do not want to digress onto the issue of >nominalism and legal positivism, which is seriously >off topic, but a similar approach on other matters has >led to the catastrophic collapse of societies in the >past, and I would claim that it is having something of >that effect in the present. * * * >If such a system was to serve the function that >reputations now serve in the real world, it would lead >to consequences very different from those intended or >desired by Hal. Your elaboration of this claim, to echo Tim's later post, would be welcomed. Tim has mentioned before that "off topic" is solved by artful weaving. Please do. John From norm at netcom.com Sun Sep 4 10:49:06 1994 From: norm at netcom.com (Norman Hardy) Date: Sun, 4 Sep 94 10:49:06 PDT Subject: Force is not physical Message-ID: <199409041749.KAA14499@netcom.netcom.com> Can someone send me a copy of Eric Hughes Wednesday essay "Force is not physical"? I somehow lost the machine version. From mab at research.att.com Sun Sep 4 10:54:27 1994 From: mab at research.att.com (Matt Blaze) Date: Sun, 4 Sep 94 10:54:27 PDT Subject: Final version of Clipper Protocol Failure paper Message-ID: <9409041753.AA02006@merckx.UUCP> The "final" pre-print version (dated August 20, 1994) of my paper, "Protocol Failure in the Escrowed Encryption Standard" is now available. You can get it in PostScript form via anonymous ftp from research.att.com in the file /dist/mab/eesproto.ps . This version replaces the preliminary draft (June 3) version that previously occupied the same file. Most of the substance is identical, although few sections are expanded and a few minor errors are now corrected. I'd appreciate it if anyone who's citing the paper use this version. Only PostScript format is available. Sorry. This paper will be presented at the 2nd ACM Conference on Computer and Communications Security in Fairfax in November. -matt From jamesd at netcom.com Sun Sep 4 11:24:38 1994 From: jamesd at netcom.com (James A. Donald) Date: Sun, 4 Sep 94 11:24:38 PDT Subject: Problems with anonymous escrow 2--response In-Reply-To: <199409040350.UAA07837@jobe.shell.portal.com> Message-ID: <199409041824.LAA14498@netcom7.netcom.com> Hal writes > > > What is this stuff, reputation capital? What does it look > > > like? How can it be measured? How much is it really > > > worth? jamesd at netcom.com (James A. Donald) writes: > > Obviously none of these questions are answerable: So what? Hal writes > No, my questions were not rhetorical at all. I do think > that various people have come up with ideas for what they > call reputation capital that are much more formalized and > structured than what you are referring to. This doesn't > mean that they are right and you wrong, just that there are > a lot of different concepts floating around under this > umbrella of a term. No no: What is floating around are proposals for the structured handling of the *information* on which reputations are based, not proposals for the structured handling of reputations. Digital credentials, not digital reputations. Structured handling of *reputations* would be catastrophic. If you *define* reputations to be something formal and explicit, and say that the system will work because people guard their reputations, then reputations become something that can be most efficiently granted and withdrawn by some centralized authority. And then, as with fiat currency, the value of those "reputations" would in the end need to be backed by force in order to make the system work. I am complaining about dangerous carelessness in your use and definition of words. Your use of the word reputation is as fraught with frightful consequences as Marx's use of the word "value". Reputation based systems work for freedom, and coercion based systems work for centralized government, for obvious reasons that all of us agree upon. *Define* reputations to be something other than reputations, and you are kicking the crucial foundation out from under freedom. You are defining the foundation of freedom away, in a way precisely analogous to the way Marx defined the basis of capitalism away, though he did it maliciously and knowingly, and you are doing it accidentally. > As one example, consider how signed endorsements could be > used to create and validate a reputation. True. But signed endorsements are *not* a reputation. > > > I think this concept needs to be clarified and examined if > > > it is to serve as one of the principle foundations of > > > pseudonymous commerce. > > No it should not be "clarified and examined". > > ... > > We already know what reputations are. "Defining" them is > > going to make them into meaningless nominalist hot air. > On the contrary, I think that a pseudonymous/anonymous > world calls for a re-examination of the concept of > reputations. Today there is no implementation of a > transferrable credential, where I could for example prove > that company XYZ considers me a good credit risk, without > XYZ linking my present nom de guerre with the one I used > when with them. This is an illustration of the danger of redefining "reputation" as you appear to be doing. Obviously a blind signed credential transferable between digital pseudonyms would have no value to support a reputation, but by abandoning the correct usage of the word "reputation" you have obscured that fact from yourself. But what would have value was a credential whereby some authority signed *one* private key that you possessed at a certain time, without knowing either the private key or the public keys associated with that private key. But if you used that key to support multiple identities, you would then be stuffed because it would then create a link between Joe Robertson, software benchmarker, and Mike Hardcase, purveyor of underage Ceylonese virgins. Worse, it might create a link between Mike Hardcase and Joe Whatsyourpleasure, purveyor of Filipina whores, thereby substantially reducing the value of the Ceylonese virgins purveyed by Mike Hardcase, even though both Mike Hardcase and Joe Whatsyourpleasure both had excellent reputations until their reputations became linked. > > If your on line personality is selling something, it would > > seem highly desirable to have dossiers built up about it. > Do we just say that "of course" dossiers of people's credit > history and banks' lending history are the desirable and > correct way to solve this problem, as we have today? I > would prefer to see whether solutions could be derived in > which more privacy is provided to the participants. > Obviously total anonymity would make such lending virtually > impossible, but perhaps there is some middle ground between > that and a system of total identification. This is where > Chaum is coming from with his credentials. Exactly so: And Chaum talked of digital credentials, and the reputations of digital credentials. He *did not* talk about digital reputations. Use the word *credentials*, not the word *reputations*. If we were to start using the word *reputations* in the way that you have been using it, we will make errors with vastly more serious consequences that the errors that you have made. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jamesd at netcom.com Sun Sep 4 11:37:45 1994 From: jamesd at netcom.com (James A. Donald) Date: Sun, 4 Sep 94 11:37:45 PDT Subject: "Reputations" are more than just nominalist hot air In-Reply-To: <199409040346.UAA17897@netcom14.netcom.com> Message-ID: <199409041837.LAA15650@netcom7.netcom.com> James Donald writes: > > No it should not be "clarified and examined" Timothy C. May writes > Why not try to clarify and examine such an important > concept? Where's the danger in gaining a better > understanding? When somebody wants to "clarify and examine" a concept that is already well understood, this usually means that he wants to change the meaning of that concept. Where the concept is something fundamental to existing social structures, the result can be utterly ruinous (for example Socrates). In Hal's case he wants to "clarify and examine" something that is crucial to the future that we all want to achieve. It is clear from some of the things he said that his "clarified" meaning is in fact substantially different from the correct meaning. For example he asks a number of questions that are not meaningful or answerable if "reputation" means reputation, but are meaningful if "reputation" means credentials. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jamesd at netcom.com Sun Sep 4 11:52:58 1994 From: jamesd at netcom.com (James A. Donald) Date: Sun, 4 Sep 94 11:52:58 PDT Subject: \"Reputations\" are more than just nominalist hot air In-Reply-To: <199409041602.MAA02685@pipe1.pipeline.com> Message-ID: <199409041853.LAA17023@netcom7.netcom.com> I wrote: > > I really do not want to digress onto the issue of > > nominalism and legal positivism, which is seriously > > off topic, but a similar approach on other matters has > > led to the catastrophic collapse of societies in the > > past, and I would claim that it is having something of > > that effect in the present. > > * * * > > > If such a system was to serve the function that > > reputations now serve in the real world, it would lead > > to consequences very different from those intended or > > desired by Hal. John Young writes > Your elaboration of this claim, to echo Tim's later post, > would be welcomed. Hal seems to be asking questions which implicitly define a reputation to be some kind of credential. This is like *defining* money as fiat money, as governments are prone to do, or *defining* the value of a good to be its labor content, as Marx did. If you assume that the two are the same, then the two will cease to be the same, the system will screw up, and you will need coercion (legal tender laws) to make fiat money work as if it was actual money, and to make credentials act as if they were actual reputations. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From greg at ideath.goldenbear.com Sun Sep 4 12:13:03 1994 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Sun, 4 Sep 94 12:13:03 PDT Subject: "Reputations" are more than just nominalist hot air In-Reply-To: <199409041837.LAA15650@netcom7.netcom.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- James Donald writes: > Timothy C. May writes > > Why not try to clarify and examine such an important > > concept? Where's the danger in gaining a better > > understanding? > When somebody wants to "clarify and examine" a concept > that is already well understood, this usually means that > he wants to change the meaning of that concept. Well understood by *who*? You seem to have a strong local definition for the word "reputation". You seem to believe that freedom itself depends on folks only using that word in a fashion compatible with your own use. That's an interesting notion for a sleepy Sunday afternoon, but you haven't convinced me yet. Perhaps you'd be good enough to describe what you mean when you use the word "reputation"? > In Hal's case he wants to "clarify and examine" something > that is crucial to the future that we all want to achieve. When you say "we", who are you referring to? > It is clear from some of the things he said that his "clarified" > meaning is in fact substantially different from the correct meaning. Who decides what the "correct meaning" of a word is? -----BEGIN PGP SIGNATURE----- Version: 2.5 iQCVAgUBLmoaxH3YhjZY3fMNAQHO/wP8DJhb5eiESy/rmhyv+UwwdA5tLyulZqvH WdqwAMqb4nyOOMnYo9lhI+gvjnIPtPD/Hf8YvnmwAfDDGR72IIDFQ3xrbApOg73W nDPsLBvUFMHx5Zh8PCCcaZjHn05rjCXsaAGiixWAh37OjC7qm3/OqLvh3gEsBJX0 iwEf9BSLKYE= =c8V6 -----END PGP SIGNATURE----- From sandfort at crl.com Sun Sep 4 12:41:10 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Sun, 4 Sep 94 12:41:10 PDT Subject: ACAPULCO H.E.A.T. Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, This week's episode, "Code Name: Stalemate," was a two-parter. The Team goes to Venezuela to protect Andre Sokal, an ex-KGB agent, who is playing in a big chess tournament. Andre in now part of the Russian reform movement and Communist hard-liners want to assassinate him. H.E.A.T.'s archenemy, Strake, is hired to do the job. Strake is a violent but sensitive megalomaniac who eschews a simple bullet to the head because a good assassination is "a theatrical performance that must show the genius of the assassin" or something like that. Strake first shoots one of the real chess players in the back, which shows curiously little genius. He then replaces him with a surgically altered double. It goes downhill from there. The crypto and hi-tech angles are many. Ashley (Catherine Oxenberg, who I have been told was *not* Ringo's wife) replaces one of the other chess players. (No, she doesn't shoot her in the back, they were old friends. Ashley just happens to play at the grandmaster level and anyway, Chrissie will be feeding her computer generated moves via a radio receiver in Ashley's eyeglass frames. Strake's ringer is also strategically impaired and so Strake is helping him with a laptop with a screen that only the double can see because he is wearing special glasses. (Why not just use an LCD screen? Nobody can read those things either.) Unfortunately, Strake has brought in an electronics communication expert from Russia (Ivan something-or-other). Ivan spoofs the H.E.A.T. computers and satellite communications uplinks. When the Team discovers their communications have been compromised, Mike tells Ashley not to use their normal communications until the system is secure. When she asks how should communicate, Mike tells her to "use the phone." (Now *that's* secure!) Ivan is available to Strake, because his research funding dried up when the USSR went belly up. Too bad, because "he was on the verge of developing a microchip which would have been able to decrypt any secure computer." Yeah, right. To be continued next week. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From sdw at lig.net Sun Sep 4 16:10:37 1994 From: sdw at lig.net (Stephen D. Williams) Date: Sun, 4 Sep 94 16:10:37 PDT Subject: "Reputations" are more than just nominalist hot air In-Reply-To: Message-ID: Would someone care to create a mini-glossary, complete with author-noted alternate definitions of the current topics? I don't think I'm going to get up to speed in to time participate otherwise... Thanks sdw (who has 900 recent messages and 3500 from vacation...) -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 513 496-5223APager LIG dev./sales Internet: sdw at lig.net OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Comm. Consulting ICBM: 39 34N 85 15W I love it when a plan comes together Newbie Notice: (Surfer's know the score...) I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru. From sdw at lig.net Sun Sep 4 16:20:36 1994 From: sdw at lig.net (Stephen D. Williams) Date: Sun, 4 Sep 94 16:20:36 PDT Subject: Alt.Gvmt.Bad.Bad.Bad In-Reply-To: Message-ID: ... > The United States is made up of ignorant people who know what they need > to get by in life, and do not want to take the time to do what it takes > to improve themselves, ie. vote. As for morality, I feel it is somthing > that we all wish to be but find it hard to be. I know I find it hard to > be moral. Make sure you have an intelligent and rational definition of your morals, and they won't seem hard. Don't take me to mean that you should have self-serving and opportunistic morals however. > Groove on Dude > Michael Conlen sdw -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 513 496-5223APager LIG dev./sales Internet: sdw at lig.net OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Comm. Consulting ICBM: 39 34N 85 15W I love it when a plan comes together Newbie Notice: (Surfer's know the score...) I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru. From sdw at lig.net Sun Sep 4 16:35:56 1994 From: sdw at lig.net (Stephen D. Williams) Date: Sun, 4 Sep 94 16:35:56 PDT Subject: Alt.Gvmt.Immorality In-Reply-To: <199409021524.IAA29904@deepthought.pylon.com> Message-ID: > Responding to msg by Michael Conlen: > > ........................................................ > > On the note, I offer this quote which is always amusing to me: > > "The only claim made for any organized ideas of human nature is ... > words, a working model of human nature makes things visible, > and you visible as well." > > - from "The Human Nature Industry", by Ward > Cannel and June Macklin > > Blanc There are some theories that various 'power' segments of society actively cultivate a particular working model for their own benefit. Foremost, of course, are Clergy, lawyers, and gov. (Has anyone heard of 'Neo-Tech'?) I've always thought and recently espoused that there should be classes from the beginning of highschool on philosophy and sociology. I suppose the problem would be which philosophy and whose spin on things the schools would encourage. I just think that too many people don't think of themselves on the 'meta' level. (Thinking about what they think and do and why.) I had my little crisis at 13. Not to mention the fact that there would be more atheists... :-) sdw -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 513 496-5223APager LIG dev./sales Internet: sdw at lig.net OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Comm. Consulting ICBM: 39 34N 85 15W I love it when a plan comes together Newbie Notice: (Surfer's know the score...) I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru. From 7CF5048D at nowhere Sun Sep 4 18:20:23 1994 From: 7CF5048D at nowhere (7CF5048D at nowhere) Date: Sun, 4 Sep 94 18:20:23 PDT Subject: Hiding conventionally encrypted messages in PGP messages to someelse. In-Reply-To: <199409030838.AA179351514@sl9.sr.hp.com> Message-ID: <199409050106.AA26246@xtropia> -----BEGIN PGP SIGNED MESSAGE----- Paul Franklin writes: >> To create such a file, we would simply create as PGP usually does, >> except that we specify or record the conventional IDEA key used. Then to >> decrypt the file, we simply ignore the RSA headers and use the specified >> or recorded conventional IDEA key. We could even insure that the IDEA >> key in the RSA encrypted headers is wrong. So, obiwan can not reveal >> the data even if Darth can seize him. >> I have created a hack to PGP ui to do all of the above! >Isn't this what pgp -c does? No pgp -c creates a conventionally encrypted file that appears to be a conventionally encrypted file. If you run such a file thru pgp, pgp will report that it is a conventionally encrypted file even if you do not know the password. If you have such a file Darth Vader will assume that you can decrypt it. My hack allows you to created a file which appears to be pgp public key encrypted to someone else, but which you also (or perhaps you only) can decrypt. (Because you have specified or recored the conventional idea key.) Hopefully, Darth will be fooled in to thinking that you can not decrypt the file. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLmjPoQ2Gnhl89QSNAQH4qQP/WBMRdSbT6j9G4CgQOt1glM3SO10KfId1 v0dlLAD763sYy7rLPwueoNIUXYjsibMkP1/dBX+BRcjKJLGxNVo/E7weZDOBgwck 1NlpjG+kVQH35NRvmBfecRF/PsPoYu+utHfDTZ0ntQSAj0zb7EFLl0XI5ULYqFNU y8KnEG8GhzI= =RC+G -----END PGP SIGNATURE----- From jya at pipeline.com Sun Sep 4 19:26:30 1994 From: jya at pipeline.com (John Young) Date: Sun, 4 Sep 94 19:26:30 PDT Subject: Problems with anonymous escrow 2--response Message-ID: <199409050225.WAA28445@pipe1.pipeline.com> Responding to msg by jamesd at netcom.com (James A. Donald) on Sun, 4 Sep 11:24 AM >I am complaining about dangerous carelessness in your >use and definition of words. Your use of the word >reputation is as fraught with frightful consequences >as Marx's use of the word "value". > >Reputation based systems work for freedom, and coercion > based systems work for centralized government, for >obvious reasons that all of us agree upon. > >*Define* reputations to be something other than >reputations, and you are kicking the crucial foundation >out from under freedom. >support a reputation, but by abandoning the correct >usage of the word "reputation" you have obscured that >fact from yourself. >Use the word *credentials*, not the word *reputations*. >If we were to start using the word *reputations* in the > way that you have been using it, we will make errors >with vastly more serious consequences that the errors >that you have made. James, Your answers to Hal and Tim have been enlightening. And your attempt to move away from nominalism to improve precision of language and to ward off inadverdent undermining of fundamentals, is admirable, that is, if I understand your objections to Hal's proposals correctly. Perhaps to avoid counter-objections that matters of definition all to often lead back into nominalistic debates, you will be able to suggest practical examples of what you mean by "dangerous", "frightful", "serious consequences", "kicking the crucial foundation out from under freedom", and the like. Sometimes these melodramatic terms obscure rather than point toward concrete situations that will convey your intentions more effectively. Your strong feelings on these matters are clear, but I for one do not know what you would do in place of what Hal, and others, are proposing, to build and sustain reputations in the electronic realm. Not, to be sure, to undermine what is valid in brickspace, but how such firm foundations might be extended, even emulated occasionally, in the cyber realm. I don't yet see these efforts as threatening as you claim. When you get a chance, your specific examples would help. Thanks. John From sdw at lig.net Sun Sep 4 20:24:30 1994 From: sdw at lig.net (Stephen D. Williams) Date: Sun, 4 Sep 94 20:24:30 PDT Subject: Problems with anonymous escrow 2--response In-Reply-To: <199409050225.WAA28445@pipe1.pipeline.com> Message-ID: ... > James, > > Your answers to Hal and Tim have been enlightening. > > And your attempt to move away from nominalism to improve > precision of language and to ward off inadverdent undermining > of fundamentals, is admirable, that is, if I understand your > objections to Hal's proposals correctly. > > Perhaps to avoid counter-objections that matters of definition > all to often lead back into nominalistic debates, you will be ... > Thanks. > > John ... Good Sir, what frightfully polite eloquence have you bathed this august gathering of gentle spirits? Who among us dare tread upon the literary plateau where you have chosen with great cunning to cast down the gauntlet of gentlemanly and stately redaction and precision? Errr..., what'd he say? sdw -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 513 496-5223APager LIG dev./sales Internet: sdw at lig.net OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Comm. Consulting ICBM: 39 34N 85 15W I love it when a plan comes together Newbie Notice: (Surfer's know the score...) I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru. From blancw at pylon.com Sun Sep 4 21:22:51 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Sun, 4 Sep 94 21:22:51 PDT Subject: Alt.Gvmt.Immorality Message-ID: <199409050422.VAA28301@deepthought.pylon.com> Responding to msg by Stephen D. Williams: >There are some theories that various 'power' segments >of society actively cultivate a particular working >model for their own benefit. Foremost, of course, are >Clergy, lawyers, and gov. Well, reading books like the one from which I took that quote would alert one's attention to the fact that there are many working models of human nature possible, and that one should not merely take the one given out in school or at church or by whomever. I think that when one realizes that these models are all the product of our own human reasoning, then the idea of liberty & freedom becomes more meaningful, as one realizes that there are choices beyond the views created by one's elders or leaders. >I've always thought and recently espoused that there >should be classes from the beginning of highschool on >philosophy and sociology. I suppose the problem would >be which philosophy and whose spin on things the >schools would encourage. I think this would start a big fight in the public schools as to which philosophy or sociological works to use in the classroom. However, in classrooms per se if there were a general presentation of the concepts and discussions on the human ability to develop comprehensive views of the world, then everyone was turned loose in the library, each person could begin their study of any of them and proceed at their own pace & interest. At the very least they could become aware of the source of the images of human nature which surround us and could better evaluate what it means to live & act within any particular system of operations. >I just think that too many people don't think of >themselves on the 'meta' level. (Thinking about what >they think and do and why.) The opportunities for this kind of thinking are greatly limited to what the church and politics provide as a frame of reference (not that the libraries aren't open and available for budding curiosities). It was from browsing through picture books of other peoples & reading about how other cultures arrange their existence, that I developed the comprehension that there are different methods of doing things in the world, that there is such a thing as choice, and that not only cultures but individuals can arrange their affairs according to their own ideas of success. Blanc From hibbert at netcom.com Sun Sep 4 21:28:25 1994 From: hibbert at netcom.com (Chris Hibbert) Date: Sun, 4 Sep 94 21:28:25 PDT Subject: Problems with anonymous escrow 2--response In-Reply-To: Message-ID: <199409050428.VAA26284@netcom15.netcom.com> >> > James, >> > >> > Your answers to Hal and Tim have been enlightening. >> > >> > And your attempt to move away from nominalism to improve >> > precision of language and to ward off inadverdent undermining >> > of fundamentals, is admirable, that is, if I understand your >> > objections to Hal's proposals correctly. >> > >> > John >> >> Good Sir, what frightfully polite eloquence have you bathed this >> august gathering of gentle spirits? [...] >> >> Errr..., what'd he say? >> >> sdw Stephen, I think you understood exactly what he said. I'll explain why he said it the way he did. John thinks that James may have some good ideas, but he's too excited, and he's not explaining them clearly. John asked James to calm down, and suggested some particular points that James wasn't explaining in his excitement over the error he sees other people falling into. John is talking this way so James will understand that John is trying to be on his side. If he said something like "you idiot," or "you raving clod", there would be little chance of James calming down enough to understand John's point. The way John spoke shows that he is familiar with many of the problems people fall into when they hold a heated conversation on the net. Many people mistake heat and excitement for disagreement and personal attack. John is doing a good job of pointing out to James that people are interested in what he has to say, and that communication will be clearer of if he takes a deep breath and figures out what people are really asking him for. Thanks John, Chris BTW, I think John and James are right: reputation is not quantifiable, it's interpreted by each observer differently. Credentials on the other hand, can be transfered, and it makes sense to codify them so other people can understand what recommendations they represent. From blancw at pylon.com Sun Sep 4 21:48:11 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Sun, 4 Sep 94 21:48:11 PDT Subject: Problems with Definitions in Escrow Message-ID: <199409050448.VAA28868@deepthought.pylon.com> Responding to msg by James A. Donald: If you *define* reputations to be something formal and explicit, and say that the system will work because people guard their reputations, then reputations become something that can be most efficiently granted and withdrawn by some centralized authority. . . . . . . . . . . . I am complaining about dangerous carelessness in your use and definition of words. Your use of the word reputation is as fraught with frightful consequences as Marx's use of the word "value". ................................................................. .... Perhaps when you decry the establishment of 'definitions' you mean that a concept should not be circumbscribed tightly within the boundaries of a pre-determined range of meaning? I thought what Hal intended by 'examining & defining' a term, was simply to assess what it means to those who are seeking to apply it, rather than intending to confine it in advance of any real knowledge of its actual reference. Blanc From sameer at c2.org Sun Sep 4 22:20:20 1994 From: sameer at c2.org (sameer) Date: Sun, 4 Sep 94 22:20:20 PDT Subject: elm and pine patched for a preprocessor Message-ID: <199409050518.WAA21325@infinity.c2.org> I have hacked on elm and pine so that they will work with Raph Levien's "premail" package easily. It allows the use of a preprocessor to sendmail through the use of the PRESENDMAIL environment variable. -- I made the following changes to src/mailmsg2.c to allow use of setenv PRESENDMAIL "program" to allow an alternate sendmail. This is in elm 2.4 pl20. 95,97d94 < #define PRESENDMAIL /* Uncomment this if you don't want to allow users */ < /* to run a 'replacement sendmail' with the PRESENDMAIL */ < /* environment variable */ 209,211d205 < #ifdef PRESENDMAIL /* Hack to allow 'replacement sendmails' */ < char *pre_sendmail; < #endif 571,585d564 < < #ifdef PRESENDMAIL /* Hack to allow replacement sendmails */ < if(pre_sendmail = getenv("PRESENDMAIL")) < { < sprintf(very_long_buffer,"( (%s %s %s ; %s %s) & ) < %s", < pre_sendmail, mailerflags, expanded_to, < remove_cmd, whole_msg_file, whole_msg_file); < } < else < { < sprintf(very_long_buffer,"( (%s %s %s ; %s %s) & ) < %s", < mailer, mailerflags, expanded_to, < remove_cmd, whole_msg_file, whole_msg_file); < } < #else 589,591c568 < #endif < < } --- > } -- I made the following changes to pine/send.c to allow use of setenv PRESENDMAIL "program" to allow an alternate sendmail This is in pine 3.89. 63,64d62 < #define PRESENDMAIL /* Allow users to specify an alternate sendmail */ < 1512,1514d1509 < #ifdef PRESENDMAIL /* If we want an alternate sendmail to be specified */ < char *pre_sendmail; < #endif 1527,1539d1521 < < #ifdef PRESENDMAIL < if(pre_sendmail = getenv("PRESENDMAIL")) < { < sprintf(mail_cmd, "( ( %s %s ; /bin/rm -f %s ) < %s & )", < pre_sendmail, SENDMAILFLAGS, tmpfile, tmpfile); < } < else < { < sprintf(mail_cmd, "( ( %s %s ; /bin/rm -f %s ) < %s & )", < SENDMAIL, SENDMAILFLAGS, tmpfile, tmpfile); < } < #else 1542d1523 < #endif -- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From jamesd at netcom.com Sun Sep 4 22:56:58 1994 From: jamesd at netcom.com (James A. Donald) Date: Sun, 4 Sep 94 22:56:58 PDT Subject: Alt.Gvmt.Immorality In-Reply-To: Message-ID: <199409050556.WAA17847@netcom12.netcom.com> Stephen D. Williams writes > I've always thought and recently espoused that there should be classes > from the beginning of highschool on philosophy and sociology. I > suppose the problem would be which philosophy and whose spin on things > the schools would encourage. Alas, due to the fact that no one else is willing to pay for philosophy, nearly all philosophy is government sponsored. Unsurprisingly, nearly all government sponsored philosophy logically leads to the conclusion that to avoid killing each other, we need to be thoroughly governed, and that any restraints on the power of government are foolish or wicked and selfish. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jamesd at netcom.com Sun Sep 4 23:17:17 1994 From: jamesd at netcom.com (James A. Donald) Date: Sun, 4 Sep 94 23:17:17 PDT Subject: Problems with anonymous escrow 2--responsey In-Reply-To: <199409050225.WAA28445@pipe1.pipeline.com> Message-ID: <199409050617.XAA19646@netcom12.netcom.com> John Young writes > all to often lead back into nominalistic debates, you will be > able to suggest practical examples of what you mean by > "dangerous", "frightful", "serious consequences", "kicking the > crucial foundation out from under freedom", and the like. > Sometimes these melodramatic terms obscure rather than point > toward concrete situations that will convey your intentions > more effectively. If we assume that reputations are themselves some kind of credentials, rather than assuming that credentials provide information on which people infer reputations, then we will wind up proposing credentials that will work like motor car licenses -- credentials that will not by themselves achieve the desired effect, and will therefore need to be supported by coercion. The objective is to go to a system where good conduct is enforced by the non material and unquantifiable value of reputations, rather than a system where good conduct is enforced by coercion. Adopting a nominalist meaning for the word "reputation" would frustrate this objective, since nominalist "reputations" cannot enforce good conduct. I am not arguing for increased rigor in the use of the word "reputation". Indeed I am protesting and opposing inappropriate and misleading rigor. Credentials are not reputations. Any attempt to make reputations more precise, objective, and knowable, will turn them into credentials, which are incapable of achieving the desired effect. The "frightful consequence" is simply that. A world in which cyberspace business functions only by the fiat of government, which is of course not at all what Hal wishes to achieve. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jamesd at netcom.com Sun Sep 4 23:43:26 1994 From: jamesd at netcom.com (James A. Donald) Date: Sun, 4 Sep 94 23:43:26 PDT Subject: "Reputations" are more than just nominalist hot air In-Reply-To: Message-ID: <199409050643.XAA21745@netcom12.netcom.com> Stephen D. Williams writes > Would someone care to create a mini-glossary, complete with author-noted > alternate definitions of the current topics? No. The problem is that Hal wants a definition of "Reputation" that is more objective, concrete, controllable measurable and well defined, whereupon I went ballistic because reputations do not have the properties that he thinks a good definition of reputation should have. Thus reputations, defined to have the nice properties that Hal would like them to have, would lack the crucial property of enforcing good conduct. Since we want "reputations" to serve in place of state violence, rather than serving in place of drivers licenses, I argued that the kind of definition that Hal was seeking would be catastrophically counter productive. We should propose credentialing systems, rather than define reputations. Of course what Hal really wanted to do was discuss credentialing systems, rather than get involved in a discussion of nominalism and realism etc. My objection was that by calling credentialling systems "reputations" he was obfuscating the crucial part of the process whereby credentials obtain value. This is an error akin to that of "the labor theory of value", and would lead to the same disastrous error that the labor theory of value leads to: We would end up proposing "non coercive" systems that would in reality require a great deal of coercion in order to work. By calling a credential a reputation, we imply that it automatically has value. Of course it does not. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From ghio at chaos.bsu.edu Mon Sep 5 08:29:43 1994 From: ghio at chaos.bsu.edu (Matthew Ghio) Date: Mon, 5 Sep 94 08:29:43 PDT Subject: How do I choose constants suitable for Diffe-Hellman? Message-ID: <199409051528.KAA07031@chaos.bsu.edu> 0x7CF5048D wrote: > How do I choose constants suitable for Diffe-Hellman? > According to _Applied Cryptography_ n should be prime, > also (n-1)/2 should also be prime. g should be a primitive > root of unity mod n. n should be 512 or 1024 bits long. > Are there any other requirements? > > How can I choose such numbers? Are such numbers published > anywhere? Yes, Phil Karn posted a list of such numbers to the list last May, and the program used to generate them. Since some people have expressed their distaste for large files re-posted/forwarded to the list, I won't send it, but you can get it from ftp cs.cmu.edu: /afs/andrew.cmu.edu/usr12/mg5n/public/Karn.DH.generator From jya at pipeline.com Mon Sep 5 08:39:06 1994 From: jya at pipeline.com (John Young) Date: Mon, 5 Sep 94 08:39:06 PDT Subject: Doors of Perception 2: '@HOME' Conference (Very Long) Message-ID: <199409051538.LAA06266@pipe1.pipeline.com> Forwarding mail by: HRL at PSUVM.PSU.EDU (Howard Ray Lawrence 814 238 9535) on ------------------- - - The original note follows - - From: willem at mediamatic.hacktic.nl (Willem Velthoven) Subject: Doors of Perception 2: '@HOME' Conference Date: Mon, 05 Sep 1994 16:51:31 +0100 Doors of Perception 2: '@HOME' Conference 4+5+6 November 1994 RAI Congress Center Amsterdam the Netherlands *Doors of Perception* is an important meeting point for all those interested in the design challenge of interactivity. The first conference, in November 1993, was attended at relatively short notice by nearly 700 people from 20 countries. *Aim of the conference The 1994 conference, which is organised by the Netherlands Design Institute with Mediamatic Magazine, will further develop discussion about culture, context and innovation. The subject's importance was well put by Terry Winograd: 'major leaps only happen when someone has a new insight into the larger picture, and can escape from the old context'. That is the aim of *Doors 2*. Speakers will focus on a particular context, 'home' - as market, as metaphor, and as myth. Industry has great expectations for home as a site for new products, as an outlet for entertainment and information services, and as a place of work. But when a new technology enters a culture, the culture changes. What does that mean for 'home'? *Subjects >From the multiple perspectives of marketing, technology, design, philosophy, anthropology, and psychology, speakers will consider the cultural impact of technology on work and play, home and school, learning and entertainment. They will compare the qualities of telematic space and domestic space. They will talk about real nomads and telematic nomads. They will analyse changes to our sense of place, both public and private. They will look at the psychology of belonging - to a family, group, or community. They will explore the architecture of information, and the creation of shared meaning, in virtual communities. *Debate The point of this debate is that uncritical assumptions, and a crude use of 'real world' metaphors about the home, can actually stifle innovation. Vast resources are being devoted to digital versions of existing human activities - teleshopping, video-on-demand, telecommuting; but attempts to create entirely new uses for the technologies have been unambitious, to say the least. Doors of Perception gives equal emphasis to thinking and doing. It is not a trade show - neither is it exclusive: chief executives and young creatives are equally 'at home' at this unique event. *The organisers Vormgevingsinstituut / Netherlands Design Institute Tel: +31 (0)20 5516500 Fax: +31 (0)20 620 1031 e-mail: doors at nvi.mediamatic.hacktic.nl Mediamatic Magazine Tel: +31 (0)20 6266262 Fax: +31 (0)20 6263793 To receive *Doors 2 electronic newsletter* send e-mail to: listserv at mediamatic.hacktic.nl The message should mention: 'subscribe home' *The Speakers *Christopher Alexander author of 'A Pattern Language: Towns, Buildings, Construction': After a ten-year silence, Christopher Alexander and his colleagues at the Center for Environmental Strucure published a major statement in the form of three books which will, in their words, 'lay the basis for an entirely new approach to architecture, building and planning, which will replace existing ideas and practices entirely'. At the core of his books is the idea that people should design for themselves their own houses, streets, and com munities. This idea may be radical (it implies a radical transformation of the architectural profession) but it comes simply from the observation that most of the wonderful places of the world were not made by architects but by the people. Also author of: 'The Timeless Way of Building': The theory of architecture implicit in our world today, Christopher Alexander believes, is bankrupt. More and more people are aware that something is deeply wrong. Yet the power of present-day ideas is so great that many feel uncomfortable, even afraid, to say openly that they dislike what is happening, because they are afraid to seem foolish, afraid perhaps that they will be laughed at. Now, at last, here is a coherent theory which describes in modern terms an architecture as ancient as human society itself. Christopher Alexander presents a new theory of architecture, building, and planning which has at its core that age-old process by which the people of a society have always pulled the order of their world from their own being. *John Perry Barlow studied comparative religion, has been the lyricist for The Grateful Dead since 1972, is an insightful writer, and co-founded, with Mitchell Kapor and Stephen Wozniak,the Electronic Frontier Foundation. The EFF pushes ethical and political issues of the new media onto the international agenda - freedom of speech, privacy, intellectual property, and other social consequences of a network culture. *Alfred Birnbaum who was born in China and raised in Japan, is a noted translator in Japanese (of such authors as Murakami), an artist with the Kyoto-based performance group 'Dumb Type', and a highly original researcher of diverse popular phenomena in contemporary Japan, which he compares to deeply rooted Asian cultural traditions. *'Breaking stories, eye candy and mental muesli' as one journalist described 'Doors 1', will again feature in this year's conference. How is interactivity to be designed? What methodologies and management skills are needed for what is, by definition, a multi-diciplinary activity? A keen reader of conference blurbs will also appreciate that this paragraph has been added at artwork stage to replace the cv of a key speaker, whose name begins with B, who has de-confirmed. But we'll replace him. *Amy Bruckman a doctoral candidate at MIT, founded MediaMOO, a text-based virtual reality environment designed as a professional on-line community for media researchers.For her dissertation, Bruckman is creating a MUD for children called MOOSE Crossing, designed to be an authentic context in which kids can learn reading, writing and programming. Bruckman will explain what MUDs and MOOs actually are in her presentation. *Florian Brody who studied linguistics and computer science in Vienna, investigates the relationship between computers, memory and identity. He worked in the Austrian National Library on automation management, and was technical director of the 'expanded books' project at Voyager Publishing in California, before founding New Media Consulting. He teaches at Vienna University, and he is president of the Austrian Society for Virtuality, Telepresence and Cyberspace. *David Chaum is managing director of DigiCash, an Amsterdam-based company that is a world pioneer in electronic cash payment systems. Dr Chaum is also chairman of CAFE, the European Union research consortium investigating the technical infrastructure and equipment for electronic money in Europe. He took a PhD in computer science at Berkeley, taught at NYU Graduate School of Business, and founded the International Association for Cryptological Research. *Manuel De Landa a New York-based artist, is also the author of 'War In The Age Of Intelligent Machines'. From a vantage point at the intersection of chaos theory and post-structuralism, De Landa described how military technology has altered the relationship between humans, their machines, and information. In his new book Phylum: A Thousand Years Of Non-Linear History, De Landa considers the cottage-industrialisation of the world, and the global spread of a 'population of firms' . *Thomas Dolby is a pop-star-hacker-programmer who saw in immersive virtual reality a new medium for musical expression. He created the audio studio Headspace that allows the user to wander round a classic string quartet as it plays. Currently working with Joy Mountford's group at Interval Research Corporation in California, Dolby is also developing an interactive version of Francis Ford Coppola's The Conversation which will be released on CDRom. *Anthony Dunne and Fiona Raby a research and design partnership based in London, explore the inter-relationships between industrial design, architecture and electronic media. Their recent work, which has focussed on what they call the 'poetics of telecommunications', includes the Fields & Thresholds project for the Netherlands Design Institute, an investigation into communicative and design implications of a 'virtual institute'. *Lynn Hershman is a Senior Professor at the University of California where she initiated the IDEA laboratory devoted to electronic arts. Among her award- winning videotapes and interactive installations are The Electronic Diary and Virtual Love, the latter a long narrative about breaking through the screen that separates us from our media-derived fantasies. Hershman is currently completing a sequel, The Twisted Chord, charting the telephone from Bell through to the Internet. *Peter Lamborn Wilson was described by Erik Davis in the Village Voice this year as an 'underground anarcho-Sufi scholar (whose) work explores the historical and mystical dimensions of Sufism and Islamic heresy, as in his latest book Sacred Drift. His surprisingly virulent concept/buzzword 'temporary autonomous zones' spread through the computer underground to Time magazine. His lectures argue for the ultimate unity of imagination and intellectual investigation'. *Patti Maes who received her PhD in computer science at the University of Brussels, researches artificial life and artificial intelligence, and recently produced 'Alive', an interactive installation involving 'virtual pets', whose future in the home she will explain to the conference.Maes has worked at MIT's Artificial Intelligence Laboratory and more recently as an assistant professor at MediaLab, since 1990. Her research focusses on the modelling of all kinds of artificial intelligence 'agents'. *William Mitchell's new book 'City of Bits': Space, Place and Infobahn, which addresses central concerns of the Home theme,will be published in 1995. Mitchell, who is Professor of Architecture and Media Arts and Sciences, and Dean of the School of Architecture, at MIT, conducts research in design theory, computer applications in architecture and urban design. His other books include The Reconfigured Eye which deals with the social and cultural impact of digitally altererd photographs . *Mitch Ratcliffe as editor-in-chief of the influential industry newsletter Digital Media, is well-placed to distinguish between hype and reality, and to explain which technologies will actually work, and when, on the infobahnen. He is the co-author (with Andrew Gore) of Powerbook: The Digital Nomad's Guide and is now completing a book on the World Wide Web which analyses the economic, social and political implications of software agent technology. *Jeffrey Shaw is director of the media institute at Karlsruhe Media Centre in Germany. Shaw studied architecture in Australia, and art in Milan and London, before working on interactive and virtual space projects from a base in The Netherlands, where he also taught at the Rietveld Academie. He has shown such award-winning projects as TheLegible City, The Narrative Landscape, and The Virtual Museum at festivals and workshops throughout Europe, the USA and Japan. *Marco Susani is a teacher and researcher at Domus Academy, the research centre and postgraduate design school in Milan. An expert on the design of services, Susani explores the relationship between dematerialisation - for example, of communications - and scenarios for a sustainable economy in which radically less matter and energy are consumed. His recent work focusses on conviviality - the behavioural threshold that offers one route for technology to enter the home. *Philip Tabor's doctoral thesis at Cambridge University concerned the limits of 'automated' architectural design. He co-founded the Centre for Land Use and Built Form Studies (now the Martin Centre), and the computer aided design consultancy, Applied Research of Cambridge, which is now part of McDonnell Douglas. For ten years a partner in Edward Cullinan Architects, specialising in housing, Philip Tabor was until recently Director of the Bartlett School of Architecture in London. *Shin-Ichi Takemura teaches anthropology, international affairs and cultural design, including ethnic arts, at Touhoku University of Art and Design. His trans-cultural analysis of communication processes , media structures and design issues includes a particular emphasis on an 'ecology of body and mind'. Takemura is convenor of the Asian Cultural Design Forum and Human Ecology Round Table. His team is also involved in planning such public facilities as the proposed Eco-Aesthetic Museum. *Pauline Terreehorst in her recently completed book Het Boerderijmodel - 'The Farm Mould' - argues that the new communication technologies may help transform the home into a 'farm' again. Terreehorst also speculates that the re-location of home as a focal point of the electronic superhighway will and foster positive changes in relationships between men and women. Home played such a positive role before industrialisation forced people to separate home from work. *FURHTER SPEAKERS and presentations will be scheduled continuously between now and the conference itself: * SPEAKER UPDATE: Confirmed speakers at publishing date are Hiroshii Ishi, and Stephen Perrella ('Architecture at the End of Metaphysics' studio) *Conference Programme Friday 4 November 08:00-10:00 Registration 10:00-12:30 Plenary 15:00-18:00 Plenary 19:00 Reception Saturday 5 November 08:30-10:00 Breakfast Round Tables 10:00-12:30 Plenary 15:00-18:00 Plenary 19:00 Reception Sunday 6 November 08:30-10:00 Breakfast Round Tables 10:00-12:30 Plenary 15:00-18:00 Plenary *Breakfast Round Tables On both 5 and 6 November, about 25 different 'breakfast round tables' will be held between 08:30-10:00. Each table will consider a different topic or presentation - some programmed in advance, others decided on the day. Many but not all the discussions will be led by a speaker or a moderator. An extra charge of Dfl 25 per breakfast is payable for participation. Register now to participate. If that day is fully booked by the time of your registration, we will book the other day and notify you with your confirmation. *Registration and hotel service For more INFORMATION about REGISTRATION, plus details of HOTEL service: Sonja van Piggelen Tel: +31 20 61 70 390 Fax: +31 20 61 74 679 e-mail: modam at xs4all.nl REGISTRATION FEES (in Dutch Guilders, or 'Dfl') exclude accomodation but include attendance at all conference sessions apart from the breakfast round tables. The fees also include evening receptions, morning and afternoon tea and coffee, and conference documentation. The conference sells out, and places are limited, so please do not come without a reservation. Applications are processed in order received. *REGISTRATION FORM* Name: Company: Function/Profession: Street address: City: ZIP Code: Country: Telephone: Fax: E-mail: Student card number: School/Institution: Date: PLEASE MENTION WHICH NUMBER (=OPTION) YOU CHOOSE: # ... Standard rate to 1 October 1) Excluding breakfast round tables: Dfl 575,- 2) Including one breakfast round table Saturday: Dfl 600,- 3) Including one breakfast round table Sunday: Dfl 600,- Standard rate after 1 October 4) Excluding breakfast round table: Dfl 625,- 5) Including breakfast round table Saturday: Dfl 650,- 6) Including breakfast round table Sunday: Dfl 650,- Student rate to 1 October 7) Excluding breakfast round table: Dfl 225,- 8) Including breakfast round table Saturday: Dfl 250,- 9) Including breakfast round table Sunday: Dfl 250,- Student after 1 October 10) Excluding breakfast round tables: Dfl 275,- 11) Including breakfast round table Saturday: Dfl 300,- 12) Including breakfast round table Sunday: Dfl 300,- *I HEREBY REGISTER and pay via: #... a) Diners Club b) Visa c) Eurocard/Mastercard d) American Express e) JCB Credit card No: Expire Date: Card holder's name: Card holder's address: Zipcode: f) (NL only): ABN Amro 43 36 80 407 o.v.v. DoP, of per giro nr. 2391 van de ABN Amro t.g.v. 43 36 80 407 o.v.v. DoP * PLEASE SEND an invoice (you will receive confirmation and your ticket, after payment of the full amount) CANCELLATION: refund in full only if you cancel in writing by 21 October -- Mediamatic Postbus 17490 1001 JL Amsterdam vox +31 - 20 626 6262 fax +31 - 20 626 3793 From ghio at kaiwan.com Mon Sep 5 08:40:43 1994 From: ghio at kaiwan.com (Matthew Ghio) Date: Mon, 5 Sep 94 08:40:43 PDT Subject: Ethics of Anonymous Remailers (Re: Needed for a computer ethics class) Message-ID: <9409051540.AA15978@toad.com> > Date: Fri, 2 Sep 1994 11:09:40 -0600 > From: Patrick Juola > To: cypherpunks at toad.com > Subject: Needed for a computer ethics class > > > Does anyone have a concise, citeable statement about why anonymous > remailers are a good thing? Some sort of position statment by > Julf would be ideal. Similarly, if anyone has something for the > *other* side of the coin, I'd love to see that. > > I'm in the process of writing a course on computer ethics for > the University of Colorado at Boulder and I think anonymous > remailers would be a good subject for an essay assignment, but > I need enough material (ideally, primary source material) to > lay the groundwork first. > > Patrick No, but it's something that I often get asked. I would be interested to hear examples of good things that people are using my anonymous remailer for. From jburrell at crl.com Mon Sep 5 10:16:28 1994 From: jburrell at crl.com (Jason Burrell) Date: Mon, 5 Sep 94 10:16:28 PDT Subject: Ethics of Anonymous Remailers (Re: Needed for a computer ethics class) Message-ID: <199409051715.AA10707@mail.crl.com> > >No, but it's something that I often get asked. I would be interested to hear >examples of good things that people are using my anonymous remailer for. Take Pr0duct Cypher, for example. Many believe that what (s)he's doing(*) is a Good Thing, and I've seen him/her using the Cypherpunk remailers to conceal his/her identity. * If you don't know, (s)he's the person who wrote PGPTOOLS, and a hack for PGP 2.3a to decrypt messages written with 2.6. I assume (s)he's doing it anonymously due to ITAR regulations. --- Hey Feds! How's it goin'? (LIke you're not reading the list. :) -- Jason Burrell Finger for PGP public key. There is no such thing as limited censorship. If you want your freedom, fight now. Don't wait until you've lost it. WWW: ftp://ftp.crl.com/users/ro/jburrell/WWW/home.html From cwalton at earthlink.net Mon Sep 5 12:57:02 1994 From: cwalton at earthlink.net (Conrad Walton) Date: Mon, 5 Sep 94 12:57:02 PDT Subject: Reputations/Credentials Message-ID: At 11:17 PM 9/4/94 -0700, James A. Donald wrote: >The objective is to go to a system where good conduct is >enforced by the non material and unquantifiable value of >reputations, rather than a system where good >conduct is enforced by coercion. > >Credentials are not reputations. Any attempt to make reputations >more precise, objective, and knowable, will turn them into >credentials, which are incapable of achieving the desired >effect. I'm afraid I don't understand what you guys are talking about. My wife and I bought a car on Saturday. We drove it away, based on what the dealer's computer printedout from his TRW inquiry. My personal credit (tied to my Social Security Number)is terrible. My wife's is pristine. We used hers. (Is this "transference of reputation? Could *I* use a couple different SSNs for different "reputations"?) They asked about how much $$$ she makes, how long we've lived in our house and looked at the record of payments on other loans. They took a copy of her driver's license (credentials?) and TRW calculated a "risk factor" for us. It was a specific number, between 1-1000. This sounds like a reputation kept by a third party (escrow agent?) to me. My actions (good conduct) will be based on (enforced?) by the non material and semi-quantifiable value of the TRW credit report, not coercion (I want more stuff in the future). TRW seems like a "reputation reporting agency". I can take a copy of that print out into another bank and get another loan if I wanted. Is that a "credential"? What's the difference? and what are the implications of the difference? Give me a better model to illustrate what you think would be better or worse. Drug dealers only need cash and a gun to make transactions while they keep totally anonymous. Futures traders need a credit line and a government registered agent to work through and have *no* privacy, but more money than I'll ever make. >By calling a credential a reputation, we imply that it automatically >has value. Of course it does not. But this is like saying that a credit card has no value. While this is technically true, in reality, where I live, I can turn that credit card into food, gas, stereos and computers. If I don't pay my bill at the end of the month, they won't give me anymore stuff. Reputations *and* credentials both have nothing to do with the value, worth or character of a person, but I don't think the car dealer cares if I kick my dog, only if I pay my bills. PS- I lost the note about Sandy's Privacy Seminar. Did I miss it? ***************************************** Conrad Walton cwalton at earthlink.net ***************************************** Without JOY there can be no STRENGTH. Without STRENGTH, all other virtures are worthless. Edward Abbey From rarachel at prism.poly.edu Mon Sep 5 13:43:19 1994 From: rarachel at prism.poly.edu (Arsen Ray Arachelian) Date: Mon, 5 Sep 94 13:43:19 PDT Subject: Needed for a computer ethics class In-Reply-To: <199409021709.LAA00722@suod.cs.colorado.edu> Message-ID: On Fri, 2 Sep 1994, Patrick Juola wrote: > Does anyone have a concise, citeable statement about why anonymous > remailers are a good thing? Some sort of position statment by > Julf would be ideal. Similarly, if anyone has something for the > *other* side of the coin, I'd love to see that. 1. They allow the reporting of evil practices by big companies/government 2. They allow the dissemination of "forbidden" information. ie: under an opressive government, etc. 3. They allow the sender to ask a question which would destroy his/her reputation for whatever. > > I'm in the process of writing a course on computer ethics for > the University of Colorado at Boulder and I think anonymous > remailers would be a good subject for an essay assignment, but > I need enough material (ideally, primary source material) to > lay the groundwork first. You're not in any way related to Detweiler are you? :-) =============================================================================== | + ^ + || ' . . . . . . . Ray (Arsen) Arachelian || | \|/ || . . . ' . ' . : . . rarachel at photon.poly.edu || |<--+-->||. . . |' '| .' . . ... ___ sunder at intercom.com || | /|\ || . . \___/ . . . : .... __[R] || | + v + || . oOOo /o.O\ oOOo :. : .. |A| "And bugs to kill before I sleep"|| =========/---vvvv-------VVVV------------|I|----------------------------------/ / . : . ' : ' |D| This signature pannel is / / The Next Bug to kill(tm) --- now open. / /___________________________________________________________________/ GCS d++(---)(-) H s+++/++ !g !p !au a- w-(+) (!v | v) C+++++ Coherent++++ L+ 3 C+ V+ P? E- N++ K- W W--- M++ V-- po- Y+++ t:[tos+, tng--, ds9+] 5 !j !R G? tv+ b+++ D+ B--- e+(- | *) u--- h+++ f+(++) r++ n+(---) x**(++) From 7CF5048D at nowhere Mon Sep 5 14:50:21 1994 From: 7CF5048D at nowhere (7CF5048D at nowhere) Date: Mon, 5 Sep 94 14:50:21 PDT Subject: How to find a primitive root of unity, for Diffe-Hellman? Message-ID: <199409052037.AA04009@xtropia> -----BEGIN PGP SIGNED MESSAGE----- > >How do I choose constants suitable for Diffe-Hellman? >According to _Applied Cryptography_ n should be prime, >also (n-1)/2 should also be prime. g should be a primitive >root of unity mod n. n should be 512 or 1024 bits long. >Are there any other requirements? > >How can I choose such numbers? Are such numbers published >anywhere? > Ok let me take a stab at finding g assuming n has been choosen to meet the above requirements. (I hope my math is still good.) Let Zn be the field defined by the prime n. Let G be the multiplicitive group defined in Zn. So |G| = n-1. Now n is large so 1 is not equal to -1 in Zn. Let N be { 1, -1} in G. It is a subgroup. Zn is abielian so it is Normal. We can consider the canoical map: G ---> G/N The order of G/N will be (n - 1)/2 which we are assuming to be prime. G/N is a cyclic group with no non trivial subgroups. Every element not = 1 is a generator. Pulling back to G we find that if g is not a root of unity, then the other member of its co-set = -g is! So take any g and raise to (n-1)/2 power. The result will be equal to 1 or -1. g raised to any lower power will not be equal to 1 or -1. Since (n-1)/2 is a large prime, it is odd. So if g to the (n-1)/2 is = to 1, then - -g to the (n-1)/2 = -1. So we can find a g which raised to the order (n-1)/2 power is = to -1. So g to the (n-1) power is =1 and g is a primitive root of unity. Have I made any errors? Did I get it right? -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLmt8dw2Gnhl89QSNAQHzmAP9GUGAmFcbgMyWxKtrzEvQYJS33FXGoGmr w4rXblv14lkwJX32hpoRKmicm3bdND2OPGgmM4EefGYggj+iCI+NU+l6II+MxhjY C4Rk3Xjn59H81FhNdfcNqOU9AirjwMBSqKzYtNCfbedB6HuQDCTeLSU5pjI5PSEQ wvFP7F3i5rY= =0r8J -----END PGP SIGNATURE----- From tcmay at netcom.com Mon Sep 5 15:00:56 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 5 Sep 94 15:00:56 PDT Subject: Art Gallery on internet needs PGP signatures In-Reply-To: Message-ID: <199409052200.PAA15039@netcom14.netcom.com> Arsen Ray A. wrote: > Now the question I have is what if the forgery is done so well, would it > fool the scanner and pass the signature? ie: What if you take a picture > of the painting or part or whatever using high resolution film, etc. > Would it pass the signature? I don't know (but I'll make some speculative/engineering guesses), as I never saw the system...like I said, I heard a verbal description of it some years back (from Jim Omura, of Cylink, now famous for suing RSADSI). First, photo-reproduced art is almost never confused with the real thing. Surface texture, brush strokes, light at different angles, etc. Second, I could imagine the scanner system using light at two or more angles specifically to provide better protection against forgeries. (In the intended main applicaiton, that of detecting machine part forgeries, the pattern of natural scratches and abrasions, and grains/regions in the metal, would be essentially impossible to mechanically reproduce. Not completely impossible, but very difficult, and hence not cost-effective.) Anyone interested in pursuing this may be find out if Light Signatures still exists. Omura may know, and someone at RSADSI probably would have records of their licensing arrangements. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From M.Gream at uts.EDU.AU Mon Sep 5 15:50:41 1994 From: M.Gream at uts.EDU.AU (Matthew Gream) Date: Mon, 5 Sep 94 15:50:41 PDT Subject: How do I choose constants suitable for Diffe-Hellman? In-Reply-To: <199409051528.KAA07031@chaos.bsu.edu> Message-ID: <9409052253.AA19774@acacia.itd.uts.EDU.AU> "Matthew Ghio" wrote: > Yes, Phil Karn posted a list of such numbers to the list last May, and > the program used to generate them. Since some people have expressed > their distaste for large files re-posted/forwarded to the list, I won't > send it, but you can get it from ftp cs.cmu.edu: > /afs/andrew.cmu.edu/usr12/mg5n/public/Karn.DH.generator I needed a few of these primes a while ago, so I took a few minutes and hacked Phil's code to operate distributed (ie. a central machine carried out the sieving and handed off candidates to a set of other machines to do the Rabin-Miller). With one Sun Sparc 690MP and approx 40 Sun Sparc LX's, it was getting results like: acacia: 7:21pm up 2:05, 20 users, load average: 0.95, 0.98, 0.77 mg.{~/static/d/dist} date;./go;date Sun Jul 24 19:21:57 EST 1994 [..] server calls: 7235 found modulus p = 72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743efbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402aa76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f23d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef356a05180c3bec7ddd5ef6fe76bfd8717 finding generator trying 2 3 5 generator g = 5 Sun Jul 24 21:10:18 EST 1994 That's 2 hours for a 2048 prime P where (P - 1)/2 is also prime, and they also satisfied the constraint that P = 3(mod 4). The software maintains a TCP connection to each "Rabin-Miller server" and can dynamically deal with the loss of machines, but in it's simplicity doesn't do reconnects. If anyone who operates an FTP archive wants to reply to me, I'll tar it up (in it's current "it works for me, but no guarantees" state). Speaking of primes with constraints, I got my hands on Harn's recent paper on a PKCS based on both factoring and discrete logs. He wants his modulus to be a prime P = 2p x q + 1, where p = 2r + 1, q = 2s + 1. All P, q, q, r, s must be prime -- good luck in finding such primes by probablistic methods ! Matthew. mg.{~/src/rr} ls -l total 26 -rw------- 1 mgream 8339 Jul 24 14:17 client.c -rw------- 1 mgream 2196 Jul 24 15:00 common.h -rw------- 1 mgream 6028 Jul 29 13:35 dhgen.c -rwx------ 1 mgream 270 Jul 24 14:58 go -rw------- 1 mgream 527 Jul 24 14:58 makefile -rw------- 1 mgream 3041 Jul 29 14:50 server.c -rw------- 1 mgream 367 Jul 24 14:26 servers.src -- Matthew Gream -- Consent Technologies, (02) 821-2043 Disclaimer: From? \notin speaking_for(Organization?) [cfqx103] From sandfort at crl.com Mon Sep 5 16:18:19 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 5 Sep 94 16:18:19 PDT Subject: PRIVACY 101 Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Conrad Walton wrote: ... PS-I lost the note about Sandy's Privacy Seminar. Did I miss it? Nope, no one did. Due to circumstances beyond *my* control, Duncan has been out of town for the last few days (he should return today). He is running the list software and will be starting things out tomorrow (probably). Thanks for your patients. Stay tuned. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From sandfort at crl.com Mon Sep 5 16:35:51 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 5 Sep 94 16:35:51 PDT Subject: NYC C'PUNKS MEETING? Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks in the New York City area, Are you interested in having a Cypherpunks physical meeting at (aprox.) the same time as the SF Bay Area Meeting? Is there anyone in the area who can volunteer a venue? Alison Armitage of Acapulco H.E.A.T. wants to attend. Please let me know your thoughts via private e-mail. Please include your phone number. Thanks, S a n d y P.S. I lied about Alison Armitage. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From sdw at lig.net Mon Sep 5 16:42:39 1994 From: sdw at lig.net (Stephen D. Williams) Date: Mon, 5 Sep 94 16:42:39 PDT Subject: Problems with anonymous escrow 2--response In-Reply-To: <199409050428.VAA26284@netcom15.netcom.com> Message-ID: stop stop , please, I knew what he was doing.... :-) I just had to comment on the unorthodox (unfortunately) tact. While I don't like to be forced to be overly formal, I find it strange that some people get upset during a strenuous argument. I 'grew up' corporately at a GE research lab (LBG) where you argued things strenuously and then walked away friends. Personal attacks are an obvious sign of defeat, since you are admitting you have nothing of substance to profer. Unfortunately, my wife doesn't treat arguments/debate the same way... sdw -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 513 496-5223APager LIG dev./sales Internet: sdw at lig.net OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Comm. Consulting ICBM: 39 34N 85 15W I love it when a plan comes together Newbie Notice: (Surfer's know the score...) I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru. From jamesd at netcom.com Mon Sep 5 17:31:58 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 5 Sep 94 17:31:58 PDT Subject: Reputations/Credentials In-Reply-To: Message-ID: <199409060031.RAA10617@netcom10.netcom.com> Conrad Walton writes > I'm afraid I don't understand what you guys are talking about. My wife and > I bought a car on Saturday. We drove it away, based on what the dealer's > computer printedout from his TRW inquiry. My personal credit (tied to my > Social Security Number)is terrible. My wife's is pristine. We used hers. > (Is this "transference of reputation? No. > Could *I* use a couple different SSNs > for different "reputations"?) Recently some tenants appeared to have a fictitious history. My wife ridiculed my suspicions - after all they have real social security numbers -- they cannot cheat. Needless to say, their history was fictitious, and I have no idea how they managed it. Perhaps Duncan can elucidate. So yes, you can, and some people apparently do, use multiple social security numbers for multiple reputations. This is of course, dishonest, since you are misrepresenting yourself to the landlord or bank. Misrepresenting yourself to the IRS is completely honest, because the IRS has no right to ask the questions that it demands answers to, under threat of violence. Furthermore most landlords make this distinction also, though not necessarily on the same philosophical grounds as I do. I do not know if banks make that distinction. On the other hand multiple corporate identities are fine - I used to be several different companies, and nobody gets upset provided you refrain from running the companies through profitable bankruptcies. There is nothing wrong with making it difficult for people to cross reference information from one of your activies to another of your activities. But if you say you are revealing information about your activities, and you are concealing it, then that is dishonest. > My actions (good conduct) will be based on (enforced?) by the non material > and semi-quantifiable value of the TRW credit report, not coercion (I want > more stuff in the future). TRW seems like a "reputation reporting agency". > I can take a copy of that print out into another bank and get another loan > if I wanted. Is that a "credential"? Exactly so. > What's the difference? and what are > the implications of the difference? The printout is a credential. The reputation is how impressed the banks are by your credentials. The implication of making a distinction is that clever use of cryptographic signatures and the like on credentials will not make the credentials worth anything. A credential will only be of value to the extent that it impairs privacy. The objective therefore must be to maintain privacy against uninvited third parties and make privacy impossible against invited parties. More realistically, we must reveal what invited parties wish to know, without revealing what uninvited parties might wish to know. > Give me a better model to illustrate what you think would be better or > worse. Drug dealers only need cash and a gun to make transactions while > they keep totally anonymous. Futures traders need a credit line and a > government registered agent to work through and have *no* privacy, but more > money than I'll ever make. All the models you give are excellent. The drug dealers transaction is strictly local, and therefore can be completely anonymous. Unfortunately complete anonymity and the lack of a storefront means that loss of reputation is no problem. Thus punishments for misconduct also have to be local, hence the gun. This suggests that people doing business in cyberspace cannot be anonymous from each other, although their real physical identity and physical location may be hidden, making them difficult to coerce. The futures transaction is non local, and is backed both by reputation and state coercion. In some markets the transaction is backed only by reputation. In others, such as China and Vietnam, arbitrary government coercion randomly prevents people from carrying through the deals that they have made. > > By calling a credential a reputation, we imply that it automatically > > has value. Of course it does not. > But this is like saying that a credit card has no value. While this is > technically true, in reality, where I live, I can turn that credit card > into food, gas, stereos and computers. If I don't pay my bill at the end of > the month, they won't give me anymore stuff. Credentials support a reputation, and a reputation enables one to obtain a credential, yet chickens are not eggs. If one defines chickens to be eggs, one will have difficulty roasting a chicken. The difference between your credit card and your reputation is that if you lose your credit card it will be replaced, but if you lose your reputation they will cut up your credit card the next time your proffer it. > Reputations *and* credentials both have nothing to do with the value, worth > or character of a person, but I don't think the car dealer cares if I kick > my dog, only if I pay my bills. Quite so. From hfinney at shell.portal.com Mon Sep 5 17:41:48 1994 From: hfinney at shell.portal.com (Hal) Date: Mon, 5 Sep 94 17:41:48 PDT Subject: \"Reputations\" are more than just nominalist hot air In-Reply-To: <199409041853.LAA17023@netcom7.netcom.com> Message-ID: <199409060041.RAA15683@jobe.shell.portal.com> jamesd at netcom.com (James A. Donald) writes: >Hal seems to be asking questions which implicitly define >a reputation to be some kind of credential. I tried to post something on this last night, but Toad apparently hiccupped and lost it. My suggestion was that we do not discuss "reputations", where I think James is right that the term already refers to an opinion someone holds in his mind, but rather "reputation capital" or perhaps "reputation credentials", which are information structures which may be used to establish or support a reputation. The example I used last night was that "reputation capital" is not "reputation" any more than the "liberty bell" is "liberty". Then perhaps we can avoid arguing about what a reputation is, and instead focus on the interesting issue of what the role of cryptography will be in establishing reputations in a possibly-pseudonymous business network. Hal From werewolf at io.org Mon Sep 5 18:03:48 1994 From: werewolf at io.org (Mark Terka) Date: Mon, 5 Sep 94 18:03:48 PDT Subject: Remailer at Wein? Message-ID: Is the remailer at remailer at ds1.wu-wein.ac.at up and running? Test messages to that site kept bouncing. Also, how do I get ahold of that remailer's public key for encrypting messages through them? -------------------------------------------------------------------------- Mark Terka | werewolf at io.org | public key (werewolf) by Toronto,Canada | dg507 at cleveland.freenet.edu | public key server or request --------------------------------------------------------------------------- From hibbert at netcom.com Mon Sep 5 18:05:12 1994 From: hibbert at netcom.com (Chris Hibbert) Date: Mon, 5 Sep 94 18:05:12 PDT Subject: Reputations/Credentials In-Reply-To: Message-ID: <199409060105.SAA08869@netcom6.netcom.com> I'm not going to quote Conrad Walton point-by-point, but I'm responding to the message in which he asks how what TRW provides relate to what we mean by reputations and credentials. What TRW does is to collect information from others about their beliefs about others and their history of dealings with them. TRW then provides a summary giving their opinion. They do it in an automated way, and provide a numerical rating as the output. Equifax, TransUnion and Dunn&Bradstreet provide a similar service, but depend on different sources, and combine the information in different ways. I doubt if any of them would tell you what their formula is. I think what other c'punks writing on this topic have objected to is the notion that someone might create *a* calculus that would describe *the* proper way for rating services to do their job. Reputations are people's opinions, and how you add them up depends on your beliefs about the opinion-holders. I'm not sure that credentials are different in that respect. The way credentials should be different is that they should tell you what opinion they're intended to represent. Does your signature on my key indicate that you believe that I'm a real person with the name I use, or just that I am the person who used that name last year? Reputations are subjective. Credentials are codifications about beliefs. They say that X believes Y about Z. It might be useful to codify what the different useful Y's are, but I find it hard to see how there could be a general formalism for composing statements like these. Chris From werner at mc.ab.com Mon Sep 5 18:13:05 1994 From: werner at mc.ab.com (tim werner) Date: Mon, 5 Sep 94 18:13:05 PDT Subject: Reputations/Credentials Message-ID: <199409060110.VAA05999@sparcserver.mc.ab.com> >Date: Mon, 5 Sep 1994 12:56:53 -0800 >From: cwalton at earthlink.net (Conrad Walton) > >Give me a better model to illustrate what you think would be better or >worse. Drug dealers only need cash and a gun to make transactions while >they keep totally anonymous. I used to carry a Swiss Army knife, myself (because of the corkscrew), and a lot of the transactions were based on credit. Reputation was very important, whether dealing in cash or not, and I never dealt with anyone I didn't know and trust. tw From lcottrell at popmail.ucsd.edu Mon Sep 5 18:24:34 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Mon, 5 Sep 94 18:24:34 PDT Subject: Random number workbench Message-ID: <199409060124.SAA23028@ucsd.edu> I was just wondering if something like a random number workbench exists? I am looking for some implimentations of randomness tests that I can run on the output of pseudo-random and random number generators that I am working on. Is there a ftp site where I can get something of this sort? If not, what sort of demand would there be for one if I were to write it? Lance -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From schulz at omcron.uleth.ca Mon Sep 5 19:14:52 1994 From: schulz at omcron.uleth.ca (Tom Schulz) Date: Mon, 5 Sep 94 19:14:52 PDT Subject: Punk Rock Zine Message-ID: <9409060120.AA09488@omcron.uleth.ca> Hi Me and some friends of mine are compiling a punk rock fan zine, and i wish to include a section outlining public key cryptography, the cypherpunks as a group, etc. I was wondering if anybody had any press releases, or short (like 1 page) RSA or PGP articles or that sort of thing. It won't be a huge spread or anything, but it will be positive nondigitial media press for cypherpunkism. I am not a current list member, so please email me at schulz at omcron.uleth.ca TOM SCHULZ From mschruf at metronet.com Mon Sep 5 19:47:35 1994 From: mschruf at metronet.com (Michael Schruf) Date: Mon, 5 Sep 94 19:47:35 PDT Subject: Remailer at Wein? In-Reply-To: Message-ID: <199409060249.AA16733@metronet.com> > > Is the remailer at remailer at ds1.wu-wein.ac.at up and running? Test > messages to that site kept bouncing. > > Also, how do I get ahold of that remailer's public key for encrypting > messages through them? > > -------------------------------------------------------------------------- > Mark Terka | werewolf at io.org | public key (werewolf) by > Toronto,Canada | dg507 at cleveland.freenet.edu | public key server or request > --------------------------------------------------------------------------- > The address you typed above contains a typo. Correct is: remailer at ds1.wu-wien.ac.at ^^ (Wien = Vienna) I hope that solves the first part of your problem. Michael M. Schruf mschruf at metronet.com From juola at suod.cs.colorado.edu Mon Sep 5 21:57:24 1994 From: juola at suod.cs.colorado.edu (Patrick Juola) Date: Mon, 5 Sep 94 21:57:24 PDT Subject: Needed for a computer ethics class Message-ID: <199409060324.VAA04179@suod.cs.colorado.edu> > I'm in the process of writing a course on computer ethics for > the University of Colorado at Boulder and I think anonymous > remailers would be a good subject for an essay assignment, but > I need enough material (ideally, primary source material) to > lay the groundwork first. You're not in any way related to Detweiler are you? :-) Nope, 'fraid not. Never even met the "gentleman," as it happens. I'm sure that whoever is running the Medusa style-analyzer can bear me out on that. 8-) (That and the fact that I've been on cypherpunks for nearly a year now, and Detweiler's not subtle enough to keep his tentacles quiet for that long. Feeling paranoid?) Maybe I didn't make myself clear enough on the question. I don't need to be convinced that remailers are a Good Thing. I already believe it. On the other hand, [I feel] it's more professional to point the students on magazine articles, FAQ's, and stuff and to let them draw their own conclusions about the inherent Rightness of anonymous Email than to simple proseletyze at them, which never works. So I'm looking for material *external* to what I'm presenting them directly, rather than simply arguments, which I can make in the course of the class. Patrick Patrick From cwalton at earthlink.net Mon Sep 5 22:09:07 1994 From: cwalton at earthlink.net (Conrad Walton) Date: Mon, 5 Sep 94 22:09:07 PDT Subject: \"Reputations\" are more than just nominalist hot air Message-ID: At 5:41 PM 9/5/94 -0700, Hal wrote: > >Then perhaps we can avoid arguing about what a reputation is, and instead >focus on the interesting issue of what the role of cryptography will be >in establishing reputations in a possibly-pseudonymous business network. I think the distinction between "reputation" and "credential" is an important one in this context. I would be interested in discussing "the interesting issue of what the role of cryptography will be in establishing in a possibly-pseudonymous business network", i.e. TRW credit reports, drivers licenses, or ATM cards (all of which may or may not be tied to a reputation or to a valuable, wonderful person - doesn't matter to me. Will I get my money outta the deal?). ***************************************** Conrad Walton cwalton at earthlink.net ***************************************** Without JOY there can be no STRENGTH. Without STRENGTH, all other virtures are worthless. Edward Abbey From werewolf at io.org Mon Sep 5 22:19:27 1994 From: werewolf at io.org (Mark Terka) Date: Mon, 5 Sep 94 22:19:27 PDT Subject: How Did This Get Done? Message-ID: Ok...ok....ignore the content of the following. I'm not interested in flames about narrow mindedness or whatever, I'm just interested in how the poster was able to pull the following off.... I picked this up from a post in alt.sex.stories (and yeah....man does not live on talk.politics.crypto alone :>) : ---------------------------------------------------------------------------- Path: io.org!sun.cais.com!news.sprintlink.net!tequesta.gate.net!sysop From: no_more_faggots at faggots.must.die.com <===== Is this a trick? Newsgroups: alt.sex.stories Subject: NO MORE FAGGOT STORIES! Date: 5 Sep 1994 21:13:00 GMT Lines: 1 Message-ID: <34g1ks$jn1 at tequesta.gate.net> NNTP-Posting-Host: hopi.gate.net NO MORE FAGGOT STORIES DAMMIT ----------------------------------------------------------------------------- How the hell did the poster "customize" his address to ...ummm...fit the post??? From mpd at netcom.com Mon Sep 5 23:07:01 1994 From: mpd at netcom.com (Mike Duvos) Date: Mon, 5 Sep 94 23:07:01 PDT Subject: How Did This Get Done? In-Reply-To: Message-ID: <199409060606.XAA13709@netcom6.netcom.com> The "From" line of a news post may be any arbitrary text. Although most newsreaders insert truthful information, you can post anything you like if you interface with the posting agent personally. You can telnet to any NNTP server on the Net that does not reject your connection and post anything you wish. The "Path" information should give you some idea of where the post originated. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd at netcom.com $ via Finger. $ From M.Gream at uts.EDU.AU Tue Sep 6 00:05:52 1994 From: M.Gream at uts.EDU.AU (Matthew Gream) Date: Tue, 6 Sep 94 00:05:52 PDT Subject: Aust crypto regulations Message-ID: <9409060707.AA01997@acacia.itd.uts.EDU.AU> Well, fuck that for thinking I was living under a less restrictive regime -- and I can say goodbye to an international market for my software. ---- begin include ---- From: M.Gream at uts.edu.au (Matthew Gream) Newsgroups: aus.computers.ibm-pc,alt.security.pgp Subject: Re: PGP for Oz users Date: 6 Sep 1994 06:44:14 GMT Matthew Gream (M.Gream at uts.edu.au) wrote: > That sounds bogus to me, at least from the information you've given me > there. I've had the pleasure of being routed from our `Australian Trade [..] > I'm fairly confident in saying that there are no export restrictions on > software (specific clause stating that mass market, public domain and > "unsupported after installation" software is not covered by the > Industrial List). There do exist restrictions on hardware. All of these > restrictions are a direct result of our adherence with COCOM > regulations. I'm afraid I have to post a clarification to a clarification. I've just been in contact with the relevant people at the Defence Signals Directorate. It seems that regardless of advice obtained from other departments and documentation that points to the contrary, there are restrictive controls on software. In my conversation, the following was articulated (she was refering to the same document as previously mentioned [1]): 1. The "General Software Note" on Page 1-6 of [1] does not override the regulations in "Category 5: Telecommunications and `Information Security'", specifically s.5.A.2 and s.5.D.2. This means that they assert control over all forms of software _including_ public domain. I tried to pin-point what the "General Software Note" is for then, but didn't receive an acceptable answer. 2. DES can only be exported for specific banking and associated applications, even then only to 8 governments and certain banking groups. They accept RSA for export where it's used in Key Distribution applications. In essence, there is a list of specific uses for certain algorithms. 3. Message digests are in general OK, so long as they can't be modified to perfom cryptographic functions (ie. encryption/decryption). 4. Export is regulated on a per end user basis. In order words, they assert control over _each_ item of software sold. 5. The fact that COCOM is in a "forum" period does not affect the current regulations. 6. I specifically asked about "public domain" distribution of software via the Internet. She said that this was "highly inadvisable" and "if our government found out about it, they could take action" and asserted that it would be worse for an individual than if the violation was carried out by a company. She said that she wouldn't like someone to become a "test case", and made mention of problems in the USA. She was extremely helpfull though, but the real problem I had, and I spent most of my time on this, was that these requirements aren't solidified anywhere, and hence subjective. I'm not really surprised though, that's the whole point of it all. I wasn't concerned about "weak crypto", only DES, IDEA, RSA, MD* and locally produced algorithms. In short: Anything cryptographic, they want to know about, and they want to know about it on a per end-user basis. They advise against distribution on the "Internet" and any distribution without prior approval otherwise there could be "problems". Matthew. [1] "Australian Controls on the Export of Technology with Civil and Military Applications", Aust Dept of Defence, Sept 1992. -- Matthew Gream -- Consent Technologies, (02) 821-2043 Disclaimer: From? \notin speaking_for(Organization?) [cfqx103] ---- end include ---- -- Matthew Gream -- Consent Technologies, (02) 821-2043 Disclaimer: From? \notin speaking_for(Organization?) [cfqx103] From wcs at cbnewsh.att.com Tue Sep 6 00:56:28 1994 From: wcs at cbnewsh.att.com (wcs at cbnewsh.att.com) Date: Tue, 6 Sep 94 00:56:28 PDT Subject: Micro Power Broadcasting Meeting/Picnic & Workshops In-Reply-To: <34ahf1$qgb@crl7.crl.com> Message-ID: <9409060755.AA02794@ig1.att.att.com> The following article in alt.society.anarchy touched on some issues that have been occasionally discussed here in cypherpunks. (I'm temporarily disconnected from receiving cypherpunks until my mail addresses get straightened out - sigh.) Bill ------- In article <34ahf1$qgb at crl7.crl.com> somebody writes: ] ]You are invited to a meeting of the Free Communications Coalition on ]Sunday, September 11. It will be held in Berkeley at 809 B Allston Way ](two blocks south of University Ave. between 6th and 5th) from 12 noon to ]2 PM. A potluck vegie picnic will follow at a nearby park complete with a ]live micro power broadcast. Members of the Free Communications Coalition ](the peoples' FCC) include San Francisco Liberation Radio, Radio Libre, ]Free Radio Berkeley, National Lawyers Guild Committee on Democratic ]Communications and other micro power practioners and supporters. Help ]plan the fall/winter campaign to take back the airwaves. ] ]Two workshops on micro power broadcasting are scheduled for the Bay ]Area. The first one will be held in Berkeley at the Long Haul, 3124 ]Shattuck Avenue on Saturday, September 24. New College, 777 Valencia in ]San Francisco will be the site of the second workshop on Saturday, ]October 8. Both workshops will start at 11 AM and run until about 4 PM. ]A donation of $5-$25 is requested. Materials and info will be provided. ]Learn how to put your own micropower station on the air. ] ]Listen to San Francisco Liberation Radio 93.7 on the air every night ]covering the western portion of SF, north and west of Twin Peaks. Radio ]Libre 103.3 is on every night from the Mission District covering an area ]east of Twin Peaks. Free Radio Berkeley returns to the air on Sunday, ]September 4 at 8 PM on 104.4 ] ]For further information, contact Free Radio Berkeley / Free ]Communications Coalition. You can request a current copy of our ]newsletter and list of the kits we offer. ] ]Email: frbspd at crl.com ] ]Snail: FRB, 1442 A Walnut St., #406, Berkeley, CA 94709 ] ]Voice mail: (510) 464-3041 ] ] -- # Bill Stewart AT&T Global Information Solutions (new name for NCR!) # 6870 Koll Center Pkwy, Pleasanton CA 94566 1-510-484-6204 fax-6399 # Email: bill.stewart at pleasantonca.ncr.com billstewart at attmail.com # ViaCrypt PGP Key IDs 384/C2AFCD 1024/9D6465 Digital Telephony Initiative - the price of liberty is eternal vigilance! From pstemari at bismark.cbis.com Tue Sep 6 05:25:22 1994 From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) Date: Tue, 6 Sep 94 05:25:22 PDT Subject: PGP 2.6.1 release from MIT In-Reply-To: <2E67949E@microcosm.SanDiegoCA.NCR.COM> Message-ID: <9409061224.AA12502@focis.sda.cbis.COM> > > This new version has a lot of bug fixes over version 2.6. I hope this is > > the final release of this family of PGP source code. We've been working > > on an entirely new version of PGP, rewritten from scratch, which is much > > cleaner and faster, and better suited for the future enhancements we have > > planned. All PGP development efforts will be redirected toward this > > new code base, after this 2.6.1 release. > > Anyone have an idea of what these "enhancements" will be? New data formats? Or when they will be available? I tried FTPing them over the weekend and only found the 2.6.0 version. --Paul From pstemari at bismark.cbis.com Tue Sep 6 05:41:10 1994 From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) Date: Tue, 6 Sep 94 05:41:10 PDT Subject: NY Times Fears C'punks In-Reply-To: <940903.152223.7n1.rusnews.w165w@sendai.cybrspc.mn.org> Message-ID: <9409061240.AA12614@focis.sda.cbis.COM> > > Big Brother is dead. The only serious likelihood of his resurrection > > lies in reaction to the chaos and disintegration that an era of Little > > Brothers might bring. > > Is this the NYT being out of touch, or are they just showing off their > tentaclehood? To me, that reads like a threat against those who oppose > the Government Private Agenda. No, I wouldn't say that. What they're predicting there is that the massive state will die, smaller groups and cults (ala the Assassins) will replace it with non-territorial based fighting, and that the reaction to the abuses of the smaller groups and cults will cause a popular demand for a resurrection of the big Brother-style govt. It's an interesting thought, but I don't see that Big Brother is on his deathbed, which is their starting premise. From spaceman.spiff at calvin.hobbes.org Tue Sep 6 06:14:39 1994 From: spaceman.spiff at calvin.hobbes.org (spaceman.spiff at calvin.hobbes.org) Date: Tue, 6 Sep 94 06:14:39 PDT Subject: No Subject Message-ID: <9409061311.AA05915@toad.com> In refrence to Mark Terka's article on how the person faked his name, he probaably did it the same way I am doing this, only on a variation for news. You can accuatly telnet in to other ports that are instance. Anyway Loopholes arent to hard to find. Ask a net programmer what the port for news is. Groove on dude Michael Conlen From jya at pipeline.com Tue Sep 6 06:31:53 1994 From: jya at pipeline.com (John Young) Date: Tue, 6 Sep 94 06:31:53 PDT Subject: NYT on Electronic Purses Message-ID: <199409061331.JAA23072@pipe1.pipeline.com> The New York Times today reports: Quotes: "Electronic purses" may mean the end of cash. Banks, credit card companies and even some governments are racing to introduce electronic purses, wallet-size cards embedded with microchips that store sums of money for people to use instead of cash for everything from buying fast food to paying highway tolls. * * * Long-range planners in the banking industry see the weaning of small businesses and consumers from cash as the last step to closing many expensive branches and conducting virtually all business by telephone, through cash machines and perhaps home computers. * * * "As more and more people do business on the Internet, we have to look for how you pay for things," said Catherine Allen, a vice president in Citibank's technology office and the head of the Smart Card Forum, an industry group. "The smart card allows me to identify myself securely." * * * But Mondex [Britain's system] has still another wrinkle: privacy. Unlike most other electronic purse systems, Mondex, like cash, is anonymous. The banks that issue Mondex cards will not be able to keep track of who gets the payments. Indeed, it is the only system in which two card holders can transfer money to each other. "If you want to have a product that replaces cash, you have to do everything that cash does, only better," Mondex's senior executive, Michael Keegan said. "You can give money to your brother who gives it to the chap that sells newspapers, who gives it to charity, who puts it in the bank, which has no idea where it's been. That's what money is." End quotes. The article describes smart card systems in the US and other countries. Describes how customers "recharge" the card by home phone or other means. Email copies wanted? It's about a half-page in size. John From joshua at cae.retix.com Tue Sep 6 06:45:10 1994 From: joshua at cae.retix.com (joshua geller) Date: Tue, 6 Sep 94 06:45:10 PDT Subject: Aust crypto regulations In-Reply-To: <9409060707.AA01997@acacia.itd.uts.EDU.AU> Message-ID: <199409061341.GAA19268@cae.retix.com> > Matthew Gream (M.Gream at uts.edu.au) wrote [in re aussie spooks and > crypto (I think)]: > In short: Anything cryptographic, they want to know about, and they > want to know about it on a per end-user basis. They advise against > distribution on the "Internet" and any distribution without prior > approval otherwise there could be "problems". I am sure they will be as successfull as their american counterparts in suppressing such distribution. josh From cme at tis.com Tue Sep 6 07:36:02 1994 From: cme at tis.com (Carl Ellison) Date: Tue, 6 Sep 94 07:36:02 PDT Subject: Governments and repression In-Reply-To: <199408311836.LAA07396@comsec.com> Message-ID: <9409061433.AA26714@tis.com> >Date: Wed, 31 Aug 1994 08:35:12 -0400 >From: "Perry E. Metzger" Perry, >I would refer to most governments as being no more than large >organized gangs, differing from the Mafia or Hezbollah only in so far >as they have convinced large numbers of people of their legitimacy. It's always bothered me that gov'ts were people wielding power for its own sake. I had hoped we had progressed beyond the tribal chieftan stage of development. Then again, I remember the bullies in grade school. To what extent is gov't a home for bullies and to what extent is it the collective defense against bullies (both ideas finding models in the Wild West Sheriff)? How do we turn it from the first to the second? - Carl From talon57 at well.sf.ca.us Tue Sep 6 07:38:34 1994 From: talon57 at well.sf.ca.us (Brian D Williams) Date: Tue, 6 Sep 94 07:38:34 PDT Subject: AIDs testing and privacy Message-ID: <199409061438.HAA14594@well.sf.ca.us> 'Punksters There was an interesting piece on a new AIDs self-test kit this morning that focused on privacy. The idea is that an AIDs self-test kit is made widely available via your local pharmacy. You use the kit's materials to draw a drop of blood, which you place on an enclosed test slide. You then seal the slide, attach a barcoded sticker, and mail in the enclosed mailer to a lab. After a few weeks, you call a 1-800 number, punch in your code (from the sticker) and you get a recording telling you if the test was negative. From this point on the piece (CBS this morning) was elaborating on whether or not a machine should be used to pass on this news, or should a "real" person be involved. Interesting... Brian Williams Extropian Cypherpatriot "Cryptocosmology: Sufficently advanced communication is indistinguishable from noise." --Steve Witham "Have you ever had your phones tapped by the government? YOU WILL and the company that'll bring it to you.... AT&T" --James Speth From nobody at shell.portal.com Tue Sep 6 07:46:21 1994 From: nobody at shell.portal.com (nobody at shell.portal.com) Date: Tue, 6 Sep 94 07:46:21 PDT Subject: How Did This Get Done? Message-ID: <199409061446.HAA19128@jobe.shell.portal.com> > ---------------------------------------------------------------------------- > Path: io.org!sun.cais.com!news.sprintlink.net!tequesta.gate.net!sysop > From: no_more_faggots at faggots.must.die.com <===== Is this a trick? > Newsgroups: alt.sex.stories > Subject: NO MORE FAGGOT STORIES! > Date: 5 Sep 1994 21:13:00 GMT > Lines: 1 > Message-ID: <34g1ks$jn1 at tequesta.gate.net> > NNTP-Posting-Host: hopi.gate.net > > NO MORE FAGGOT STORIES DAMMIT > ----------------------------------------------------------------------------- > > How the hell did the poster "customize" his address to ...ummm...fit the > post??? not hard at all...by telnetting in to port 25 of a system on the net, you can talk directly to that systems sendmail...mail is passed in ascii format...few systems require a HELO (identifying the system telnetting in)...then you simply type in the mail headers manually...combine this with the fact that some systems let you post to usenet by email, and you can do just about anything and be untraceable (i think, anyone know for sure?)... i am sure that there are other ways to do this...i don't know how usenet news is passed, but i suspect this is also done in a similar way so if you know the port number and the format, you could do it like that... Skat From hfinney at shell.portal.com Tue Sep 6 08:21:33 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 6 Sep 94 08:21:33 PDT Subject: Problems with anonymous escrow 2--response In-Reply-To: <9409041052.AA03370@ininx> Message-ID: <199409061521.IAA21325@jobe.shell.portal.com> jkreznar at ininx.com (John E. Kreznar) writes: >Hal writes: >> it >> is no more desirable to allow dossiers to be built up about your on-line >> personality than your off-line life. >But is this really true? If a seller is using the pseudonym just to >defend himself against uninvited third parties such as tax collectors, >it would seem that accumulation of a dossier would be useless as long as >the physical seller can't be found. What would be gained by >transferring the credential (the evidence of the seller's marketable >skills or whatever he's selling) to a new pseudonym? I assume that the >seller receives payment by some anonymous method, perhaps electronic >cash. Am I missing something? Well, there are at least a couple of reasons why a seller might want to do this, one (IMO) good and one bad. The good one would be to allow sellers to do socially or politically unpopular things without being punished for them. For example, someone selling pro-civil rights material during the 1950's, or someone selling homosexual rights material today might find themselves facing a certain amount of prejudice if they also wanted to sell more mainstream stuff. By being able to run two businesses which are unlinkable but to apply their good credit record, good customer response record, etc. from one business to the other, we encourage diversity and a free market in ideas. On the other hand, an unscrupulous seller could open up a string of businesses, be honest for a few months to collect some good credentials like this, then fold the business and keep customer money. He then opens up a new business and uses his old good credentials to get going quickly, only to repeat the process. Both of these kinds of activities happen today, but in the network environment there are a lot more possibilities for records keeping. Today it may be an open secret that "Praise the Lord Publications" and "Hot Sex Novels" are both published by the same guy, but probably most of his customers don't know it. On the net it will be a lot harder to keep this kind of thing secret because of the greater access to infor- mation. Likewise, the fly-by-night boiler-room telemarketing service may have a harder time competing in a network environment where the lack of a track record will be more obvious, but the cryptographic credentials which solve the first problem may also allow this tactic to be more successful as well. Hal From pstemari at bismark.cbis.com Tue Sep 6 08:23:45 1994 From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) Date: Tue, 6 Sep 94 08:23:45 PDT Subject: AIDs testing and privacy In-Reply-To: <199409061438.HAA14594@well.sf.ca.us> Message-ID: <9409061523.AA13234@focis.sda.cbis.COM> > After a few weeks, you call a 1-800 number, punch in your code > (from the sticker) and you get a recording telling you if the test > was negative. Of course, with ANI, calling an 800 number is not an anonymous act, unless you one of the few that know you need to do it from a payphone. --Paul From bugs at ritz.mordor.com Tue Sep 6 09:04:00 1994 From: bugs at ritz.mordor.com (Mark Hittinger) Date: Tue, 6 Sep 94 09:04:00 PDT Subject: more detweiler foo Message-ID: <199409061603.MAA05000@ritz.mordor.com> ~Newsgroups: misc.invest ~Path: sdd.hp.com!hpscit.sc.hp.com!cupnews0.cup.hp.com!news1.boi.hp.com!rdetweil ~From: rdetweil at boi.hp.com (Richard Detweiler) ~Sender: news at boi.hp.com (Boise Site News Server) ~Message-ID: ~Date: Tue, 6 Sep 1994 14:28:44 GMT ~Nntp-Posting-Host: hpbs4189.boi.hp.com ~Organization: Hewlett Packard - Boise Printer Division ~Isn't this amazing? I've cut down the newsgroups to just misc.invest. The article is discussing a recent forgery. Maybe since the summer is over and its back-to-work time he has to cut back to one group? He-he-he-huh-huh. From samman at CS.YALE.EDU Tue Sep 6 10:13:40 1994 From: samman at CS.YALE.EDU (Subversive Citizen Unit) Date: Tue, 6 Sep 94 10:13:40 PDT Subject: How Did This Get Done? In-Reply-To: <199409061446.HAA19128@jobe.shell.portal.com> Message-ID: > > > > How the hell did the poster "customize" his address to ...ummm...fit the > > post??? > > not hard at all...by telnetting in to port 25 of a system on the net, you > can talk directly to that systems sendmail...mail is passed in ascii > format...few systems require a HELO (identifying the system telnetting > in)...then you simply type in the mail headers manually...combine this > with the fact that some systems let you post to usenet by email, and you > can do just about anything and be untraceable (i think, anyone know for > sure?)... Well you can do it this way by using a mail to news gateway, as for tracibility, this is quite tracible. Remember all you have to do is have a log of all incoming telnet sessions and a log at the home machine of all out going telnet sessions and you're easily paired up with it. That's one of the ways, some stupid fool got caught mailing a death threat to the president using forged mail from 'never.gonna.catch.me.org' Ben. From warlord at MIT.EDU Tue Sep 6 10:19:21 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Tue, 6 Sep 94 10:19:21 PDT Subject: PGP 2.6.1 release from MIT In-Reply-To: <9409061224.AA12502@focis.sda.cbis.COM> Message-ID: <9409061713.AA11964@toxicwaste.media.mit.edu> A message will be sent out when 2.6.1 is available. I expect it to be available later today or tomorrow, but wait for the mail that says that it is available and where to get it! -derek From karn at qualcomm.com Tue Sep 6 11:04:52 1994 From: karn at qualcomm.com (Phil Karn) Date: Tue, 6 Sep 94 11:04:52 PDT Subject: How to find a primitive root of unity, for Diffe-Hellman? In-Reply-To: <199409052037.AA04009@xtropia> Message-ID: <199409061803.LAA08116@servo.qualcomm.com> Maybe I can save you some trouble. Here is a "strong" 1024-bit prime and generator that I've been using for Diffie Hellman key exchange to set up keys for IP packet encryption. For a "strong" prime p, (p-1)/2 is also prime. This is thought to make the discrete logarithm problem maximally hard. --Phil a4788e2184b8d68bfe02690e4dbe485b17a80bc5f21d680f1a8413139734f7f2b0db4e25375 0018aad9e86d49b6004bbbcf051f52fcb66d0c5fca63fbfe634173485bbbf7642e9df9c74b8 5b6855e94213b8c2d89162abeff43424350e96be41edd42de99a6961638c1dac598bc90da06 9b50c414d8eb8652adcff4a270d567f Generator = 5 You're welcome to verify that this is indeed a strong prime; this should be considerably faster than searching for one from scratch. Phil From nobody at BU.EDU Tue Sep 6 11:07:12 1994 From: nobody at BU.EDU (Nobody) Date: Tue, 6 Sep 94 11:07:12 PDT Subject: Rabin-Miller Message-ID: <199409061806.OAA20548@BU.EDU> Has anyone checked to see if the Rabin-Miller Primalty testing algorithm is included in PRZ's new release of PGP 2.61? From raph at CS.Berkeley.EDU Tue Sep 6 11:08:39 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Tue, 6 Sep 94 11:08:39 PDT Subject: List of reliable remailers Message-ID: <199409061808.LAA00513@kiwi.CS.Berkeley.EDU> I have written and installed a remailer pinging script which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, at: http://www.cs.berkeley.edu/~raph/remailer-list.html Please let me know about any other remailers which I missed. I've only included remailers which can mail to arbitrary addresses, so I already know chop and twwells are missing. This information is used by premail, a remailer chaining and PGP encrypting client for outgoing mail, which is available at: ftp://kiwi.cs.berkeley.edu/pub/raph/premail-0.22.tar.gz This is the current info: REMAILER LIST This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the 10-day history, and average latency and uptime for each remailer. You can also get this list by fingering remailer-list at kiwi.cs.berkeley.edu. $remailer{"chaos"} = " cpunk hash ksub"; $remailer{"vox"} = " cpunk oldpgp."; $remailer{"avox"} = " cpunk oldpgp"; $remailer{"extropia"} = " cpunk pgp special"; $remailer{"kaiwan"} = " cpunk pgp hash latent cut"; $remailer{"portal"} = " cpunk pgp hash"; $remailer{"alumni"} = " cpunk pgp hash"; $remailer{"bsu-cs"} = " cpunk hash ksub"; $remailer{"rebma"} = " cpunk pgp hash"; $remailer{"jpunix"} = " cpunk pgp hash"; $remailer{"wien"} = " cpunk pgp hash nsub"; $remailer{"c2"} = " eric pgp hash"; $remailer{"soda"} = " eric pgp."; $remailer{"penet"} = " penet"; $remailer{"ideath"} = " cpunk hash ksub"; $remailer{"usura"} = " cpunk pgp. hash latent cut"; $remailer{"leri"} = " cpunk pgp hash"; Last ping: Tue 6 Sep 94 11:00:01 PDT remailer email address history latency uptime ----------------------------------------------------------------------- jpunix remailer at jpunix.com **+**-**++## 7:36 99.99% bsu-cs nowhere at bsu-cs.bsu.edu **++******## 4:47 99.99% wien remailer at ds1.wu-wien.ac.at *-**+*-*+*** 12:38 99.99% extropia remail at extropia.wimsey.com --+++---..-+ 5:20:51 99.99% c2 remail at c2.org .-++++-+***+ 42:07 99.99% vox remail at vox.hacktic.nl --------- . 10:30:39 99.99% chaos remailer at chaos.bsu.edu *#****###### 0:57 99.92% ideath remailer at ideath.goldenbear.com **-*****+*#+ 12:50 99.87% leri remail at leri.edu --+*****+*#+ 22:09 99.83% soda remailer at csua.berkeley.edu +++++++++..+ 2:45:46 99.58% kaiwan ghio at kaiwan.com +** + ++--** 19:32 99.28% alumni hal at alumni.caltech.edu **+****+ * * 5:03 99.15% portal hfinney at shell.portal.com **+****+ #* 3:36 98.22% rebma remailer at rebma.mn.org -----*+--- + 5:32:23 94.53% usura usura at xs4all.nl ****+*+* -* 22:49 87.85% penet anon at anon.penet.fi _ _+__++** 43:44:31 73.46% Suggested path: wien;bsu-cs;jpunix For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html Options and features cpunk A major class of remailers. Supports Request-Remailing-To: field. eric A variant of the cpunk style. Uses Anon-Send-To: instead. penet The third class of remailers (at least for right now). Uses X-Anon-To: in the header. pgp Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID. oldpgp Remailer does not like messages encoded with MIT PGP 2.6. Other versions of PGP, including 2.3a and 2.6ui, work fine. hash Supports ## pasting, so anything can be put into the headers of outgoing messages. ksub Remailer always kills subject header, even in non-pgp mode. nsub Remailer always preserves subject header, even in pgp mode. latent Supports Matt Ghio's Latent-Time: option. cut Supports Matt Ghio's Cutmarks: option. special Accepts only pgp encrypted messages. History key * # response in less than 5 minutes. * * response in less than 1 hour. * + response in less than 4 hours. * - response in less than 24 hours. * . response in more than 1 day. * _ response came back too late (more than 2 days). If you've got a Web page, please feel free to include a link to this page. If you think your Web page is relevant to the subject of remailers, let me know and I'll link it in. Comments and suggestions welcome! Note to remailer operators: this script generates hourly ping messages. If you don't want that, let me know and I will take your mailer off the list, or increase the interval between pings. Raph Levien From karn at qualcomm.com Tue Sep 6 11:08:41 1994 From: karn at qualcomm.com (Phil Karn) Date: Tue, 6 Sep 94 11:08:41 PDT Subject: How Did This Get Done? In-Reply-To: Message-ID: <199409061809.LAA08142@servo.qualcomm.com> >That's one of the ways, some stupid fool got caught mailing a death threat >to the president using forged mail from 'never.gonna.catch.me.org' Another way that people often let themselves be caught is that they inevitably send a test message to themselves right before the forged message in question. This shows up clearly in the sending system's sendmail logs. It's a point to consider with remailer chains too, if you don't trust the last machine on the chain. Phil From warlord at MIT.EDU Tue Sep 6 11:21:15 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Tue, 6 Sep 94 11:21:15 PDT Subject: Rabin-Miller In-Reply-To: <199409061806.OAA20548@BU.EDU> Message-ID: <9409061820.AA12988@toxicwaste.media.mit.edu> I can tell you that no, Miller-Rabin is not in 2.6.1 -- 2.6.1 is just a bugfix release of 2.6, and nothing more. -derek From jis at mit.edu Tue Sep 6 11:29:19 1994 From: jis at mit.edu (Jeffrey I. Schiller) Date: Tue, 6 Sep 94 11:29:19 PDT Subject: PGP 2.6.1 Available from MIT Message-ID: <9409061829.AA12998@big-screw> -----BEGIN PGP SIGNED MESSAGE----- MIT is pleased to announce the availability of PGP 2.6.1, a free public-key encryption program for non-commercial use. PGP 2.6.1 provides for digital signatures and confidentiality of files and messages. PGP 2.6.1 is distributed in source form for DOS/UNIX platforms. For convenience, an MSDOS executable is also part of this release. Because source is available, anyone may examine it to verify the program's integrity. For Macintosh users MIT is currently distributing MacPGP 2.6. An update to MacPGP 2.6 will occur at a later date. PGP 2.6.1 contains fixes to many of the bugs reported in PGP 2.6 and MIT encourages all U.S. PGP users to upgrade. How to get PGP 2.6.1 from MIT: PGP 2.6.1 is available from MIT only over the Internet. Use anonymous FTP to login to net-dist.mit.edu. Login as anonymous. Look in the directory /pub/PGP. In this directory, available to everyone, is a README file a copy of the RSAREF license and a copy of a software license from MIT. Please read the README file and these licenses carefully. Take particular note of the provisions about export control. The README file contains more detailed instructions on how to get PGP 2.6.1. Also in /pub/PGP is a copy of the PGP Manual (files pgpdoc1.txt and pgpdoc2.txt) and the file pgformat.doc that describes the PGP message, signature and key formats, including the modifications for PGP 2.6.1. These are being made available without the distribution restrictions that pertain to the PGP source and executable code. -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLmywV8UtR20Nv5BtAQHsTgP/co0ff5OVXOCMo85BxWKKYulmWk1S1Xns qypYTbKvYETn98mAqXol3dolQPW9OWhgtG2km/R4C2Zq4G/NZBjPy7yfTpO/ket8 lfC0muTQSzAVxzwMhHTRNSItwISCiVwlWDwMADlz3uXKKckJkfntAR+jXd+Foxk/ gizPTNo4ytc= =7ndy -----END PGP SIGNATURE----- From cme at tis.com Tue Sep 6 12:47:15 1994 From: cme at tis.com (Carl Ellison) Date: Tue, 6 Sep 94 12:47:15 PDT Subject: NY Times Fears C'punks In-Reply-To: <199409052359.QAA20112@comsec.com> Message-ID: <9409061944.AA25811@tis.com> >From: John Young >Date: Sat, 3 Sep 1994 11:19:14 -0400 >The New York Times Magazine, p. 23 >September 4, 1994 >Perhaps the most surprising democratization of high technology is that >of cryptography, once an elite art of those who guarded Government's >most precious secrets. This is infuriating. Has no one read Kahn? Cryptography has been developed by amateurs since the beginning, over 3000 years ago. How about an e-mail or (ugh) Snail address for the NYTimes? - Carl From tcmay at netcom.com Tue Sep 6 12:54:39 1994 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 6 Sep 94 12:54:39 PDT Subject: List of reliable remailers In-Reply-To: <199409061808.LAA00513@kiwi.CS.Berkeley.EDU> Message-ID: <199409061833.LAA23223@netcom6.netcom.com> > > I have written and installed a remailer pinging script which > collects detailed information about remailer features and reliability. > > To use it, just finger remailer-list at kiwi.cs.berkeley.edu > > There is also a Web version of the same information, at: > http://www.cs.berkeley.edu/~raph/remailer-list.html Just to give some kudos to Raph, I've used his "finger" service and have been shocked at how _good_ it is! Seeing the uptimes, delays, etc. is very useful in planning remailer chains. I haven't had the time to explore his other tools, though. Between this pinging service, and those of Matt Ghio and Sameer Parekh (haven't checked it in a while), welcome progress has been made. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From tcmay at netcom.com Tue Sep 6 13:03:56 1994 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 6 Sep 94 13:03:56 PDT Subject: AIDs testing and privacy In-Reply-To: <199409061438.HAA14594@well.sf.ca.us> Message-ID: <199409061731.KAA15119@netcom6.netcom.com> Brian Williams wrote: > There was an interesting piece on a new AIDs self-test kit this > morning that focused on privacy. > > The idea is that an AIDs self-test kit is made widely available ... > From this point on the piece (CBS this morning) was elaborating on > whether or not a machine should be used to pass on this news, or > should a "real" person be involved. A report I saw on this said the concern about the "human voice" giving the news, especially if positive for HIV, was psychological. That is, that HIV-positive folks would not like hearing this from a recording, and might do something serious to themselves. I applaud the "unconditionally untraceable" nature of the test (pay cash for the kit, call from a payphone). Ideas like this are _good_ for society, and for us. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From raph at CS.Berkeley.EDU Tue Sep 6 13:27:21 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Tue, 6 Sep 94 13:27:21 PDT Subject: Where can I get cypherpunk t-shirts? Message-ID: <199409062027.NAA01386@kiwi.CS.Berkeley.EDU> I would like to get some cypherpunk t-shirts. So far, I've heard of the "Big Brother inside" and "Cypherpunk Criminal" ones. If anybody has any information about these, I'd appreciate it. From what I hear, there is a fair amount of pent-up demand for the "Big Brother inside" one. For those who are interested, I have a Web page for net-related t-shirts at http://www.cs.berkeley.edu/~raph/tshirt.html Thanks in advance, Raph From adam at bwh.harvard.edu Tue Sep 6 13:37:47 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Tue, 6 Sep 94 13:37:47 PDT Subject: Reputation Capital papers? Message-ID: <199409062037.QAA21812@arthur.bwh.harvard.edu> Are there papers out there on reputation capital that I should be familiar with before talking about it? I have a bunch of ideas, but would like to review the lit before presenting any of them, so I don't repeat things that have been talked about, and don't make any dumb mistakes. I checked the index of AC, and also looked in the bibliography under Chaum but did not see anything. Can anyone provide useful pointers? Adam From CCGARY at MIZZOU1.missouri.edu Tue Sep 6 13:41:47 1994 From: CCGARY at MIZZOU1.missouri.edu (Gary Jeffers) Date: Tue, 6 Sep 94 13:41:47 PDT Subject: CEB PREMEIER ISSUE PART 2 Message-ID: <9409062041.AA14296@toad.com> however, can still read both formats. Although this is annoying if you have a really old key that has lots of old signatures on it, the fact is that the older the key, the more likely someone has captured both it and the passphrase used to protect it. Therefore, I strongly recommend generating a new key and getting at least one other person to sign it. ARE MY OLD KEYS COMPATIBLE WITH MIT PGP 2.6? Unless they were created with the old, non-PKCS standard (i.e., created with PGP 2.2 or earlier, or created with PGP 2.3a with pkcs_compat set to 0), and unless they were created with a modulus of more than 1024 bits, then they are compatible. If a compatible key has an incompatible signature certificate, then the incompatible signature certificate will simply be stripped off by PGP 2.6. Otherwise, you can keep using your old key. In fact, if you just copy your key ring files to your new PGP 2.6 directory, then extract your old key with ASCII armor, it will be indistinguishable from a PGP 2.6 key, but have the same value, id, and signatures (assuming they were all in the PKCS format). WHY DOESN'T THE MIT KEY SERVER ACCEPT KEYS FROM PGP VERSIONS < 2.4? They don't want to be accused of contributing to the possibly infringing use of PGP 2.3a. WHY IS MY PGP 2.3a KEY ON THE MIT KEY SERVER? Because the MIT key server synchronizes with several non-USA key servers that run PGP 2.6ui or MIT PGP 2.6, and which accept keys from PGP 2.3a. When keys are extracted from those servers to synchronize with the MIT server, they appear to be coming from PGP 2.6, so they are accepted. WHY SHOULD I UPGRADE TO MIT PGP 2.6 FROM PGP 2.3a (BESIDES THE TIME BOMB)? First of all, if you are in the USA, the patent-legal status of MIT PGP 2.6 is good for your conscience. Second of all, there are a lot of bug fixes and features: Fixed a bug with the -z option. If no passphrase was given, PGP used to crash. When using -c, the IV is generated properly now, and the randseed.bin postwash is done. (This bug could have resulted in the same ciphertext being generated for the same plaintext, if the same passphrase is used.) Memory allocated with halloc() is now freed with hfree() in ztrees.c and zdeflate.c. (MS-DOS only.) The decompression code now detects end of input reliably, fixing a bug that used to have it produce infinite amounts of output on come corrputed input. Decompression has also been sped up. PGP -m won't try to write its final output to the current directory. This makes it less efficent if you want to save the text to a file, but more secure if you don't. If the line comment= appears in the config file, the line "Comment: " appears in ASCII armor output. Of course, you can also use this from the command line, e.g. to include a filename in the ASCII armor, do "pgp -eat +comment=filename filename recipient". PGP now enables clearsig by default. If you sign and ascii-armor a text file, and do not encrypt it, it is clearsigned unless you ask for this not to be done. The now enables textmode. Textmode detects non-text files and automatically turns itself off, so it's quite safe to leave on all the time. If you haven't got these defaults yourself, you might want to enable them. All prompts and progress messages are now printed to stderr, to make them easier to find and ensure they don't get confused with data on standard output such as pgp -m output. PGP now wipes temp files (and files wiped with pgp -w) with pseudo-random data in an attempt to force disk compressors to overwrite as much data as possible. On Unix, if the directory /usr/local/lib/pgp exists, it is searched fror help files, language translations, and the PGP documentation. On VMS, the equivalent is PGP$LIBRARY:. (This is PGP_SYSTEM_DIR, defined in fileio.h, if you need to change it for your site.) Also, it is searched for a default global config.txt. This file may be overridden by a local config.txt, and it may not set pubring, secring, randseed or myname (which should be strictly personal) The normal help files (pgp -h) are pgp.hlp or .hlp, such as fr.hlp. Now, there is a separate help file for pgp -k, called pgpkey.hlp, or key.hlp. No file is provided by default; PGP will use its one-page internal help by default, but you can create such a file at your site. On Unix systems, $PGPPATH defaults to $HOME/.pgp. PGP used to get confused if you had a keyring containing signatures from you, but not your public key. (PGP can't use the signatures in this case. Only signatures from keys in the keyring are counted.) PGP still can't use the signatures, but prints better warning messages. Also, adding a key on your secret key ring to your public keyring now asks if the key should be considered ultimately-trusted. Prviously, you had to run pgp -ke to force this check, which was non-obvious. On Unix, PGP now figures out the resolution of the system clock at run time for the purpose of computing the amount of entropy in keystroke timings. This means that on many Unix machines, less typing should be required to generate keys. (SunOS and Linux especially.) The small prime table used in generating keys has been enlarged, which should speed up key generation somewhat. There was a bug in PGP 2.3a (and, in fact in 2.4 and dating back to 1.0!) when generating primes 2 bits over a multiple of the unit size (16 bits on PC's, 32 bits on most larger computers), if the processor doesn't deal with expressions like "1<<32" by producing a result of 1. In practice, that corresponds to a key size of 64*x+4 bits. At the request of Windows programmers, the PSTR() macro used to translate string has been renamed to LANG(). The random-number code has been *thoroughly* cleaned up. So has the IDEA code and the MD5 code. The MD5 code was developed from scratch and is available for public use. Versions prior to 2.6 would not permit a new signature to be added to a key if there was an already existing signature from the same signer. Starting with version 2.6 newer signatures will override older ones *as long as the newer signature verifies*. This change is important because many keys have signatures on them that were created by PGP version 2.2 or earlier. These signatures can not be verified by PGP 2.5 or higher. Owners of keys with these obsolete signatures should attempt to gather new signatures and add them to their key. WHY SHOULD I UPGRADE TO MIT PGP 2.6 FROM PGP 2.6ui? If you are in the USA, PGP 2.6ui suffers from the same alledged patent infringement problems as PGP 2.3a. PGP 2.6ui also lacks most of the bug fixes and enhancements listed above since PGP 2.3a, since PGP 2.6ui is essentially just PGP 2.3a modified to accept both new and old packet version bytes (2 and 3). On the other hand, if you are outside of the USA and Canada, you should be careful not to offend the U. S. Department of State, Office of Defense Trade Controls, by exporting MIT PGP 2.6 from the USA or Canada. I suppose that you wouldn't break U. S. law if you got a copy of MIT PGP 2.6 that someone else exported, or you could get a copy of the PGP 2.6ui (that originated in Great Britain) if you don't care about the enhancements listed above, or if you want to be able to use 1264-bit keys. Note that if you use MIT PGP 2.6 in most countries, you are still bound by the RSAREF license because of the copyright law, and you are still limited in some countries to noncommercial use of PGP by the IDEA patent (unless you get a license from ETH Zurich). IS THERE AN EVIL PLOT, BACK DOOR, OR INTENTIONAL WEAKNESS IN MIT PGP 2.6? Not that I am aware of. It ships with source code, and I didn't see any way to hide such a thing in the source code that I looked at. Besides, if you really knew Phil Zimmermann, you would know just how repugnant such an idea is to him. IS THERE A LEGAL VERSION OF PGP FOR COMMERCIAL USE IN EUROPE? Not yet. To do that, you would have to (1) arrange to license the use of IDEA from ETH Zurich or wait for the coming triple-DES option in PGP, and (2) use the original (PGP 2.3a or 2.6ui) RSA code linked in with the new PGP (to avoid restrictions on the copyrighted RSAREF code). There is also the possibility of other local laws, such as those in France, restricting use of strong cryptography. IS THERE A LEGAL VERSION OF PGP FOR COMMERCIAL USE IN THE USA & CANADA? Yes. Use Viacrypt PGP for any commercial or personal use in the USA and Canada. I understand that there are some BSAFE-based PGP versions for commercial use in the USA, too, but you need to check with Philip Zimmermann on that to make sure that all of the copyright and licensing issues are handled properly. WHAT EXACTLY IS COMMERCIAL USE? I don't have an exact definition. Use some common sense. Are you encrypting sales reports, business plans, contract bidding information, and proprietary designs? Are your money making operations aided by the use of PGP? If so, and if one is available to you, you should buy the fully licensed commercial version. SINCE VIACRYPT PGP SHIPS WITH NO SOURCE, HOW DO I KNOW IT IS OK? Philip Zimmermann wrote or examined all of the source code. He says it is OK, so I trust him. I guess you have to decide for yourself. IS IT OK TO BUY VIACRYPT PGP, THEN USE MIT PGP FOR COMMERCIAL USE? RSADSI/PKP says it is not. On the other hand, since their only recourse is to sue you for damages, and since such a plan results in exactly the same revenue they would have if you did what they wanted, there are no damages to sue for. Personally, I use Viacrypt PGP except when beta testing PGP. IS THERE AN INTERCHANGE PROBLEM WITH THE DIFFERENT RSA ENGINES IN PGP? Fortunately, there is no problem interchanging RSA encrypted packets between original PGP, Viacrypt Digi-Sig, RSAREF, and BSAFE versions. They all do the same RSA computations. They are all different implementations of the same basic algorithm with a different legal status for each of them, which changes depending on what country you are in. The only annoyance is that unmodified copies of RSAREF and BSAFE can't handle more than 1024 bit RSA keys, but that isn't much of a problem (IMHO). HOW DO I UPGRADE FROM VIACRYPT PGP 2.4 TO VIACRYPT PGP 2.7 Call 800-536-2664 with your registration number, name, address, and credit card number handy. Hey, it is only US$10. No, I don't work for Viacrypt, nor do I get a commission on sales -- I just use Viacrypt PGP. WHERE DO I GET MIT PGP 2.6? By ftp: ftp://net-dist.mit.edu/pub/PGP/mitlicen.txt ftp://ftp.csn.net/mpj/README.MPJ ftp://ftp.wimsey.bc.ca/pub/crypto/software/README ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/pgp/ Look for the files pgp26.zip, pgp26src.zip, and pgp26src.tar.gz. BBS: Colorado Catacombs BBS 303-772-1062 (free -- log in with your name) Hieroglyphics Voodoo Machine 303-443-2457 (log in as VOO DOO, password NEW) Download PGP26.ZIP, and for source, PGP26SRC.ZIP. Compuserve: Use IBMFF to look for PGP26.ZIP and PGP26S.ZIP. For a longer list, see the daily and montly postings on alt.security.pgp, or get ftp://ftp.csn.net/mpj/getpgp.asc WHAT KNOWN BUGS ARE IN MIT PGP 2.6? The function xorbytes doesn't. Replace the = with ^= to fix it. The effect of this bug is that RSA keys aren't quite as random as they should be -- probably not a practical problem, but worth fixing if you are going to compile the code yourself. DON'T SET PGPPASS when editing your keys, because if you do, and if you don't change your pass phrase, the key is lost. (If this happens, rename your backup keyring files to the primary files before you do anything else). These bugs have been fixed in the master source code, and will be corrected in the next release of MIT PGP. WHAT IS COMING IN FUTURE VERSIONS OF PGP? I won't steal the thunder from Philip Zimmermann, Jeff Schiller, Colin Plumb, and the rest of the team, but there is some neat stuff that they are working on. Transition from MIT PGP 2.6 and Viacrypt PGP 2.7 to the newer versions will be easier than transitions from other versions. If you have enhancements and suggestions for the PGP team, I suggest you coordinate with them so that your ideas can be integrated with the main PGP project. WHERE DO I REPORT BUGS IN PGP? Please send bug reports, bug fixes, ports to new platforms, and suggestions to pgp-bugs at mit.edu. WHERE DO I SEND OR FIND LANGUAGE KITS? If you have a language kit to share, you can also send it to me at mpj at csn.org for me to post on ftp.csn.net/mpj/public/pgp/, as well as sending it to some of the other PGP sites. IS PHILIP ZIMMERMANN STILL THE SUBJECT OF AN INVESTIGATION? Yes. He is still paying a lawyer lots of money to represent him, too. If you like PGP, then I would strongly suggest sending a donation to his defense fund at: Philip Zimmermann defense fund c/o Philip Dubois 2305 Broadway Boulder, Colorado 80304 USA CAN I REDISTRIBUTE THIS FILE? Permission is hereby granted to freely redistribute unmodified copies of this PGP signed file. ___________________________________________________________ | | |\ /| | | Michael Paul Johnson Colorado Catacombs BBS 303-772-1062 | | \/ |o| | PO Box 1151, Longmont CO 80502-1151 USA Jesus is alive! | | | | / _ | mpj at csn.org aka mpj at netcom.com m.p.johnson at ieee.org | | |||/ /_\ | ftp://ftp.csn.net/mpj/README.MPJ CIS: 71331,2332 | | |||\ ( | ftp://ftp.netcom.com/pub/mpj/README.MPJ -. --- ----- ....| | ||| \ \_/ | PGPprint=F2 5E A1 C1 A6 CF EF 71 12 1F 91 92 6A ED AE A9 | |___________________________________________________________| -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAgUBLlDhNvX0zg8FAL9FAQHoZAP8C+XgqMzs1y0x1SHM45lzPzD8XK9JjjPk lHUSDlQ6uo5lRnBXxUVPpPlTmLW4E2AHvCM+mke4bsVbvNJnNK513tUELWDkGLf4 6rexV0wiZJ9VdnQW3HyN44Sug8/5W7mxmgbdIOwv4A+OOWwAqm/chOLXsFAVn1mP TLQSBl8sb3E= =Wq3r -----END PGP SIGNATURE----- Chapter 2. Steganography "A picture is worth a thousand words." ============================================= %% = !I = %% %%% = !!! BB = %%%* *%%%% = **!!** & = *** @** = u \ x! ) < = * *** + m ) c $ = ** = # k } � = � = $%- & u = = ------- = @!p +e$ ~ # = � = h �6& ; | = � = =,# {{ = � = = � � = = � � = = � � ============================================= � � STILL LIFE WITH CRYPT +++++++++++++++++++++++++++++++++++++++++++++ Steganography is the craft of hiding messages in pictures. The text is, of course, encrypted text rather than plain text. The current best steganography program has been done by Arsen Arachelian Below, follows his text contribution: From: rarachel at prism.poly.edu (Arsen Ray Arachelian) WNSTORM is available from: ftp.wimsey.bc.ca:/pub/crypto/software/dist/US_or_Canada_only_XXXXXXX/Steg Usual routine to get it. i.e. cd /pub/crypto/software, get the README file, and if you agree to the terms then follow the instructions. Short description off the top of my head (I wrote the beastie) Another info scrap should be in the same directory as WNSTORM. WNSTORM is a data encryption/steganography utility which is pretty secure for most uses. Unlike some stego systems WNSTORM is expandible, all you have to do is write your own LSB injector/extractor for whatever data format you wish to hide information into. WNSTORM doesn't require the recipient of the host picture, sound, movie, etc. to have the original un-stormed picture. Unlike primitive stego programs, WNSTORM doesn't compare an stormed picture with an unstormed picture. WNSTORM will cover its tracks statistically. If it changes a 0 bit in the LSB data stream to a zero, or a 1 bit to a 1, it does nothing. If it changes a 1 bit to a zero, it will balance itself by changing an unused adjacent 0 bit to a 1. Ditto for a 0->1 transform. WNSTORM will NOT change every bit of the LSB in order to prevent detection. It will use a passkey along with a probabilistic algorithm to decide which bits it will change. The algorithm for picking bits depends on the previous succesfully encoded/decoded cyphertext AND the passkey. Internally WNSTORM works by picking "windows" or "packets" of bytes out of either a random number stream or an LSB stream extracted from a picture, sound, movie, etc. It then injects eight bits of cyphertext into this window. Each window is of variable size. The bit locations where the bits are inserted are randomly exchanged for each pass. The bit values are also randomly exchanged for each pass. WNSTORM includes an injector/extractor for PCX images, however I will write more injecotr/extractor programs for it in the future, and OTHERS can do so as well. Chapter 3. Shells for PGP. Section 1. David Merriman's WinPGP26.ZIP From: "David K. Merriman" Subject: Windows PGP shell I've just finished making an ftp deposit to soda in the cypherpunks/ incoming directory of WinPGP26.ZIP; it's the latest version of the Windows PGP shell Shareware, and understands 2.6/2.6ui/2.7. Dave Merriman Section 2. Ross Barclay's WinFront 3.0 From: Ross Barclay Subject: PGP WinFront 3.0 Now Available! (New Windows front end for PGP) To: cypherpunks at toad.com, ~rbarclay at TrentU.ca -----BEGIN PGP SIGNED MESSAGE----- Announcing PGP WinFront 3.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ A freeware Windows front end for PGP 2.3a and 2.6 Copyright 1994 Ross Barclay (rbarclay at trentu.ca) WHAT IT IS: - PGP WinFront is the most fully featured free (or otherwise) Windows front end available. It will make using PGP easy for beginners, and it will drastically increase the speed at which experts use it too. PGP WinFront is now into is third revision and I have tried to implement as many of the suggestions that I received as possible. PGP WinFront was designed by its users, but was coded by me. Features: - Supports secret key ring placement on floppy drive - Support en/decryption to/from clipboard - Move / Copy / Delete files - Online hypertext help - Online hypertext PGP help - Keyring reader to pick names, view key characteristics - Keyring reader supports less-often used "huge" keyrings - Signature Checker - Very configurable - over 25 user-definable settings - more . . . This program does too much to list here. And it's free! This version is a complete rewrite of the popular PGP WinFront 2.0. The feature-set has largely been set by users who sent in suggestions. Please read the file README.TXT and peruse the help files. Please send me your comments. HOW TO GET IT: At the moment, there are 2 ways to get this program: 1) Via FTP - The PGP WinFront 3.0 filename is called PWF30.ZIP. - It has been uploaded to the incoming directories of the following FTP sites: ftp.cica.indiana.edu ftp.eff.org ftp.wimsey.bc.ca black.ox.ac.uk soda.berkeley.edu ftp.informatik.uni-hamburg.de ftp.ee.und.ac.za ftp.demon.co.uk - Hopefully, they will be slotted into the PGP directories soon. On CICA, it will be placed into \pub\pc\win3\utils. That is where PWF20.ZIP was placed. - Once you get the program, please upload it to other FTP sites! 2) From Colorado Catacombs BBS - dial (303)772-1062. The file is called PWF30.ZIP - once you get the program, please upload it to other BBSs. *** The mail access system I had was discontinued. This is because the file was too big to fit into my account. However, you can still register PWF and request certain PGP and PWF related items using my mail access system. Details of these are on the "About" screen of PWF 30. - --Ross Barclay - ------------------------------------------------------------------------- Ross Barclay (rbarclay at trentu.ca), Assistant Editor | To receive my PGP | public key, send PC NEWS Review: Windows Edition | me e-mail with the Bellevue, WA (206) 399-8700 | subject: GET KEY - ------------------------------------------------------------------------- To receive PC NEWS Review, send me e-mail with the subject: GET PNR. - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLmZ7fdgpRteEZ9JhAQFeXgIAxIpvJQeMsx7YecNgtusBDMqL662XFeX2 qL0qF8HcN4ReZ9MYjtn9t8N1zWGxkPOXQEI3KfM7uk8JTzxjZ5LG2g== =gSYT -----END PGP SIGNATURE----- Chapter 4. Generally cool things. Section 1. Loompanics sources. Something cool from Vincent: Most of the Loompanics Unlimited catalog is online as: gopher://gopher.well.sf.ca.us/00/Business/catalog.asc And you can send mail to them at: loompanx at pt.olympus.net You can also get their catalog at: Loompanics Unlimited PO box 1197 33 Port Townsend, Wa. 98368 P id Send $5.00 for their general catalog - free with any order. Section 2. Viruses sources. AMERICAN EAGLE PUBLICATIONS Cypherpunks, I have found a source of info. that I just must share! American Eagle Publications, Inc. P. O. Box 41401 Tucson, AZ 85717 I'm sure they will send you a catalog just for the asking. So, what are they about? They are about VIRUSES! They don't just carry a couple of virus things - they are the VIRUSES-ARE-US of the virus world! They have a journal: Computer Virus Developments Quarterly. They have books on viruses, virus protection, cryptanalysis, the science fiction book "Heiland", a CD-ROM for $99.95 of several thousand live viruses, disks of viruses with source code, executable & utilities, programs & cards for boot protection, & even a virus IDEA computer system protector. Copy follows for two items of particular interest to Cypherpunks: POTASSIUM HYDROXIDE, KOH By the "King of Hearts" A sophisticated piece of software which uses ideas first developed by computer virus writers to secure your computer system against those who would like to get their hands on the information in it. You give KOH a pass phrase, & it uses state of the art IDEA data encryption algorithm to encrypt all of the information on your hard disk & your floppies. It is, for all intents & purposes, unbreakable, & works well with DOS & Windows. Many encryption programs offered commercially are easily cracked, but this one is not. Some people call this program a virus, come say it is not. In ways, it acts like a virus to do some of your security housekeeping for you. Yet at worst it is a friendly virus that lets you choose when & how it will replicate. program & manual on disk, $10 program, full source, & manual on disk, $20 (Overseas customers add $12: KOH cannot be exported from the US, but since it was not developed in the US, we will forward your order to the overseas distributor. Please allow 6 weeks for delivery) HEILAND By Franklin Sanders 276 pages, Paperback, 1986 Here's an entertaining book about America in the year 2020. If you wonder if it's proper to use viruses in wartime or if such a virus could be termed "good", this book will give you some food for thought. Sanders makes use of computer "worms" when the oppressed people of the US attack the federal government in an all-out war against tyranny. Sanders uses his worms right too - not as some all-powerful monster. Rather, they are deployed as part of a larger military strategy. For a book written in 1986, that's not bad! And if you're fed up with the government, this book is sure to give you a vision for the future. Sanders has been part of the mounting tax protest in this country. He's fought the IRS in court for years & won some important battles. Unfortunately the government seems to be con- firming some of his worst suspensions about them. Now you can get a good dose of his philosophy & his ideas about remedying our problems. And if you work for the government, don't be offended - this book is doubly recommended for you! Book, $8.00 for shipping add $2 per book. 5% sales tax for AZ. residents. It is my belief that in the next few years more uses for viruses than just being a vandal will be found. Also, they may find a place in protecting our electronic freedom. - for instance virus remailers. Also see my previous post - The FREEDOM DEAMON. Also, they have a place in my CHATTERBOX concept(a remailer for chat mode or commands). "Viruses aren't just for Sociopaths anymore!" Also, I suspect the state may start cracking down on virus tech- nology. Incidentally, did you all know that crypt has a place in modern viruses? Encryption is used to hide "nasty" code & virus signatures until they get into the system & decrypt. Yours Truly, Gary Jeffers PUSH EM BACK! PUSH EM BACK! WWWAAAYYY BBBAAACCCKK! BBBEEEAAATTTTT STATE ! Chapter 5. Getting the Cypherpunks' archived & indexed list. Vincent also tells us about the complete Cypherpunk's text on line & indexed with fast access times: Eric Johnson has put one together as: http://pmip.maricopa.edu/crypt/cypherpunks/Cypherpunks.src Please don't think that you used to be safe doing something illegal on this list and that you no longer are. That would be foolish. -- Vince The "http" is for "Hyper-Text Transport Protocol". This is not FTP, though it is a protocol similar in function to FTP. It is used by "WWW" (World Wide Web) of which Mosaic is the most popular implementation. If you have Mosaic, you can just give the above path. If you do not have mosaic, you should spend some time trying to get it. Mosaic makes it really easy to quickly move through lots of information on the net. Mosaic is a point and click hypertext interface. You can FTP to ftp.ncsa.uiuc.edu and go into Mosaic. WWW has a simple language for writting your own hypertext documents - "HTML" (Hyper Text Markup Language). You can think of this as sort of like Troff, LaTeX or Postscript, but for hypertext documents. One page of HTML can make dozens of normal files easy to access. For example, my README.html security page points to many normal files: ftp://furmint.nectar.cs.cmu.edu/security/README.html It turns out that the mail database is really in "WAIS" (Wide Area Information Server). You can use WAIS directly, though I think it is easier to use through mosaic. To use WAIS you would do: ws -h pmip.maricopa.edu -d cpindex/Cypherpunks The "ws" may be "waissearch" on your system. You can get lots of info on WAIS from ftp://wais.think.com/comp.infosystems.wais-FAQ As someone pointed out, this "http" method does not yet work with "lynx" (a text only implementation of WWW) on the cypherpunks mail database. It seems it will take a new version of lynx or WAIS for this to work. But the Unix "xmosaic" works fine. :-) This form of global filename starting with something like "ftp://", "http://", "gopher://" etc is also part of the WWW architecture. These names are called "URLs" for Universal Resource Locator. Well, that is probably enough acronyms for today. :-) -- Vince From: Vincent.Cate at FURMINT.NECTAR.CS.CMU.EDU To: cypherpunks at toad.com Subject: WWW Acronyms (was Re: Cypherpunks' mail database does exist) Gary Jeffers: > Vincent, you state that a fully archived, indexed cypherpunks >mailing list exists as: >http://pmip.maricopa.edu/crypt/cypherpunks/cypherpunks.src >Ok, so I ftp'ed to pmip.maricopa.edu & tried to get to cypherpunks.src, >but even the subdirectories weren't there. The "http" is for "Hyper-Text Transport Protocol". This is not FTP, though it is a protocol similar in function to FTP. It is used by "WWW" (World Wide Web) of which Mosaic is the most popular implementation. If you have Mosaic, you can just give the above path. If you do not have mosaic, you should spend some time trying to get it. Mosaic makes it really easy to quickly move through lots of information on the net. Mosaic is a point and click hypertext interface. You can FTP to ftp.ncsa.uiuc.edu and go into Mosaic. You also have a typo, it is "Cypherpunks.src" with a capital C. WWW has a simple language for writting your own hypertext documents - "HTML" (Hyper Text Markup Language). You can think of this as sort of like Troff, LaTeX or Postscript, but for hypertext documents. One page of HTML can make dozens of normal files easy to access. For example, my README.html security page points to many normal files: ftp://furmint.nectar.cs.cmu.edu/security/README.html It turns out that the mail database is really in "WAIS" (Wide Area Information Server). You can use WAIS directly, though I think it is easier to use through mosaic. To use WAIS you would do: ws -h pmip.maricopa.edu -d cpindex/Cypherpunks The "ws" may be "waissearch" on your system. You can get lots of info on WAIS from ftp://wais.think.com/comp.infosystems.wais-FAQ As someone pointed out, this "http" method does not yet work with "lynx" (a text only implementation of WWW) on the cypherpunks mail database. It seems it will take a new version of lynx or WAIS for this to work. But the Unix "xmosaic" works fine. :-) This form of global filename starting with something like "ftp://", "http://", "gopher://" etc is also part of the WWW architecture. These names are called "URLs" for Universal Resource Locator. Well, that is probably enough acronyms for today. :-) -- Vince PS I only read cypherpunks once a day, some time after midnight when my collection for the day is done. From: rishab at dxm.ernet.in Subject: Accessing the Cpunk WAIS archive "Gary Jeffers" > http://pmip.maricopa.edu/crypt/cypherpunks/Cypherpunks.src > is the location of all the Cypherpunks' posts with index. I can > get to this place by placing a "www" in front of this instruction. Do an archie search for lynx or mosaic or some other decent browser. This is a WAIS indexed archive; no hyper links; you type in a keyword, and get a list of matching articles, and select one (or more) of them to look at. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA Chapter 6. Remailers & chained remailers. From: wcs at anchor.ho.att.com (bill.stewart at pleasantonca.ncr.com +1-510-484-6204) Message-Id: <9408300753.AA22369 at anchor.ho.att.com> To: CCGARY at MIZZOU1.missouri.edu Subject: Re: Using remailers, chained remailers? There's somebody who posts a remailer summary to the list about monthly. There are three or four sets of remailers out there: - anon.penet.fi, which gives you an account an12345 at anon.penet.fi which people can reply to. Send "Subject: help" to anon at anon.penet.fi and it'll probably give you a useful reply. Its big use is for anonymous Usenet posting with working replies. - The cypherpunks remailers, which are mostly one-way no-reply mailers; some also support Usenet posting. Soda is pretty typical. - Various enhanced cypherpunks remailers, which have features like encrypted reply addresses you can attach at the end. You can get information on using the soda remailer by sending email to remailer at csua.berkeley.edu, with "help" somewhere in the posting; I'm not sure if it wants it in the Subject: or in the body. That's the remailer that posts from "Tommy the Tourist" with random NSA-bait at the bottom of postings. Here's a recent posting on getting status of remailers. Note that some really only remail once per day, so they may be working fine even if it says they're not. ---- Date: Mon, 15 Aug 1994 13:39:33 -0700 From: Raph Levien To: cypherpunks at toad.com Subject: "finger remailer-list at kiwi.cs.berkeley.edu" now operational Hi all, I have written and installed a remailer pinging script which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, at http://http.cs.berkeley.edu/~raph/remailer-list.html Please do not take the uptime figures too seriously, at least for another week or so. The script has only been running reliably for a few days. Please let me know about any other remailers which I missed. I've only included remailers which can mail to arbitrary addresses, so I already know chop and twwells are missing. If you've got a Web page, please feel free to include a link to this page. If you think your Web page is relevant to the subject of remailers, let me know and I'll link it in. Comments and suggestions welcome! Raph Levien ------- # Bill Stewart AT&T Global Information Solutions, aka NCR Corp # 6870 Koll Center Parkway, Pleasanton CA, 94566 Phone 1-510-484-6204 fax-6399 # email bill.stewart at pleasantonca.ncr.com billstewart at attmail.com # ViaCrypt PGP Key IDs 384/C2AFCD 1024/9D6465 Chapter 7. Current problems in Crypt. 1. We need an Internet Chat PGP system for conversations in real time. Note: #Freedom channel on the Internet Chat system has carried out fast encrypted conversations for years. When a Cypherpunk contacted one of their members (Sargent someone), he was politely told that their system was private. Sargent was unwilling to disclose method. Is their system some kind of security by obscurity code that cannot be varied (like by a drop in crypt/decrypt algorithm)? Or maybe the crypt method could be a drop in variable method & Sarge was unaware of it? Possibly other #Freedom members would be more knowledgeable? Possibly, a knowledgeable & diplomatic Cypherpunk could hit paydirt by pursuing this. 2. Has Stealth PGP been done yet? 3. Has Arsen Arachelian really solved the problem of discovery of crypt in steganograpy by statistical examination of the least significant bits in his WNSTROM? I have seen no debate on this. 4. If the Feds capture the internet & put their anti-privacy hardware & protocols in place & outlaw remailers, does anyone have any idea how to build secure & effective remailers? A "Fortress remailer"? 5. If the above possibility happens & Cyperpunks' list is outlawed, does anyone have ideas how to make a "Fortress list"? PUSH EM BACK! PUSH EM BACK! WWWAAAYYYY BBBAAACCCK! BBBEEEAAATTTT STATE! From sameer at c2.org Tue Sep 6 14:07:25 1994 From: sameer at c2.org (sameer) Date: Tue, 6 Sep 94 14:07:25 PDT Subject: List of reliable remailers In-Reply-To: <199409061833.LAA23223@netcom6.netcom.com> Message-ID: <199409062101.OAA00877@infinity.c2.org> > > Just to give some kudos to Raph, I've used his "finger" service and > have been shocked at how _good_ it is! Seeing the uptimes, delays, > etc. is very useful in planning remailer chains. > > I haven't had the time to explore his other tools, though. > 'premail' is excellent. I just this weekend hacked elm and pine to worrrk with premail, which I posted to the list. (these versions of elm and pine are installed on c2.org -- premail is not yet publically installed.) > Between this pinging service, and those of Matt Ghio and Sameer Parekh > (haven't checked it in a while), welcome progress has been made. > My pinger (on remail at c2.org and remailer at csua.berkeley.edu) has not been very reliable. I wanted a remailer pinger service available for my blind server and client projects and having seen Raph's setup I am deferring to his. . I hope to be able to incorporate the excellent setup that Raph is running into a client for the blind server running on omega.c2.org. Regarding Tim's earlier comments about for-pay remailers and such. I regard remail at c2.org a for-pay/prfossionally run remailer. While there is no charge associated with using the remailer, it is running as one of the many services offered by the for-profit Community ConneXion system. Thus I hope to keep this remailer very reliable, very strong, and Raph's setup will hopefully show this. (The blind server is an actual for-pay service but I expect that most users will not use it to a degree more than they get for free when they set up an account -- I should make sure I reword my description to emphasize that. [I suspect the reason thhat not many people have signed up [the client *is* hard to use, yes, and slightly buggy, but it works.. that is a reason, but not the main one, in my eyes is that people see that it is a forpay service and don't realize that light usage is free]) -- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From sandfort at crl.com Tue Sep 6 14:14:11 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Tue, 6 Sep 94 14:14:11 PDT Subject: "GOOD" GOVERNMENT Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Carl Ellison wondered: To what extent is gov't a home for bullies and to what extent is it the collective defense against bullies ...? How do we turn it from the first to the second? As I see it, it's always a home for bullies masquerading as a collective defense. Sometimes it actually it actually has to perform its advertised defense function. Like naked quarks, purely defensive governments cannot exist. They are bipolar by nature, with some poles (i.e., the bullying part) being "more equal than others." S a n d y "There's no government, like no government" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From jim at bilbo.suite.com Tue Sep 6 15:00:30 1994 From: jim at bilbo.suite.com (Jim Miller) Date: Tue, 6 Sep 94 15:00:30 PDT Subject: Digital Cash mini-FAQ for the layman Message-ID: <9409062159.AA04339@bilbo.suite.com> I recently wrote a description of digital cash for Tom Steinert-Threlkeld, Technology Writer for the Dallas Morning News. I figured I might as well post it here in case there are any newbies that are still coming up to speed. Keep in mind that my intended audience is a person who is in touch with the latest commercially available technology, but is not an engineer, mathematician, or scientist. I've intentionally generalized and oversimplified the descriptions to keep from getting bogged down in the details. If I've made any gross errors let me know, but I think most of the information is accurate. Q: How is digital cash possible? A: Public-key cryptography and digital signatures (both blind and non-blind signatures) make digital cash possible. It would take too long to go into detail how public-key cryptography and digital signatures work. But the basic gist is that banks and customers would have public-key encryption keys. Public-key encryption keys come in pairs. A private key known only to the owner, and a public key, made available to everyone. Whatever the private key encrypts, the public key can decrypt, and vice verse. Banks and customers use their keys to encrypt (for security) and sign (for identification) blocks of digital data that represent money orders. A bank "signs" money orders using its private key and customers and merchants verify the signed money orders using the bank's widely published public key. Customers sign deposits and withdraws using their private key and the bank uses the customer's public key to verify the signed withdraws and deposits. Q: Are there different kinds of digital cash? A: Yes. In general, there are two distinct types of digital cash: identified digital cash and anonymous digital cash. Identified digital cash contains information revealing the identity of the person who originally withdrew the money from the bank. Also, in much the same manner as credit cards, identified digital cash enables the bank to track the money as it moves through the economy. Anonymous digital cash works just like real paper cash. Once anonymous digital cash is withdrawn from an account, it can be spent or given away without leaving a transaction trail. You create anonymous digital cash by using numbered bank accounts and blind signatures rather than fully identified accounts and non-blind signatures. [To better understand blind signatures and their use with digital cash, I highly recommend skimming through chapters 1 - 6 of Bruce Schneier's book _Applied Cryptography_ (available at Taylor's Technical Books). It is quite readable, even to the layman. He doesn't get into the heavy-duty math until later in the book. Even if you don't write a digital cash column in the near future, I still recommend reading through chapters 1 - 6 of _Applied Cryptography_. Bruce does a very good job of describing the wide variety of interesting things you can do when you combine computers, networks, and cryptography.] There are two varieties of each type of digital cash: online digital cash and offline digital cash. Online means you need to interact with a bank (via modem or network) to conduct a transaction with a third party. Offline means you can conduct a transaction without having to directly involve a bank. Offline anonymous digital cash is the most complex form of digital cash because of the double-spending problem. Q: What is the double-spending problem? A: Since digital cash is just a bunch of bits, a piece of digital cash is very easy to duplicate. Since the copy is indistinguishable from the original you might think that counterfeiting would be impossible to detect. A trivial digital cash system would allow me to copy of a piece of digital cash and spend both copies. I could become a millionaire in a matter of a few minutes. Obviously, real digital cash systems must be able to prevent or detect double spending. Online digital cash systems prevent double spending by requiring merchants to contact the bank's computer with every sale. The bank computer maintains a database of all the spent pieces of digital cash and can easily indicate to the merchant if a given piece of digital cash is still spendable. If the bank computer says the digital cash has already been spent, the merchant refuses the sale. This is very similar to the way merchants currently verify credit cards at the point of sale. Offline digital cash systems detect double spending in a couple of different ways. One way is to create a special smart card containing a tamper-proof chip called an "Observer" (in some systems). The Observer chip keeps a mini database of all the pieces of digital cash spent by that smart card. If the owner of the smart card attempts to copy some digital cash and spend it twice, the imbedded Observer chip would detect the attempt and would not allow the transaction. Since the Observer chip is tamper-proof, the owner cannot erase the mini-database without permanently damaging the smart card. The other way offline digital cash systems handle double spending is to structure the digital cash and cryptographic protocols so the identity of the double spender is known by the time the piece of digital cash makes it way back to the bank. If users of the offline digital cash know they will get caught, the incidents of double spending will be minimized (in theory). The advantage of these kinds of offline systems is that they don't require special tamper-proof chips. The entire system can be written in software and can run on ordinary PCs or cheap smart cards. It is easy to construct this kind of offline system for identified digital cash. Identified offline digital cash systems can accumulate the complete path the digital cash made through the economy. The identified digital cash "grows" each time it is spent. The particulars of each transaction are appended to the piece of digital cash and travel with it as it moves from person to person, merchant to vender. When the cash is finally deposited, the bank checks its database to see if the piece of digital cash was double spent. If the digital cash was copied and spent more than once, it will eventually appear twice in the "spent" database. The bank uses the transaction trails to identify the double spender. Offline anonymous digital cash (sans Observer chip) also grows with each transaction, but the information that is accumulated is of a different nature. The result is the same however. When the anonymous digital cash reaches the bank, the bank will be able to examine it's database and determine if the digital cash was double spent. The information accumulated along the way will identify the double spender. The big difference between offline anonymous digital cash and offline identified digital cash is that the information accumulated with anonymous digital cash will only reveal the identity of the spender if the cash is double spent. If the anonymous digital cash is not double spent, the bank can not determine the identity of the original spender nor can it reconstruct the path the cash took through the economy. With identified digital cash, both offline or online, the bank can always reconstruct the path the cash took through the economy. The bank will know what everyone bought, where they bought it, when they bought it, and how much they paid. And what the bank knows, the IRS knows. By the way, did you declare that $20 bill your Grandmother gave you for your birthday? You didn't? Well, you wont have to worry about forgetting those sorts of things when everybody is using fully identified digital cash. As a matter of fact, you wont even have to worry about filing a tax return. The IRS will just send you a bill. Jim_Miller at suite.com From mnemonic at eff.org Tue Sep 6 15:02:40 1994 From: mnemonic at eff.org (Mike Godwin) Date: Tue, 6 Sep 94 15:02:40 PDT Subject: A Different EFF on DigiTel Bill In-Reply-To: <199408291422.KAA10836@pipe3.pipeline.com.778170390> Message-ID: <34iotc$62t@eff.org> In article <199408291422.KAA10836 at pipe3.pipeline.com.778170390>, John Young wrote: >(If anyone cares, Mike posts zingers and unhealthy thoughts >like c'punks' regularly on list Cyberia-L.) Somebody's got to give those law professors some grief. --Mike -- Mike Godwin, (202) 347-5400 |"And walk among long dappled grass, mnemonic at eff.org | And pluck till time and times are done Electronic Frontier | The silver apples of the moon, Foundation | The golden apples of the sun." From hfinney at shell.portal.com Tue Sep 6 15:20:33 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 6 Sep 94 15:20:33 PDT Subject: Reputation Capital papers? In-Reply-To: <199409062037.QAA21812@arthur.bwh.harvard.edu> Message-ID: <199409062220.PAA21494@jobe.shell.portal.com> Adam Shostack writes: > Are there papers out there on reputation capital that I should >be familiar with before talking about it? I have a bunch of ideas, >but would like to review the lit before presenting any of them, so I >don't repeat things that have been talked about, and don't make any >dumb mistakes. I checked the index of AC, and also looked in the >bibliography under Chaum but did not see anything. I seem to recall a posting in outline form by Dean Tribble to this list about 1 1/2 years ago. It was some notes he had used in a presentation to a CP meeting. Maybe someone could dig it out again. I don't think Chaum has particularly used the term or even discussed the issue that much. It doesn't seem like it is an issue which is talked about in many places. Your ideas are probably as much worth hearing as anyone's. Hal Finney P.S. I did find a paper on the net called "Endorsements, Licensing, and Insurance for Distributed System Services", by Lai, Medvinsky, and Newman of Information Sciences Institute. Here is the abstract: "Clients in a distributed system place their confidence in many servers, and servers themselves rely on other servers for file storage, authentication, authorization, and payment. When a system spans administrative boundaries it becomes harder to assess the security and competence of potential service providers. This paper examines the issue of confidence in large distributed systems. "When confidence is lacking in the 'real world,' one relies on endorsements, licensing, insurance, and surety bonds to compensate. We show that by incorporating such assurances into a distributed system, users are better able to evaluate the risks incurred when using a particular server. This paper describes a method to electronically represent endorsements, licenses, and insurance policies, and discusses the means by which clients use such items when selecting service providers." Unfortunately, I can't recall where I saw the pointer to this paper. I'm sure other people read the same lists and newsgroups I do so perhaps someone else can provide a pointer. Also, my copy of the postscript paper would only print the first three pages, so I can't really evaluate their ideas. From CCGARY at MIZZOU1.missouri.edu Tue Sep 6 15:57:16 1994 From: CCGARY at MIZZOU1.missouri.edu (Gary Jeffers) Date: Tue, 6 Sep 94 15:57:16 PDT Subject: CEB1B PREMEIERE ISSUE Message-ID: <9409062257.AA16925@toad.com> * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp26uix.sig * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp26uix.zip MacIntosh: * _DE:_ ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/pgp/mac /MacPGP2.6ui_beta.sit.hqx * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/PGP/MacPGP2.6ui_V1.2sources.cpt.hqx Other sites to look for the above mentioned files at: ftp.informatik.uni-hamburg.de /pub/virus/crypt/pgp This site has most, if not all, of the current PGP files. ftp.wimsey.bc.ca /pub/crypto/software/dist/US_or_Canada_only_XXXXXXX/PGP (U. S. and Canadian users only) See /pub/crypto/software/README for the characters for XXXXXXXX This site has all public releases of the freeware PGP from 1.0 through 2.6 and 2.6ui. black.ox.ac.uk (129.67.1.165) /src/security/pgp26uix.zip (MS-DOS executables & docs) /src/security/pgp26uis.zip (Unix, MS-DOS, VMS, Amiga sources, docs, info on building PGP into mailers, editors, etc.) There are several other versions of PGP here, including the MIT release. ftp.csn.net /mpj/public/pgp/ contains PGP shells, faq documentation, language kits. ftp.netcom.com /pub/dcosenza -- Some crypto stuff, sometimes includes PGP. /pub/gbe/pgpfaq.asc -- frequently asked questions answered. /pub/qwerty -- How to MacPGP Guide, largest steganography ftp site as well. PGP FAQ, crypto FAQ, US Crypto Policy FAQ, Steganograpy software list. MacUtilites for use with MacPGP. Stealth1.1 + other steganography programs. Send mail to qwerty at netcom.com with the subject "Bomb me!" to get the PGP FAQ and MacPGP guide if you don't have ftp access. ftp.ee.und.ac.za /pub/crypto/pgp soda.berkeley.edu /pub/cypherpunks/pgp (DOS, MAC) ftp.demon.co.uk /pub/amiga/pgp /pub/archimedes /pub/pgp /pub/mac/MacPGP ftp.informatik.tu-muenchen.de ftp.funet.fi ftp.dsi.unimi.it /pub/security/crypt/PGP ftp.tu-clausthal.de (139.174.2.10) wuarchive.wustl.edu /pub/aminet/util/crypt src.doc.ic.ac.uk (Amiga) /aminet /amiga-boing ftp.informatik.tu-muenchen.de /pub/comp/os/os2/crypt/pgp23os2A.zip (OS/2) iswuarchive.wustl.edu pub/aminet/util/crypt (Amiga) nic.funet.fi (128.214.6.100) /pub/crypt/pgp23A.zip /pub/crypt/pgp23srcA.zip /pub/crypt/pgp23A.tar.Z ftp.uni-kl.de (131.246.9.95) qiclab.scn.rain.com (147.28.0.97) pc.usl.edu (130.70.40.3) leif.thep.lu.se (130.235.92.55) goya.dit.upm.es (138.4.2.2) tupac-amaru.informatik.rwth-aachen.de (137.226.112.31) ftp.etsu.edu (192.43.199.20) princeton.edu (128.112.228.1) pencil.cs.missouri.edu (128.206.100.207) StealthPGP: The Amiga version can be FTP'ed from the Aminet in /pub/aminet/util/crypt/ as StealthPGP1_0.lha. Also, try an archie search for PGP using the command: archie -s pgp26 (DOS & Unix Versions) archie -s pgp2.6 (MAC Versions) ftpmail: For those individuals who do not have access to FTP, but do have access to e-mail, you can get FTP files mailed to you. For information on this service, send a message saying "Help" to ftpmail at decwrl.dec.com. You will be sent an instruction sheet on how to use the ftpmail service. Another e-mail service is from nic.funet.fi. Send the following mail message to mailserv at nic.funet.fi: ENCODER uuencode SEND pub/crypt/pgp23srcA.zip SEND pub/crypt/pgp23A.zip This will deposit the two zipfiles, as 15 batched messages, in your mailbox with about 24 hours. Save and uudecode. For the ftp sites on netcom, send mail to ftp-request at netcom.com containing the word HELP in the body of the message. World Wide Web URLs: (Thanks to mathew at mantis.co.uk) _________________________________________________________________ MACPGP 2.3 Program * _UK:_ ftp://ftp.demon.co.uk/pub/pgp/MacPGP/MacPGP2.3.cpt.hqx * _UK:_ ftp://black.ox.ac.uk/src/security/macpgp2.3.cpt.hqx * _SE:_ ftp://isy.liu.se/pub/misc/pgp/2.3A/macpgp2.3.cpt.hqx * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/macpgp2.3.cpt.hqx * _FI:_ ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/macpgp2.3.cpt.hqx * _US:_ ftp://soda.berkeley.edu/pub/cypherpunks/pgp/macpgp2.3.cpt.hqx.gz Source code Requires Think C. * _UK:_ ftp://ftp.demon.co.uk/pub/pgp/MacPGP/MacPGP2.2src.sea.hqx -- version 2.2 only * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/macpgp2.3src.sea.hqx.pgp * _FI:_ ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/macpgp2.3src.sea.h qx.pgp Documentation PGP is rather counter-intuitive to a Mac user. Luckily, there's a guide to using MacPGP in ftp://ftp.netcom.com/pub/qwerty/Here.is.How.to.MacPGP. _________________________________________________________________ OS/2 PGP You can, of course, run the DOS version of PGP under OS/2. * _DE:_ ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/pgp/2.6ui/pgp26ui-os2.zip * _US:_ ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/pgp26os2.zip ftp://ftp.csn.net/mpj/README.MPJ for the ??????? _________________________________________________________________ AMIGA PGP 2.3 * _DE:_ ftp://ftp.uni-kl.de/pub/aminet/util/crypt/PGPAmi23a_3.lha * _US:_ ftp://ftp.wustl.edu/pub/aminet/util/crypt/PGPAmi23a_3.lha Source * _DE:_ ftp://ftp.uni-kl.de/pub/aminet/util/crypt/PGPAmi23a3_src.lha * _US:_ ftp://ftp.wustl.edu/pub/aminet/util/crypt/PGPAmi23a3_src.lha _________________________________________________________________ ARCHIMEDES PGP * _UK:_ ftp://ftp.demon.co.uk/pub/archimedes/ArcPGP23a _________________________________________________________________ DOCUMENTATION ONLY * _US:_ ftp://net-dist.mit.edu/pub/PGP/pgp26doc.zip * _UK:_ ftp://ftp.demon.co.uk/pub/pgp/pgp26doc.zip * _US:_ ftp://ftp.netcom.com/pub/mpj/public/pgp/pgp26doc.zip * _US:_ ftp://ftp.ftp.csn.net/mpj/public/pgp/pgp26doc.zip _________________________________________________________________ LANGUAGE MODULES These are suitable for most PGP versions. I am not aware of any export/import restrictions on these files. German * _UK:_ ftp://black.ox.ac.uk/src/security/pgp_german.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_german.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/PGP_german_docs.lha Italian * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.italian.tar.gz * _FI:_ ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/PGP/pgp-lang.italian.tar.gz * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.italian.tar.gz Japanese * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-msgs-japanese.tar.gz Lithuanian * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp23ltk.zip Russian * _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26ru.zip (MIT version) * _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26uir.zip (ui version) * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp26ru.zip Spanish * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.spanish.tar.gz * _FI:_ ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/pgp-lang.spanish.tar.gz * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.spanish.tar.gz Swedish * _UK:_ ftp://black.ox.ac.uk/src/security/pgp_swedish.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_swedish.txt _________________________________________________________________ OTHER SITES Some cryptographic software is available from ftp://van-bc.wimsey.bc.ca/pub/crypto/software/. Read the README file and proceed from there. BBS sites: Colorado Catacombs BBS (See also the entry above for PGP 2.6) (303) 772-1062 Longmont, Colorado (2 lines) (303) 938-9654 Boulder, Colorado (free call from Denver CO, but 1 line) For free access: log in with your own name, answer the questions, then select [Q]uestionaire 3 from the [M]ain menu. Verified: This morning. Hieroglyphics Voodoo Machine (Colorado) Jim Still (aka Johannes Keppler), sysop. DOS, OS2, and Mac versions. (303) 443-2457 Verified: 5-2-94 For free access for PGP, DLOCK, Secure Drive, etc., log in as "VOO DOO" with the password "NEW" (good for 30 minutes access to free files). Exec-Net (New York) Host BBS for the ILink net. (914) 667-4567 The Ferret BBS (North Little Rock, Arkansas) (501) 791-0124 also (501) 791-0125 Special PGP users account: login name: PGP USER password: PGP This information from: Jim Wenzel If you find a version of the PGP package on a BBS or FTP site and it does not include the PGP User's Guide, something is wrong. The manual should always be included in the package. If it isn't, the package is suspect and should not be used or distributed. The site you found it on should remove it so that it does no further harm to others. ARCHIE WHO? There are many more sites. You can use archie and/or other "net-surfing" tools to find a more up-to-date listing, if desired. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.7 mQCNAi4PT2QAAAEEAPPCZnrshEJ9PSnV+mXEwjM4kzJF0kyg2MnLMzo83vWI40ei jogncqdkXT0c2TQWg+Bsu9ckFoXdId0utumYv0aqd8yI/oU/DwJ1zJrqRL2PFbxe ZLofHoKFjvq1TiNiJq9ps3jW6iYS4IU1SzyKhjmyE+K0+WyrPPX0zg8FAL9FAAUR tCdNaWNoYWVsIFBhdWwgSm9obnNvbiA8bXBqQGNzbi5vcmc+IG1wajiJAJUCBRAu G3chZXmEuMepZt0BAZtAA/0Rw5mintlUDgHycNbeoyIiMHoLu8jWaCSaiGSt+dDU 1A/bUCo+gorv5TYxOClRf3XHjD6zSooWyUz3ehotrzPYLunhVOE2YBxPU+OvKFOc 37mcZrnXGBlF5NblnSYxp0186tGaTm7WMWx7NDlHT4GvhzHJQSOoo48ykDkKm/mk LIkAlQIFEC4PWbs/ZwY8hTPrxQEBKyMD/A7kv91C1ZZIRtkbC9k9lsWOgOnO8wG8 bGMajaco465Z5llWD+Y8QCMdSWcowtOBGfW0Wv1bZ1uebeCpg1L66pJ7C+BOExrk gPqRVCstLLiVerKGeSOZo3yXtxYKYX7mHQPrHp98ef7fUG4IiKS+S+znmGxpJwrV sHZRlhJ3hXUsiQCVAgUQLg9ZefX0zg8FAL9FAQFBTAQAh4u4Vun7WhPuL6fsXiXm paaGfeLtd3biRj/aOMAG1eHuhVdWejx71ormyKTdNB2YV56bpsE3JQ/KhBuYDo0N SkRnqeM2S+Ef7aZEg6Q44uXG52pqCZUldtCeYfOs3aLCR9SMlc6Y3zmpSwB1wKP0 5+tN9zruNYVKKBLWEIFAY7W0K01pY2hhZWwgUGF1bCBKb2huc29uIDxtLnAuam9o bnNvbkBpZWVlLm9yZz60IE1pY2hhZWwgSm9obnNvbiA8bXBqQG5ldGNvbS5jb20+ tChNaWtlIEpvaG5zb24gPDcxMzMxLjIzMzJAY29tcHVzZXJ2ZS5jb20+tCtNaWNo YWVsIFAuIEpvaG5zb24gPG1wam9obnNvQG55eC5jcy5kdS5lZHU+tC1EbyBub3Qg dXNlIGZvciBlbmNyeXB0aW9uIGFmdGVyIDI3IEp1bmUgMTk5Ni4= =rR4q - -----END PGP PUBLIC KEY BLOCK----- ___________________________________________________________ |\ /| | | | | \/ |o| | Michael Paul Johnson Colorado Catacombs BBS 303-772-1062 | | | | / _ | mpj at csn.org aka mpj at netcom.com m.p.johnson at ieee.org | | |||/ /_\ | ftp://ftp.csn.net/mpj/README.MPJ CIS: 71331,2332 | | |||\ ( | ftp://ftp.netcom.com/pub/mpj/README.MPJ -. --- ----- ....| | ||| \ \_/ |___________________________________________________________| -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAgUBLkq2xfX0zg8FAL9FAQFTNgP+MRZEelkRWavsKsLKgTpZEXix++Bhk8CW s1jgJkyFEgEjS5EDPsKUOZKT+peohlfSmMO1dvO4125b+g+jg3rI/BQQOnWA65PT 8ylmelaoQSrzPhbYvPCk/a7zzOqoGnfa3x4C3ECJBRKFvofaZOgo1pzzCxwwa/wW PtYKpgCtp34= =H24Y -----END PGP SIGNATURE----- Section 3: Michael Johnson's PGP bomb contribution. From: Michael Johnson Subject: PGP Time Bomb FAQ -----BEGIN PGP SIGNED MESSAGE----- PGP TIME BOMB FAQ There has been some confusion about the annoying "Time Bomb" in MIT PGP 2.6, as well as some other PGP version compatibility issues. This is an attempt to clear up some of that confusion. WHY IS THERE A TIME BOMB IN MIT PGP 2.6? In the process of negotiating for the right to distribute a fully legal version of PGP that the patent assignees agree doesn't infring upon their patents, MIT agreed to include an inducement for people to upgrade from the alledgedly infringing freeware PGP 2.3a to the clearly legal freeware MIT PGP 2.6 or the also clearly legal Viacrypt PGP 2.7. Folks, you may not realize it, but the RSADSI/PKP concession to allow a freeware PGP in the USA is BIG TIME GOOD NEWS! To induce a small incompatibility with a downlevel version of PGP with several bugs in it is a small annoyance by comparison. WHAT IS THE NATURE OF THE TIME BOMB? On 1 September 1994 UT, by your system clock, MIT PGP 2.6 will start generating encrypted message and signature packets with a version byte (offset 3) of 2 instead of 3. It will accept either 2 or 3 as valid. This means that messages from PGP 2.3a and old messages from MIT PGP 2.6 can be read by MIT PGP 2.6, but new messages from MIT PGP 2.6 cannot be read by PGP 2.3a. See pgformat.doc in the MIT PGP 2.6 distribution for the location and use of these bytes. This time bomb is activated by code in pgp.c that looks like this: #define VERSION_BYTE_OLD 2 /* PGP2 */ #define VERSION_BYTE_KLUDGE 3 ... boolean legal_kludge; int version_byte = VERSION_BYTE_OLD; ... /* Turn on incompatibility as of 1 September 1994 (GMT) */ legal_kludge = (get_timestamp(NULL) >= 0x2e651980); ... if (legal_kludge) version_byte = VERSION_BYTE_KLUDGE; Although a method for disarming the time bomb is obvious to the casual C programmer, disabling this feature invalidates the RSA license to use the program, and really doesn't gain you much for reasons that will become obvious below. HOW DOES THIS TIME BOMB AFFECT COMPATIBILITY WITH OTHER VERSIONS? The bottom line is that PGP 2.3a and before (as well as Viacrypt PGP 2.4) cannot read all of the latest PGP version formats, starting on 1 September 1994. Here is a summary of the version bytes generated and understood: Format generated Formats before/after understood Version 1 Sep 94 (all times) - ---------------------------- ----- ---- ----------- 2.3 2 2 2 2.3a 2 2 2 Amiga 2.3a.4 2 2 2,3 Viacrypt 2.4 2 2 2 2.6ui 2 2 2,3 MIT 2.6 2 3 2,3 Viacrypt 2.7, pkcs_compat=1 2 3 2,3 Viacrypt 2.7, pkcs_compat=2 2 2 2,3 Viacrypt 2.7, pkcs_compat=3 3 3 2,3 (Not mentioned above is MIT PGP 2.5, which was a buggy beta, nor several other versions that are outside the mainstream PGP project). If you are using one of the versions above that cannot understand version byte 3 messages, you should upgrade to one that does. The upgrade from Viacrypt PGP 2.4 to Viacrypt PGP 2.7 is only US$10, and also provides several other enhancements. As you can see, people with downlevel versions of PGP will not be able to read all PGP messages directed at them, nor will they be able to verify all of the signed messages they might wish to verify. It is also worth noting that none of the new versions have any trouble reading the old format messages. WHAT IS THE RSA KEY MODULUS LENGTH LIMIT? The RSA key modulus length limit for compatibility with all mainstream PGP versions is 1024 bits (military grade). I recommend the use of this length, at least for now. PGP 2.3a, running on some platforms (but not others), use to be able to generate and use 1264 bit keys. In addition, some people have hacked their own copies of PGP to generate and use longer keys (up to 8192 bits or some such crazy number). Distribution of these hacked versions under the "Pretty Good Privacy" trademarked name is not recommended, since it upsets the trade mark owner (Philip Zimmermann) and interferes with some of his long term plans to support longer keys in a more organized fashion. IS 1024 BITS LONG ENOUGH? Conservative estimates of increasing computing power, advancing mathematical knowledge, and the propensity of certain spy organizations to spend lots of money on these things say that 1024 bit keys are strong enough for at least 20 years or so. Less paranoid prognosticators say that such keys are good for hundreds of years. More paranoid prognosticators think that someone has already broken RSA and not told us about it, so no RSA key is safe. My opinion is that RSA keys with a modulus of about 1024 bits in length is more than adequate to protect most electronic mail and financial transactions. What do you think? HOW DOES THE STRENGTH OF RSA AND IDEA COMPARE? As implemented in PGP, the IDEA cipher used for bulk encryption appears to be stronger than the RSA cipher. In fact, to strengthen the RSA to the same level as the IDEA cipher (assuming a brute force attack), it would take an RSA modulus of about 3100 bits. WHY NOT ALLOW LONGER RSA KEYS, ANYWAY? OK, so you are more paranoid than me, and want the RSA key to be at least as strong as the IDEA cipher. Why isn't there a higher limit to the RSA key size? First, there is the minor problem that RSAREF and BSAFE (which are tied to the RSA patent license for the freeware and some commercial versions of PGP) have a key length limit of 1024 bits. Changing this involves negotiations with RSADSI/PKP, and could take some time. Second, allowing longer key sizes could create a Tower of Babel problem of incompatible PGP versions, since not all versions could handle these long keys. Third, the implementation of longer keys needs to be done in an orderly manner such that all mainstream PGP versions (Viacrypt, MIT freeware, BSAFE-based commercial, and possibly a non-USA variant) are first upgraded to accept, but not generate, the longer keys. After all PGP users can accept the longer keys, then PGP versions can start generating the longer keys with no interruption in service. It still makes sense to have a length limit for compatibility reasons. I have asked Philip Zimmermann to increase that to at least 4096 bits when he can, and I think that he will do that in an orderly manner if there isn't too much in the way of hassles with RSAREF and BSAFE licensing. If this isn't secure enough for you, shift to conventional encryption and manual (direct person-to-person) key exchange, making sure that your keys have at least 128 bits of entropy. This can be done with pgp -c or another private key encryption program called dlock that has the virtues of (1) NO patent problems, and (2) very strong encryption. (DLOCK is not nearly as user friendly as PGP, but what do you want for free?) HOW DOES PKCS BYTE ORDERING IN KEYS AFFECT COMPATIBILITY? PGP versions 2.2 and before generated key and signature block formats with a different byte order than derived from the PKCS standards. PGP 2.3 also generated this old format if you specified +pkcs_compat=0 in config.txt or on the command line. This old format is now obsolete. Unfortunately, the old format cannot be parsed by RSAREF or BSAFE, so PGP versions based on these crypto engines (like MIT PGP 2.6) cannot read those packets. Viacrypt PGP, From CCGARY at MIZZOU1.missouri.edu Tue Sep 6 15:57:45 1994 From: CCGARY at MIZZOU1.missouri.edu (Gary Jeffers) Date: Tue, 6 Sep 94 15:57:45 PDT Subject: CEB 1A PREMEIRE ISSUE Message-ID: <9409062257.AB16925@toad.com> CYPHER-REBELS ELECTRONIC BOOK (CEB) SEPTEMBER 05, 1994 LABOR DAY ISSUE PREMIERE ISSUE Publisher Gary Lee Jeffers A compendium of the best software & info for today's electronic privacy freedom fighters. This text may be distributed in part or in full anywhere you want. It may be given away freely or copies may be sold. CEB wants to be free & valuable. TABLE OF CONTENTS Chapter 1. PGP general. Section 2: Michael Johnson's PGP FAQ contribution Chapter 2. Steganography. "A picture is worth a thousand words." Chapter 3. Shells for PGP Section 1. David Merriman's WinPGP26.ZIP Section 2. Ross Barclay's WinFront 3.0 Chapter 4. Generally cool things. Section 1. Loompanics sources. Section 2. Viruses sources. Chapter 5. Getting the Cypherpunks' archived & indexed list. Chapter 6. Remailers & chained remailers. Chapter 7. Current problems in Crypt. CCCCCCCCCC YYYY YYYY PPPPPP HH HH EEEEEEE RRRRRRRRR CCCCCCCCCC YY YY PP PP HH HH EEEEEEE RRRRRRRRR CCC YY YY PP PP HH HH EE RR RR CCC YY YY PPPPPP HHHHHHHH EE RR RR CCC YYY PP HHHHHHHH EEEEEEE RR RR CCC YYY PP HH HH EEEEEEE RRRRRRRR CCC YYY PP HH HH EE RRRRRRR CCC YYY PP HH HH EE RRRRRR CCCCCCCCCC YYY PP HH HH EE RR RR CCCCCCCCCCC YYY PP HH HH EEEEEEE RR RR PP HH HH EEEEEEE RR RR RRRRRRRRRRR RR RR RRRRRRRRRRRRRR EEEEEEEEE RRRRRRRRRRR EEEEEEEEEEE BBBBBBBB EEEEEEEEEE SSSSSSS RRRRRRRR EEEEEEEEE BBBBBBBBBBB EE EEEEEEE SSSSSSSSS RR RRRR EEEEEEEEEE BBBBBBBBBB EEEEEEE SSSSSSSSS RRR RRRR EEEEEEEE BBBBBBBB EEEEEEE SSSSSSSS RRR RRRRR EEEEEE BBBBBB EEEEEEEE SSSSSSSSS RRRRRRRRRRRRRR EEEEEEE BBB EEEEEEEEEEE SSSSSSSSSS RRRRRRRRRRRRRR EEEEEEEEEE BB EEEEEEEEEEE SSSSSSS RRRRRRR RRRR EEEEEEEEEE BBB EEEEEEEEEEEEEE SSSSSSSSSSSSS RRR RRRRR EEEEEEEEEEEE BBBBB EEEEEEEEEEEEEEE SSSSSSSSSSSS RRRRR RR EEEEEEEE BBBBBBB EEEEEEEEE SSSSSSSSSS RR RRRRR EEEEEE BBBBBBBBB EEEEEEE SSSSSSSSSS RR RRRRR EEEEEE BBBBBBBBB EEEEEEE SSSSSSSSSS RRR RRRRRR EEEEEEEEEEE BBBBBBBB EEEEEEEEEEEE SSSSSSSSSSS RRRR RRRRRRR EEEEEEEEEEEEE BBBBBBB EEEEEEEEEEEEE SSSSSSSSSSSS PPPPPPPPPPP GGGGGGGGG PPPPPPPPPPP PPPPPPPPPPP GGGGGGGGG PPPPPPPPPPP PPP PP GGG PPP PP PPPPPPPPPPPP GGG GGGGGGG PPPPPPPPPPP PPPPPPPPPP GGG GGGGGGG PPPPPPPP PPP GGG GG PPP PPP GGGGGGGGGGGGG PPP PPP GGGGGGGGGGGG PPP Chapter 1. PGP general. PGP is Pretty Good Privacy from Phil Zimmermann. It is currently the best available encryption available to civilians at large. Zimmermann is the programmer on the original PGP versions but now, apparently, just guides other programmers in making improved versions. PGP uses two encryption algorithms: RSA for its Public Key powers & IDEA for its bulk encryption. The advantages of PGP over other crypt/decrypt systems are: 1. RSA algorithm. Allows users to communicate without needing a secure channel to exchange keys. - PUBLIC KEY ENCRYPTION. 2. The program system has been very well done & has huge development support. 3. It has huge popularity. 4. Security is guaranteed with distribution of source code & public investigation. 5. Its free. 6. Both RSA & IDEA are "STRONG" algorithms. MIT,s PGP 2.6 has the blessing of Zimmermann. PGP 2.6 ui is believed to have Zimmermann's approval because he has not attacked it. It is believed that Zimmermann will not endorse the ui version due to possible legal problems. Section 2: Michael Johnson's PGP FAQ contribution From: Michael Paul Johnson Subject: Where to get the latest PGP (Pretty Good Privacy) FAQ To: cypherpunks at toad.com -----BEGIN PGP SIGNED MESSAGE----- WHERE TO GET THE PRETTY GOOD PRIVACY PROGRAM (PGP) (Last modified: 11 August 1994 by Mike Johnson) WHAT IS THE LATEST VERSION? There is more than one latest version. Pick one or more of the following that best suits your computer, patent restrictions, and export restrictions. Some countries (like France) may also restrict import or even use of strong cryptography like PGP. |-----------------|--------------|-------------|---------------------| | Platform(s) | Countries | Allowed Use | Latest Version | |-----------------|--------------|-------------|---------------------| | DOS, Unix, | USA & Canada | Commercial | Viacrypt PGP 2.7 | | or WinCIM/CSNav | | Personal | | | | | Research | | |-----------------|--------------|-------------|---------------------| | DOS, Unix, Mac, | USA & Canada | Personal | MIT PGP 2.6 | | OS/2, others | | Research | | |-----------------|--------------|-------------|---------------------| | DOS, Unix, Mac, | Most of the | Personal | PGP 2.6ui | | OS/2, others | world except | Research | ui=unofficial | | | the USA. | | international | |-----------------|--------------|-------------|---------------------| | Mac Applescript | Most of the | Personal | MacPGP 2.6ui v 1.2 | | | world except | Research | | | | the USA. | | | |-----------------|--------------|-------------|---------------------| | Mac Applescript | USA | Research | MacPGP 2.6ui v 1.2 | |-----------------|--------------|-------------|---------------------| | Amiga | Most of the | Personal | Amiga PGP 2.3a.4 | | | world except | Research | | | | the USA. | | PGPAmi23a_4.lha | |-----------------|--------------|-------------|---------------------| | Amiga | USA | Personal | Amiga PGP 2.6 0b0.6 | | | | Research | | |-----------------|--------------|-------------|---------------------| | Atari | Most of the | Personal | Atari PGP 2.3a | | | world except | Research | | | | the USA. | | | |-----------------|--------------|-------------|---------------------| | Atari | USA | Research | Atari PGP 2.3a | |-----------------|--------------|-------------|---------------------| | Any of the | Countries | Commercial | Any of the above | | above | where IDEA | Personal | | | | is not | Research | | | | patented and | | | | | cryptography | | | | | is not | | | | | restricted. | | | |-----------------|--------------|-------------|---------------------| Note: there are other versions available, but these are either old, or outside of the mainstream PGP project. Look for new versions from one of three sources: Viacrypt (Commercial), MIT (North American freeware), or mathew at mantis.co.uk (the unofficially non-designated holder of the unofficial international version that parallels what Philip Zimmermann and the rest of the PGP development team is doing in the USA. Note that the MIT PGP 2.6 is illegal to export from the USA or Canada, but using it outside of the USA and Canada for noncommercial use is not illegal in most countries. In spite of the best efforts of MIT and the other primary developers and distributors of PGP not to violate the International Traffic in Arms Regulations, MIT PGP 2.6 is available on some of the same sites listed for PGP 2.6ui, below. The noncommercial use restriction comes from both the RSAREF license and the patent on the IDEA cipher in Europe and North America. WHAT IS ALL THIS NONSENSE ABOUT EXPORT CONTROLS? For a detailed rant, get ftp://ftp.csn.net/mpj/cryptusa.zip The practical meaning, until the law is corrected to make sense, is that you are requested to get PGP from sites outside of the USA and Canada if you are outside of the USA and Canada. If you are in France, I understand that you aren't even supposed import it. Other countries may be worse. WHAT IS THE "TIME BOMB" IN MIT PGP 2.6? As a concession to the RSA patent holders (in return for endorsement of the legality of the freeware MIT PGP 2.6), MIT placed an inducement in MIT PGP 2.6 to encourage upgrade from the alledgedly patent-infringing PGP 2.3a to the MIT version. The nature of this inducement is a change in a packet ID byte that causes PGP 2.3a and earlier to reject messages created by MIT PGP 2.6 after 1 September 1994. Altering MIT PGP 2.6 to bypass this annoyance (though technically an easy change to the LEGAL_KLUDGE), invalidates the blessing of Public Key Partners on the licence of MIT PGP 2.6. Therefore, it is a bad idea. On the other hand, it is trivial to hack PGP 2.3a to accept these packets, and that (plus a few other bug fixes) is essentially what PGP 2.6ui is. None of the versions of PGP greater than 2.3 have problems reading the old packet ID values, so for maximum compatibility, the ideal is to write the old value and accept either value. Unfortunately, this time bomb has a negative effect on Viacrypt PGP 2.4, as well, which never infringed on anyone's patents. Viacrypt's solution was to issue PGP 2.7, which, by default acts just like MIT PGP 2.6, but has a config.txt option (explained in the release) that allows compatibility with both PGP 2.4 and PGP 2.6. Naturally, this also allows compatibility with PGP 2.3a. The time bomb is annoying for those who still wish to use PGP 2.3a, and for those who use Viacrypt PGP 2.4 and don't want to spend US$10 to upgrade to Viacrypt PGP 2.7, but considering the magnitude of the concession made by Public Key Partners in legitimizing the freeware PGP for use in the USA, it was worth it. ARE MY KEYS COMPATIBLE WITH THE OTHER PGP VERSIONS? If your RSA key modulus length is less than or equal to 1024 bits (I don't recommend less, unless you have a really slow computer and little patience), and if your key was generated in the PKCS format, then it will work with any of the mainstream PGP versions (PGP 2.3a, Viacrypt PGP 2.4, MIT PGP 2.6, PGP 2.6ui, or Viacrypt PGP 2.7). If this is not the case, you really should generate a new key that qualifies. Philip Zimmermann is aware of the desire for longer keys in PGP by some PGP fans (like me), but wants to migrate towards that goal in an orderly way, by first releasing versions of PGP in for all platforms and for both commercial (Viacrypt) and freeware (MIT) flavors that ACCEPT long keys, then releasing versions that can also GENERATE long keys. He also has some other neat key management ideas that he plans to implement in future versions. WHAT ARE THE KNOWN BUGS IN PGP? These are the most annoying: MIT PGP 2.6 -- the function xorbytes doesn't. Replace the = with ^= to fix it. The effect of this bug is that RSA keys aren't quite as random as they should be -- probably not a practical problem, but worth fixing if you are going to compile the code yourself. MIT PGP 2.6 -- DON'T SET PGPPASS when editing your keys, because if you do, and if you don't change your pass phrase, the key is lost. (If this happens, rename your backup keyring files to the primary files before you do anything else). PGP 2.6ui -- Conventional encryption -c option doesn't use a different IV every time, like it is supposed to. (PGP 2.3a had this problem, too). WHERE CAN I GET VIACRYPT PGP? Versions are available for DOS, Unix, or WinCIM/CSNav Commercial software. Call 800-536-2664 to order. If you are a commercial user of PGP in the USA or Canada, contact Viacrypt in Phoenix, Arizona, USA. The commecial version of PGP is fully licensed to use the patented RSA and IDEA encryption algorithms in commercial applications, and may be used in corporate environments in the USA and Canada. It is fully compatible with, functionally the same as, and just as strong as the freeware version of PGP. Due to limitations on ViaCrypt's RSA distribution license, ViaCrypt only distributes executable code and documentation for it, but they are working on making PGP available for a variety of platforms. Call or write to them for the latest information. The latest version number for their version of PGP is 2.7. Upgrade from Viacrypt PGP 2.4 to 2.7 is free if you bought version 2.4 after May 27, 1994, otherwise the upgrade is US$10. Viacrypt's licensing and price information is as follows: ViaCrypt PGP for MS-DOS 1 user $ 99.98 ViaCrypt PGP for MS-DOS 5 users $ 299.98 ViaCrypt PGP for MS-DOS 20 users or more, call ViaCrypt ViaCrypt PGP for UNIX 1 user $ 149.98 ViaCrypt PGP for UNIX 5 users $ 449.98 ViaCrypt PGP for UNIX 20 users or more, call ViaCrypt ViaCrypt PGP for WinCIM/CSNav 1 user $ 119.98 ViaCrypt PGP for WinCIM/CSNav 5 user $ 359.98 ViaCrypt PGP for WinCIM/CSNav 20 users or more, call ViaCrypt If you wish to place an order please call 800-536-2664 during the hours of 8:30am to 5:00pm MST, Monday - Friday. They accept VISA, MasterCard, AMEX and Discover credit cards. If you have further questions, please feel free to contact: Paul E. Uhlhorn Director of Marketing, ViaCrypt Products Mail: 2104 W. Peoria Ave Phoenix AZ 85029 Phone: (602) 944-0773 Fax: (602) 943-2601 Internet: viacrypt at acm.org Compuserve: 70304.41 WHERE CAN I GET MIT PGP? MIT PGP is Copyrighted freeware. Telnet to net-dist.mit.edu, log in as getpgp, answer the questions, then ftp to net-dist.mit.edu and change to the hidden directory named in the telnet session to get your own copy. MIT-PGP is for U. S. and Canadian use only, but MIT is only distributing it within the USA (due to some archaic export control laws). 1. Read ftp://net-dist.mit.edu/pub/PGP/mitlicen.txt and agree to it. 2. Read ftp://net-dist.mit.edu/pub/PGP/rsalicen.txt and agree to it. 3. Telnet to net-dist.mit.edu and log in as getpgp. 4. Answer the questions and write down the directory name listed. 5. QUICKLY end the telnet session with ^C and ftp to the indicated directory on net-dist.mit.edu (something like /pub/PGP/dist/U.S.-only-????) and get the distribution files (pgp26.zip, pgp26doc.zip, pgp26src.tar.gz, MacPGP2.6.sea.hqx, and MacPGP2.6.src.sea.hqx). If the hidden directory name is invalid, start over at step 3, above. File names (shortened file names are for DOS BBS distribution): pgp26doc.zip - documentation only pgp26.zip - includes DOS executable & documentation pgp26src.zip - source code pgp26src.tar or pgp26src.tar.gz - source code release for Unix and others macpgp26.hqx or MacPGP2.6.sea.hqx - Macintosh executable & documentation macpgp26.src or MacPGP2.6.src.sea.hqx - Macintosh source code mcpgp268.hqx or MacPGP2.6-68000.sea.hqx - Macintosh executable for 68000 pgp26os2.zip - OS/2 executable (may not be on the MIT archive) RSA and IDEA algorithms licenced for personal and noncommercial use. Uses RSAREF, which may not be modified without RSADSI permission. Contains "time bomb" to start generating messages incompatible with PGP 2.3 and 2.4 on 1 September 1994 as an incentive for people to not use PGP 2.3a in the USA, which RSADSI claims infringes on their patents. Mac versions are not yet Applescriptable. This version is not intended for export from the USA and Canada due to the USA's International Traffic in Arms Regulations and Canada's corresponding regulations. You can also get MIT PGP 2.6 from: ftp.csn.net/mpj ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/pgp26.zip ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/pgp26src.zip ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/pgp26os2.zip ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/pgp26src.tar.gz ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/mac MacPGP2.6.sea.hqx MacPGP2.6.src.sea.hqx MacPGP2.6-68000.sea.hqx ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/amiga/ pgp26-amiga0b0.6-000.lha pgp26-amiga0b0.6-020.lha pgp26-amiga0b0.6-src.lha amiga.txt See ftp://ftp.csn.net/mpj/README.MPJ for the ??????? See ftp://ftp.csn.net/mpj/help for more help on negotiating this site's export control methods. ftp.netcom.com/pub/mpj ftp://ftp.netcom.com/mpj/I_will_not_export/crypto_???????/pgp/pgp26.zip ftp://ftp.netcom.com/mpj/I_will_not_export/crypto_???????/pgp/pgp26src.tar.gz ftp://ftp.netcom.com/pub/mpj/I_will_not_export/crypto_???????/pgp/ MacPGP2.6.sea.hqx ftp://ftp.netcom.com/pub/mpj/I_will_not_export/crypto_???????/pgp/ MacPGP2.6.src.sea.hqx MacPGP2.6-68000.sea.hqx See ftp://ftp.netcom.com/pub/mpj/README.MPJ for the ??????? See ftp://ftp.netcom.com/pub/mpj/help for more help on negotiating this site's export control methods. TO GET THESE FILES BY EMAIL, send mail to ftp-request at netcom.com containing the word HELP in the body of the message for instructions. You will have to work quickly to get README.MPJ then the files before the ??????? part of the path name changes again (several times a day). ftp.eff.org Follow the instructions found in README.Dist that you get from one of: ftp://ftp.eff.org/pub/Net_info/Tools/Crypto/README.Dist gopher.eff.org, 1/Net_info/Tools/Crypto gopher://gopher.eff.org/11/Net_info/Tools/Crypto http://www.eff.org/pub/Net_info/Tools/Crypto/ COMPUSERVE The NCSA Forum sysops have a library that is available only to people who send them a message asserting that they are within the U. S. A. This library contains PGP. I have also seen PGP 2.6 in some other places on Compuserve. Try searching for PGP26.ZIP in the IBMFF forum for up-to-date information on PGP in selected other areas. The last time I tried a search like this, PGP 2.6 was found in the PC World Online forum (GO PWOFORUM) new uploads area, along with several PGP shells and accessories. I've also heard that EUROFORUM caries PGP 2.6ui, but have not confirmed this. Compuserve file names are even more limited than DOS, so the file names to look for are PGP26.ZIP, PGP26S.ZIP (source code), and PGP26D.ZIP (documentation only). Colorado Catacombs BBS Mike Johnson, sysop Mac and DOS versions of PGP, PGP shells, and some other crypto stuff. Also the home of some good Bible search files and some shareware written by Mike Johnson, including DLOCK, CRYPTA, CRYPTE, CRYPTMPJ, MCP, MDIR, DELETE, PROVERB, SPLIT, ONEPAD, etc. v.FAST/v.32bis/v.42bis, speeds up to 28,800 bps 8 data bits, 1 stop, no parity, as fast as your modem will go. Use ANSI terminal emulation, of if you can't, try VT-100. Free access to PGP. If busy or no answer, try again later. Log in with your own name, or if someone else already used that, try a variation on your name or pseudonym. You can request access to crypto software on line, and if you qualify legally under the ITAR, you can download on the first call. Download file names: pgp26.zip (DOS version with documentation) pgp26src.tar (Unix version and source code) pgp26doc.zip (Documentation only -- exportable) macpgp26.hqx (MacPGP executables, binhexed .sea) macpgp26.src (MacPGP source, binhexed .sea) mcpgp268.hqx (MacPGP executables, binhexed .sea for 68000 processor). (303) 772-1062 Longmont, Colorado number - 2 lines. (303) 938-9654 Boulder, Colorado number forwarded to Longmont number intended for use by people in the Denver, Colorado area. Verified: This morning. Hieroglyphics Voodoo Machine (Colorado) Jim Still (aka Johannes Keppler), sysop. DOS, OS2, and Mac versions. (303) 443-2457 For free access for PGP, DLOCK, Secure Drive, etc., log in as "VOO DOO" with the password "NEW" (good for 30 minutes access to free files). Other BBS and ftp sites do have these files, as well. I noticed that PGP26.ZIP is being distributed on FIDONET. WHERE CAN I GET PGP FOR USE OUTSIDE OF THE USA? The latest for outside the USA is the "Unofficial International" PGP 2.6 for most platforms, MacPGP 2.3aV1.2 for the Mac (although 2.6ui is under development and should appear very soon), and 2.3a.4 for the Amiga. The latest amiga version is fully compatible with MIT's PGP 2.6. Copyrighted freeware. Version 2.6ui released by mathew at mantis.co.uk. Amiga version 2.3a4 released by Peter Simons These versions do NOT use RSAREF. No RSA patent problems outside the USA, but this version is not legal for commercial or extensive personal use in the USA. IDEA licensed for presonal use only in countries where the IDEA patent holds. The freeware version of PGP is intended for noncommercial, experimental, and scholarly use. It is available on thousands of BBSes, commercial information services, and Internet anonymous-ftp archive sites on the planet called Earth. This list cannot be comprehensive, but it should give you plenty of pointers to places to find PGP. Although the latest freeware version of PGP was released from outside the USA (England), it is not supposed to be exported from the USA under a strange law called the International Traffic in Arms Regulations (ITAR). Because of this, please get PGP from a site outside the USA if you are outside of the USA and Canada. Even though the RSAREF license associated with PGP 2.6 from MIT no longer prohibits use outside the USA, it still carries the not-for-profit restriction that the original RSA code in PGP 2.6ui doesn't have. On the other hand, patents on the IDEA cipher may limit PGP use in your country to nonprofit applications, anyway. Indeed, I understand that there are some countries where private electronic mail is not legal, anyway. These listings are subject to change without notice. If you find that PGP has been removed from any of these sites, please let me know so that I can update this list. Likewise, if you find PGP on a good site elsewhere (especially on any BBS that allows first time callers to access PGP for free), please let me know so that I can update this list. Source code (gzipped tar format): * _UK:_ ftp://ftp.demon.co.uk/pub/pgp/pgp26ui-src.tar.gz * _UK:_ ftp://ftp.demon.co.uk/pub/pgp/pgp26ui-src.tar.gz.sig * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp26ui-src.tar.gz * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp26ui-src.tar.gz.sig.gz * _TW:_ ftp://nctuccca.edu.tw/PC/wuarchive/pgp/pgp26ui-src.tar.gz * _TW:_ ftp://nctuccca.edu.tw/PC/wuarchive/pgp/pgp26ui-src.tar.gz.sig.gz Source code (zip format): * _UK:_ ftp://ftp.demon.co.uk/pub/pgp/pgp26uis.sig * _UK:_ ftp://ftp.demon.co.uk/pub/pgp/pgp26uis.zip * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp26uis.sig * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp26uis.zip * _TW:_ ftp://nctuccca.edu.tw/PC/wuarchive/pgp/pgp26uis.zip Executable for DOS (zip format): * _UK:_ ftp://ftp.demon.co.uk/pub/pgp/pgp26uix.sig * _UK:_ ftp://ftp.demon.co.uk/pub/pgp/pgp26uix.zip * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp26uix.sig From ianf at simple.sydney.sgi.com Tue Sep 6 16:02:58 1994 From: ianf at simple.sydney.sgi.com (Ian Farquhar) Date: Tue, 6 Sep 94 16:02:58 PDT Subject: Aust crypto regulations In-Reply-To: <199409061341.GAA19268@cae.retix.com> Message-ID: <9409070857.ZM12456@simple.sydney.sgi.com> On Sep 6, 6:41am, joshua geller wrote: > > Matthew Gream (M.Gream at uts.edu.au) wrote [in re aussie spooks and > > crypto (I think)]: > > In short: Anything cryptographic, they want to know about, and they > > want to know about it on a per end-user basis. They advise against > > distribution on the "Internet" and any distribution without prior > > approval otherwise there could be "problems". > I am sure they will be as successfull as their american counterparts in > suppressing such distribution. It's kinda interesting, because another contact I have in DSD said that he wasn't aware of any restrictions on the distribution of crypto software. This may have been simply a personal lack of knowledge, but it also may indicate the obscurity of the restriction itself. It also interests me in that their charter gives DSD absolutely no responsibility for the control of domestic crypto. Anyway, if there are any other Australians on the list apart from Matthew and myself, I think a few letters to our respective members of Federal parliament are in order now. This law not acceptable, and I am pretty sure that most politicians won't support the spooks in this matter (the fact that Matthew has had such a hard time finding out makes me suspect that this is regulation might have been slipped in "under wraps", and I see the fingerprints of the AG's Law Enforcement Advisory Committee all over it). If we can coordinate this, all the better. Unfortunately, my MP is the Right Honorable Paul Keating, MP (Prime Minister), and his position reduces the time he spends on constituency matters somewhat. It's not going to stop me trying, though. Ian. From nobody at kaiwan.com Tue Sep 6 16:04:34 1994 From: nobody at kaiwan.com (Anonymous) Date: Tue, 6 Sep 94 16:04:34 PDT Subject: The Ethics of Remailers Message-ID: <199409062304.QAA03012@kaiwan.kaiwan.com> >From ghio at kaiwan.com Mon Sep 5 12:16:28 1994 >Sender: owner-cypherpunks at toad.com >Precedence: bulk > Date: Fri, 2 Sep 1994 11:09:40 -0600 > From: Patrick Juola > To: cypherpunks at toad.com > Subject: Needed for a computer ethics class > > > Does anyone have a concise, citeable statement about why anonymous > remailers are a good thing? Some sort of position statment by > Julf would be ideal. Similarly, if anyone has something for the > *other* side of the coin, I'd love to see that. > > I'm in the process of writing a course on computer ethics for > the University of Colorado at Boulder and I think anonymous > remailers would be a good subject for an essay assignment, but > I need enough material (ideally, primary source material) to > lay the groundwork first. > > Patrick >>No, but it's something that I often get asked. I would be interested to hear >>examples of good things that people are using my anonymous remailer for. Well about the best example I can think of is Canadian related. In Ontario Canada there is a ban in effect on a trial of a young lady named Karla Homolka. Karla and her (ex) hubby (who is presently incarcerated awaiting trial) are likely guilty (certainly Karla was found guilty at her trial) of pretty heinous acts of murder, torture etc. So heinous, that the judge banned all publication of the details surrounding Karla's trial. However, when he did so, he apparantly hadn't heard about Internet, because now its quite likely alot of the details have slipped through the cracks. The remailers have been used to protect anonymous sources posting to the Internet in order to help the public circumvent the ban. If they didn't exist, then its quite likely that circulation of the info....even on Internet, would have been made more difficult. The remailers, with their chaining abilities have certainly helped the spread of the info. Other than that, it's likely the remailers are useful for certain politically sensitive operations (ie circumventing ITAR) or socially sensitive (ie in discussions that the politically correct go up in arms about (ie gay rights.. for or against). And then of course there is the old stand-by use of posting stories to alt.sex.stories, etc :> From ghio at chaos.bsu.edu Tue Sep 6 16:14:24 1994 From: ghio at chaos.bsu.edu (Matthew Ghio) Date: Tue, 6 Sep 94 16:14:24 PDT Subject: Remailer at Wein? Message-ID: <199409062313.SAA07625@chaos.bsu.edu> Mark Terka wrote: > Is the remailer at remailer at ds1.wu-wein.ac.at up and running? Test > messages to that site kept bouncing. It answered my ping last night (finger remailer-list at chaos.bsu.edu) > Also, how do I get ahold of that remailer's public key for encrypting > messages through them? finger remailer.help.all at chaos.bsu.edu From ghio at chaos.bsu.edu Tue Sep 6 16:24:24 1994 From: ghio at chaos.bsu.edu (Matthew Ghio) Date: Tue, 6 Sep 94 16:24:24 PDT Subject: How Did This Get Done? Message-ID: <199409062323.SAA07861@chaos.bsu.edu> > I picked this up from a post in alt.sex.stories (and yeah....man does not > live on talk.politics.crypto alone :>) : > > > ---------------------------------------------------------------------------- > Path: io.org!sun.cais.com!news.sprintlink.net!tequesta.gate.net!sysop > From: no_more_faggots at faggots.must.die.com <===== Is this a trick? > Newsgroups: alt.sex.stories > Subject: NO MORE FAGGOT STORIES! > Date: 5 Sep 1994 21:13:00 GMT > Lines: 1 > Message-ID: <34g1ks$jn1 at tequesta.gate.net> > NNTP-Posting-Host: hopi.gate.net > > NO MORE FAGGOT STORIES DAMMIT > ----------------------------------------------------------------------------- > > How the hell did the poster "customize" his address to ...ummm...fit the > post??? The same way the remailers insert "nobody" or "anonymous". Read RFC 977... (telnet port 119) Whoever it is, I wish he would quit it, I've gotten several complaints about someone flaming gays via my remailer in that group. From greg at ideath.goldenbear.com Tue Sep 6 16:42:49 1994 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Tue, 6 Sep 94 16:42:49 PDT Subject: Where can I get cypherpunk t-shirts? In-Reply-To: <199409062027.NAA01386@kiwi.CS.Berkeley.EDU> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > I would like to get some cypherpunk t-shirts. So far, I've heard of > the "Big Brother inside" and "Cypherpunk Criminal" ones. If anybody > has any information about these, I'd appreciate it. From what I hear, > there is a fair amount of pent-up demand for the "Big Brother inside" > one. Funny that you should bring this up while being lauded for providing reliability information. My own "ping test" of the "Cypherpunk Criminal" T-shirts resulted in 100% failure; e.g., no shirts yet and we must be approaching a 2-digit number of months since I ordered. The seller said that mine were in the last batch of funny-size shirts that got somehow screwed up; a few months ago they were to be reprinted and then in the mail within 2 weeks. Sigh. They sounded like a nice idea; perhaps someday I'll make it down to CA for a real CP meeting and I'll get to see one myself. I did, however, get my "Don't give Big Brother a master key" T-shirt very quickly. Would order from those folks again (sorry, don't have the address handy, though). -----BEGIN PGP SIGNATURE----- Version: 2.5 iQCVAgUBLmz9xH3YhjZY3fMNAQEHtQQAlZd0ckEeRE576Wey231PDqG20rAqz4In x5rnh3p6cscAAB2u2hLKw4gBRUPzt6jtFTY4K1E2jqtRyB3f3O1znEArNPlPpkeR s0MAxObQqOlKedyRA9drYak54wPN/lETYOkB4F3uoVEUNYUZnzHV7wXudiojPsOR tdvqXgyXTx4= =pp79 -----END PGP SIGNATURE----- From paul at hawksbill.sprintmrn.com Tue Sep 6 17:09:09 1994 From: paul at hawksbill.sprintmrn.com (Paul Ferguson) Date: Tue, 6 Sep 94 17:09:09 PDT Subject: Where can I get cypherpunk t-shirts? In-Reply-To: Message-ID: <9409070110.AA15067@hawksbill.sprintmrn.com> > > Funny that you should bring this up while being lauded for providing > reliability information. My own "ping test" of the "Cypherpunk Criminal" > T-shirts resulted in 100% failure; e.g., no shirts yet and we must be > approaching a 2-digit number of months since I ordered. The seller said > that mine were in the last batch of funny-size shirts that got somehow > screwed up; a few months ago they were to be reprinted and then in the > mail within 2 weeks. Sigh. > Funny you should mention that. I ordered a "Cypherpunk Criminal" tee shirts (a couple, actually) and got them without delay. I am very happy with them. Suggest you e-mail cvoid at netcom.com to resolve. Cheers, - paul From mattt at microsoft.com Tue Sep 6 17:12:06 1994 From: mattt at microsoft.com (Matt Thomlinson) Date: Tue, 6 Sep 94 17:12:06 PDT Subject: Where can I get cypherpunk t-shirts? Message-ID: <9409070012.AA06890@netmail2.microsoft.com> From: Greg Broiles I did, however, get my "Don't give Big Brother a master key" T-shirt very quickly. Would order from those folks again (sorry, don't have the address handy, though). at crypto I had a half-dozen requests for info regarding the big brother inside/1984 shirts. Is another run of these possible? I could probably scrape together that many orders just here in Msoft, I beleive. matt From merriman at metronet.com Tue Sep 6 17:48:12 1994 From: merriman at metronet.com (David K. Merriman) Date: Tue, 6 Sep 94 17:48:12 PDT Subject: Where can I get cypherpunk t-shirts? Message-ID: > > at crypto I had a half-dozen requests for info regarding > the big brother inside/1984 shirts. Is another run of these > possible? I could probably scrape together that many > orders just here in Msoft, I beleive. > > matt > I'd still like to find one of the "eye" 1984 T-shirts; it's what I thought I was ordering when I got the Master Key shirt instead (though I still like the Master Key :-) Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From scmayo at rschp2.anu.edu.au Tue Sep 6 18:05:27 1994 From: scmayo at rschp2.anu.edu.au (Sherry Mayo) Date: Tue, 6 Sep 94 18:05:27 PDT Subject: Australian Crypto Message-ID: <9409070105.AA19523@toad.com> Matthew Gream said... >Well, fuck that for thinking I was living under a less restrictive >regime -- and I can say goodbye to an international market for my >software. > [...snip] > >In short: Anything cryptographic, they want to know about, and they >want to know about it on a per end-user basis. They advise against >distribution on the "Internet" and any distribution without prior >approval otherwise there could be "problems". > >Matthew. I am more than a little concerned by this as I have just put PGP source and executables on my experimental WWW server (Australian based). I announced it on talk.politics.crypto yesterday before I read this post. I thought I was doing a service by providing a faster download for Aussie users (downloading big files from outside Aus is painfully slow). I hope I'm not taking an unacceptable risk with my temporary residence visa :-( I too made the mistake of assuming that the Aussie regulations were more relaxed (like those of the UK). Oh well for what it's worth, here's the address: http://rschp2.anu.edu.au:8080/crypt.html Sherry (waiting for those ASIO spooks :-) From jpb at gate.net Tue Sep 6 18:37:39 1994 From: jpb at gate.net (Joseph Block) Date: Tue, 6 Sep 94 18:37:39 PDT Subject: Cypher related T-Shirts Message-ID: <199409070137.VAA65641@inca.gate.net> All this talk about T-shirts has me lusting for a suitable cypher related shirt. I missed the initial offerings, so would anyone who has any shirts left they'd like to unload please email me with details of the shirt and prices? Thanks, jpb at gate.net "We can't be so fixated on our desire to preserve the rights of ordinary Americans ..." -- Bill Clinton (USA TODAY, 11 March 1993, page 2A) From cvoid at netcom.com Tue Sep 6 19:07:47 1994 From: cvoid at netcom.com (Christian Void) Date: Tue, 6 Sep 94 19:07:47 PDT Subject: Where can I get cypherpunk t-shirts? In-Reply-To: <9409070110.AA15067@hawksbill.sprintmrn.com> Message-ID: On Tue, 6 Sep 1994, Paul Ferguson wrote: > Funny you should mention that. I ordered a "Cypherpunk Criminal" > tee shirts (a couple, actually) and got them without delay. > I am very happy with them. > > Suggest you e-mail cvoid at netcom.com to resolve. The few people that still have outstanding orders: I am resolving problems with the screening company and a certain size of shirt. I have received numerous promises from them that I would get the last of the shirts "by the end of the week". This has been going on for months, and is starting to sannoy me as well. There are as of now, only 5 orders that have not shipped, and this is the reason why. The shirts WILL BE SHIPPED. I have no control over the screening company, and have an order placed with another company which I may have do the small lot of shirts that have not shipped. I apologize to those of you who have waited, as this reflects moreso on me than anyone else. As always, if you have any questions, mail me. I do respond. Christian Void /T71 | "I don't like it, and I'm sorry I | V/M/Research, Inc. cvoid at netcom.com | ever had anything to do with it." | P.O. Box 170213 Tel. 1+415-998-0774 | -Erwin Schrodinger (1887-1961) | SF, CA 94117-0213 * PGP v2.3a Public Key Available Via Finger * From frissell at panix.com Tue Sep 6 19:25:02 1994 From: frissell at panix.com (Duncan Frissell) Date: Tue, 6 Sep 94 19:25:02 PDT Subject: Justice Jackson on Diary Escrow Message-ID: <199409070224.AA19328@panix.com> Today's WSJ has an article by a Cato type about an Indiana businessman who told state labor investigators to get stuffed. In the course of this article, the author quoted a 1948 opion (in dissent?) by Justice Jackson: The government could simplify criminal law enforcement by requiring every citizen "to keep a diary that would show where he was at all times, with whom he was, and what he was up to." Now we know where they got the idea for various "escrow" and DTI schemes. DCF Who also fondly remembers Justice Jackson's strong dissent in Korematsu vs. US against those great civil libertarians Black and Douglas who voted to uphold that great liberal FDR's imprisonment of persons of Japanese ancestry. From merriman at metronet.com Tue Sep 6 19:54:53 1994 From: merriman at metronet.com (David K. Merriman) Date: Tue, 6 Sep 94 19:54:53 PDT Subject: Correction to CEB Message-ID: -----BEGIN PGP SIGNED MESSAGE----- I'd like to clarify something about the recent Cypherpunks Electronic Book that was posted: In the table of contents, the listing for the program WinPGP26 could be misunderstood as coming from me; I'd like to state that I simply forwarded a copy of the program (in it's shareware version) - I am *not* it's author (t'were that it were so!). The author is: Christopher W. Geib 7605 Mt. Hood Dayton, OH 45424 email: 72144.1426 at compuserve.com I *have* however, registered the program, and am quite pleased with it - the author is _very_ responsive to feedback from users. Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLm0qhcVrTvyYOzAZAQFE0gQAn4iDHD3T84scktaSY6OwY0MKu9L7areh wLKdrIpAm89Vmd5LHxhZADNZk43UR7xg6UnomGVkLdKq+T4tMH0ZnF1IR+b1/VmS XLS/K/cQ1TRzR18AgZXhavFOzrqNI0JsQrGVk/+nbrydeOvSEyP7N4LB1idvK3qq fTY8HCOD69E= =FGOM -----END PGP SIGNATURE----- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCNAi3uZ2MAAAEEALWQtxX77SZSaFls6cVbPp+fZS4MNyKK3ZFYQo0qWyj+0tMq YgRTPRJRaCQixo63RttknogfPp514qdVMZw5iPeOXmD+RxrmTTwlbGqA7QUiG1x5 LG2Zims5zk4U6/rt8hwLh0/8E4lIb9r5d31qc8L1A9Twk/cmN8VrTvyYOzAZAAUR tClEYXZpZCBLLiBNZXJyaW1hbiA8bWVycmltYW5AbWV0cm9uZXQuY29tPokAlQIF EC3uaE3Fa078mDswGQEBbI8D/0FiwDcbfeNyDVJ+7EIWHjIxVkIGu+ArYUEllR3G SBHVZ9Vh7n8bNXeNHMnG5cZ23TLMVvweyhxFS+cDi+I7omeDNr6x65z500LxfUvL K5bSuSiBVkTp2z+/iojY/662JwKHzEEunuJ4CO8Yhxy11CdeszEX7DpXzRxLL92r EmO2 =4ZfP -----END PGP PUBLIC KEY BLOCK----- From rah at shipwright.com Tue Sep 6 20:00:08 1994 From: rah at shipwright.com (Robert Hettinga) Date: Tue, 6 Sep 94 20:00:08 PDT Subject: Reputation Capital papers? Message-ID: <199409070258.WAA09806@zork.tiac.net> At 3:20 PM 9/6/94 -0700, Hal wrote: >P.S. I did find a paper on the net called "Endorsements, Licensing, >and Insurance for Distributed System Services", by Lai, Medvinsky, >and Newman of Information Sciences Institute. Here is the abstract: [snip...] >Unfortunately, I can't recall where I saw the pointer to this paper. >I'm sure other people read the same lists and newsgroups I do so perhaps >someone else can provide a pointer. Also, my copy of the postscript >paper would only print the first three pages, so I can't really evaluate >their ideas. Try this... >From: bcn at ISI.EDU >Date: Sun, 4 Sep 1994 13:05:42 -0700 >Original-From: Clifford Neuman >To: www-buyinfo at allegra.att.com, kerberos at mit.edu >Subject: New paper available >X-UIDL: 778899999.011 > >A new paper is available by FTP that may be of interest to the readers >of this list. The paper will be presented in November at the Second >ACM Conference on Computer and Communications Security. > > Charlie Lai, Gennady Medvinsky, and B. Clifford Neuman. Endorsements, > Licensing, and Insurance for Distributed System Services. 2nd ACM > Conference on Computer and Communications Security, Fairfax VA, > November 1994. > >The paper discusses mechanisms for confidence building on the NII. In >particular it discusses methods by which users may assure themselves >of the competence and honesty of service providers on the network. >The paper is available as: > > ftp://prospero.isi.edu/pub/papers/security/insurance-cccs94.ps.Z > >Clifford Neuman > I didn't drop off the face of the earth, I just got a hot project thrown into my lap. I really want to come back and talk about offline cash some more, but I won't have a chance for a bit. Anyway this thread is way cool.... Bye! Bob Hettinga ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From cme at tis.com Tue Sep 6 20:06:25 1994 From: cme at tis.com (Carl Ellison) Date: Tue, 6 Sep 94 20:06:25 PDT Subject: believing three impossible things before breakfast Message-ID: <9409070303.AA10095@tis.com> There was a news report/discussion tonight about birth control -- and someone advocating that all you need to do is just tell teens to say "no" to sex before marriage, then you won't need to distribute condoms without parental permission.... Suddenly it hit me that the same frame of mind was clearly behind the Clipper Initiative. Do you think there's a way to test for this ability to believe nonsense? Do you think there's a way to treat it? - Carl From jgostin at eternal.pha.pa.us Tue Sep 6 20:50:45 1994 From: jgostin at eternal.pha.pa.us (Jeff Gostin) Date: Tue, 6 Sep 94 20:50:45 PDT Subject: AIDs testing and privacy Message-ID: <940906231828N1Jjgostin@eternal.pha.pa.us> pstemari at bismark.cbis.com (Paul J. Ste. Marie) writes: > Of course, with ANI, calling an 800 number is not an anonymous act, > unless you one of the few that know you need to do it from a payphone. We tell children not to do things until they are old enough to be able to figure it out for themselves. If they cared enough about their privacy, they'd know. Hell, there's alot I don't know about maintaining privacy and security. However, I _do_ know that calling from a pay phone outside of 5 miles from your house is an easy way to take care of the problem. --J From hfinney at shell.portal.com Tue Sep 6 21:46:15 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 6 Sep 94 21:46:15 PDT Subject: Reputation Capital papers? In-Reply-To: <199409070258.WAA09806@zork.tiac.net> Message-ID: <199409070445.VAA20261@jobe.shell.portal.com> Thanks to Bob Hettinga for providing a reference to that paper which discusses several issues related to what we might call "reputation capital". I was able to fix my Postscript problems and get the whole paper printed. Two of the three authors are the originators of the NetCash proposal. I gave that paper a pretty negative review here a few months ago, mostly because their "cash" was non-anonymous, and was really a digital certified check. That's fine, although not IMO cryptographically interesting and I really didn't see much about their proposal that wasn't obvious. I find this paper more interesting. They discuss the general issues of servers establishing credibility with clients through various strategies: licenses, where a legal agency provides a credential that the server meets various minimum standards; endorsements, which are similar but which tend to come from private agencies and will often have a range of levels (like the 1 to 5 diamond ratings granted to hotels by the AAA); insurance, where an insurance company guarantees that suits are possible in the case of breach of contract; and surety bonding, which is similar but covers a wider range of unsatisfactory completions to the relationship. Most of these make sense in the context of business interactions as well as traditional client/server computing. After a promising introduction, the paper takes a mundane turn, proposing data structures to encode information about these various kinds of "assurance credentials", with slots for what is covered, to what amount, under what conditions it would apply, etc. I think it is way premature to try to specify what kinds of information would be in these credentials. They do get into some more interesting material when they discuss ways in which these credentials might be shown and authenticated. Generally, the assurance credential is created or issued by some 3rd party: a bank, an insurance company, a government, a rating agency like AAA or Consumers Union. (We would probably add, individuals known to the client. The authors have something of an institutional bias, and discuss institutions providing credentials to benefit other institutions, neglecting the problem of how individuals establish their own credibility. This is especially noticable in their section 7.3 where they point out that institutions which hold large sums of money for their clients will have much greater authentication requirements than those which grant credit. The obvious symmetry of the two situations appears to escape the authors' notice.) Once the credential is given to the server, it can then show it to the client. They do appear to allow for something similar to blinded credentials. The term they use for these credentials is "proxies" because in a sense the credential acts as a proxy, a substitute, for the organization which issued the credential. (The real reason for this strained terminology is to tie this paper in with the senior author's other papers, IMO.) They suggest that there would be two classes of proxies: "bearer" proxies, which appear not to have the server's identity explicitly encoded, but which are granted under terms in which only servers knowing a particular secret key are considered to be valid; and "delegate" proxies, which appear to explicitly encode the server's identity. The author's terminology is a bit hard to follow here, so it is possible that I am missing their point, but it does sound like they have the germ of the idea of being able to show a credential in a way where the credential is not explicitly identity-bound. Of course, they have missed the point of blinding of credentials (they give no sign of ever having heard of the concept), and the bearer proxies would actually be linkable by the proxy issuer. It is not really clear what the value is of the very limited form of anonymity allowed by bearer proxies. After this rocky portion (the authors really need to read the literature! this is the same problem that NetCash had) they move into quite a dramatic and impressive vision of a "web of trust" system of credentials backing up credentials. The point is that the issuing agencies themselves may need backup (what is the value of an endorsement by the Direct Mail Marketing Association if you've never heard of them?) This leads to the concept of "transitive assurance" in which A endorses B and B endorses C, allowing you to follow the chain and give some credibility to C. Here is one good point they make: "Transitive assurance may extend to an arbitrary depth, but longer chains generally promote less confidence. Where assurance is rated, heuristics are needed for deriving the combined assurance rating from the metrics and limits associated with the individual credentials involved. Such heuristics are a topic for further study." Alert readers will see a connection to the PGP web of trust, and the authors actually make this connection. They go on to point out that in PGP certifications pertain to identity only. There is no mechanism in PGP to endorse the signing and endorsement policies of other users. This was the point I made some time back in a posting here in which I pointed out that the "web of trust" is a misnomer because you can only trust keys which you have verified directly or where you know and trust someone who knows the end user. In contrast, a system of transitive assurance is a true web of trust, where Consumer's Union endorses the Microwave Manufacturers' Association which endorses Joe's Microwave Repair, allowing me to trust Joe even though I've never heard of the MMA. The authors have a nice diagram showing a web of credentials with clients, and various kinds of authenticating and endorsing agencies, all in a complicated system of connections. I think this is very close to the ideas people have had here for how a system of reputation credentials could work. They also discuss how assurance credentials could be used to give credibility to an issuer of electronic cash. Banks or other financial agencies could provide credentials that the issuer had assets greater than a certain amount (so you know the currency is backed), and auditors could provide credentials that the books balance. Once again they have neglected the interesting topic of how or whether blinded credentials could work but this is not a bad start. In a way it is kind of sad to see how primitive the understanding is of these issues in the "mainstream". OTOH it is good to see any discussion at all. Hopefully papers like this will attract some interest on the part of the many people who are trying to jump onto the internet-business bandwagon. Hal From shamrock at netcom.com Wed Sep 7 01:05:46 1994 From: shamrock at netcom.com (Lucky Green) Date: Wed, 7 Sep 94 01:05:46 PDT Subject: Al Gore's home page Message-ID: <199409070805.BAA24432@netcom7.netcom.com> After reading the official announcement in "What's new with NSCA Mosaic" I just checked out Vice President Al Gore's home page at http://www.financenet.gov/vpgore.html Interersting that except for the "This is the Vice President's Mosaic Home Page" header, it is all empty. This from the man who wants to bring us the Information superhighway. Why can't politicians stay away from stuff they don't understand? Because that would mean that they have to stay away from everything. Just another anarchist, -- Lucky Green PGP public key by finger From hart at chaos.bsu.edu Wed Sep 7 01:14:27 1994 From: hart at chaos.bsu.edu (Jim Hart) Date: Wed, 7 Sep 94 01:14:27 PDT Subject: AIDs testing and privacy In-Reply-To: <199409061438.HAA14594@well.sf.ca.us> Message-ID: <199409070814.DAA23167@chaos.bsu.edu> Brian Williams: > After a few weeks, you call a 1-800 number, punch in your code > (from the sticker) and you get a recording telling you if the test > was negative. Besides the ANI, the other weakness in this scheme is that the lab gets a sample of your DNA. Are destruction of these samples performed and audited? Still, it's much better than nothing. Now, how about doing other medical tests like this so that insurance companies don't find out? For example, genetic tests. Challenge: is a crypto protocol possible with the following properties: the doctor writes and signs the prescription, and it is not transferable, but the patient doesn't need to show ID to the pharmacist to fill the prescription? I don't want pharmacists, and whoever else they share the info with (insurance companies? investigators? potential blackmailers?), keeping track of what drugs I take. Jim Hart hart at chaos.bsu.edu From tcmay at netcom.com Wed Sep 7 01:58:53 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 7 Sep 94 01:58:53 PDT Subject: AIDs testing and privacy In-Reply-To: <199409070814.DAA23167@chaos.bsu.edu> Message-ID: <199409070859.BAA28235@netcom4.netcom.com> Jim Hart writes: > I don't want pharmacists, and whoever else they share the info > with (insurance companies? investigators? potential blackmailers?), > keeping track of what drugs I take. > Ah, but they already know. And so do the credit reporting companies. I just got a "Congratulations, you have been pre-approved for a Nonsmoker's Credit Card from Citicorpse" letter. Actually, I'm kidding. But not by much. The amount of cross-linking is astounding, but not once you think about the infrasructure set up to compile the credit dossiers, the collusion with the government on these dossiers (I've posted before about Witness Security and false identities the credit reporting Big Three agree to falsify), etc. Unlinkable credentials is the way to go, but there's no "constituency" for this...Americans, and others, are oblivious to these issues. Personally, I see no chance of changing this. This is why I put my bets on crypto anarchy, which allows opting out of parts of the system, rather than trying to change the ponderous course of the ship of state. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From Rolf.Michelsen at delab.sintef.no Wed Sep 7 02:20:12 1994 From: Rolf.Michelsen at delab.sintef.no (Rolf Michelsen) Date: Wed, 7 Sep 94 02:20:12 PDT Subject: AIDs testing and privacy In-Reply-To: <199409070859.BAA28235@netcom4.netcom.com> Message-ID: On Wed, 7 Sep 1994, Timothy C. May wrote: [...] > Actually, I'm kidding. But not by much. The amount of cross-linking is > astounding, but not once you think about the infrasructure set up to > compile the credit dossiers, the collusion with the government on > these dossiers (I've posted before about Witness Security and false > identities the credit reporting Big Three agree to falsify), etc. [...] There are two pieces in the current comp.risks digest (16.39) about cross-linking of US databases. References are to a cover story in Business Week. Highlights are hospitals selling name/address info on families with newborns and one state having sold it's drivers' licence register... -- Rolf ---------------------------------------------------------------------- Rolf Michelsen "Nostalgia isn't what it Email: rolf.michelsen at delab.sintef.no used to be..." Phone: +47 73 59 87 33 ---------------------------------------------------------------------- From perry at imsi.com Wed Sep 7 05:45:46 1994 From: perry at imsi.com (Perry E. Metzger) Date: Wed, 7 Sep 94 05:45:46 PDT Subject: Al Gore's home page In-Reply-To: <199409070805.BAA24432@netcom7.netcom.com> Message-ID: <9409071245.AA22475@snark.imsi.com> Lucky Green says: > Why can't politicians stay away from stuff they don't understand? > Because that would mean that they have to stay away from everything. I would be much more frightened if they did fully understand. Perry From perry at imsi.com Wed Sep 7 05:52:11 1994 From: perry at imsi.com (Perry E. Metzger) Date: Wed, 7 Sep 94 05:52:11 PDT Subject: AIDs testing and privacy In-Reply-To: <199409070814.DAA23167@chaos.bsu.edu> Message-ID: <9409071251.AA22486@snark.imsi.com> Jim Hart says: > Challenge: is a crypto protocol possible with the following > properties: the doctor writes and signs the prescription, > and it is not transferable, but the patient doesn't need to > show ID to the pharmacist to fill the prescription? > I don't want pharmacists, and whoever else they share the info > with (insurance companies? investigators? potential blackmailers?), > keeping track of what drugs I take. It cannot be done. There is no way to prove that you didn't transfer some cryptographic credential. The only way to know that you are you is to check your credentials against unforgeable physical characteristics. All such characteristics can be used to identify you. On the other hand, I'll point out that a pharmacist has never asked me for ID. Perry From dave at marvin.jta.edd.ca.gov Wed Sep 7 07:24:10 1994 From: dave at marvin.jta.edd.ca.gov (Dave Otto) Date: Wed, 7 Sep 94 07:24:10 PDT Subject: PGP comes of age Message-ID: <9409071422.AA26516@marvin.jta.edd.ca.gov> Got the following blurb from ORA.COM last Friday. Pretty cool! ------- Forwarded Message O'REILLY'S FALL RELEASES PGP: Pretty Good Privacy by Simson Garfinkel 1st Edition November 1994 (est.) 250 pages (est),ISBN: 1-56592-098-8, $17.95 (est) PGP is a freely available encryption program that protects the privacy of files and electronic mail. It uses powerful public key cryptography and works on virtually every platform. PGP: Pretty Good Privacy by Simson Garfinkel is both a readable technical users guide and a fascinating behind-the-scenes look at cryptography and privacy. Part I of the book describes how to use PGP: protecting files and email, creating and using keys, signing messages, certifying and distributing keys, and using key servers. Part II provides background on cryptography, battles against public key patents and U.S. government export restrictions, and other aspects of the ongoing public debates about privacy and free speech. - -- Brian Erwin, brian at ora.com O'Reilly & Associates 103A Morris Street, Sebastopol CA 95472 707-829-0515, Fax 707-829-0104 ------- End of Forwarded Message Dave Otto -- dave at marvin.jta.edd.ca.gov -- daveotto at acm.org "Pay no attention to the man behind the curtain!" [the Great Oz] finger DaveOtto at ACM.org for PGP 2.6 key <0x3300e841> fingerprint = 78 71 3A 5B FD 8A 9A F1 8F BC E8 6A C7 BD A4 DD From joshua at cae.retix.com Wed Sep 7 07:25:11 1994 From: joshua at cae.retix.com (joshua geller) Date: Wed, 7 Sep 94 07:25:11 PDT Subject: How Did This Get Done? In-Reply-To: <199409062323.SAA07861@chaos.bsu.edu> Message-ID: <199409071425.HAA01183@sleepy.retix.com> matt ghio writes: [re abouse of remailers] > Whoever it is, I wish he would quit it, I've gotten several complaints > about someone flaming gays via my remailer in that group. fortunately or unfortunately, it comes with the territory. josh From sandfort at crl.com Wed Sep 7 07:51:00 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Wed, 7 Sep 94 07:51:00 PDT Subject: NO THERE, THERE Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Lucky Green informed us: ... I just checked out Vice President Al Gore's home page at http://www.financenet.gov/vpgore.html ... except for the "This is the Vice President's Mosaic Home Page" header, it is all empty.... How symbolically apt. To paraphrase an old adage about the law, "Politics is the triumph of form over substance." S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From prz at acm.org Wed Sep 7 08:11:56 1994 From: prz at acm.org (Philip Zimmermann) Date: Wed, 7 Sep 94 08:11:56 PDT Subject: prz in NYC on Saurday, Sunday Message-ID: Hello PGP users. I'm going to be in NYC on Saturday and Sunday. If anyone in New York wants to get together and conspire to subvert our way of life, send me some email and I'll pick it up on the road. I have become too used to never buying my own lunch when traveling to places where cypherpunkers live. I'll be arriving late Saturday morning and leaving Sunday evening. Saturday night is booked. On Friday I can be reached at 617 253-0161. Philip Zimmermann prz at acm.org From rishab at dxm.ernet.in Wed Sep 7 08:20:57 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Wed, 7 Sep 94 08:20:57 PDT Subject: The New World Order Message-ID: John Young : > Tim, would you expand the link to crypto of unipolar > superpower? > Maybe some of the non-US c'punks can add more. I'll illustrate by example. Two years ago, the US bullied Russia to renegue on a deal with the Indian Space Research Organization to transfer cryogenic rocket engine technology for the Indian Geostationary Satellite Launch Vehicle. The US claimed that the technology was dual-use and prohibited by the MTCR. India and the Russian company, Glavkosmos, suggested that the reasons were commercial rather than defence, as such engines are useless in ballistic missiles due to their lengthy preparation period, while an Indian GSLV would pose major competition to the US space industry. Russia backed down after Yeltsin's arm was twisted so hard that he negated a personal statement he made when in New Delhi. Recently the Defence Research and Development Organization made a secure phone for commercial (non-defence) use. It has yet to reach the market, and I am in the process of finding out what technology it uses, but if Clipper passes in the US, India could be pressurized into abandoning it in favour of a Clipper-like alternative. As an aside, the Indian government likes to show that it's not following US orders (not signing the NPT etc) and the GSLV will probably be launched with indigenously developed engines in 1998. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From hfinney at shell.portal.com Wed Sep 7 08:28:55 1994 From: hfinney at shell.portal.com (Hal) Date: Wed, 7 Sep 94 08:28:55 PDT Subject: AIDs testing and privacy In-Reply-To: <199409070814.DAA23167@chaos.bsu.edu> Message-ID: <199409071528.IAA20160@jobe.shell.portal.com> Jim Hart writes: >Challenge: is a crypto protocol possible with the following >properties: the doctor writes and signs the prescription, >and it is not transferable, but the patient doesn't need to >show ID to the pharmacist to fill the prescription? >I don't want pharmacists, and whoever else they share the info >with (insurance companies? investigators? potential blackmailers?), >keeping track of what drugs I take. Let me point out that nothing stops you from filling the prescription and then giving the drugs to someone else, so it would seem that a doctor who would be willing to cooperate in any such protocol should also be willing to make the prescription out to a pseudonym. Chaum's "blinded credential" system is intended to solve exactly this kind of problem, but it requires an extensive infrastructure. There has to be an agency where you physically identify yourself. It doesn't have to know anything about you other than some physical ID like fingerprints. You and it cooperate to create pseudonyms of various classes, for example, a "go to the doctor" pseudonym, and a "go to the pharmacy" pseudonym. These pseudonyms have a certain mathematical relationship which allows you to re-blind credentials written to one pseudonym to apply to any other. But the agency uses your physical ID to make sure you only get one pseudonym of each kind. So, when the doctor gives you a prescription, that is a credential applied to your "go to the doctor" pseudonym. (You can of course also reveal your real name to the doctor if you want.) Then you show it at the pharmacy using your "go to the pharmacy" pseudonym. The credential can only be shown on this one pseudonym at the pharamacy, but it is unlinkable to the one you got at the doctor's. (It would be possible to encode information in the credential about which doctor wrote it, which would help track abuse, although that would obviously make it easier to link up your pharmacy and doctor visits.) Hal From mpj at netcom.com Wed Sep 7 08:34:18 1994 From: mpj at netcom.com (Michael Paul Johnson) Date: Wed, 7 Sep 94 08:34:18 PDT Subject: Where to Get the Latest PGP (Pretty Good Privacy) FAQ Message-ID: -----BEGIN PGP SIGNED MESSAGE----- WHERE TO GET THE PRETTY GOOD PRIVACY PROGRAM (PGP) (Last modified: 7 September 1994 by Mike Johnson) WHAT IS THE LATEST VERSION? There is more than one latest version. Pick one or more of the following that best suits your computer, patent restrictions, and export restrictions. Some countries (like France) may also restrict import or even use of strong cryptography like PGP. |-----------------+---------------------+---------------------------------| | Platform(s) | Latest Version | Distribution File Names | |-----------------+---------------------+---------------------------------| | DOS, Unix, | Viacrypt PGP 2.7 | disk sets | | or WinCIM/CSNav | | | |-----------------+---------------------+---------------------------------| | DOS, Unix, | MIT PGP 2.6.1 | pgp261.zip (DOS + docs) | | others | | pgp261s.zip (source) | | | | pg261s.zip source on CompuServe | | | | pgp261.tar.gz (source) | | | | pgp261.gz (same as above on DOS)| | | | pgp261.tar.Z (source) | | | | pgp261dc.zip (documentation) | | | | pg261d.zip (docs on CompuServe) | |-----------------+---------------------+---------------------------------| | Macintosh | MIT PGP 2.6 | MacPGP2.6.sea.hqx (binary+docs) | | | | macpgp26.hqx (same as above) | | | | MacPGP2.6.src.sea.hqx (source) | | | | macpgp26.src (same as above) | | | | MacPGP2.6-68000.sea.hqx (binary)| | | | mcpgp268.hqx (same as above) | |-----------------+---------------------+---------------------------------| | Mac Applescript | MacPGP 2.6ui v 1.2 | MacPGP-2.6ui-v1.2.sit.hqx | | | | MacPGP2.6ui_V1.2_sources.cpt.hqx| | | | MacPGP2.6uiV1.2en.cpt.hqx | | | | MacPGP2.6uiV1.2src.cpt.hqx | | | | MacPGP2.6uiV1.2.68000.hqx | |-----------------+---------------------+---------------------------------| | Amiga | Amiga PGP 2.3a.4 | PGPAmi23a_4.lha | |-----------------+---------------------+---------------------------------| | Atari | Atari PGP 2.6ui | pgp26uib.lzh (binary, docs) | | | | pgp26uis.lzh | |-----------------+---------------------+---------------------------------| | Archimedes | Archimedes 2.3a | ArcPGP23a | |-----------------+---------------------+---------------------------------| Note: there are other versions available, but these are either old, or outside of the mainstream PGP project. Look for signatures from one of three sources: Viacrypt (Commercial), jis at mit.edu (North American freeware), or mathew at mantis.co.uk (the unofficial international version source). The "unofficial international" versions are really just PGP 2.3a, modified just enough to make it compatible with MIT PGP 2.6, but do not include all of the fixes in MIT PGP 2.6 and MIT PGP 2.6.1. They are named pgp26ui* or have a "ui" somewhere in their file names. I recommend the use of the "ui" versions only if: (1) You are using a Macintosh; (2) You are using a platform for which there is no Viacrypt or MIT PGP; (3) You are outside of North America, and can't obtain Viacrypt or MIT PGP; or (4) You need to use a key longer than 1024 bits (i. e. a 1264 bit key generated with PGP 2.3a or PGP 2.6ui). WHERE CAN I GET VIACRYPT PGP? If you are a commercial user of PGP in the USA or Canada, contact Viacrypt in Phoenix, Arizona, USA. The commecial version of PGP is fully licensed to use the patented RSA and IDEA encryption algorithms in commercial applications, and may be used in corporate environments in the USA and Canada. It is fully compatible with, functionally the same as, and just as strong as the freeware version of PGP. Due to limitations on ViaCrypt's RSA distribution license, ViaCrypt only distributes executable code and documentation for it, but they are working on making PGP available for a variety of platforms. Call or write to them for the latest information. The latest version number for their version of PGP is 2.7. The Windows version is anticipated to ship by (or before) September 15, 1994; the Macintosh version is expected to ship in early October. The formal announcements will go out about one week prior to first ship dates. The Windows version is a high grade Visual Basic front end with the DOS program in the back end. It is a point-and-click, drag-and-drop operation. Here is a brief summary of Viacrypt's currently-available products: 1. ViaCrypt PGP for MS-DOS. Prices start at $99.98 2. ViaCrypt PGP for UNIX. Includes executables for the following platforms: SunOS 4.1.x (SPARC) IBM RS/6000 AIX HP 9000 Series 700/800 UX SCO 386/486 UNIX SGI IRIX AViiON DG-UX(88/OPEN) Prices start at $149.98 Executables for the following additional platforms are available upon request for an additional $30.00 charge. BSD 386 Ultrix MIPS DECstation 4.x 3. ViaCrypt PGP for WinCIM/CSNav. A special package for users of CompuServe. Prices start at $119.98 In September, 1994, ViaCrypt intends to announce two new major product additions: ViaCrypt PGP for Windows ViaCrypt PGP for Macintosh Prices start at $124.98 Viacrypt's licensing and price information is as follows: ViaCrypt PGP Version 2.7 for Windows (Single User $ 124.98 ViaCrypt PGP Version 2.7 for Windows (Five User) $ 374.98 ViaCrypt PGP Version 2.7 for Macintosh(Single User) $ 124.98 ViaCrypt PGP Version 2.7 for Macintosh(Five User) $ 374.98 ViaCrypt PGP Version 2.7 for MS-DOS (Single User) $ 99.98 ViaCrypt PGP Version 2.7 for MS-DOS (Five User) $ 299.98 ViaCrypt PGP Version 2.7 for UNIX (Single User) $ 149.98 ViaCrypt PGP Version 2.7 for UNIX (Five User) $ 449.98 ViaCrypt PGP for WinCIM/CSNav (Single User) $ 119.98 ViaCrypt PGP for WinCIM/CSNav (Five User) $ 359.98 UNIX platforms of Ultrix and BSD 386 have an additional $30.00 charge per platform. Please contact ViaCrypt for pricing of 20 users and above. Orders may be placed by calling 800-536-2664 during the hours of 8:30am to 5:00pm MST, Monday - Friday. We accept VISA, MasterCard, AMEX and Discover credit cards. If you have further questions, please feel free to contact: Paul E. Uhlhorn Director of Marketing, ViaCrypt Products Mail: 9033 N. 24th Avenue Suite 7 Phoenix AZ 85021-2847 Phone: (602) 944-0773 Fax: (602) 943-2601 Internet: viacrypt at acm.org Compuserve: 70304.41 WHERE CAN I GET THE FREEWARE PGP? These listings are subject to change without notice. If you find that PGP has been removed from any of these sites, please let me know so that I can update this list. Likewise, if you find PGP on a good site elsewhere (especially on any BBS that allows first time callers to access PGP for free), please let me know so that I can update this list. Because this list changes frequently, I have not attempted to keep it complete, but there should be enough pointers to let you easily find PGP. There are several ways to get the freeware PGP: ftp, WWW, BBS, CompuServe, America Online (maybe), email ftp server, and sneakernet (ask a friend for a copy). Just don't ask the author directly for a copy. FTP SITES IN NORTH AMERICA These sites generally have some mechanism to (1) discourage export of PGP and violation of the ITAR, (2) protect the site operators from harrassment by the Federal Government, and (3) still allow automated distribution of PGP as far as is allowed under all applicable laws. Telnet to net-dist.mit.edu, log in as getpgp, answer the questions, then ftp to net-dist.mit.edu and change to the hidden directory named in the telnet session to get your own copy. MIT-PGP is for U. S. and Canadian use only, but MIT is only distributing it within the USA (due to some archaic export control laws). 1. Read ftp://net-dist.mit.edu/pub/PGP/mitlicen.txt and agree to it. 2. Read ftp://net-dist.mit.edu/pub/PGP/rsalicen.txt and agree to it. 3. Telnet to net-dist.mit.edu and log in as getpgp. 4. Answer the questions and write down the directory name listed. 5. QUICKLY end the telnet session with ^C and ftp to the indicated directory on net-dist.mit.edu (something like /pub/PGP/dist/U.S.-only-????) and get the distribution files (see the above chart for names). If the hidden directory name is invalid, start over at step 3, above. You can also get PGP from: ftp.csn.net/mpj ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/ See ftp://ftp.csn.net/mpj/README.MPJ for the ??????? See ftp://ftp.csn.net/mpj/help for more help on negotiating this site's export control methods (open to USA and Canada). ftp.netcom.com/pub/mpj ftp://ftp.netcom.com/mpj/I_will_not_export/crypto_???????/pgp/ See ftp://ftp.netcom.com/pub/mpj/README.MPJ for the ??????? See ftp://ftp.netcom.com/pub/mpj/help for more help on negotiating this site's export control methods. TO GET THESE FILES BY EMAIL, send mail to ftp-request at netcom.com containing the word HELP in the body of the message for instructions. You will have to work quickly to get README.MPJ then the files before the ??????? part of the path name changes again (several times a day). ftp.eff.org Follow the instructions found in README.Dist that you get from one of: ftp://ftp.eff.org/pub/Net_info/Tools/Crypto/README.Dist gopher.eff.org, 1/Net_info/Tools/Crypto gopher://gopher.eff.org/11/Net_info/Tools/Crypto http://www.eff.org/pub/Net_info/Tools/Crypto/ ftp.wimsey.bc.ca /pub/crypto/software/dist/US_or_Canada_only_XXXXXXX/PGP (U. S. and Canadian users only) See /pub/crypto/software/README for the characters for XXXXXXXX This site has all public releases of the freeware PGP. WORLD WIDE WEB ACCESS http://www.matnis.co.uk/pgp/pgp.html http://rschp2.anu.edu.au:8080/crypt.html COMPUSERVE The NCSA Forum sysops have a library (Library 12: Export Controlled) that is available only to people who send them a message asserting that they are within the U. S. A. This library contains PGP. I have also seen PGP in some other places on Compuserve. Try searching for PGP261.ZIP in the IBMFF forum for up-to-date information on PGP in selected other areas. The last time I tried a search like this, PGP 2.6 was found in the PC World Online forum (GO PWOFORUM) new uploads area, along with several PGP shells and accessories. I've also heard that EUROFORUM caries PGP 2.6ui, but have not confirmed this. Compuserve file names are even more limited than DOS (6.3 instead of the already lame 8.3), so the file names to look for are PGP26.ZIP, PG261S.ZIP (source code), PGP261.GZ (Unix source code) and PG261D.ZIP (documentation only). BULLETIN BOARD SYSTEMS Colorado Catacombs BBS Mike Johnson, sysop Mac and DOS versions of PGP, PGP shells, and some other crypto stuff. Also the home of some good Bible search files and some shareware written by Mike Johnson, including DLOCK, CRYPTA, CRYPTE, CRYPTMPJ, MCP, MDIR, DELETE, PROVERB, SPLIT, ONEPAD, etc. v.FAST/v.32bis/v.42bis, speeds up to 28,800 bps 8 data bits, 1 stop, no parity, as fast as your modem will go. Use ANSI terminal emulation, of if you can't, try VT-100. Free access to PGP. If busy or no answer, try again later. Log in with your own name, or if someone else already used that, try a variation on your name or pseudonym. You can request access to crypto software on line, and if you qualify legally under the ITAR, you can download on the first call. For free access: log in with your own name, answer the questions, then select [Q]uestionaire 3 from the [M]ain menu. (303) 772-1062 Longmont, Colorado number - 2 lines. (303) 938-9654 Boulder, Colorado number forwarded to Longmont number intended for use by people in the Denver, Colorado area. Hieroglyphics Voodoo Machine (Colorado) Jim Still (aka Johannes Keppler), sysop. DOS, OS2, and Mac versions. (303) 443-2457 For free access for PGP, DLOCK, Secure Drive, etc., log in as "VOO DOO" with the password "NEW" (good for 30 minutes access to free files). Exec-Net (New York) Host BBS for the ILink net. (914) 667-4567 The Ferret BBS (North Little Rock, Arkansas) (501) 791-0124 also (501) 791-0125 Special PGP users account: login name: PGP USER password: PGP This information from: Jim Wenzel Other BBS -- check your local BBS. Chances are good that it has any release that is at least a month old if it has much of a file area at all. AMERICA ONLINE: Try PC WORLD soft/lib. (key word PGP). Make sure you get ALL of the files, including the documentation. Somebody apparently split up the .ZIP file just to make life more difficult. OTHER FTP SITES These other ftp sites don't have the "export control" hoops to jump through that most North American sites have in deference to archaic laws. ftp.informatik.uni-hamburg.de /pub/virus/crypt/pgp This site has most, if not all, of the current PGP files. black.ox.ac.uk (129.67.1.165) ftp.netcom.com /pub/dcosenza -- Some crypto stuff, sometimes includes PGP. /pub/gbe/pgpfaq.asc -- frequently asked questions answered. /pub/qwerty -- How to MacPGP Guide, largest steganography ftp site as well. PGP FAQ, crypto FAQ, US Crypto Policy FAQ, Steganograpy software list. MacUtilites for use with MacPGP. Stealth1.1 + other steganography programs. Send mail to qwerty at netcom.com with the subject "Bomb me!" to get the PGP FAQ and MacPGP guide if you don't have ftp access. ftp.ee.und.ac.za /pub/crypto/pgp soda.berkeley.edu /pub/cypherpunks/pgp (DOS, MAC) ftp.demon.co.uk /pub/amiga/pgp /pub/archimedes /pub/pgp /pub/mac/MacPGP ftp.informatik.tu-muenchen.de ftp.funet.fi ftp.dsi.unimi.it /pub/security/crypt/PGP ftp.tu-clausthal.de (139.174.2.10) (Atari ST/E,TT,Falcon) /pub/atari/misc/pgp/pgp26uib.lzh (2.6ui ttp, 2.3a docs) /pub/atari/misc/pgp/pgp26uis.lzh (2.6ui sources) /pub/atari/misc/pgp/pgp26ui.diffs (Atari diffs for 2.6 sources) wuarchive.wustl.edu /pub/aminet/util/crypt src.doc.ic.ac.uk (Amiga) /aminet /amiga-boing ftp.informatik.tu-muenchen.de /pub/comp/os/os2/crypt/pgp23os2A.zip (OS/2) iswuarchive.wustl.edu pub/aminet/util/crypt (Amiga) nic.funet.fi (128.214.6.100) /pub/crypt ftp.uni-kl.de (131.246.9.95) /pub/aminet/util/crypt qiclab.scn.rain.com (147.28.0.97) pc.usl.edu (130.70.40.3) leif.thep.lu.se (130.235.92.55) goya.dit.upm.es (138.4.2.2) tupac-amaru.informatik.rwth-aachen.de (137.226.112.31) ftp.etsu.edu (192.43.199.20) princeton.edu (128.112.228.1) pencil.cs.missouri.edu (128.206.100.207) soda.csua.berkeley.edu nctuccca.edu.tw /PC/wuarchive/pgp/ Also, try an archie search for PGP using the command: archie -s pgp26 (DOS & Unix Versions) archie -s pgp2.6 (MAC Versions) FTPMAIL For those individuals who do not have access to FTP, but do have access to e-mail, you can get FTP files mailed to you. For information on this service, send a message saying "Help" to ftpmail at decwrl.dec.com. You will be sent an instruction sheet on how to use the ftpmail service. Another e-mail service is from nic.funet.fi. Send the following mail message to mailserv at nic.funet.fi: ENCODER uuencode SEND pub/crypt/pgp23srcA.zip SEND pub/crypt/pgp23A.zip This will deposit the two zipfiles, as 15 batched messages, in your mailbox with about 24 hours. Save and uudecode. For the ftp sites on netcom, send mail to ftp-request at netcom.com containing the word HELP in the body of the message. IS MY COPY OF PGP GOOD? If you find a version of the PGP package that does not include the PGP User's Guide, something is wrong. The manual should always be included in the package. PGP should be signed by one of the developers (Philip Zimmermann, Jeff Schiller, Viacrypt, etc.). If it isn't, the package is suspect and should not be used or distributed. The site you found it on should remove it so that it does no further harm to others. To be really sure, you should get PGP directly from MIT or check the signatures with a version of PGP that you trust. The copies of PGP on ftp.csn.net/mpj, ftp.netcom.com/pub/mpj, and the Colorado Catacombs BBS are direct copies of the ones on MIT, except that the ones on the BBS include a BBS advertisement (automatically added by the system when it virus scans new files) in the outer .zip files. OTHER PGP DOCUMENTATION PGP is rather counter-intuitive to a Mac user. Luckily, there's a guide to using MacPGP in ftp://ftp.netcom.com/pub/qwerty/Here.is.How.to.MacPGP. There is a Frequently Asked Questions document in ftp://ftp.netcom.com/pub/gbe/pgpfaq.asc For more information on the "time bomb" in PGP, see ftp://ftp/netcom.com/pub/mpj/pgpbomb.asc LANGUAGE MODULES These are suitable for most PGP versions. I am not aware of any export/import restrictions on these files. German * _UK:_ ftp://black.ox.ac.uk/src/security/pgp_german.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_german.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/PGP_german_docs.lha Italian * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.italian.tar.gz * _FI:_ ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/PGP/pgp-lang.italian.tar.gz * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.italian.tar.gz Japanese * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-msgs-japanese.tar.gz Lithuanian * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp23ltk.zip Russian * _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26ru.zip (MIT version) * _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26uir.zip (ui version) * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp26ru.zip Spanish * _IT:_ ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.spanish.tar.gz * _FI:_ ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/pgp-lang.spanish.tar.gz * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.spanish.tar.gz Swedish * _UK:_ ftp://black.ox.ac.uk/src/security/pgp_swedish.txt * _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_swedish.txt ARCHIE WHO? There are many more sites. You can use archie and/or other "net-surfing" tools to find a more up-to-date listing, if desired. WHAT IS ALL THIS NONSENSE ABOUT EXPORT CONTROLS? For a detailed rant, get ftp://ftp.csn.net/mpj/cryptusa.zip The practical meaning, until the law is corrected to make sense, is that you are requested to get PGP from sites outside of the USA and Canada if you are outside of the USA and Canada. If you are in France, I understand that you aren't even supposed import it. Other countries may be worse. It is illegal to export PGP from the USA to any country except Canada, even if that version of PGP originated outside of the USA. Don't do it. Don't ask me to do it. The law is not rational, but it exists, and the Federal Government has no sense of humor. On the other hand, if you should discover a copy of PGP in some place other than the USA, then you are bound by the laws of both that country and your own country with respect to what you can do with it, not necessarily by U. S. Law. Your laws may be more or less restrictive, and may possibly refer to U. S. Law through some sort of treaty. If you live in a place where you can freely distribute and use PGP, then I applaud your government. In spite of the best efforts of MIT and the other primary developers and distributors of PGP not to violate the International Traffic in Arms Regulations, MIT PGP has been observed to migrate to many foreign sites. Whoever is responsible for this export is responsible for their own actions and is not encouraged or endorsed by myself, Philip Zimmermann, or MIT. This doesn't necessarily mean that we agree with the law, or even that the law itself is Constitutional. It just means that becoming a test case is not fun. WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN THE USA? MIT PGP is only for noncommercial use because of restrictions on the licensing of both the RSA algorithm (attached to RSAREF) and the IDEA algorithm. PKP/RSADSI insist that we use RSAREF instead of the mpi library for reasons that make sense to them. For commercial use, use Viacrypt PGP, which is fully licensed to use both the RSA and IDEA algorithms in commercial and corporate environments. WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN CANADA? MIT PGP is only for noncommercial use because of restrictions on the licensing of the IDEA algorithm. Because the RSA algorithm isn't patented in Canada, you are free to use the mpi library instead of RSAREF, if you want to, thus freeing yourself of the RSAREF license. For commercial use, use Viacrypt PGP, which is fully licensed to use the IDEA algorithm in commercial and corporate environments. WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST OUTSIDE NORTH AMERICA? MIT PGP is only for noncommercial in areas where there is a patent on software implementations of the IDEA algorithm. Because the RSA algorithm isn't patented outside of the USA, you are free to use the mpi library instead of RSAREF, if you want to, thus freeing yourself of the RSAREF license. For commercial use, you cannot buy Viacrypt PGP, but you can arrange to license your use of IDEA directly from ETH Zurich. If software implementations of IDEA are not covered by a patent in your country, then you can use the freeware versions of PGP, provided that you compile it with the mpi library instead of RSAREF. WHAT IS THE "TIME BOMB" IN MIT PGP 2.6? As a concession to the RSA patent holders (in return for endorsement of the legality of the freeware MIT PGP 2.6), MIT placed an inducement in MIT PGP 2.6 to encourage upgrade from the alledgedly patent-infringing PGP 2.3a to the MIT version. The nature of this inducement is a change in a packet ID byte that causes PGP 2.3a and earlier to reject messages created by MIT PGP 2.6 after 1 September 1994. Altering MIT PGP 2.6 to bypass this annoyance (though technically an easy change to the LEGAL_KLUDGE), invalidates the blessing of Public Key Partners on the licence of MIT PGP 2.6. Therefore, it is a bad idea. On the other hand, it is trivial to hack PGP 2.3a to accept these packets, and that (plus a few other bug fixes) is essentially what PGP 2.6ui is. None of the versions of PGP greater than 2.3 have problems reading the old packet ID values, so for maximum compatibility, the ideal is to write the old value and accept either value. Unfortunately, this time bomb has a negative effect on Viacrypt PGP 2.4, as well, which never infringed on anyone's patents. Viacrypt's solution was to issue PGP 2.7, which, by default acts just like MIT PGP 2.6, but has a config.txt option (explained in the release) that allows compatibility with both PGP 2.4 and PGP 2.6. Naturally, this also allows compatibility with PGP 2.3a. The time bomb is annoying for those who still wish to use PGP 2.3a, and for those who use Viacrypt PGP 2.4 and don't want to spend US$10 to upgrade to Viacrypt PGP 2.7, but considering the magnitude of the concession made by Public Key Partners in legitimizing the freeware PGP for use in the USA, it was worth it. For more information on the time bomb, see ftp://ftp.csn.net/mpj/pgpbomb.asc ARE MY KEYS COMPATIBLE WITH THE OTHER PGP VERSIONS? If your RSA key modulus length is less than or equal to 1024 bits (I don't recommend less, unless you have a really slow computer and little patience), and if your key was generated in the PKCS format, then it will work with any of the current PGP versions (MIT PGP 2.6, PGP 2.6ui, or Viacrypt PGP 2.7). If this is not the case, you really should generate a new key that qualifies. Philip Zimmermann is aware of the desire for longer keys in PGP by some PGP fans (like me), but wants to migrate towards that goal in an orderly way, by first releasing versions of PGP in for all platforms and for both commercial (Viacrypt) and freeware (MIT) flavors that ACCEPT long keys, then releasing versions that can also GENERATE long keys. He also has some other neat key management ideas that he plans to implement in future versions. BUGS These are the most annoying: MIT PGP 2.6 -- the function xorbytes doesn't. Replace the = with ^= to fix it. The effect of this bug is that RSA keys aren't quite as random as they should be -- probably not a practical problem, but worth fixing if you are going to compile the code yourself. Fixed in 2.6.1. MIT PGP 2.6 -- DON'T SET PGPPASS when editing your keys, because if you do, and if you don't change your pass phrase, the key is lost. (If this happens, rename your backup keyring files to the primary files before you do anything else). Fixed in 2.6.1. PGP 2.6ui -- Conventional encryption -c option doesn't use a different IV every time, like it is supposed to. (PGP 2.3a had this problem, too). Fixed in 2.6 and 2.6.1. HOW DO I PUBLISH MY PGP PUBLIC KEY? There are lots of ways. One way is to use a key server. Send mail to one of these addresses with the single word "help" in the subject line to find out how to use a key server. pgp-public-keys at pgp.iastate.edu public-key-server at pgp.ai.mit.edu pgp-public-keys at demon.co.uk FTP: ftp.demon.co.uk:/pub/pgp/pubring.pgp (Updated daily) pgp-public-keys at cs.tamu.edu pgp-public-keys at chao.sw.oz.au pgp-public-keys at jpunix.com pgp-public-keys at dsi.unimi.it pgp-public-keys at kiae.su pgp-public-keys at fbihh.informatik.uni-hamburg.de There is also an experimental public key server at http://ibd.ar.com/PublicKeys.html Another way is to upload it to the PGP public keys area of the Colorado Catacombs BBS (303-772-1062). Another way is to just send it to your correspondents. You could add it to your .plan file so that finger returns your key. You could add it to some of your postings. No matter which way you do it, you should have your key signed by someone who verifies that your key belongs to you, so that you don't have someone else generating a key that has your name on it, but that isn't yours. Here is my public key: - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.7 mQCNAi4PT2QAAAEEAPPCZnrshEJ9PSnV+mXEwjM4kzJF0kyg2MnLMzo83vWI40ei jogncqdkXT0c2TQWg+Bsu9ckFoXdId0utumYv0aqd8yI/oU/DwJ1zJrqRL2PFbxe ZLofHoKFjvq1TiNiJq9ps3jW6iYS4IU1SzyKhjmyE+K0+WyrPPX0zg8FAL9FAAUR tCdNaWNoYWVsIFBhdWwgSm9obnNvbiA8bXBqQGNzbi5vcmc+IG1wajiJAJUCBRAu G3chZXmEuMepZt0BAZtAA/0Rw5mintlUDgHycNbeoyIiMHoLu8jWaCSaiGSt+dDU 1A/bUCo+gorv5TYxOClRf3XHjD6zSooWyUz3ehotrzPYLunhVOE2YBxPU+OvKFOc 37mcZrnXGBlF5NblnSYxp0186tGaTm7WMWx7NDlHT4GvhzHJQSOoo48ykDkKm/mk LIkAlQIFEC4PWbs/ZwY8hTPrxQEBKyMD/A7kv91C1ZZIRtkbC9k9lsWOgOnO8wG8 bGMajaco465Z5llWD+Y8QCMdSWcowtOBGfW0Wv1bZ1uebeCpg1L66pJ7C+BOExrk gPqRVCstLLiVerKGeSOZo3yXtxYKYX7mHQPrHp98ef7fUG4IiKS+S+znmGxpJwrV sHZRlhJ3hXUsiQCVAgUQLg9ZefX0zg8FAL9FAQFBTAQAh4u4Vun7WhPuL6fsXiXm paaGfeLtd3biRj/aOMAG1eHuhVdWejx71ormyKTdNB2YV56bpsE3JQ/KhBuYDo0N SkRnqeM2S+Ef7aZEg6Q44uXG52pqCZUldtCeYfOs3aLCR9SMlc6Y3zmpSwB1wKP0 5+tN9zruNYVKKBLWEIFAY7W0K01pY2hhZWwgUGF1bCBKb2huc29uIDxtLnAuam9o bnNvbkBpZWVlLm9yZz60IE1pY2hhZWwgSm9obnNvbiA8bXBqQG5ldGNvbS5jb20+ tChNaWtlIEpvaG5zb24gPDcxMzMxLjIzMzJAY29tcHVzZXJ2ZS5jb20+tCtNaWNo YWVsIFAuIEpvaG5zb24gPG1wam9obnNvQG55eC5jcy5kdS5lZHU+tC1EbyBub3Qg dXNlIGZvciBlbmNyeXB0aW9uIGFmdGVyIDI3IEp1bmUgMTk5Ni4= =rR4q - -----END PGP PUBLIC KEY BLOCK----- ___________________________________________________________ |\ /| | | | | \/ |o| | Michael Paul Johnson Colorado Catacombs BBS 303-772-1062 | | | | / _ | mpj at csn.org aka mpj at netcom.com m.p.johnson at ieee.org | | |||/ /_\ | ftp://ftp.csn.net/mpj/README.MPJ CIS: 71331,2332 | | |||\ ( | ftp://ftp.netcom.com/pub/mpj/README.MPJ -. --- ----- ....| | ||| \ \_/ |___________________________________________________________| -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAgUBLm3RD/X0zg8FAL9FAQGqnwQA5R8PVpgT0tHG7GSY2jjNM9EKnQAngOdy ByZYVhh9lm/7WywiiBsY5XWDwFUEwIC79e+UeCY+8lAhiUEEWQdCAvYO7b/LCtSn D9TL3teei4sH6Z4kpDFFn8peWVwoEc/2l9nWrtUlT1cFvBDKn1KRK8MlZgH0Gld4 J+vPYYYrDMg= =u06H -----END PGP SIGNATURE----- From jya at pipeline.com Wed Sep 7 08:44:37 1994 From: jya at pipeline.com (John Young) Date: Wed, 7 Sep 94 08:44:37 PDT Subject: Reputation Capital papers? Message-ID: <199409071543.LAA09844@pipe1.pipeline.com> Prompted by Hal's post I send the following FTP info on Information Sciences Institute. This is their README file. There is much more there, based on a quick look, juicy DoD stuff for the disloyal. John ------------------- USC INFORMATION SCIENCES INSTITUTE PUBLICATIONS Welcome to USC Information Sciences Institute FTP publications directory. When logging in, please use your complete email address as a password. For example: % ftp ftp.isi.edu NAME: anonymous PASSWORD: techlib at isi.edu (your_email_address at your_machine) ftp> cd isi-pubs ftp> use the standard ftp commands, such as "dir", "get", "cd", etc. ftp> "quit" when finished A few of our technical reports are now available, in postcript format, through ANONYMOUS FTP from ftp.isi.edu. If you would like to order hard copies of ISI technical reports, please send email to "techlib at isi.edu" or written requests can be sent to: USC Information Sciences Institute Library 4676 Admiralty Way, Suite 1001 Marina del Rey, CA 90292-6695 ATTN: Document Distribution If our stock has been depleted, you will be referred to the National Technical Information Service, NTIS. Here is a brief description of the files currently available online: -------------- -------------------------------------------------- ---- filename description -------------- -------------------------------------------------- ---- pubrec.ps This file contains a listing of all the technical reports published by ISI with abstracts. Approximately 50 pages. newpubs0794.ps This is our semi-annual publications announcement newpubs0194.ps newsletter and order form. It is published in January and July. Subsequent newsletters will follow the same filename format, newpubsMMYY.ps, e.g. newpubs0194.ps, newpubs0794.ps. isi-sr-93-374.ps Zoned Analog Personal Teleconferencing (ZAPT) isi-sr-93-374.ps.Z by J.D. Touch December 1993, 23 pages isi-rr-93-372.ps Employing Knowledge Resources in a New Text Planner Architecture by E. Hovy, J. Lavid, E. Maier, V. Mittal, C. Paris, 1992 (Not yet available online. Hard copy only.) 14 pages isi-rr-93-366.ps Synthesis of Asynchronous Systems from Data isi-rr-93-366.ps.Z Flow Specifications by T.-Y. Wuu, S.B.K. Vrudhula December 1993, 73 pages isi-rs-93-364.ps Security Services for Multimedia Conferencing by S. Stubblebine November 1993, 9 pages isi-rs-93-363.ps ATOMIC: A Low-Cost, Very High-Speed, Local Communication Architecture by D. Cohen, G. Finn, R. Felderman, A. DeSchon November 1993, 12 pages isi-rs-93-360.ps The Impact of Scaling on a Multimedia Connection Architecture by E. Schooler August 1993, 14 pages isi-rs-93-359.ps Case Study: Multimedia Conference Control in a Packet-Switched Teleconferencing System by Schooler August 1993, 18 pages isi-sr-93-358.ps The ISI "Tunnel" by A. DeSchon, D. Cohen October 1993 39 pages isi-rs-93-342.ps Parallel Communication by J. Touch March 1993, 12 pages isi-rs-93-301.ps Physics Analogs in Communication Models by J. Touch January 1993, 10 pages isi-rs-92-294.ps An Architecture for Multimedia Connection Management, by E. Schooler, S. Casner August 1992, 8 pages isi-rs-92-293.ps First IETF Internet Audiocast, by S. Casner, S. Deering July 1992, 6 pages isi-rr-92-291.ps ATOMIC: A Low-Cost, Very High-Speed LAN by D. Cohen, G. Finn, R. Felderman, A. DeSchon September 1992, 21 pages isi-rr-91-289.ps A Distributed Architecture for Multimedia Conference Control by E. Schooler November 1991, 18 pages isi-rs-91-286.ps Multimedia Conferencing: Has it Come of Age, by E. Schooler, S. Casner, J. Postel August 1991, 10 pages isi-rs-90-252.ps N-Way Conferencing with Packet Video, by S. Casner, K. Seo, W. Edmond, C. Topolcic April 1990, 10 pages From blancw at microsoft.com Wed Sep 7 09:42:18 1994 From: blancw at microsoft.com (Blanc Weber) Date: Wed, 7 Sep 94 09:42:18 PDT Subject: FW: believing three impossible things before breakfast Message-ID: <9409071642.AA25387@netmail2.microsoft.com> From: Carl Ellison . . . . . someone advocating that all you need to do is just tell teens to say "no" to sex before marriage, then you won't need to distribute condoms without parental permission.... Suddenly it hit me that the same frame of mind was clearly behind the Clipper Initiative. ........................................................ Are you saying that they think that if the phone moderators could just say "no" for us, overt supervisory functions could be eliminated? Blanc From jdwilson at gold.chem.hawaii.edu Wed Sep 7 09:52:03 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Wed, 7 Sep 94 09:52:03 PDT Subject: How Did This Get Done? In-Reply-To: <199409061446.HAA19128@jobe.shell.portal.com> Message-ID: On Tue, 6 Sep 1994 nobody at shell.portal.com wrote: > i am sure that there are other ways to do this...i don't know how usenet > news is passed, but i suspect this is also done in a similar way so if > you know the port number and the format, you could do it like that... With my SLIP software, I can set my domain name to be anything I want. When first implementing it I even made a mistake which gave me a name of sersol..com - note the two periods in succession. It would put out anything else as well. -NetSurfer #include standard.disclaimer >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " " |P. O. Box 15432 | finger for full PGP key > " " /\ " |Honolulu, HI 96830 |====================================> \" "/ \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From frissell at panix.com Wed Sep 7 10:02:20 1994 From: frissell at panix.com (Duncan Frissell) Date: Wed, 7 Sep 94 10:02:20 PDT Subject: NYT Fears Cypherpunks Message-ID: <199409071701.AA05832@panix.com> The article suggested that unless people turn to the State for protection from "anarchy" the State will fade. Here is my argument (recycled from a few years ago) as to why State power is fading: I expect that State authority will continue to weaken over the next few years for the following reasons: 1) The ruled outnumber the rulers. 2) The ruled outmass the rulers. 3) Traditionally, the rulers used a number of techniques to maintain their rule: a) Ideology of acquiescence and consent - The will of God, tradition, the will of the people, 'you can't fight City Hall,' Death and Taxes, The Government is All of Us, etc. b) The application of superior mobility and organization - we are everywhere, omniscience, omnipresence, etc. c) Point force. A mass of armed men in the field. 'Reduce the city. Leave no stone standing upon stone and sow the ground with salt.' 4) The effectiveness of the above require an ignorant, docile, immobile, and uncritical population: a) Respect for authority is on a rapid downward trend. Disobedience is widespread. One-third to one-half of the housing units in Nassau and Suffolk counties are illegal "in-law" apartments. Seventy-five percent of those hiring domestic workers in the US do not comply with tax and employment laws. Hundreds of thousands of assault rifle owners in New Jersey and California have not turned in their guns. I see no examples of any increase in respect for state authority. b) The mobility and organization of bureaucratic organizations is now less than the average private organization. Nation states are still geographically bound, we are not. The individual or small group has always had better organization than the State - he/it has just had less power. c) Point force only works against concentrated opponents. It is useless against mass movements of goods nd people like the market unless a totalitarian clampdown is used. If movement continues, State power is lost. 5. Freedom is not only an ideology, it is also what you get when people make relatively unconstrained choices. Even the most broken slave makes choices. When a modern, technologically advanced, mobile people makes choices, they can overwhelm control mechanisms. All they have to do is *choose*. They need not be ideologically committed libertarians. 6. Is there immigration control if millions of immigrants are on the march (here *and* in Europe)? Is there gun control if the number of guns possessed by the population (here *and* in Europe) continues to increase. If the amount of the world's wealth that is legally or illegally outside of the tax system increases, is taxation succeeding? 7. Predictions. Per capita gun ownership will continue to increase in all of the OECD countries as it has for years. Legal and illegal immigrants as a percentage of total population will continue to grow. The percentage of the Gross World Product that does not flow through the coffers of the world's States will continue to grow as it has for the last ten years. 8. Unless the above trend lines reverse and the "coercive sector" regains some moral authority freedom of choice will continue to grow. For example, if gun ownership per capita continues to grow, at some point everyone who wants a gun will have one. No gun control. 9. Controlling people is difficult. It has all of the normal problems of hydrology with the added complication that in this case the "water" is intelligent. Controlling smart, rich, well- equipped people is a doomed occupation. Unless they can figure some way to chain us back in the fields, they're doomed. DCF "Though he may be poor He will never be a slave" From mech at eff.org Wed Sep 7 10:39:22 1994 From: mech at eff.org (Stanton McCandlish) Date: Wed, 7 Sep 94 10:39:22 PDT Subject: O'Reilly PGP book Message-ID: <199409071738.NAA02023@eff.org> coming soon, PGP hits the mainstream: PGP: Pretty Good Privacy by Simson Garfinkel 1st Edition November 1994 (est.) 250 pages (est),ISBN: 1-56592-098-8, $17.95 (est) PGP is a freely available encryption program that protects the privacy of files and electronic mail. It uses powerful public key cryptography and works on virtually every platform. PGP: Pretty Good Privacy by Simson Garfinkel is both a readable technical users guide and a fascinating behind-the-scenes look at cryptography and privacy. Part I of the book describes how to use PGP: protecting files and email, creating and using keys, signing messages, certifying and distributing keys, and using key servers. Part II provides background on cryptography, battles against public key patents and U.S. government export restrictions, and other aspects of the ongoing public debates about privacy and free speech. -- Stanton McCandlish
mech at eff.org

Electronic Frontier Fndtn.

Online Activist From tcmay at netcom.com Wed Sep 7 10:48:45 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 7 Sep 94 10:48:45 PDT Subject: AIDs testing and privacy In-Reply-To: Message-ID: <199409071748.KAA05151@netcom3.netcom.com> > There are two pieces in the current comp.risks digest (16.39) about > cross-linking of US databases. References are to a cover story in > Business Week. Highlights are hospitals selling name/address info on > families with newborns and one state having sold it's drivers' licence > register... > > -- Rolf And don't forget that hospitals and doctors will be forwarding patient records to the National Health Recovery Act headquarters outside Washington, right near the CIA, NSA, NRO, Central Imagery Office, FBI, and, of course, the Big Three credit agencies. I'm less worried that a pharmacist will add me to some database he keeps than that my doctor will be instructed to compile a dossier to government standards and then zip it off over the Infobahn to the authorities. Buying "a la carte" insurance for specific conditions and not others is surely a "cypherpunkish" free choice, and neatly sidesteps the problems of having to pay for others in the current way. (For example, someone with no tendency toward Foobar's Disease can elect to exclude this coverage.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From talon57 at well.sf.ca.us Wed Sep 7 10:59:37 1994 From: talon57 at well.sf.ca.us (Brian D Williams) Date: Wed, 7 Sep 94 10:59:37 PDT Subject: MISC: public key revocation certificate Message-ID: <199409071759.KAA11412@well.sf.ca.us> -----BEGIN PGP SIGNED MESSAGE----- 'punksters After carefull consideration of the matter I have decided to follow Philip Zimmermans request, revocation certificate follows. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQCNAiwobjEAAAEEAMvfOcPMSdd8EASpRCj5H2KdXR8f/nVcOyQ1vg6SaX6yCQb0 aO4fRgfZg2aoyQVLRPmrpV0YzeRjHwadUz3THLK3LUtA5RR6W+MHoxSQB5iVIqek Lzg5cl4O9wzovzDjc0zSQW/prCGLs9aYx/WYWWXaYngZe7kTRKKSjm8cgaFtAAUR iQCVAgUgLm34g6KSjm8cgaFtAQEunAP+MZB2xfL0mDP+OjjQDqpkn/u32SRKZ5ZF VjGhIFglJuyE+JehqmiT0liy8PJzeif95aWDtT1IOAuk9L6BwZpx9+m0PMRKkjNH 1InjapVYVPyb5JBJKo5LjcWLVdx3eyiJ0GOzb+zBQEnrBkGWe13xj9UNs37o/TjF utQ7Oi1jOAC0KEJyaWFuIEQgV2lsbGlhbXMgPHRhbG9uNTdAd2VsbC5zZi5jYS51 cz4= =3HLA - -----END PGP PUBLIC KEY BLOCK----- Please note the new key; - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCNAy5t4PAAAAEEANaECzfBmf3e0wSsuObKfi0xVb74347rNH+HX3yEPPLi0b+Z pQFRLvw9ClCwOpRGBTNgaARp/Y8/eQeyzmSOIhwHfR57X5J/XGMYmGWbQ9+84jUD xE9m+2Gux1L9L0YvvekuG486PfpHNgP8US9KpOn9zXEJJ89VkFmp8FjpRfTVAAUX tChCcmlhbiBEIFdpbGxpYW1zIDx0YWxvbjU3QHdlbGwuc2YuY2EudXM+ =C1+Q - -----END PGP PUBLIC KEY BLOCK----- Brian Williams Extropian Cypherpatriot "Cryptocosmology: Sufficently advanced communication is indistinguishable from noise." --Steve Witham "Have you ever had your phones tapped by the government? YOU WILL and the company that'll bring it to you.... AT&T" --James Speth -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLm39GFmp8FjpRfTVAQGbggP+M0ulfpczRkDXz335N++miPPn0zkY1gJ6 XrfGuPjVUduxcj3flDBPXSw1MHi6AqB9Hv+X2+1eD9Vta9CHGEfcsdc7SVvuhyGD +xA8SLLkbrQjoYYpegFYi2cRCO7CJUGqB39bgnG0mXp1aKn5cfyKxa8cB22Uy5UO /ZE/dtRMK1I= =0Psj -----END PGP SIGNATURE----- From tcmay at netcom.com Wed Sep 7 11:37:20 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 7 Sep 94 11:37:20 PDT Subject: (fwd) Re: NETCOM/FBI Spying "Business as Usual" Message-ID: <199409071837.LAA10783@netcom3.netcom.com> I found this in the eff group, and think it has some implications for remailer operators and their logs. (That the FBI is subpoenaing e-mail records is not news, but the connection to the Kevin Mitnick case is.) Explanation: In an earlier message, Glen Roberts of "Full Disclosure" gave his informed speculation that this subpoena has to do with the FBI's search for uber-hacker Kevin Mitnick. The guy being subpoenaed and monitored, Lewis De Payne, comments below. The concern for remailer operators is that while I was reading this saga, all I could think of was 'Why didn't they use remailers?" I planned to comment on this in the public groups. (And I may still, if somebody else doesn't beat me to it.) But of course the concern is that if the FBI is going on a fishing expedition (a legal term :-}) for e-mail records, and Netcom is cooperating, then had they used remailers to communicate, we could now be seeing subpoenas of *remailer logs*. (This will happen eventually. All the more reasons for multiple national jurisdictions, for destruction of logs, for bonding of remailers, and for "forward secrecy" (a la Diffie-Hellman) to be implemented somehow.) > Xref: netcom.com alt.2600:23077 alt.2600hz:100 alt.privacy:18575 comp.org.eff.talk:39275 > Newsgroups: alt.2600,alt.2600hz,alt.privacy,comp.org.eff.talk > Path: netcom.com!lewiz > From: lewiz at netcom.com (Lewis De Payne) > Subject: Re: NETCOM/FBI Spying "Business as Usual" > Message-ID: > Followup-To: alt.2600,alt.2600hz,alt.privacy,comp.org.eff.talk > Organization: NETCOM On-line Communication Services (408 261-4700 guest) > X-Newsreader: TIN [version 1.2 PL1] > References: > Date: Wed, 7 Sep 1994 17:24:35 GMT > Approved: mitnick at hideout.com > Lines: 25 > > Glen Roberts (glr at ripco.com) wrote accurately: > : > : Some of you may be aware of the FBI subpeona for email transactions of > : lewiz at netcom.com. > : > : She wouldn't discuss the particulars of lewiz at netcom.com, and said they > : were "not open to talking about it." > > I will be sending you a story for Full Disclosure. In it, I will discuss > how tech support at netcom told another party (whose name will remain > anonymous until I receive a subpoena) that the FBI was watching my acct, > and that they were served with an order. This was disclosed to a > third-party by tech support! I will also discuss my conversation with > the various people at netcom regarding this matter, as well as the > letter I sent to netcom explaining to them that their "monitoring" of > my account to conform with the _sealed_ court order was slowing me > down too much, and that if they didn't correct it, I might go find > another provider, and then they wouldn't be able to monitor me. > > Lots more to come... in Full Disclosure Live. > > -- > cc: Kathleen Carson, S.A., FBI, LA, CA. || Pursuant to Court Order > Kenneth G. McGuire, III. S.A., FBI, LA, CA. || served August 11, 1994 > Stanley E. Ornellas, S.A., FBI, LA, CA. || on Netcom Communications > From rishab at dxm.ernet.in Wed Sep 7 11:50:07 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Wed, 7 Sep 94 11:50:07 PDT Subject: Social punishment 1/3: law without enforcers Message-ID: Social punishment 1/3: law without enforcers I live in a country where many laws are simply not followed. As laws are always behind the times, this can lead to an environment that, ignoring laws, follows the times. (For example due to no legal precedents there is theoretically no electronic privacy and all my mail is read. This is not, in practice the case - if my mail is indeed read, then it's probably by the NSA). When the legal system is lax, society falls back on age-old methods of keeping order - a system of taboos and 'social' punishment such as ostracization. In small tribes or villages ostracization is the most passive of punishments - indeed by definition it implies _non_-cooperation or having _nothing_ to do with a person. It is also the most powerful, often better for the society than capital punishment which simply gets rid of a person who might be useful if following the rules. Of course societies that continue to use 'social' punishment do so to enforce antideluvian values (don't talk to those people, don't engage in pre/extra- marital or deviant sex, etc). This is not the fault of the system of social punishment, rather that of the society itself. The system of social punishment can easily be adapted to educated, liberal inhabitants of cyberspace, much more easilty than can present law enforcement systems. My next post will examine the similarities between tribal and cyberspatial society. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From vaccinia at med.unc.edu Wed Sep 7 12:58:48 1994 From: vaccinia at med.unc.edu (Scott G. Morham) Date: Wed, 7 Sep 94 12:58:48 PDT Subject: T-shirts Message-ID: <9409071958.AA07734@earl.med.unc.edu> -----BEGIN PGP SIGNED MESSAGE----- Since we're on the subject of T-shirts, does anyone have any X-large or XX-large T-shirts with the "1984, We're a little behind Schedule!" logo on them? If someone is ever going to do another run of them I would be interested in buying one or two of them. The "Big Brother Inside" on the front and the "1984" logo on the back would be an ideal shirt! Anyway, if anybody knows where I could purchase such a shirt please contact me at the below address. Thanks. Scott G. Morham !The First, VACCINIA at uncvx1.oit.unc.edu! Second PGP Public Keys by Request ! and Third Levels ! of Information Storage and Retrieval !DNA, ! Biological Neural Nets, ! Cyberspace -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLmolmD2paOMjHHAhAQGBLgP/RipTDTCeY4IcGP3padoDcNWDexgy8M94 5YUZb4rzjmv3lu/WoSI4jXV4SZAxOW8F5lia8dkxtkeKAYTVwPdmWJvJ8V3BbEYv vg4juygrULe1wX3toHnI4ueQCFDoBxacCzM1KRhpcD6q2sKyWsfZKbMniko/AhvY InA/gnPiVJo= =akOU -----END PGP SIGNATURE----- From frissell at panix.com Wed Sep 7 12:59:06 1994 From: frissell at panix.com (Duncan Frissell) Date: Wed, 7 Sep 94 12:59:06 PDT Subject: AIDs testing and privacy Message-ID: <199409071957.AA24790@panix.com> At 10:48 AM 9/7/94 -0700, Timothy C. May wrote: > >And don't forget that hospitals and doctors will be forwarding patient >records to the National Health Recovery Act headquarters outside >Washington, right near the CIA, NSA, NRO, Central Imagery Office, FBI, >and, of course, the Big Three credit agencies. > >I'm less worried that a pharmacist will add me to some database he >keeps than that my doctor will be instructed to compile a dossier to >government standards and then zip it off over the Infobahn to the >authorities. I suppose I shouldn't admit this as a privacy advocate but I wonder why anyone is interested in all this health/credit data. Since they can't *do* anything with it in the real world, seems like a waste of time. Especially the health data. Suppose "they" find out something about your health status and "they" deny you insurance. Under the system "they" have constructed, you just show up and get "health care" anyway -- whether at the local hospital or in Toronto or London. The only "advantage" that "they" get from finding out about your health status and denying you insurance is that you no longer have to pay them any money. You still get the same level of care. If you are a bright person with a big mouth, you can get them to spend as much dough on you -- sans insurance -- as they would on a normal schlubb *with insurance*. That's the way "they" set up the system. It may not even be too illibertarian of you to play the system like that since they have used force to prevent you from buying your care on an open market. As for the credit info, since you can get whatever you *really* want without a good (personal) credit history, what is the point of all these conflicts over credit reporting. I like to practice privacy and, like normal medical intervention, it can help individuals on the margin, neither personal privacy nor personal medical intervention are statistically significant when we consider the well-being of the general population. Strong market institutions are more important than privacy and sewers and vector control are more important than office visits for securing (respectively) human wealth and human health. DCF "You don't have to be nice to nation states that you meet on the way up if you're not coming back down." From cactus at bb.com Wed Sep 7 14:24:51 1994 From: cactus at bb.com (L. Todd Masco) Date: Wed, 7 Sep 94 14:24:51 PDT Subject: Al Gore's home page In-Reply-To: <9409071245.AA22475@snark.imsi.com> Message-ID: <34lbaq$eci@bb.com> In article <9409071245.AA22475 at snark.imsi.com>, Perry E. Metzger wrote: > >Lucky Green says: >> Why can't politicians stay away from stuff they don't understand? >> Because that would mean that they have to stay away from everything. > >I would be much more frightened if they did fully understand. Actually, what's frightened me the most about this administration is that they have half a clue; And they seem to be willing to learn, if only by making mistakes that affect the rest of us. Gore's always kept up on technical issues, but hasn't actually lived them, and that's the problem: the routine use of the technology changes your POV far more than reading the specs. -- L. Todd Masco | "Which part of 'shall not be abridged' didn't cactus at bb.com | you understand?" From mmarkley at microsoft.com Wed Sep 7 14:34:05 1994 From: mmarkley at microsoft.com (Mike Markley) Date: Wed, 7 Sep 94 14:34:05 PDT Subject: AIDs testing and privacy Message-ID: <9409072133.AA12197@netmail2.microsoft.com> Duncan Frissell wrote: | | I suppose I shouldn't admit this as a privacy advocate but I wonder why | anyone is interested in all this health/credit data. Since they can't *do* | anything with it in the real world, seems like a waste of time. What about being denied a job because you have been treated for some disease? How about being denied a loan because your medical history has a profile that indicates that your life expectancy is shorter than the duration of the loan? It seems that the potential for abuse is so great that we should not allow such cross referencing. Mike. ===================================================== Mike Markley I'm not a Microsoft spokesperson. All opinions expressed here are mine. ===================================================== From jamiel at sybase.com Wed Sep 7 15:14:54 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Wed, 7 Sep 94 15:14:54 PDT Subject: AIDs testing and privacy Message-ID: At 7:28 AM 09/07/94, Mike Markley wrote: >What about being denied a job because you have been treated for some >disease? How about being denied a loan because your medical history has >a profile that indicates that your life expectancy is shorter than the >duration of the loan? It seems that the potential for abuse is so great >that we should not allow such cross referencing. Another example- A Lyndon LaRouche type could get elected. (I personally don't have enough faith in the Folk At Large not to hand someone like that power) "Starting tomorrow, all Hawiian Citizen Units will begin moving to the mainland. Some of the smaller islands have been cleared, and HIV+ units are being relocated as this address is being broadcast..." -j From jkreznar at ininx.com Wed Sep 7 15:29:16 1994 From: jkreznar at ininx.com (John E. Kreznar) Date: Wed, 7 Sep 94 15:29:16 PDT Subject: NYT Fears Cypherpunks In-Reply-To: <199409071701.AA05832@panix.com> Message-ID: <9409072228.AA05063@ininx> -----BEGIN PGP SIGNED MESSAGE----- frissell at panix.com (Duncan Frissell) writes: > The article suggested that unless people turn to the State for protection > from "anarchy" the State will fade. > Here is my argument (recycled from a few years ago) as to why State power is > fading: Fading of government power must begin with popular refusal to gratuitously accept the favors of government. Since this looks unlikely, it appears to me that the trend to ever-more oppressive government will continue for a while yet. It will probably only end in catastrophic collapse. > I expect that State authority will continue to weaken over the next few > years for the following reasons: > 1) The ruled outnumber the rulers. Big government is caused not by ``rulers'', but by the demand created by its beneficiaries. Kill the rulers, and the beneficiaries will erect new ones in their place. Kill the beneficiaries and the rulers will find themselves without a job. More useful than the rulers-ruled division is the division into those who gratuitously accept the benefits of government (usually without even realizing that this is why government gets so big), and those who scrupulously avoid gratuitous involvement with government. The latter are an infinitesimal fraction who are being overwhelmed by the former. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLm49n8Dhz44ugybJAQHnawP/UOT7s5ciyUSYwsBdrlsswLUeJNlI/s6n aEuH8pxdxRLmNTPYj378oxa3VpPx5vqbsCvLFtTgydVsbO9Jfu6kjkmJIn8BqOSt 5/c/9kMG0isvRDQNzKyfvKoRmzZ84zztDWsQMi0xXd+QeW0+KF4gv4Fh3wzhOrl4 SDVzfWTV6Kk= =Iscn -----END PGP SIGNATURE----- From jya at pipeline.com Wed Sep 7 15:32:51 1994 From: jya at pipeline.com (John Young) Date: Wed, 7 Sep 94 15:32:51 PDT Subject: Al Gore's home page Message-ID: <199409072232.SAA28227@pipe1.pipeline.com> Anybody noticed that Al is being ported around Cairo tourist traps to divert attention from more articulate and threatening targets of the fundamentalists? Creeping slowly around on bright shiny crutches for laser-aiming, yet. His home page is empty because he wont be needing it? Naw. From tcmay at netcom.com Wed Sep 7 16:14:01 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 7 Sep 94 16:14:01 PDT Subject: AIDs testing and privacy In-Reply-To: <9409072133.AA12197@netmail2.microsoft.com> Message-ID: <199409072314.QAA17630@netcom7.netcom.com> Mike Markley wrote: > What about being denied a job because you have been treated for some > disease? How about being denied a loan because your medical history has > a profile that indicates that your life expectancy is shorter than the > duration of the loan? It seems that the potential for abuse is so great > that we should not allow such cross referencing. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ There's the rub! While I may not _like_ what people or companies do with data about me, I generally don't support laws telling them what they can do, what they can't do, etc. And such normative laws ("they shouldn't keep such records and hence we'll outlaw them") won't work in an era of strong crypto and privacy. In fact, some of us support data havens precisely to have records of, say, terminal diseases so we'll not lend money to Joe-who-has-AIDS. It may not be "fair" to Joe, but it's my money. (Same idea as in using offshore or cryptospatial data havens to bypass the nonsense in the "Fair Credit Reporting Act" that outlaws the keeping of certain kinds of facts about credit applicants, such as that they declared bankruptcy 10 years ago or that they left a string of bad debts in Germany in the 1970s, etc.) I won't go into the many issues here, as this is an ideological digression. Cypherpunks understand that laws won't protect their privacy. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From meconlen at IntNet.net Wed Sep 7 17:02:15 1994 From: meconlen at IntNet.net (Michael Conlen) Date: Wed, 7 Sep 94 17:02:15 PDT Subject: AIDs testing and privacy In-Reply-To: <199409072314.QAA17630@netcom7.netcom.com> Message-ID: > > What about being denied a job because you have been treated for some > > disease? How about being denied a loan because your medical history has > > a profile that indicates that your life expectancy is shorter than the > > duration of the loan? It seems that the potential for abuse is so great > > that we should not allow such cross referencing. > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > There's the rub! While I may not _like_ what people or companies do > with data about me, I generally don't support laws telling them what > they can do, what they can't do, etc. Lets say a place wont hire blacks, and you happend to be black, and wanted to work for such a company. Would you do what you can to hide your color, if possible, to get hired, then let them try to fire you over it, or would you decide that you wouldnt want to work for this company at all? What if MOST companys had this policy... ...and the ones that didnt, wouldnt pay anyone what they are worth. What then? If one or two companys would be the ones deciding what to do based on this information then I wouldnt see much problem in it, I would choose to do buisness with other companys based on there ethic, however I dont think many companys that I will do buisness with are the likes that wont use anything they can get there hands on. Assuming this to be true, it could be very difficult to live if every company knew I was such and such. Groove on Dude Michael Conlen From jya at pipeline.com Wed Sep 7 17:33:12 1994 From: jya at pipeline.com (John Young) Date: Wed, 7 Sep 94 17:33:12 PDT Subject: Data havens Message-ID: <199409080032.UAA22826@pipe1.pipeline.com> Responding to msg by tcmay at netcom.com (Timothy C. May) on Wed, 7 Sep 4:14 PM >And such normative laws ("they shouldn't keep such >records and hence we'll outlaw them") won't work in an >era of strong crypto and privacy. In fact, some of us >support data havens precisely to have records of, say, >terminal diseases so we'll not lend money to >Joe-who-has-AIDS. It may not be "fair" to Joe, but >it's my money. It is worth noting that private "data havens" of all sorts abound, especially for financial matters, and most are not subject to governmental regulation. Some banks have research departments that are older and more comprehensive than credit reporting agencies. Favored customers can use them for evaluation of private deals. Large law firms maintain data banks that approach those of banks, and they grow with each case, through additions of private investigators paid for by successive clients. Security professionals, like Wackenhut and Kroll, also market the fruits of substantial data collections. To these add those of insurance, bonding, investment, financial firms and the like which help make or break business deals. It's probable that massive government-regulated consumer data banks contain far less useful information than that of the private market where serious money is made with the best, privileged information. Some may be porous but most are guarded better than Ft. Knox, with special protection against Uncle Sam's snoopers, indeed more secure than consumer records because more valuable. Any c'punkers in the security side of the financial industry want to comment? Anonymously of course. John From tcmay at netcom.com Wed Sep 7 17:38:30 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 7 Sep 94 17:38:30 PDT Subject: Hiring Blacks In-Reply-To: Message-ID: <199409080019.RAA01639@netcom9.netcom.com> Michael Conlen writes: > Lets say a place wont hire blacks, and you happend to be black, and > wanted to work for such a company. Would you do what you can to hide your > color, if possible, to get hired, then let them try to fire you over it, > or would you decide that you wouldnt want to work for this company at > all? What if MOST companys had this policy... ...and the ones that didnt, > wouldnt pay anyone what they are worth. What then? Were I black, I wouldn't want to work for them. However, if they asked my race, and I lied/deceived them, and they discovered it later (naturally), I would expect to be fired. That's life in a society based on voluntary interactions. Libertarianism 101. (It's also part of Libertarianism 101 that such a company would not likely do well in this day and age. Before you cite America's racist past, read up on who it was that enforced segregation. Hint: not the corporations. Ditto for South Africa (the "other" RSA), where the Apartheid Laws came into being because companies were looking to hire blacks and coloreds to fill job position, and the whites didn't like that much.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From shamrock at netcom.com Wed Sep 7 17:42:54 1994 From: shamrock at netcom.com (Lucky Green) Date: Wed, 7 Sep 94 17:42:54 PDT Subject: AIDs testing and privacy Message-ID: <199409080042.RAA27432@netcom7.netcom.com> Tim wrote: > >And don't forget that hospitals and doctors will be forwarding patient >records to the National Health Recovery Act headquarters outside >Washington, right near the CIA, NSA, NRO, Central Imagery Office, FBI, >and, of course, the Big Three credit agencies. > I have not heard of this. Would someone please elaborate? -- Lucky Green PGP public key by finger From shamrock at netcom.com Wed Sep 7 17:43:25 1994 From: shamrock at netcom.com (Lucky Green) Date: Wed, 7 Sep 94 17:43:25 PDT Subject: Introduction: Telephone traffic analysis Message-ID: <199409080043.RAA27552@netcom7.netcom.com> I stumbled upon this great explanation of telephone traffic analysis and thought I'd share it with the list: Remember also, as far as security goes, that individuals always have the ability to add their own encryption to a system. But I would argue that encryption is also of minimal protection against a knowledgable telephone company or government with message traffic flow tracking capability. This is a capability that every phone company has since they use it to generate your bill every month. Consider the following: Some undesirable activity (to the govt or phoneco) is happening. The govt/phoneco (govco) is able to identify one or more persons involved. (now known as targets.) Targets: *1* *2* *3* They track and compare the frequency of calling patterns made by the targets. Now they know the "calling circle" of the targets. They expand the tracking pattern and start looking for cross overs. Targets: *1* *2* *3* / | \ / | \ | Level 1: A B C D E A F When they start to find a commonality (by Phone # or account holder(s)) they can begin to build the list of those persons most often called within the identified target group. In the above 'A' is common to targets *1* and *2*, thereby implying that the "group" is composed of *1*, *2*, and 'A'. Those most often called are the "key communicators", regardless of any formal or informal organization or public presence. By iterating this process recursively the entire organization and any supporting sympathizers can eventually be located. Both by members of the target group and by others outside the group who may not have any knowledge of other members of the group or even of themselves being in a group. Further, since all phone numbers are tied in the planning databases to physical locations and to billing addresses, enough data can be gathered to completely locate and identify (for further evidence research and cross referencing) members and supporters. Notice that this works even in those cases where no formal organization exists. Notice that this works regardless of whether the communications in question are encrypted or not. Applying this means that a movement, or any organized or coordinated activity could be disrupted by proper targeting of those who are the true key communicators. Actions as simple and subtle as cutting off phone service, placing bad credit reports, starting a tax audit, getting the person a better paying job in a different area, etc., etc. could all be just as effective as outright arrest and harassment. If they don't work, then things would escalate. So consider this as well and don't rely just on encryption to keep yourself secure. -- Lucky Green PGP public key by finger From meconlen at IntNet.net Wed Sep 7 18:51:32 1994 From: meconlen at IntNet.net (Michael Conlen) Date: Wed, 7 Sep 94 18:51:32 PDT Subject: Hiring Blacks In-Reply-To: <199409080019.RAA01639@netcom9.netcom.com> Message-ID: > (It's also part of Libertarianism 101 that such a company would not > likely do well in this day and age. Before you cite America's racist > past, read up on who it was that enforced segregation. Hint: not the > corporations. Ditto for South Africa (the "other" RSA), where the > Apartheid Laws came into being because companies were looking to hire > blacks and coloreds to fill job position, and the whites didn't like > that much.) Only ment as an example... ...not as an accuatual pratice. I agree that a company that praticed thoes polices would not make it far. The Minority is enough to pull a company down on there own. The Minority has friends that are not minority. Enough to quickly bankrupt the comany. Hiring pratices based on things other then the quality of work produced is another thing. Groove on dude Michael Conlen From M.Gream at uts.EDU.AU Wed Sep 7 18:56:45 1994 From: M.Gream at uts.EDU.AU (Matthew Gream) Date: Wed, 7 Sep 94 18:56:45 PDT Subject: Aust crypto regulations In-Reply-To: <9409070857.ZM12456@simple.sydney.sgi.com> Message-ID: <9409080153.AA18297@acacia.itd.uts.EDU.AU> "Ian Farquhar" wrote: > > It's kinda interesting, because another contact I have in DSD said that > he wasn't aware of any restrictions on the distribution of crypto > software. This may have been simply a personal lack of knowledge, but it > also may indicate the obscurity of the restriction itself. It also interests > me in that their charter gives DSD absolutely no responsibility for the > control of domestic crypto. This intrigued me, as I too see no basis for their controls. The prohibited exports come under the Customs Act, and it may well be that the upfront "general software note" which excludes public domain and other software isn't yet instilled in legislation. I'll have to look at the Customs Act itself to see how the prohibited exports ties in. Finding out what group constructed this documentation and hence the relevance of that note is another avenue. I wouldn't hesitate to speculate that they are asserting controls over crypto that they don't really have. The issue still requires further investigation though. cheers, Matthew. -- Matthew Gream (02) 821-2043 (sw/hw engineer) From frissell at panix.com Wed Sep 7 21:01:31 1994 From: frissell at panix.com (Duncan Frissell) Date: Wed, 7 Sep 94 21:01:31 PDT Subject: AIDs testing and privacy Message-ID: <199409080401.AA23344@panix.com> At 02:28 PM 9/7/94 TZ, Mike Markley wrote: >What about being denied a job because you have been treated for some >disease? There are more than 1,000,000,000 employers on earth (not counting yourself). Get a job from someone else. Try contract employment. >How about being denied a loan because your medical history has >a profile that indicates that your life expectancy is shorter than the >duration of the loan? It seems that the potential for abuse is so great >that we should not allow such cross referencing. Borrow from someone else. Save the money. Buy something cheaper. Use your wife's/kid's/friend's credit. There are plenty of options. DCF From frissell at panix.com Wed Sep 7 21:02:24 1994 From: frissell at panix.com (Duncan Frissell) Date: Wed, 7 Sep 94 21:02:24 PDT Subject: AIDs testing and privacy Message-ID: <199409080401.AA23420@panix.com> At 03:19 PM 9/7/94 -0700, Jamie Lawrence wrote: >Another example- A Lyndon LaRouche type could get elected. >(I personally don't have enough faith in the Folk At Large >not to hand someone like that power) "Starting tomorrow, >all Hawiian Citizen Units will begin moving to the mainland. >Some of the smaller islands have been cleared, and HIV+ >units are being relocated as this address is being broadcast..." Obviously, privacy is more important in a totalitarian society but those sorts of social arrangements have become less likely since markets would largely prevent their development. Capital flight and punishingly high interest rates would squash any developed country that tried the totalitarian route these days. They couldn't afford it. DCF From shamrock at netcom.com Wed Sep 7 21:10:27 1994 From: shamrock at netcom.com (Lucky Green) Date: Wed, 7 Sep 94 21:10:27 PDT Subject: Al Gore's other home page Message-ID: <199409080410.VAA19094@netcom7.netcom.com> What do you know. Al Gore's home page might be a bust, but he presents the "Tool kit to reinvent government" at http://www.npr.gov/ The page features a huge picture of Al hacking away on his computer. Still, I have the suspicion that his ideas of reinventing the government are somewhat different from ours. Well, he is asking for feedback through his electronic townhall. Let's give him some. -- Lucky Green PGP public key by finger From alano at teleport.com Wed Sep 7 21:56:50 1994 From: alano at teleport.com (Alan Olsen) Date: Wed, 7 Sep 94 21:56:50 PDT Subject: AIDs testing and privacy Message-ID: <199409080456.VAA22359@teleport.com> >Obviously, privacy is more important in a totalitarian society but those >sorts of social arrangements have become less likely since markets would >largely prevent their development. Capital flight and punishingly high >interest rates would squash any developed country that tried the >totalitarian route these days. They couldn't afford it. The nature of control freaks is that they ignore the actual costs of their actions. Is the government actually concerned with the true costs of installing monitoring devices into every phone switch in the country? Do they really think of the financial costs associated every little decision designed to control our lives? The true concern is *POWER*. How they can get it, how they can keep it, and how they can extend their grasp into more and more of your/mine/everyone's lives. What must be determined is how to identify control freaks and what to do with/to them when you find them. /========================================================================\ |"I would call him a Beastialic Sadomasochistic | alano at teleport.com | |Necrophile but that would be beating a dead | Disclaimer: | |horse." -- Teriyaki (What's up Tiger Lily?) | As if anyone cares! | \========================================================================/ From blancw at pylon.com Wed Sep 7 22:37:59 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Wed, 7 Sep 94 22:37:59 PDT Subject: AIDs testing and privacy Message-ID: <199409080538.WAA25986@deepthought.pylon.com> Responding to msg by Mike Markley: What about being denied a job because you have been treated for some disease? How about being denied a loan because your medical history has a profile that indicates that your life expectancy is shorter than the duration of the loan? It seems that the potential for abuse is so great that we should not allow such cross referencing. ................................................................. ..... Hey, Mike, just remember in the real world no one is required to be kind. If some hospital or company makes a decision to deny service for whatever reason they justify to themselves, it's their call as long as they are not owned by the State. They would likely make the same decisions upon receiving any information which represented a potential loss of revenue, whether that information came from special history files or from a client's personal admission. Even though having information about oneself passed around among agencies is odious to contemplate, what a private company decides to do as a consequence of their information is not really 'abuse'. (How they get that information in the first place, however, could be.) Blanc From blancw at pylon.com Wed Sep 7 22:38:22 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Wed, 7 Sep 94 22:38:22 PDT Subject: Social punishment 1/3: law without enforcers Message-ID: <199409080538.WAA25992@deepthought.pylon.com> Responding to msg by rishab: The system of social punishment can easily be adapted to educated, liberal inhabitants of cyberspace, much more easilty than can present law enforcement systems. My next post will examine the similarities between tribal and cyberspatial society. ........................................................ I don't know yet what you are going to say about the similarities between tribal & cyberspatial societies, but one thought which immediately struck me in your sentence is that you are putting two very different ideas of society into the same category. The associations which occur in cyberspace are not like the ones which occur in the physical plane. The expectations are different - you don't expect to live with these other people in close proximity, you don't expect to identify with them as a group in the same way, you are not going to get the same benefits on a daily basis or even an extended time period, as you might from those with whom you interact on more than one level or kind of contact. I personally don't see interactions in cyberspace as constituting a 'society', even if they are 'social'. Maybe a drive-by society. Maybe drive-by law enforcement. :>) Blanc From blancw at pylon.com Wed Sep 7 22:39:21 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Wed, 7 Sep 94 22:39:21 PDT Subject: NYT Fears Cypherpunks Message-ID: <199409080538.WAA25984@deepthought.pylon.com> Responding to msg byJohn E. Kreznar: More useful than the rulers-ruled division is the division into those who gratuitously accept the benefits of government (usually without even realizing that this is why government gets so big), and those who scrupulously avoid gratuitous involvement with government. The latter are an infinitesimal fraction who are being overwhelmed by the former. ................................................................. .......... The latter must find a way to live their way in spite of the rest of them. It's the individual against the mindless State, you know. (or the Mindless Condition) Blanc From hart at chaos.bsu.edu Thu Sep 8 00:29:43 1994 From: hart at chaos.bsu.edu (Jim Hart) Date: Thu, 8 Sep 94 00:29:43 PDT Subject: Privacy regulations In-Reply-To: <199409072314.QAA17630@netcom7.netcom.com> Message-ID: <199409080729.CAA20260@chaos.bsu.edu> > I won't go into the many issues here, as this is an ideological > digression. Cypherpunks understand that laws won't protect their privacy. > Timothy C. May | Crypto Anarchy: encryption, digital money, There is a central contradiction running through the dabase regulations proposed by many so-called "privacy advocates". To be enforceable they require massive government snooping into database activities on our workstatins and PCs, especially the activities of many small at-home businesses (such as mailing list entrepreneurs who often work out of the home). Thus, the upshot of these so-called "privacy" regulations is to destroy our last shreds of privacy against government, and calm us into blindly letting even more of the details of our personal lives into the mainframes of the major government agencies and credit reporting agenices, who if they aren't explicitly excepted from the privacy laws (as is common) can simply evade them by using offshore havesn, mutual agreements with foreign investigators, police and intelligence agencies. If cypherpunks contribute nothing else we can create a real privacy advocacy group, advocating means of real self-empowerment, from crypto to nom de guerre credit cards, instead of advocating further invasions of our privacy as the so-called privacy advocates are now doing! The first political lobbying task of any real privacy advocacy group should be pushing for the reissue of Lotus Marketplace. A "privacy" group that works to keep the public misinformed about the information we are giving out, at the same time increasing the detail of government snooping of our private commerical data, itself displays the kind of bovine bliss that is the most dangerous threat to our privacy, and ultimately our freedom. Jim Hart hart at chaos.bsu.edu From hart at chaos.bsu.edu Thu Sep 8 00:53:28 1994 From: hart at chaos.bsu.edu (Jim Hart) Date: Thu, 8 Sep 94 00:53:28 PDT Subject: Introduction: Telephone traffic analysis In-Reply-To: <199409080043.RAA27552@netcom7.netcom.com> Message-ID: <199409080753.CAA20933@chaos.bsu.edu> This is a good argument for using e-mail digital mixes for even routine communications, and eschewing house-to-house phone conversations with one's closest associates. Here are some other alternatives: + Use public phones with transferable phone cards + Phone redialing services + Call large numbers of wrong numbers from your home phones. This is easy to do with a modem script, but might be hard to arrange so that you don't run up the phone bill or annoy lots of people. Jim Hart hart at chaos.bsu.edu From j.hastings6 at genie.geis.com Thu Sep 8 05:13:55 1994 From: j.hastings6 at genie.geis.com (j.hastings6 at genie.geis.com) Date: Thu, 8 Sep 94 05:13:55 PDT Subject: Karl Hess Club-L.A. area Message-ID: <199409081213.AA294876386@relay2.geis.com> -----BEGIN PGP SIGNED MESSAGE----- "Extremism in the defense of liberty is no vice, and let me remind you, moderation in the pursuit of justice is no virtue." -- Karl Hess Libertarian, anti- and pro-Party, joint meeting: VAN NUYS (the Valley) CALIFORNIA U-S-A- ------------------------------------------------ The following text was written by SEK3: --- T H E K A R L H E S S C L U B --- invites you to our fourth meeting on Monday, September 19, 1994 Joseph Miranda asks us, COUP D'ETAT, U.S.A.? Soon? And...So What? Seven Days in May. Now, The Enemy Within. Is a military takeover of these United States still a possibility? Can it happen here? And...who would care? Would a dictatorship be worse than democratic oppression? Would State trains...or buses...run on time? Could more be privatized? Come and find out. Feel free to join in the...interrogation! MC for 4: Mike Everling TIMES: 7pm dinner. 8 pm Libertarian Party presentation. 8:15 announcements 8:30 pm Joseph Miranda speaks! PLACE: Van Nuys Dugout, 14032 Oxnard Street 1 block from Hazeltine, in the Valley, at last. (p.15, E6, Old Thomas Brothers, says Mike). Or call Dugout at (818) 780-9458. DINNER: $12 each, includes soup or salad, garlic bread, coffee or iced tea, and a potato (baked or fried) (except with first entree choice) and one of four entrees: Spaghetti with meatballs, Fried Chicken, Fried Filet of Sole, or Acapulco Special (ground beef, cheese, onions & ortega pepper). Dessert extra. Full bar at hand. No charge for presentations only, of course. BUSES: The 420 is the most frequent, all-night bus in the Valley, running all the way downtown. NEXT MONTH: Oktoberfest -- and Elections! Kent - j.hastings6 at genie.geis.com Ham radio AX25: WA6ZFY @ WB6YMH.#SOCA.CA.USA.NA -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLm6XFzQYUX1dU7vxAQGutQQAvoNqZ214bQM3r+ECEF4TaoRJusOB9eLk UiC4PWVyaSuL4Yd4gp45pzRGGxW5sp9oNMXtEkQottGoBdNRGkwXYEyKUfVB9MvZ Tymc9yaGAvDr24vP4XIRXEf33tITS0KkYDf/qO7Ozv/fT2j2zS+7SOgDH4jp5brc y2VLs5uFX3Y= =xueN -----END PGP SIGNATURE----- From pckizer at tamu.edu Thu Sep 8 09:44:17 1994 From: pckizer at tamu.edu (Philip Kizer) Date: Thu, 8 Sep 94 09:44:17 PDT Subject: Al Gore's home page In-Reply-To: <34lbaq$eci@bb.com> Message-ID: <27196.779042547@gonzo> >>> Why can't politicians stay away from stuff they don't understand? >>> Because that would mean that they have to stay away from everything. *Grin* >>I would be much more frightened if they did fully understand. Yep..."Never attribute to malice..." and all that. >Actually, what's frightened me the most about this administration is >that they have half a clue; And they seem to be willing to learn, if >only by making mistakes that affect the rest of us. >Gore's always kept up on technical issues, but hasn't actually lived >them, and that's the problem: the routine use of the technology changes >your POV far more than reading the specs. It looks like the work of a "Kristian 'Kris' Chubb", rather than Al Gore, but check out: http://www.npr.gov/ it's got several pictures of Gore (sitting at a computer with his ultra serious expression, no less), and a voice intro by him. (sunsite.unc.edu seems to not be answering if you cannot follow some links) -philip ____________________________________________________________ Philip Kizer ___ Texas A&M CIS Operating Systems Group, Unix fnord pckizer at tamu.edu "Relying on the government to protect your privacy is like asking a peeping tom to install your window blinds." -John Perry Barlow, EFF co-founder From jdwilson at gold.chem.hawaii.edu Thu Sep 8 09:48:09 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Thu, 8 Sep 94 09:48:09 PDT Subject: AIDs testing and privacy In-Reply-To: Message-ID: On Wed, 7 Sep 1994, Jamie Lawrence wrote: > Another example- A Lyndon LaRouche type could get elected. > (I personally don't have enough faith in the Folk At Large > not to hand someone like that power) "Starting tomorrow, > all Hawiian Citizen Units will begin moving to the mainland. > Some of the smaller islands have been cleared, and HIV+ > units are being relocated as this address is being broadcast..." AUWE! What a way to get the heart pumping in the morning - remember that this has happenned twice here: once sending victims of Hanson's Disease to Moloka'i, and again to send our Japanese-Americans to the mainland... -NetSurfer #include standard.disclaimer >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From tcmay at netcom.com Thu Sep 8 10:42:55 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 8 Sep 94 10:42:55 PDT Subject: Privacy regulations In-Reply-To: <199409080729.CAA20260@chaos.bsu.edu> Message-ID: <199409081742.KAA13522@netcom7.netcom.com> Jim Hart writes: > > digression. Cypherpunks understand that laws won't protect their privacy. > > > Timothy C. May | Crypto Anarchy: encryption, digital money, > > There is a central contradiction running through the dabase regulations > proposed by many so-called "privacy advocates". To be enforceable > they require massive government snooping into database activities > on our workstatins and PCs, especially the activities of many > small at-home businesses (such as mailing list entrepreneurs > who often work out of the home). Exactly. The "principle of locality" is violate when people demand that _others_ not keep certain records, diaries, files, etc. If something is worth keeping secret, keep it secret! The "Data Privacy Laws" of several European nations are especially brain-damaged in their unenforceability (not that "enforceability" is something I want to see, but an unenforceable law is generally bad and leads to capricious situations). > Thus, the upshot of these so-called "privacy" regulations is to > destroy our last shreds of privacy against government, and > calm us into blindly letting even more of the details of our personal > lives into the mainframes of the major government agencies and > credit reporting agenices, who if they aren't explicitly excepted > from the privacy laws (as is common) can simply evade them by using > offshore havesn, mutual agreements with foreign investigators, police > and intelligence agencies. "Calm us into..." is a very good description. Most privacy laws create the comforting illusion that the government is protecting our privacy, all as it is eroded by corporate-government "deals." (The examples people have cited here: states that require personal data for driver's license's, then _sell_ the data bases to private firms!) > If cypherpunks contribute nothing else we can create a real > privacy advocacy group, advocating means of real self-empowerment, > from crypto to nom de guerre credit cards, instead of advocating > further invasions of our privacy as the so-called privacy advocates > are now doing! > > The first political lobbying task of any real privacy advocacy group > should be pushing for the reissue of Lotus Marketplace. A > "privacy" group that works to keep the public misinformed about > the information we are giving out, at the same time increasing > the detail of government snooping of our private commerical data, > itself displays the kind of bovine bliss that is the most dangerous > threat to our privacy, and ultimately our freedom. Yes, Mark Miller made the same points about Lotus Marketplace (a CD-ROM of government data on phone numbers, zip codes, etc.--never released because "privacy advocates" rasied an uproar) in a interview in the zine "Extropy" a couple of years back. The illusion of privacy is deemed preferable to actual privacy. (Actual privacy could be increased very easily by simply reducing the number of "permission slips" that people are obligated by law to show in various transactions. Lots of ways to do this. Suffice it to say that our credential-happy society is getting very little real benefit for demanding credentials at every turn and is instead providing precise dossier material for those who keep dossiers. Shudder.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From doug at OpenMind.com Thu Sep 8 10:46:42 1994 From: doug at OpenMind.com (Doug Cutrell) Date: Thu, 8 Sep 94 10:46:42 PDT Subject: AIDS testing and privacy Message-ID: Tim May writes on the subject of racist hiring practices: >(It's also part of Libertarianism 101 that such a company would not >likely do well in this day and age. Before you cite America's racist >past, read up on who it was that enforced segregation. Hint: not the >corporations. Ditto for South Africa (the "other" RSA), where the >Apartheid Laws came into being because companies were looking to hire >blacks and coloreds to fill job position, and the whites didn't like >that much.) I'm not sure I buy this argument... who is it that "enforces" discrimination based on sexual orientation, today? If sexual orientation is a matter of status, rather than choice, then this form of discrimination is analogous to racism. Would you suggest that employers that refuse to hire homosexuals are simply bowing to the pressures of society at large? Unlike Apartheid, there are no laws that *enforce* discrimination based on sexual orientation (at least in the USA). In a fundamental situation of conflict between two entities, I agree that "anything goes", in the spirit of voluntary interactions between two entities. In the case of a conflict between a small number of large, powerful entities (corporate employers) and a vast number of small, powerless entities (the employment pool), I don't see how you can argue that this vast horde should not team up and utilize whatever means to achieve an advantage over the few in power. Today and in the future, "power" may reside increasingly in economic positioning. Thus, the power of the many individuals vs. the power of the few corporate entities may derive largely from their collective voice in the social conventions of society at large, which ultimately derives power from the tax base of the society at large. As long as these social conventions (and the tax base that empowers them) is in place, I see nothing wrong with the "voluntary interaction between individuals" which consists of banding together to pass, and enforce, laws in favor of the goals of these individuals. This is the basis of democracy. Along a similar vein, Blanc Weber writes: >... just remember in the real world no one is required >to be kind. If some hospital or company makes a decision to >deny service for whatever reason they justify to themselves, >it's their call as long as they are not owned by the State. In the real world, the voting public is not required to be kind to the hospital or the company, either. If a large political block can put into place structures (laws and enforcement) which effectively provide coercion against such denials of service, this is fair play as well. Doug ___________________________________________________________________ Doug Cutrell General Partner doug at OpenMind.com Open Mind, Santa Cruz =================================================================== From tcmay at netcom.com Thu Sep 8 11:12:31 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 8 Sep 94 11:12:31 PDT Subject: AIDS testing and privacy In-Reply-To: Message-ID: <199409081812.LAA16740@netcom7.netcom.com> Doug Cutrell writes: > Tim May writes on the subject of racist hiring practices: > > >(It's also part of Libertarianism 101 that such a company would not > >likely do well in this day and age. Before you cite America's racist > >past, read up on who it was that enforced segregation. Hint: not the > >corporations. Ditto for South Africa (the "other" RSA), where the > >Apartheid Laws came into being because companies were looking to hire > >blacks and coloreds to fill job position, and the whites didn't like > >that much.) > > I'm not sure I buy this argument... who is it that "enforces" > discrimination based on sexual orientation, today? If sexual orientation > is a matter of status, rather than choice, then this form of discrimination > is analogous to racism. Would you suggest that employers that refuse to Personally, I don't tell other people who they can hire to babysit their kids, who they can hire to paint their house, who they can hire as fitness instructors, who they can hire as design engineers, etc. Neither who they _can_ hire, nor who they _must_ hire. So from this premise the answers are pretty clear. > hire homosexuals are simply bowing to the pressures of society at large? > Unlike Apartheid, there are no laws that *enforce* discrimination based on > sexual orientation (at least in the USA). > > In a fundamental situation of conflict between two entities, I agree that > "anything goes", in the spirit of voluntary interactions between two > entities. In the case of a conflict between a small number of large, > powerful entities (corporate employers) and a vast number of small, > powerless entities (the employment pool), I don't see how you can argue > that this vast horde should not team up and utilize whatever means to > achieve an advantage over the few in power. I don't buy the "small, powerless entity" vs. "large, powerful entity" argument. When I, for example, deal with Safeway or Apple, the dollars in my pocket are as important to _them_ as what they provide is as important to _me_. We are, in an important sense, entering the transaction with essentially equal powers. (It is true that I have very little influence over their choice of Snapple flavors, or over their design choices for new Macs, but so what? The don't have much influence over me, either.) The belief that when a business reaches a certain size it suddenly becomes a "large, powerful entity" that warrants control by "the people" is wrong-headed. Many nations have tried that route. (Off on a tangent: In the example I cited, South African corporations were actively hiring blacks and colored in the 1940s--it was _government_ that stepped in an implemented the Apartheid Laws. When governments set corporate policies, expect things like this. You can translate the examples to whatever policies on hiring gays, women, etc., are fashionable. In countries today, the official policies are not conducive to hiring women, for example, regardless of their merit or of the companies' desire.) > Today and in the future, "power" may reside increasingly in economic > positioning. Thus, the power of the many individuals vs. the power of the > few corporate entities may derive largely from their collective voice in > the social conventions of society at large, which ultimately derives power > from the tax base of the society at large. As long as these social > conventions (and the tax base that empowers them) is in place, I see > nothing wrong with the "voluntary interaction between individuals" which > consists of banding together to pass, and enforce, laws in favor of the > goals of these individuals. This is the basis of democracy. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Democracy in its current populist form, indeed. That's why strong crypto is needed to undermine this herd notion of democracy. "On the Net no one knows you're a dog." --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From raph at CS.Berkeley.EDU Thu Sep 8 11:56:38 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Thu, 8 Sep 94 11:56:38 PDT Subject: PGP mail netiquette Message-ID: <199409081857.LAA12071@kiwi.CS.Berkeley.EDU> I've been thinking about the netiquette of sending PGP mail messages to people, especially "people you've never met." There are some people who publicize the existence of their PGP public key in their .sig or .plan or whatever, but do not like to actually receive PGP encrypted mail because it is such a hassle to decode. Others, like myself, have PGP integrated in their mail, so it's no problem. I would be quite pleased if every single piece of email I received was PGP-encrypted. How to tell us apart? I've placed the line "PGP encrypted mail is very welcome!" into my .plan. Others who have automated mail decryption, or who just like typing PGP command lines, might find it useful to do something similar. Just my $2E-2. Raph -- Raph Levien raph at cs.berkeley.edu PGP encrypted mail is very welcome! -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.3a mQA9Aitm+zMAAAEBfiyEycCjO+sar1wmxy2RkCBjyr5+4JH/u5DLOvfLHsguqKB5 TwdxjrRkbio+Q+cdiQAFEbQoUmFwaGFlbCBMLiBMZXZpZW4gPHJhcGhAY3MuQmVy a2VsZXkuRURVPg== =jc6E -----END PGP PUBLIC KEY BLOCK----- From Gerald.R.Martinez at att.com Thu Sep 8 12:31:59 1994 From: Gerald.R.Martinez at att.com (Gerald.R.Martinez at att.com) Date: Thu, 8 Sep 94 12:31:59 PDT Subject: Zmail PGP mail netiquette In-Reply-To: <199409081857.LAA12071@kiwi.CS.Berkeley.EDU> Message-ID: <9409081329.ZM5083@dr.att.com> Any Zmail users out there with nifty PGP encrypt/decrypt scripts they are willing to share? Curious, -- gerald.r.martinez at att.com / grmartinez at attmail.att.com / att!drmail!grm @ AT&T GBCS Bell Labs, Denver (303) 538-1338 @ WWW: http://info.dr.att.com/~grm/info.html & life is a cabernet ...o&o ))) From pjm at gasco.com Thu Sep 8 12:32:24 1994 From: pjm at gasco.com (Patrick J. May) Date: Thu, 8 Sep 94 12:32:24 PDT Subject: AIDS testing and privacy In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Doug Cutrell writes: [ . . . ] > > I see > nothing wrong with the "voluntary interaction between individuals" which > consists of banding together to pass, and enforce, laws in favor of the > goals of these individuals. So long as the enforcement is limited to those who agreed to the laws and goals, neither do I. You are suggesting that it is acceptable for these individuals to use force to make others accept those goals. Hardly "voluntary interaction between individuals". - ------------------------------------------------------------------------ A contract programmer is always intense. Patrick May pjm at gasco.com (public key available from servers) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLm9mlxByYwhWPvz1AQH+PgP/SoUKX8u/cvMBHjhbgfdEc4uH6Rqz6ddD euK1Ob3PX6n2p6Eo3Wigw5areYCSmJecUESARDAuuGFc3rzbPZRSR6S3XnYoBkJk O2T1mVAHkY2EafaeGBUt9XesqTg9SC8nGYX8sK3FkpOt/AsWQF1tvECfWWK+XYJ1 K7Iza9blfCA= =pjes -----END PGP SIGNATURE----- From adam at bwh.harvard.edu Thu Sep 8 13:04:03 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Thu, 8 Sep 94 13:04:03 PDT Subject: Privacy regulations In-Reply-To: <199409081742.KAA13522@netcom7.netcom.com> Message-ID: <199409082002.QAA07020@freud.bwh.harvard.edu> Tim writes: | (Actual privacy could be increased very easily by simply reducing the | number of "permission slips" that people are obligated by law to show | in various transactions. Lots of ways to do this. Suffice it to say | that our credential-happy society is getting very little real benefit | for demanding credentials at every turn and is instead providing | precise dossier material for those who keep dossiers. Shudder.) On a happy note, when I switched to MCI recently, they asked for my socialist security number, but the person had no problem at all not getting it. Yes, it would be nice for them not to ask at all, but I didn't even have to raise my voice when declining to provide it. Adam From cactus at bb.com Thu Sep 8 13:36:43 1994 From: cactus at bb.com (L. Todd Masco) Date: Thu, 8 Sep 94 13:36:43 PDT Subject: Fwd: FBI RAIDS SMALL MICHIGAN RPG COMPANY Message-ID: <199409082041.QAA19146@bb.com> Interesting tidbit, forwarded to me by a friend. ------- Start of forwarded message ------- From: tucholka at aol.com (Tucholka) Newsgroups: rec.games.frp.announce Subject: FBI RAIDS SMALL MICHIGAN RPG COMPANY Date: 7 Sep 1994 13:09:02 -0400 Organization: America Online, Inc. (1-800-827-6364) OK, there have been some wild rumors about the FBI raid on Tri Tac Games just after GENCON. Lets set them straight. FBI RAIDS SMALL GAME COMPANY PRESS RELEASE At 10am Tuesday morning, August 23rd, a special tactical team from the FBI gained swift and overwhelming entry into the corporate offices of Tri Tac Games in Pontiac Michigan to the great surprise of the entire staff who were still sipping coffee. Richard Tucholka, owner and president of Tri Tac, was duly informed of his rights as the squad of federal agents neatly and politely searched the offices of Tri Tac claiming to be looking for 'phony FBI Identification Badges' and 'Illicit government operation manuals.' It is to be noted that Tri Tac Games publishes an award-winning Role-Playing Game called Bureau 13, detailing the adventures of a secret division of the FBI which uses magic and Harrier Jump Jets to defend America from supernatural criminals and monsters. After painstakingly searching everything from the yet-to-be released CD ROM computer game version of Bureau 13, through the paperback copies of the Cult -hit novels from Ace Books in New York, absolutely nothing incriminating or illegal was discovered-- an incident close to the precedent setting invasion of Steve Jackson Games a few years ago by the US secret service which resulted in a major lawsuit rightfully won by the innocent game company. In preparation for another government visit, Mr. Tucholka has informed his lawyer, alerted the media, and set an extra pot of coffee to brew for the agents if they return. **************** Yes, it happened. No kidding. Apparently some fool at GENCON thought a $1 double sized Plastic ID badge on flaming orange and pink paper was a threat to national security. These badges were given to players of Bureau 13 as promotional material. **************** The agents were professional and Tri Tac cooperated with them. Computers were not touched (It is a federal law that a writers 'Works in Progress' may not be taken.) They removed plastic Bureau 13/FBI ID badges from a display shelf and versions of a Department of Justice ID badge produced by Databank Press. On Thursday the 25th Richard Tucholka was informed that the Federal Prosecutor would not be pressing charges for the badges because there was no malice or intent in their production. There would be a file established at the FBI with these badge examples for future reference. He was instructed to send in all production copies and masters as well as destroy the ID Badge Computer Graphics file in question. Richard Tucholka shook his head and said "Only an idiot could think these badges were real. Wonderful to see my tax dollars at work." And that's the story. 8) From broadley at turing.ucdavis.edu Thu Sep 8 13:53:22 1994 From: broadley at turing.ucdavis.edu (Bill Broadley) Date: Thu, 8 Sep 94 13:53:22 PDT Subject: timestamps Message-ID: <9409082050.AA03775@turing.ucdavis.edu> I heard that timestamp at lorax.MV.COM was down and/or notworking. My recent ping worked, I received a PGP signed copy of my message back after about 24 hours. -- Bill Broadley Broadley at math.ucdavis.edu UCD Math Sys-Admin Linux is great. http://ucdmath.ucdavis.edu/~broadley PGP-ok From tcmay at netcom.com Thu Sep 8 17:00:11 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 8 Sep 94 17:00:11 PDT Subject: Privacy regulations In-Reply-To: <199409082002.QAA07020@freud.bwh.harvard.edu> Message-ID: <199409082330.QAA02207@netcom12.netcom.com> Adam Shostack writes: > On a happy note, when I switched to MCI recently, they asked > for my socialist security number, but the person had no problem at all > not getting it. Yes, it would be nice for them not to ask at all, but > I didn't even have to raise my voice when declining to provide it. > Actually, they don't even need to ask for it anymore....it's attached to so many _other_ things that pop up when they enter your name that it's a moot point. In other words, the same dossiers that allow the credit card companies to send you "preapproved credit cards" every few days are the same dossiers that MCI, Sprint, AT&T, etc. are using to sign you up. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From vznuri at netcom.com Thu Sep 8 17:02:57 1994 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Thu, 8 Sep 94 17:02:57 PDT Subject: internet pricing paper Message-ID: <199409082316.QAA11013@netcom2.netcom.com> Hope that this is new to everyone here-- === \\ Paper: ewp-comp/9401001 From: Hal Varian Date: Tue, 18 Jan 94 14:58:07 -0500 Title:Some Economics of the Internet Author:Jeffrey K.~MacKie-Mason Hal R. Varian Institution: University of Michigan, Dept of Economics WPA References: None Comments: Postscript file submitted via ftp in compressed format. \\ This is a preliminary version of a paper prepared for the Tenth Michigan Public Utility Conference at Western Michigan University March 25--27, 1992. We describe the history, technology and cost structure of the Internet. We also describe a possible smart-market mechanism for pricing traffic on the Internet. \\ \\ Paper: ewp-comp/9401002 From: Hal Varian Date: Tue, 18 Jan 94 15:00:22 -0500 Title:Pricing the Internet Author:Jeffrey K.~MacKie-Mason Hal R. Varian Institution: University of Michigan, Dept of Economics WPA References: None Comments: Postscript file submitted via ftp in compressed format. \\ This paper was prepared for the conference ``Public Access to the Internet,'' JFK School of Government, May 26--27 , 1993. We describe some of the technology and costs relevant to pricing access to and usage of the Internet, and discuss the components of an efficient pricing structure. We suggest a possible smart-market mechanism for pricing traffic on the Internet. \\ The easiest way to locate these papers is to do a Veronica search on the string "Economics of the Internet". If you can only handle ftp, the documents are archived on the anonymous ftp server in the Department of Economics at Washington University. ftp:econwpa.wustl.edu:/econ-wp/comp/papers/9401 The two papers whose abstract appears above are in compressed postscript form as, 9401001.ps.Z and 9401002.ps.Z From alano at teleport.com Thu Sep 8 18:27:46 1994 From: alano at teleport.com (Alan Olsen) Date: Thu, 8 Sep 94 18:27:46 PDT Subject: CONTROL FREAKS (nee, AIDs testing and privacy) Message-ID: <199409090127.SAA12377@teleport.com> >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > SANDY SANDFORT > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . > >C'punks, > >In response to Duncan's post which said, in part, that developing >countries could not afford totalitarianism, Alan Olsen opined: > > The nature of control freaks is that they ignore the > actual costs of their actions.... Do they really think > of the financial costs associated every little decision > designed to control our lives? The true concern is > *POWER*... > >Well to paraphrase Star Trek's Scotty, "They canno' change the >laws of economics." What would-be totalitarians want, and what >they can get, are two different things. The massive Soviet Union >took three-quarters of a century to grind to a halt. It would >have been much quicker, but for the Czar's strong agricultural >and burgeoning industrial base, "liberated" German technology, >the absorption of richer, more savvy Eastern Bloc countries and >massive infusions of capital, food and technology from the West. But it is also the case that industrial countries, when they fall on hard times tend to fall back on an authoritarian "bread and circuses" approach to governing. Fascism in 1930's Germany was one such govenment. The current government was unable to deal with the financial and social problems and so reactionary elements were able to seize control of the government and impose their own brand of totalitarianism. (Remember that Hitler was elected.) I think that this country is ripe for such a movement. We have a number of groups that are ripe for scapegoating. We have the economic conditions (although this seems to be changing for the better...). We have the control freaks just wating to gain the power and more waiting in the wings. They have the money and they have the technology. And they have a population that is willing to give up alsmost any right to gain "security". > >The underdeveloped countries, on the other hand, don't even have >"seed corn" to eat--unless we give it to them. Let them try to >go down the totalitarian road; if they do, they are doomed to >self-destruct. > >History and technological progress are on our side. There will >be some temporary, local setbacks in the coming years, and have >some mopping up to do, but we've already won. Don't be too smug yet... There are people in power who have not figured out that totalitarian states cannot survive. (They also do not seem to care about the long run.) All they are concerned about is making people follow their rules under their conditions. Logic and reason have nothing to do with the "thought patterns" of these people. Besides, it is not their money they are spending on this. It is yours. As far as I have been able to determine, the only thing that you can do with a control freak is to kill him before he obtains any position of power. (Or wrap him in duct tape and feed him lots of Thorazine(tm).) /========================================================================\ |"I would call him a Beastialic Sadomasochistic | alano at teleport.com | |Necrophile but that would be beating a dead | Disclaimer: | |horse." -- Teriyaki (What's up Tiger Lily?) | As if anyone cares! | \========================================================================/ From MJMISKI at macc.wisc.edu Thu Sep 8 18:33:17 1994 From: MJMISKI at macc.wisc.edu (Matthew J Miszewski) Date: Thu, 8 Sep 94 18:33:17 PDT Subject: Title VII v. Liberty Message-ID: <24090820325010@vms2.macc.wisc.edu> Granted I deleted about 1000 messages before starting to follow the thread (tangental at best to crypto...) but... Title VII of the CRA covers the already illegal actions of Tim's hypothetical firm refusing to hire Blacks. Granted Tim firmly believes this kind of law is a bad idea, but nonetheless it is the law. To avoid the flame, yes I am wel versed in Libertarian ideals, save it, i already subscribe. As to sexual orientation, um no federal law protects the class. And yet magic- ally, massive discrimination exists. This is a natural result of the condition of falesly free markets. To those involved with Libertarian causes, a free market player in this example would openly admit that th basis of orientation, but they dont. They also hide their racist activities. I in no way suggest all corp's are involved in this activity but if you deny it exists Id like to live in your world. Sometimes intervention works. Granted, usually it does not. But removing the regs now would work to do one thing - perpetuate the past effects of discriminatory intent in today's world. Flame on! - Matt ______________________________________________________________________________ In defense of liberty, encrypt for all purposes, civil and professional. In defense of privacy, encrypt all correspondence, personal and professional. In defense of sanity, do not encrypt your dry cleaning invoice! ++++++++--------mjmiski at macc.wisc.edu (c)1993 From frissell at panix.com Thu Sep 8 18:44:18 1994 From: frissell at panix.com (Duncan Frissell) Date: Thu, 8 Sep 94 18:44:18 PDT Subject: AIDS testing and privacy Message-ID: <199409090143.AA16733@panix.com> At 10:41 AM 9/8/94 -0700, Doug Cutrell wrote: >In a fundamental situation of conflict between two entities, I agree that >"anything goes", in the spirit of voluntary interactions between two >entities. In the case of a conflict between a small number of large, >powerful entities (corporate employers) and a vast number of small, >powerless entities (the employment pool), I don't see how you can argue >that this vast horde should not team up and utilize whatever means to >achieve an advantage over the few in power. You mean mass executions of "corporate officers" for example if the 'peepul' felt like it. Last time I looked there were millions of employers (not a small number) and the average size of companies was declining. >Today and in the future, "power" may reside increasingly in economic >positioning. Thus, the power of the many individuals vs. the power of the >few corporate entities may derive largely from their collective voice in >the social conventions of society at large, which ultimately derives power >from the tax base of the society at large. You seem to think that the power of corporations -- which consists in the cases cited merely of refusing to hire or deal with certain people -- is the same as the power of a "democratically appointed" armed force. This armed force is to bash down doors to force these evil corporations into an association with people they would rather not associate with. In other words non-violent "refusal to deal" by corporations is *evil* while armed breaches of the peace by law enforcement (including shooting resisters) is *good*. Not a very "humanistic" perspective. Note too that anti-discrimination laws also punish small powerless entities (individuals) who discriminate not just massive corporations. And what law protects those who the "peepul/government" don't like from discrimination. As a member of a hated minority (crypto anarchists) I'd rather take my chances on an open market than risk official discrimination by the state. Mercifully, the technology we are developing will allow everyone who cares to to decline to participate in this coercive allocation of power. DCF From meconlen at IntNet.net Thu Sep 8 21:03:39 1994 From: meconlen at IntNet.net (Michael Conlen) Date: Thu, 8 Sep 94 21:03:39 PDT Subject: Privacy regulations In-Reply-To: <199409082002.QAA07020@freud.bwh.harvard.edu> Message-ID: > On a happy note, when I switched to MCI recently, they asked > for my socialist security number, but the person had no problem at all > not getting it. Yes, it would be nice for them not to ask at all, but > I didn't even have to raise my voice when declining to provide it. They have your current name and current address... ...anyone who has worked with credit reporting services can tell you that thoes two things are enough to get your Social Security number. The person getting the informaiton may have already had the number in front of her. With your name and address someone can find out what your date of birth is. In many states that is enough for a drivers licens... ...name and dob... ...anyway they also have your SSN and everyone you have owed money to in the last ten years. From your Drivers licens the story goes on. Groove on dude Michael Conlen From blancw at pylon.com Thu Sep 8 22:22:12 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Thu, 8 Sep 94 22:22:12 PDT Subject: Mandated Forfeiture Message-ID: <199409090522.WAA10477@deepthought.pylon.com> Responding to msgs by: Jim Hart: Thus, the upshot of these so-called "privacy" regulations is to destroy our last shreds of privacy against government, and calm us into blindly getting even more of the details of our personal lives into the mainframes of the major government agencies and credit reporting agenices........ Timothy C. May: . . . . Suffice it to say that our credential-happy society is getting very little real benefit for demanding credentials at every turn and is instead providing precise dossier material for those who keep dossiers. ................................................................. ..... The regulations regarding privacy and the demands for them by the 'credential-happy' society leaves me with the impression that this phenomena has the role of acting as substitute for something, as any time that the voting public makes demands from the big G it indicates a need to compensate for a sense of inadequacy relative to some area of their social co-existence. In this case it is as though the demand for personal information & credentials replaces sensitivity to, & understanding of, human nature. As services become more automated the opportunity for human contact is diminished, while the need to certify the verity of remote data becomes more critical. When the information has been centralized, it has the effect of displacing personal responsibility away from the individual up to the State, as the State becomes the official keeper of the data. And how else could the governors be expected to fulfill their obligation of keeping the peace and general welfare, if they cannot gather & keep information on all their remote & moving targets? When the centralized databank gatherers have the required info, then the general populace expects to feel safe that everyone can be dealt with - by their Official Caretakers, sinced it cannot be done by themselves. ("I don't know you, but I can still keep track of you and therefore keep you under control, if you get out of hand.") These things self-perpetuate: the more that one group gives it up, the more that the other takes it up & away; the more inadequate that those who abdicate from responsibility feel, the more they look to their governors to substitute their overriding supervisory powers. The less that the governed exercise their abilities to know themselves and each other, the less capable they become in the art of doing so, and the more convinced they become of the necessity for mandated forfeiture of personal data. When you don't live by reason, you must live by recourse to coercion. Blanc From blancw at pylon.com Thu Sep 8 22:22:13 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Thu, 8 Sep 94 22:22:13 PDT Subject: Kindness & the Voting Public Message-ID: <199409090522.WAA10473@deepthought.pylon.com> Responding to msg by Doug Cutrell: In the real world, the voting public is not required to be kind to the hospital or the company, either. If a large political block can put into place structures (laws and enforcement) which effectively provide coercion against such denials of service, this is fair play as well. ................................................................. All's fair in love and war. But how many of the voting public does it take to squeeze blood out of a turnip? (i.e. create something from nothing?) Before the voting public which bands together can coerce a service out of some corporate entity, there must first be a Provider in existence. This Provider most probably would not have materialized miraculously out of the good intentions of the State but would had to go through all the time and trouble of gathering the ideas, the resources, and the manpower to make their services available to customers. Once the corporation, that enterprise, that commerical entity, had been created and constructed - once the building was in place, the system set up along with the required equipment, and all of the administrative functions had been set in motion, *then* the voting public would have an object for their attention; they could come together and attempt to take over the operation and coerce the Provider into delivering the benefits indiscriminately to everyone. They could probably even conspire to have this service for free. They might even succeed in accomplishing it, and maybe it would work for a bit. But I don't know how long Providers could survive without remuneration, in the real world, nor how long they would tolerate the image of themselves as Slaves to the Voting Public. Blanc From dave.hodgins at canrem.com Thu Sep 8 22:29:27 1994 From: dave.hodgins at canrem.com (Dave Hodgins) Date: Thu, 8 Sep 94 22:29:27 PDT Subject: The only? CRS cypberpunk? Message-ID: <60.12715.6525.0C1AE6F1@canrem.com> Am I the only subscriber of crs, that is interested in privacy? Over the last few months, when the addressee list got wiped, I seemed to be the only person complaining, about the lack of message traffic. (Thanks to the volume of the conferences I pick up, it took me over a week to notice the first time the list got wiped). I've made a point of uploading privacy orientated software, such as the latest versions of pgp, sfs, secure drive, secure device, to crs, when I've found such things, primarily through this list. Am I the only person on crs (currently advertised as around 9,500 subscribers), who is interested in privacy? If there are lurkers here, from crs, who would like me to continue to monitor for new software, and obtain/upload the software to crs, please let me know. Regards, Dave Hodgins, Toronto, Ontario, Canada. --- * RM 1.3 00820 * Internet:Dave.Hodgins at Canrem.com Rime->118 Fido(1:229/15) From jamesd at netcom.com Thu Sep 8 22:33:05 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 8 Sep 94 22:33:05 PDT Subject: CONTROL FREAKS (nee, AIDs testing and privacy) In-Reply-To: <199409090127.SAA12377@teleport.com> Message-ID: <199409090533.WAA04550@netcom3.netcom.com> Alan Olsen writes > But it is also the case that industrial countries, when they fall on hard > times tend to fall back on an authoritarian "bread and circuses" approach to > governing. Fascism in 1930's Germany was one such govenment. ... > ... > ... (Remember that Hitler was elected.) I > think that this country is ripe for such a movement. Not so. Fascism was a more sophisticated and coherent philosophy than you give it credit for. Hitler mass marketed a vulgarized mass market version to the ignorant unwashed masses, but this was only after the political romantic philosophies came to have substantial support among the intellectuals, and this philosophical support was translated into political support by intellectuals for the various volkish parties, one of which was the National German Socialist Workers party, which Hitler later joined and swiftly came to dominate. There really is no similar contender on the scene today. The fascists were able to take power only after the ideas that underly fascism had been growing in support and sophistication for three hundred years. When put into practice this system of ideas suffered a devastating setback, not only the particular form that we called fascism, but all forms. While a military dictatorship is possible, a military dictatorship that is not armed with good volkish philosophy is unlikely to be capable of doing much harm, because military dictatorships are continually and gravely threatened by loss of internal cohesion and discipline. A military takeover might well be a good thing. The soldiers could in the short term impose discipline on a corrupt and lawless government, and in the long term would profoundly weaken that which they sought to strengthen. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From hughes at ah.com Thu Sep 8 22:52:26 1994 From: hughes at ah.com (Eric Hughes) Date: Thu, 8 Sep 94 22:52:26 PDT Subject: ANNOUNCE: September meeting is Third Annual Cypherpunks Conference Message-ID: <9409090507.AA01473@ah.com> ANNOUNCEMENT ============ What: The Grotesquely Overnamed Third Annual Cypherpunks Conference When: Saturday, September 10, 1994 12:00 noon - 6:00 p.m. PDT Where: Silicon Graphics, Cafe Iris In the annual tradition of overblown announcements of the September Meeting, this greeting invites you to the Third Annual Cypherpunks Conference, Worldwide Media Event, Gala Schmooze Festival, and Anarchic Capitalist Celebration Banquet, all to be held at the usual date, the second Saturday of the month, at noon. Featured will be an overview of CRYPTO '94 with lots of good results including an experimentally attained known plaintext attack on DES, cryptanalysis of a chaos-linked telephone scrambler, and new and unproven hash functions. Join us! Eric ----------------------------------------------------------------------------- [Thanks to Katy Kislitzin for directions--EH] DIRECTIONS: Silicon Graphics, Inc. Building 5 (SGI Cafeteria) 2025 North Shoreline Boulevard Mountain View, CA >From 101 take Shoreline East. This is towards Shoreline Amphitheatre. It's also "logical east", and points more north that east. (That is, it's east with respect to 101 North, which points west near the exit.) If you're coming in on 101 South, you'll cross over the bridge. Continue on Shoreline and go past a whole bunch of other SGI buildings. Turn right onto Steirlin Court at the big red metal sculpture. There will be even more SGI buildings surrounding you--take note of the building numbers. Go almost to the end of this street. Building 5 is on the right. From andreas.elbert at gmd.de Fri Sep 9 03:03:12 1994 From: andreas.elbert at gmd.de (andreas.elbert at gmd.de) Date: Fri, 9 Sep 94 03:03:12 PDT Subject: AIDs testing and privacy Message-ID: >> After a few weeks, you call a 1-800 number, punch in your code >> (from the sticker) and you get a recording telling you if the test >> was negative. Or: After a few weeks, you tune into the evening news, and after the weather forecast, your code is broadcast (or not). i've heard this of Petersburg in GUSland. (do they have freephone numbers there ?) From frissell at panix.com Fri Sep 9 03:33:42 1994 From: frissell at panix.com (Duncan Frissell) Date: Fri, 9 Sep 94 03:33:42 PDT Subject: CONTROL FREAKS (nee, AIDs testing and privacy) Message-ID: <199409091031.AA06267@panix.com> >But it is also the case that industrial countries, when they fall on hard >times tend to fall back on an authoritarian "bread and circuses" approach to >governing. Fascism in 1930's Germany was one such govenment. The current >government was unable to deal with the financial and social problems and so >reactionary elements were able to seize control of the government and impose >their own brand of totalitarianism. Few note how much the world has changed since the 1930s, however. In order to be able to pay its secret police and welfare clients, the US government has to borrow about $12 Billion a *day* (averaging National Debt financing over time). In addition, the economy is depedent on quite a bit of domestic and foreign investment. A totalitarian takeover here would make financing this debt very difficult and cause capital outflows on a scale never before seen in human history. As James Carvil (sp?) (Slick Willie's campaign manager) says - "When I die, I want to be reincarnated as the Bond Market so everyone would be afraid of me." DCF Hillary to Bill: "Why don't you play a game of solitaire?" From matsb at sos.sll.se Fri Sep 9 04:23:59 1994 From: matsb at sos.sll.se (Mats Bergstrom) Date: Fri, 9 Sep 94 04:23:59 PDT Subject: AIDs testing and privacy In-Reply-To: Message-ID: > > all Hawiian Citizen Units will begin moving to the mainland. > > Some of the smaller islands have been cleared, and HIV+ > > units are being relocated as this address is being broadcast..." > > AUWE! What a way to get the heart pumping in the morning - remember that > this has happenned twice here: once sending victims of Hanson's Disease to > Moloka'i, and again to send our Japanese-Americans to the mainland... Actually, this points to a potential problem for anarchic societies. Suppose that HIV would spread by airborne droplets, like the flu. Then measures of isolation, like those stated here, would seem very adequate. But could such measures be taken without strong government? Mats From perry at imsi.com Fri Sep 9 06:13:30 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 9 Sep 94 06:13:30 PDT Subject: Title VII v. Liberty In-Reply-To: <24090820325010@vms2.macc.wisc.edu> Message-ID: <9409091313.AA26119@snark.imsi.com> Matthew J Miszewski says: > As to sexual orientation, um no federal law protects the class. And > yet magically, massive discrimination exists. Sorry, but the point is being missed. It is certainly the case that massive bigotry exists against homosexuals and that some companies make hiring decisions that way. However, all credible studies show that homosexuals have substantially above average income. Furthermore, discrimination is dropping with time in spite of the lack of laws. I would say that the problem is taking care of itself. Perry From sandfort at crl.com Fri Sep 9 06:46:00 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Fri, 9 Sep 94 06:46:00 PDT Subject: CONTROL FREAKS Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Alan Olsen still thinks totalitarians can succeed in industrial countries. He wrote: ... But it is also the case that industrial countries, when they fall on hard times tend to fall back on an authoritarian "bread and circuses" approach to governing. Examples, please. Fascism in 1930's Germany was certainly NOT one such government. National Socialism, of course, had its "bread" aspect, but their were no "circuses" in the Roman sense. While Bread and Circuses is one technique to keep a population in line, it is quite separate from the military/police state method chosen by the NAZIs. In any event, NAZI Germany supports the proposition that modern totalitarianism, by its nature, must be short lived. How long did the "Thousand Year Reich" last? ... We have the control freaks just wating to gain the power and more waiting in the wings. They have the money and they have the technology.... "They," again? I thought it might be "them." The Illuminati, right? Or is it the Trilateral Commission, the Jesuits, or the CIA? Who are these control freaks who "have the money and ... the technology"? Jeez, and some call me paranoid for being a privacy advocate. When I wrote, "There will be some temporary, local setbacks in the coming years, and have some mopping up to do, but we've already won." Alan responded: Don't be too smug yet... There are people in power who have not figured out that totalitarian states cannot survive.... Logic and reason have nothing to do with the "thought patterns" of these people. Roadrunner logic. Wiley Coyote runs over the edge of a cliff. Miraculously, he is suspended in the air until he makes the mistake of looking down. Only when he becomes aware of his predicament does he fall. My point still is, the totalitarians don't have to figure out anything; their "thought patterns" are irrelevant; reality still rules. They will not survive. Besides, it is not their money they are spending on this. It is yours. Are you sure they're spending *my* money? With each advance in privacy technology, they have less access to *anyone's* money. As far as I have been able to determine, the only thing that you can do with a control freak is to kill him before he obtains any position of power. (Or wrap him in duct tape and feed him lots of Thorazine(tm).) Or, with a little ingenuity, you could structure your life so you could just ignore him. Living well is the best revenge. S a n d y "Who finds he needs to spend far less time fighting the Great Enemy, than educating the nattering nabobs of negativism." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From perry at imsi.com Fri Sep 9 06:46:42 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 9 Sep 94 06:46:42 PDT Subject: AIDs testing and privacy In-Reply-To: Message-ID: <9409091346.AA26182@snark.imsi.com> Mats Bergstrom says: > Actually, this points to a potential problem for anarchic societies. > Suppose that HIV would spread by airborne droplets, like the flu. > Then measures of isolation, like those stated here, would seem very > adequate. But could such measures be taken without strong government? We don't have to imagine fatal illnesses spread by casual contact. We've had plenty of experience with such diseases even into this century -- polio, tuberculosis, and the like -- and government did a lousy job with them. I'm not sure market based mechanisms would necessarily do extremely well, but I do know that the alternatives aren't so amazing as to make me pine for them. .pm From paul at poboy.b17c.ingr.com Fri Sep 9 07:17:13 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Fri, 9 Sep 94 07:17:13 PDT Subject: Privacy 101 digest on WWW Message-ID: <199409091419.AA19319@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- With permission, I am automatically digestifying and archiving the "Privacy 101" seminar & teach-in that Duncan Frissell and Sandy Sandfort are offering and making the digest available via WWW. To reach the WWW digest, point your browser at http://www.iquest.com/~fairgate/privacy/index.html. - -Paul - -- Paul Robichaux, KD4JZG | Demand that your elected reps support the perobich at ingr.com | Constitution, the whole Constitution, and Not speaking for Intergraph. | nothing but the Constitution. ### http://www.intergraph.com ### -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLnBu0afb4pLe9tolAQGLlwP9El77wi7RoDBGbHVxH0de3RMKY2JbnvOi 17EwaltSp2DWwZ/QZd5vK5Lc2ClIYJsXTZ1rr4LrDXXs7lF8mKJqFoLSwerRADGH giJdWSzqm5I+hAP/XrbwiuwG9IU6oLeLP/rox+M2snb5J2elSWh42/84AuuKwOpX eJmeBe8b4RU= =rkjR -----END PGP SIGNATURE----- From frissell at panix.com Fri Sep 9 07:18:35 1994 From: frissell at panix.com (Duncan Frissell) Date: Fri, 9 Sep 94 07:18:35 PDT Subject: Crypto, Tech, and Choice Message-ID: <199409091417.AA15062@panix.com> In a valiant attempt to link the libertarian political debates of recent days to the stated purpose of this list... The future social environment will offer more than adequate challenges for everyone; but libertarians should have an easier time of it than the surviving advocates of "social justice." People -- bless their little hearts -- are different. If you give each person a pile of cash as high as their eye and more than 1,000,000,000 things to spend it on, they will go out in as many directions as there are people. Students of human individuation (see "Free & Unequal" by Roger J. Williams) have discovered the obvious fact known to all mothers that babies are different even before birth and they continue to get more different as they develop into adults. Computers (the first consumer product produced by nanotechnology), the Nets and the modern business environment, are collectively involved in a full-scale test of the above premise. In spite of complaints from the "Generation of Whiners," the current expansion of wealth and choice will be surpassed by the (very near) future explosion of wealth and choice. People with money, information, opportunity, and choice are *going* to choose. They are not going to let themselves get pushed around by others. Oh sure, for a while old habits may restrain them from directly challenging traditional mechanisms of control but if they have the money and the choices of things to do with it they won't be held down long. This change will occur is because "the young" and "outsiders" (foreigners) will ignore traditional restraints (since they haven't internalized them) and explore the full range of choices available to them. If you take an animal out of a cage, it may observe the non-existent bars for a while and pace back and forth but it will eventually discover that it is free. And most of us are smarter than animals. The only hope for control freaks to continue to control us is to restrain our range of choices. They can't count on mere words or traditions to bind us. But the range of choices continues to go up. Trade is way up. Wealth is way up. International travel is way up. Migration is way up. Resource prices are the lowest in human history. Communications costs are way down. Electronics costs are way down. We are in a zero or negative inflation environment. The quantity and quality of goods and services offered on the markets is at an all-time high. The percentage of the world's countries headed by dictators is the lowest it's ever been. What all this means is that political philosophies that depend on force of arms to push people into line, will increasingly fail to work. Rich people with choices will, when coerced, tend to change their investments and business affairs into a friendlier form or to move to a friendlier environment. Choice is real. If choices exist, they will be made. An ever higher proportion of the world's people will be "rich" in wealth and choice as the years go on. Only a political philosophy that depends on the uncoerced cooperation of very different people has a chance of functioning in the future. I, obviously, have an idea as to what that philosophy is. DCF "You can horsewhip your Gascony Archers you can torture your Picardy Spears. But don't try that with the Saxons or you'll have the whole brood round your ears. >From the highest Thane in the County to the lowest chained serf in the fields they'll be on you and at you like hornets and if you are wise you will yield." From m1tca00 at FRB.GOV Fri Sep 9 07:25:50 1994 From: m1tca00 at FRB.GOV (Tom Allard) Date: Fri, 9 Sep 94 07:25:50 PDT Subject: pgp key servers Message-ID: <9409091423.AA26657@mass6.FRB.GOV> -----BEGIN PGP SIGNED MESSAGE----- What's up with the key servers now? My last request (to pgp-public-keys at io.com) was finally bounced after a week. I tried to finger @wasabi.io.com and was told "Connection timed out". - ------- Forwarded Message Date: Fri, 09 Sep 94 08:55:15 -0500 From: MAILER-DAEMON at io.com (Mail Delivery Subsystem) Subject: Returned mail: Cannot send message for 1 week The original message was received at Fri, 2 Sep 1994 08:37:02 -0500 from newfed.frb.gov [198.3.221.5] ----- The following addresses had delivery problems ----- pgpkeys at wasabi.io.com (unrecoverable error) (expanded from: ) ----- Transcript of session follows ----- pgpkeys at wasabi.io.com... Deferred: Connection timed out with wasabi.io.com. Message could not be delivered for 1 week Message will be deleted from queue ----- Original message follows ----- Received: from newfed.FRB.GOV by pentagon.io.com (8.6.5/PERFORMIX-0.9/08-16-92) id IAA07205; Fri, 2 Sep 1994 08:37:02 -0500 From: m1tca00 at FRB.GOV Received: from FRB.GOV by newfed.FRB.GOV (4.1/SMI-4.0) id AA02381; Fri, 2 Sep 94 09:36:52 EDT Received: from mass6.FRB.GOV by frbgate.FRB.GOV (4.1/SMI-4.0) id AA03293; Fri, 2 Sep 94 09:34:46 EDT Received: from localhost by mass6.FRB.GOV (4.1/SMI-4.0) id AA14292; Fri, 2 Sep 94 09:34:44 EDT Message-Id: <9409021334.AA14292 at mass6.FRB.GOV> To: pgp-public-keys at io.com Subject: get 0x8467D261 Date: Fri, 02 Sep 94 09:34:43 -0400 - ------- End of Forwarded Message rgds-- TA (tallard at frb.gov) I don't speak for the Federal Reserve Board, it doesn't speak for me. pgp fingerprint: 10 49 F5 24 F1 D9 A7 D6 DE 14 25 C8 C0 E2 57 9D -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLnBvuKAudFplx0TNAQGJHwP+OqwSKkZeUMPCzXTJ0l0Qbv1MqxTIOlQP 4WkmtVXLd5f7BXrKwhQn97eGPu30Ghaq8IojpV1erRghAEeBYKmE6s82as4s/fAg ghyChlO6v52xsKM9UOophcY6pkAOWp128J8I8rwK0apinuzV0AE90sdtxssJWOrT SMNQ9PZAU68= =a/bq -----END PGP SIGNATURE----- From ravage at bga.com Fri Sep 9 08:14:44 1994 From: ravage at bga.com (Jim choate) Date: Fri, 9 Sep 94 08:14:44 PDT Subject: CONTROL FREAKS In-Reply-To: Message-ID: <199409091511.KAA27869@zoom.bga.com> > > Examples, please. Fascism in 1930's Germany was certainly NOT > one such government. National Socialism, of course, had its > "bread" aspect, but their were no "circuses" in the Roman sense. > While Bread and Circuses is one technique to keep a population in > line, it is quite separate from the military/police state method > chosen by the NAZIs. In any event, NAZI Germany supports the > proposition that modern totalitarianism, by its nature, must be > short lived. How long did the "Thousand Year Reich" last? > I take it you don't take the comparison between the Roman circuses where prisoners and other misfits (ie Christians) were fed to the lions and and the Tutonic cirucses of the 30's and 40's (ie prison or relocation camps) where the criminal and other misfits (ie Jewish) were fed to the masochistic 'system' as comparable? The Warsaw Ghetto was not a form of 'circus' then? I beg to differ. Both the Germans and the Romans held sway because of one over-bearing fact, each controlled the best 'ass-kickers' around at the time. > > "They," again? I thought it might be "them." The Illuminati, > right? Or is it the Trilateral Commission, the Jesuits, or the > CIA? Who are these control freaks who "have the money and ... > the technology"? Jeez, and some call me paranoid for being a > privacy advocate. > 'They' are the persons with money and influence and have also made it in their best interest to sustain the status quo. Just take a look at the Federal Reserve and how they manage the money in this country. Take a look at the special interest political groups who make it their job to get law-makers to look at it 'their' way. > > Roadrunner logic. Wiley Coyote runs over the edge of a cliff. > Miraculously, he is suspended in the air until he makes the > mistake of looking down. Only when he becomes aware of his > predicament does he fall. My point still is, the totalitarians > don't have to figure out anything; their "thought patterns" are > irrelevant; reality still rules. They will not survive. > Just exactly whose reality are we talking about ruling here? It seems to me that when talking about 'reality' and thought processes one has managed to jump track in a major sort of way. The problem with this view is that people do not analyze their choices the same way you analyze some physical problem like building a bridge. Christians definately look at the worl around them in a different 'reality' then the way that a pantheist like myself look at it. Consider, if you will, the difference in outlook of a commen every day occurance when viewed with the concept of a 'ghost in the machine' versus the purely mechanistic. I think you will find that the most trivial things take on very different appearances. > Besides, it is not their money they are spending on > this. It is yours. > I can assure you that the folks out there will spend their money if it is clear that they will make more of it in the long run. While it is true that public monies are the easiest to spend because of its anonymity it is not the only resource that is there. Consider under-the-table bribes and such. > > Or, with a little ingenuity, you could structure your life so you > could just ignore him. Living well is the best revenge. > > I am afraid that if you ignore a control freak you build the perfect environ for their growth. We are not talking about roses here but rather ideas, a decidedly different animal. Ideas can grow long after the original thinker is gone. To ignore rather than confront and expose is the best way possible to get what you don't want. From ravage at bga.com Fri Sep 9 08:29:06 1994 From: ravage at bga.com (Jim choate) Date: Fri, 9 Sep 94 08:29:06 PDT Subject: CONTROL FREAKS (nee, AIDs testing and privacy) In-Reply-To: <199409090533.WAA04550@netcom3.netcom.com> Message-ID: <199409091528.KAA28635@zoom.bga.com> > > Fascism was a more sophisticated and coherent philosophy than > you give it credit for. Hitler mass marketed a vulgarized > mass market version to the ignorant unwashed masses, but this > was only after the political romantic philosophies came to have > substantial support among the intellectuals, and this philosophical > support was translated into political support by intellectuals > for the various volkish parties, one of which was the National > German Socialist Workers party, which Hitler later joined > and swiftly came to dominate. > I hate to burts your bubble but the masses of the Germany of the first half of this century were no more unwashed or ignorant than today. The Germany of that day was technologicaly sophisticated and education was as wide spread as it is today. The vast majority of Germans could read and do their cyphers (couldn't resist). The reason that Nazi success was so great was because of two simple reasons. First they were so heavily 'victimized' by the peace treaty of WWI and secondly, because they saw as a means to bypass this humiliation a return to the past, ie monarchy and more ideal Germanic ideals. The Germans of that time thought they were the best and the brightest and saw their predicimate as a humiliating turn of events. These people got tires of everyone else blaiming them. > There really is no similar contender on the scene today. > There is always a contender. > The fascists were able to take power only after the ideas that > underly fascism had been growing in support and sophistication > for three hundred years. When put into practice this system > of ideas suffered a devastating setback, not only the particular > form that we called fascism, but all forms. > In Italys case, the fascist were voted in. They did not 'take' the power it was given to them. A case can be made that Hindenburg in Germany gave the power to Hitler (even though there was clearly a case of threat imposed as a sweetner). > While a military dictatorship is possible, a military dictatorship > that is not armed with good volkish philosophy is unlikely to > be capable of doing much harm, because military dictatorships > are continually and gravely threatened by loss of internal cohesion > and discipline. > Germany, Italy, and Japan did not start out as military dictatorships. Both Germany and Italy were relative demecrocies which did not take into account a lot of their 'reality'. The powers that be were more interested in making a 'ideal' society but not realizing that folks outside of their borders were not going to play along. This is the exact same reason that the USSR failed today. Competition. > A military takeover might well be a good thing. The soldiers could > in the short term impose discipline on a corrupt and lawless government, > and in the long term would profoundly weaken that which they sought > to strengthen. > Whose discipline? Exactly whose ideals and morality do we impose? A military takeover is NEVER a good thing. Implicit in its existance is the assumption that people can't take care of themselves. This particular dichotomy harks back to the Enlightenment and the Great Awakening. The real root of th e problem is that we (as humans) have never devised a system which is Janus faced in that it recognizes that some people believe a strong central structure is good and those that disagree. To build a system which forces either to compromise is wrong (either way you become what you hate the most). What needs to be developed (and may be created as a fate acompli through technology) is a system that lets 'control freaks' control and 'freedom hounds' be free. In a certain way (though admittedly less than perfect) the structure of Internet is a good example. What you have is little islands of freedom (ie each system) controlled very tightly by a commen thread or standard of communication. Democracy in our country should work the same way. There should be a very tightly controlled methodology for states to communicate and assist each other (ie Federal beurocracy) but at the same time the individual states can do pretty much as they want in their own borders. > > --------------------------------------------------------------------- > We have the right to defend ourselves and our > property, because of the kind of animals that we James A. Donald > are. True law derives from this right, not from > the arbitrary power of the omnipotent state. jamesd at netcom.com > > > From hfinney at shell.portal.com Fri Sep 9 08:40:00 1994 From: hfinney at shell.portal.com (Hal) Date: Fri, 9 Sep 94 08:40:00 PDT Subject: Cracking MD5 for $10M Message-ID: <199409091539.IAA19642@jobe.shell.portal.com> I mentioned a few days ago that one of the "rump session" papers at the crypto conference claimed that a machine could be built which would find MD5 collisions for $10M in about 20 days. I wanted to write a little more detail about how this attack could work. It is similar to a "meet in the middle" (MITM) attack which Norm Hardy suggested here in July when we were discussing double DES: >There may be more than one way that MITM (meet in the middle) may be used >to attack Double block cyphers. I assume the following attack. You know >some block of plain-text P and corresponding cypher text C. You believe >that C = E(k, E(j, P)) where E(k, p) is the encypherment of p with key k. >D(k, E(k, p)) = p. You need to find keys k and j. Classic MITM is to >produce a file A with records: for each k, and file B with >records for each j. Sort both A and B on the second field. >Pass over the sorted files looking for a record from file A whose second >field is the same as a record in file B. >To substantially shorten the ammount of tape used by a factor 2^n at the >expense of evaluating C and D 2^n more often do the following: >For m from 0 to 2^n-1 Do > Produce file A with records: for each k where > (the right n bits of E(k, P)) = m. (discarding other records) > Produce file B with records for each j where > (the right n bits of D(j, C)) = m > Sort files A and B on second field. > Pass over files looking for records from A that match records from b in the > second field. >Enddo. The idea of saving only outputs where certain bits are constant is the key to the "distinguished points" method which is used to save space with only a modest cost in time. The other key idea is that instead of evaluating MD5(n) where n iterates on its own, you look for cycles in the recurrence x = MD5(x). Any cycle which is found which does not include the x you start with will lead to a case where two values hash to the same MD5 value. For a trivial example, suppose the output of a formula like this consists of the values 1,4,5,2,7,8,5,2,7,8,5,2,7,8,.... Here we have a four element cycle which leads to two different predecessors for the value 5. The brute-force way to solve this would be to save all outputs from the formula, and with each new value to compare it with all earlier values. With MD5, which has a presumably random structure and 128 bits of output, the birthday paradox suggests that you would have to create and save about 2^64 output values before finding a match. Creating 2^64 values might be possible today for the time and dollar values we are talking about, but storing them appears to be out of the question, as our earlier discussion of double DES (and other discussions of MITM here) have made clear. The distinguished points method reduces the space requirements by only saving a fraction of the output values. For example, in the list above, we might only save multiples of 4. This would lead to 4,8,8... and it is easy to discover the match without nearly as much storage. Note, though, that 8 is not actually the value which has two predecessors, but that once this match is discovered, you can go back to the previous points (4 and 8 in this case) and run them forward more carefully, looking for a match. The other real advantage of the distinguished points method is that it parallelizes very nicely. Several machines can run x=MD5(x) with different starting values, saving all of the distinguished outputs, and we can look for matches between machines as well as in one machine. Again, a match implies two different predecessors for the same value, which is an MD5 collision. With the size of MD5, suppose we generate 2^64 outputs but only save those for which the low-order 32 bits are 0 as our distinguished points. Only 1/2^32 of values will match, so we will end up with about 2^32 outputs, probably a manageable amount. Chances are there will be a match among that set. We then go back to the previous distinguished points before the match and work forward carefully to look for the exact pair of values which lead to the same successor. Distinguished points will be about 2^32 apart so this step is easy and quick. If you want to speed it up still more you can do a recursive distinguished points pass for this step using maybe d.p.'s with the low-order 16-bits of 0 and do it in two steps that will both be very short. The net result is that we have taken virtually no more time (the 2^64 creations of MD5 will dominate) and virtually no space (compared to 2^64 stored values) and we get the effect of a birthday attack. This is another cautionary data point about the risks of relying on space costs for security rather than time costs. Hal From shamrock at netcom.com Fri Sep 9 09:35:28 1994 From: shamrock at netcom.com (Lucky Green) Date: Fri, 9 Sep 94 09:35:28 PDT Subject: Need ride from SF Message-ID: <199409091635.JAA21325@netcom7.netcom.com> I need a ride to the CP meeting. Can pay for gas. Send email or call my VM at (451) 435-7939 Thanks, -- Lucky Green PGP public key by finger From jim at rand.org Fri Sep 9 09:40:14 1994 From: jim at rand.org (Jim Gillogly) Date: Fri, 9 Sep 94 09:40:14 PDT Subject: Cracking MD5 for $10M In-Reply-To: <199409091539.IAA19642@jobe.shell.portal.com> Message-ID: <9409091639.AA29959@mycroft.rand.org> Hal discusses using the Distinguished Points method to find hash collisions presented by Michael Wiener with Paul van Oorschot at Rump Crypto '94, and lists two benefits: (1) saves space in searching for loops on a single processor; (2) allows parallel searches for collisions over multiple processors. I claim it's useful only for (2), because another algorithm dominates it for single processor loop detection... at least in storage space. It works as follows: get a sequence of values v(i+1) = MD5(v(i)); simultaneously get another sequence w(i+1) = MD5(MD5(w(i))), and start them at the same place, v(0) = w(0). That is, you're running one of them twice as fast as the other. At each iteration you compare v(i) with w(i), and if they're equal, you've looped. Drawing a few rho-shaped trajectories on paper and following them around with two pencils should be enough to complete a proof by hand-waving that it always catches a cycle; but perhaps not as soon as the distinguished points would. The distinguished points across machines is a great idea for (2), though, and doesn't depend on anything looping... cool stuff! Do you (Hal?) or anybody else know whether Wiener and van Oorschot were taking into account the contraction of the range each time you iterate MD5? I think the size of the set of all numbers that are the result of MD5ing a 128-bit number is considerably smaller than 2^128... is it 1/e of that? Anybody know about random mappings? Subsequent iterations reduce it further, though of course not by 1/e each time, so that the set of numbers that are the result of iteratively MD5ing a number N times should be an appreciably smaller set to be groping around in. For example, I iterated the right-most 14 bits of SHA 26,539 times from one seed before the range shrank to a single point. Note that it need not shrink that far in general, since some of the survivors would typically map into each other. Jim Gillogly 18 Halimath S.R. 1994, 16:12 From adam at bwh.harvard.edu Fri Sep 9 09:47:17 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Fri, 9 Sep 94 09:47:17 PDT Subject: digital reputation capital Message-ID: <199409091646.MAA16843@bwh.harvard.edu> I'm currently writing up a design for a digital reputation capital system. The intent is not to provide a framework for licensing or formal endorsement system, but instead, allow people to automatically discover the opinions of others about various entities. I'd like to know how much people would want anonymity in a system like this. My preferred solution would be to allow anonymity through the established services of remailers. This has the advantage of having people who use a nym constantly (and well) get more respect when doing it then those who use a nym occasionally. The reason this solution is preferred is that it allows a fully distributed system to exist, with no centralization needed at all. Is losing that distributed characteristic of the system worth gaining a system that supports anonymity? (It might be possible to design a work intensive system to handle distributed anonymity, based on Merritt's protocol for voting without any central facility (Applied Crypt section 6.5), but the amount of work involved is quite high, thus the system wouldn't work in a production environment.) Adam From jamesd at netcom.com Fri Sep 9 10:49:23 1994 From: jamesd at netcom.com (James A. Donald) Date: Fri, 9 Sep 94 10:49:23 PDT Subject: CONTROL FREAKS (nee, AIDs testing and privacy) In-Reply-To: <199409091528.KAA28635@zoom.bga.com> Message-ID: <199409091748.KAA04399@netcom8.netcom.com> Jim choate writes > I hate to burts your bubble but the masses of the Germany of the first > half of this century were no more unwashed or ignorant than today. The They may be clean but they are still ignorant as ever. > Germany of that day was technologicaly sophisticated and education was > as wide spread as it is today. The vast majority of Germans could read > and do their cyphers Exactly so. > In Italys case, the fascist were voted in. 1. They have not been voted in - they are a junior partner in a multi party coalition. 2. They are a mere political party - no longer a powerful, attractive, and superficially plausible ideology. > > While a military dictatorship is possible, a military dictatorship > > that is not armed with good volkish philosophy is unlikely to > > be capable of doing much harm, because military dictatorships > > are continually and gravely threatened by loss of internal cohesion > > and discipline. > > > Germany, Italy, and Japan did not start out as military dictatorships. Both > Germany and Italy were relative demecrocies which did not take into account > a lot of their 'reality'. Read before flaming: I am quite aware that the fascists were a political movement, not a military coup. My point was exactly that. That though a military coup is possible, the ideology that made that political movement possible is dead, dead, dead, dead. Get it. Dead. Fascism was an idea. That idea has been proven false. The end. From hfinney at shell.portal.com Fri Sep 9 11:25:43 1994 From: hfinney at shell.portal.com (Hal) Date: Fri, 9 Sep 94 11:25:43 PDT Subject: Cracking MD5 for $10M In-Reply-To: <9409091639.AA29959@mycroft.rand.org> Message-ID: <199409091825.LAA00257@jobe.shell.portal.com> Jim Gillogly writes: >Hal discusses using the Distinguished Points method to find hash >collisions presented by Michael Wiener with Paul van Oorschot at Rump >Crypto '94, and lists two benefits: >(1) saves space in searching for loops on a single processor; >(2) allows parallel searches for collisions over multiple processors. >I claim it's useful only for (2), because another algorithm dominates it >for single processor loop detection... at least in storage space. >["rho" method elided] Yes, this is a good point, the main advantage of the DP algorithm is that it parallelizes. Rho does have the problem that you have to run 3 MD5's for each step, but OTOH it does not have the overhead of saving and checking the distinguished points, so which one would be best on a single processor would depend on the relative costs. >Do you (Hal?) or anybody else know whether Wiener and van Oorschot were >taking into account the contraction of the range each time you iterate >MD5? I think the size of the set of all numbers that are the result of >MD5ing a 128-bit number is considerably smaller than 2^128... is it 1/e of >that? Anybody know about random mappings? They didn't mention anything about this, and I would think they would have if they had considered it. My intuition was that x=MD5(x) would cover a large fraction of the 128 bit output space, but on further thought Jim appears to be right: with n input values into a random function (n would be 2^128 in this case), the chance of a particular output being missed for any one input would be 1-1/n, and the chance of it being missed for all n inputs would be (1-1/n)^n. Taking the limit as n approaches infinity gives 1/e as the fraction of values which would be missed. This means that the fraction of hits would be 1 - 1/e, much lower than I had guessed. >Subsequent iterations reduce >it further, though of course not by 1/e each time, so that the set of >numbers that are the result of iteratively MD5ing a number N times should >be an appreciably smaller set to be groping around in. The way I figure it, if the fraction of the original n is f (which would be 1 before the first iteration, and 1 - 1/e before the 2nd iteration based on the above), the chance of a point being missed is (1-1/n)^(nf), which is 1/e^f. So f would be found by f = 1 - 1/e^f, iterating once per MD5 iteration and starting f at 1. I just did an experiment of iterating this. After 100 times f was about .02; after 1000 times f was about .002, suggesting f = 2/iterations. If this is right, you might be able to get a birthday match after only the cube root of n tries rather than the square root of n, or about 2^44 iterations or so rather than 2^64, because at that point you are only looking at 2^85 possible output values. This result is only really valid for serial machines; parallel ones search more per iteration so this would move you back towards the 2^64 number. It does imply that you don't really get k-fold speedup with k machines if you take this effect into consideration. > Jim Gillogly > 18 Halimath S.R. 1994, 16:12 Gee, my calendar must be off! Hal From warlord at MIT.EDU Fri Sep 9 11:28:00 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Fri, 9 Sep 94 11:28:00 PDT Subject: pgp key servers In-Reply-To: <9409091423.AA26657@mass6.FRB.GOV> Message-ID: <9409091827.AA07446@toxicwaste.media.mit.edu> Well, I dont know about the IO.COM keyserver, but the keyserver at pgp-public-keys at pgp.mit.edu is up and running fine! In fact, I know _most_ of the keyservers are up and running fine. I wonder why you said "key servers" when the only one you couldn't talk to was io.com! -derek > What's up with the key servers now? My last request (to > pgp-public-keys at io.com) was finally bounced after a week. > I tried to finger @wasabi.io.com and was told "Connection > timed out". From emw at ima.com Fri Sep 9 11:38:30 1994 From: emw at ima.com (Ed Wilkinson) Date: Fri, 9 Sep 94 11:38:30 PDT Subject: CONTROL FREAKS, fascism, etc In-Reply-To: <199409090533.WAA04550@netcom3.netcom.com> Message-ID: <9409091702.AA12893@ima.com> > > Fascism was a more sophisticated and coherent philosophy than > you give it credit for. Hitler mass marketed a vulgarized > mass market version to the ignorant unwashed masses, but this > was only after the political romantic philosophies came to have > substantial support among the intellectuals, and this philosophical > support was translated into political support by intellectuals > for the various volkish parties, one of which was the National > German Socialist Workers party, which Hitler later joined > and swiftly came to dominate. > > There really is no similar contender on the scene today. I would recommend reading "the Ominous Parallels" by Leonard Peikoff (spelling?). It discusses this in great detail, as well as how the US of today is moving more and more in that direction. Many good ideas to mull over. Ed From ravage at bga.com Fri Sep 9 11:50:10 1994 From: ravage at bga.com (Jim choate) Date: Fri, 9 Sep 94 11:50:10 PDT Subject: CONTROL FREAKS (nee, AIDs testing and privacy) In-Reply-To: <199409091748.KAA04399@netcom8.netcom.com> Message-ID: <199409091849.NAA09278@zoom.bga.com> > > My point was exactly that. That though a military coup is possible, > the ideology that made that political movement possible is dead, > dead, dead, dead. > > Get it. > > > Dead. > > Fascism was an idea. That idea has been proven false. > Somebody needs to tell the Aryian Brotherhood, The KKK, Louis Farackim (sp?), etc. that what the beliefes they are acting on have been disproven. From jamiel at sybase.com Fri Sep 9 11:57:14 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Fri, 9 Sep 94 11:57:14 PDT Subject: Title VII v. Liberty Message-ID: At 6:13 AM 9/9/94, Perry E. Metzger wrote: >It is certainly the case that massive bigotry exists against >homosexuals and that some companies make hiring decisions that way. >However, all credible studies show that homosexuals have substantially ^^^^^^^^^^^^^^^^^^^^ >above average income. Refs on this one? Even on ref. would do me. The only 'studies' I've seen like this are bullshit paid for by fundies. Seeing how one of their major weapons is convincing folk that queers are taking over big business, I wouldn't exactly call them credible. >Perry -j -- "Blah Blah Blah" ___________________________________________________________________ Jamie Lawrence From mccoy at io.com Fri Sep 9 12:09:47 1994 From: mccoy at io.com (Jim McCoy) Date: Fri, 9 Sep 94 12:09:47 PDT Subject: pgp key servers In-Reply-To: <9409091423.AA26657@mass6.FRB.GOV> Message-ID: <199409091909.OAA13003@pentagon.io.com> > From: Tom Allard > > What's up with the key servers now? My last request (to > pgp-public-keys at io.com) was finally bounced after a week. > I tried to finger @wasabi.io.com and was told "Connection > timed out". Wasabi is undergoing a hardware move of sorts. The pgp key server will return in a week or so at pgpkeys.io.com (things sent to wasabi will continue to work when the new hardware comes up.) jim From f_griffith at TITAN.SFASU.EDU Fri Sep 9 12:18:10 1994 From: f_griffith at TITAN.SFASU.EDU (f_griffith at TITAN.SFASU.EDU) Date: Fri, 9 Sep 94 12:18:10 PDT Subject: Introduction: Telephone traffic analysis Message-ID: <01HGWTBH6U4M0007DA@TITAN.SFASU.EDU> >They track and compare the frequency of calling patterns made by the targets. >Now they know the "calling circle" of the targets. They expand the tracking >pattern and start looking for cross overs. Tom Clancy in _Clear and Present Danger_ has a description of the CIA doing something like this to the Columbia drug cartel. From doug at OpenMind.com Fri Sep 9 12:40:48 1994 From: doug at OpenMind.com (Doug Cutrell) Date: Fri, 9 Sep 94 12:40:48 PDT Subject: Black Cryptoanarchy (KKK, monopolies, contract killing) Message-ID: I would like to thank Blanc Weber, Tim May, and Duncan Frissell for their responses to my message on the subject of employer hiring practices and liberty in a society. Tim and Duncan seem to be concerned with the freedom of an employer to make whatever hiring decisions he prefers. Blanc seems to be concerned principally with the soundness and health of the business entity. I am trying to understand the arguments for these points of view... I consider myself to be extremely "liberal" in my political philosophy, and I have a lot of respect for the arguments of libertarians. But I am continually pulled back to the "test case" issue of racist employment practices. This is the case where the argument is most difficult for me to buy. I am not sure whether Blanc would hold that businesses should be free to engage in racist hiring policies if that is their decision, but it seems clear that Tim May does hold this position, and I understand that this is in fact the classic libertarian position. The argument seems to be that in a free society, natural cooperative processes will provide a form of "autoregulation" to discourage the widespread development of oppression of specific classes of individuals. There further seems to be an assumption that the tools of strong crypto will facilitate this system of checks and balances through natural cooperative processes. I am not convinced. Moreover, it seems to me that cryptoanarchy may in fact facilitate a new type of "mob rule". For example, imagine the development of a multitude of secret "crypto-posse" organizations. Individuals could join any number of these secret societies, which might require some sort of dues payment for participancy. They might be fleeting in duration, forming spontaneously to achieve some specific aim (thus my term "posse"). Virtually everything about these organizations could be secret -- their size, power, and even their very existence. Participating companies could secretly create trade monopolies. Organizations such as the KKK could accrue the financial support of large numbers of members to create strong social and economic pressures to oppress segments of the population in specific areas, yet the source of these pressures may be impossible to trace. Even apart from this, the availability of truly secure anonymity, strong encryption, and untraceable digital cash could allow contract killing to be an openly conducted business. For example, an anonymous news post announces a public key which is to be used to encode a contract kill order, along with a digital cash payment. The person placing the contract need only anonymously place the encrypted message in alt.test. Perhaps it is even possible to make it impossible to tell that the message was encrypted with the contract killer's public key (the killer would have to attempt decryption of all similarly encoded messages on alt.test, but that might be quite feasible). Thus it could be completely risk free for anyone to place a contract on anyone else. If there is a reason why these concerns are unfounded, I would very much appreciate hearing refutations. I certainly don't want any of these possibilities to materialize, but I don't see any way around them in a completely "cryptoanarchic" society. Doug ___________________________________________________________________ Doug Cutrell General Partner doug at OpenMind.com Open Mind, Santa Cruz =================================================================== From mccoy at io.com Fri Sep 9 13:10:47 1994 From: mccoy at io.com (Jim McCoy) Date: Fri, 9 Sep 94 13:10:47 PDT Subject: Title VII v. Liberty In-Reply-To: Message-ID: <199409092010.PAA17748@pentagon.io.com> jamiel at sybase.com (Jamie Lawrence) writes: > At 6:13 AM 9/9/94, Perry E. Metzger wrote: [...] > >However, all credible studies show that homosexuals have substantially > >above average income. > > Refs on this one? Even on ref. would do me. The only 'studies' I've > seen like this are bullshit paid for by fundies. Seeing how one of > their major weapons is convincing folk that queers are taking over > big business, I wouldn't exactly call them credible. Actually a recent study was reported a month or so ago (done by UMich or some other big surveying group with no visible axes to grind) that showed that homosexuals as a group have a _lower_ average income than the general population. I will poke around and see if I can find a ref to this study. jim From m5 at vail.tivoli.com Fri Sep 9 13:13:32 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Fri, 9 Sep 94 13:13:32 PDT Subject: Black Cryptoanarchy (KKK, monopolies, contract killing) In-Reply-To: Message-ID: <9409092012.AA12184@vail.tivoli.com> Though I acknowledge that Doug's fears are real, there's one thing to keep in mind: cryptography is not by any means a magic shield for criminals. It eliminates, perhaps, one avenue by which crimes might be discovered. However, it is most certainly not the case that someone who places an open anonymous contract for a murder in an open forum is doing so "risk free". There are *plenty* of ways she might be found out. Likewise, big secret societies that nefariously undermine the free world via cryptography are as vulnerable as ever to the motivations of their own members to expose the groups in a double-cross. Crime is crime. Crime (in the philosophical sense; crime against individuals, crime against the environment, and so on, as opposed to crime as defined by the current establishment in power) is conducted by criminals no matter what the tools are. Every object on the planet is a potential accomplice to the criminal. | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From sandfort at crl.com Fri Sep 9 13:16:49 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Fri, 9 Sep 94 13:16:49 PDT Subject: PRIVACY REGULATIONS Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Michael Conlen adding to comments by Adam Shostack and Tim May wrote: With your name and address someone can find out what your date of birth is. In many states that is enough for a drivers licens... ...name and dob... Federal agencies such as the FBI, and most if not all states, use your NAME and DATE OF BIRTH as their primary means of locating you in their databases. When it comes to being charged with giving false information to the authorities, it could be argues that you "accidentally" misremembered or forgot your SSN. It would be a real stretch, though, to assert that you got your own name or birthday wrong. If you are stopped by the police, you are required to identify yourself if asked. Is your DOB required? May you decline to answer that question if it is not relevant to the stop? (To drive a car, to buy booze, you much be of requisite age. Maybe you could say, "I'm over 21, officer.") I don't know if it's ever been tested in court. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From rishab at dxm.ernet.in Fri Sep 9 13:33:29 1994 From: rishab at dxm.ernet.in (Rishab Aiyer Ghosh) Date: Fri, 9 Sep 94 13:33:29 PDT Subject: Social punishment 1/3: law without enforcers In-Reply-To: <199409080538.WAA25992@deepthought.pylon.com> Message-ID: <3cVHTc2w165w@dxm.ernet.in> blancw at pylon.com writes (in private mail): > than can present law enforcement systems. My next post will > examine the similarities between tribal and cyberspatial > society. > ........................................................ > > I don't know yet what you are going to say about the > similarities between tribal & cyberspatial societies, but one I guessed as much ;) > same category. The associations which occur in cyberspace are > not like the ones which occur in the physical plane. The > expectations are different - you don't expect to live with > these other people in close proximity, you don't expect to > identify with them as a group in the same way, you are not > going to get the same benefits on a daily basis or even an > extended time period, as you might from those with whom you > interact on more than one level or kind of contact. I > personally don't see interactions in cyberspace as constituting > a 'society', even if they are 'social'. > Maybe a drive-by society. Well, as I put it, the primary characteristic of tribe (versus city) has been portrayed as _physical_ proximity. I would say the more relevant characteristic is _mental_ proximity, or _social_ proximity, if you accept my classification of tribes and cyberspace as 'communication societies'. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Fri Sep 9 13:34:25 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 9 Sep 94 13:34:25 PDT Subject: Introduction: Telephone traffic analysis Message-ID: shamrock at netcom.com (Lucky Green): > I stumbled upon this great explanation of telephone traffic analysis and > thought I'd share it with the list: It is to evade this sort of traffic analysis that complex routing, batching and clustering of anon remailer traffic is being evolved. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From adam at bwh.harvard.edu Fri Sep 9 13:40:16 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Fri, 9 Sep 94 13:40:16 PDT Subject: Quick item re cellular encryption In-Reply-To: Message-ID: <199409092039.QAA18465@bwh.harvard.edu> SafeCall 617 330 8890 Cellular Privacy Unit attaches to the mothpeice & earpeice of your phone, uses variable split band inversion. The cost, depending on the phone, is about $599 one coming out for Motorola flip phones, might be more ($699). 2 modes of operation: call 1 800 number checks customer, gives dial tone $25 activation $ 5/month .75/minute anywwhere in the US + airtime from your celular carrier. In this mode, you connect to their system, get decrypted, sent out on their phone lines to the other end. Incoming voice gets 'encryted' and sent to you. or buy two units, bypass their system. They also make a fax unit. Seems that $600 only buys you a little bit of on-air security. When I asked about the possibility of using real encryption, she said that they might, but couldn't give me any firm commitments. I've asked for their literature, and will pass on if it has anything more interesting. Adam Netsurfer wrote: | This was parsed off Edupage - anyone know what type of encryption they are | using? | | -NetSurfer | | BEWARE CELLULAR CONFIDENCES | Lawyers who use cellular phones to discuss private matters with clients are | increasingly turning toward encryption technology to protect confidential | information. Boston-based SafeCall, a company that guarantees secure | cellular conversations by routing the calls through its scrambler, says its | largest and fastest growing contingent of customers is lawyers. Meanwhile, | a six-step set of how-to instructions for turning a Motorola flip-phone | into a cellular call receiver was posted on the Internet. (Wall Street | Journal 9/1/94 B1) | From perry at imsi.com Fri Sep 9 13:41:22 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 9 Sep 94 13:41:22 PDT Subject: Title VII v. Liberty In-Reply-To: Message-ID: <9409092040.AA00273@snark.imsi.com> Jamie Lawrence says: > Refs on this one? Even on ref. would do me. The only 'studies' I've > seen like this are bullshit paid for by fundies. Seeing how one of > their major weapons is convincing folk that queers are taking over > big business, I wouldn't exactly call them credible. Actually, as I recall these have mostly been marketing studies. For whatever reason (perhaps the same "oppressed group syndrome" that tends to make several other minorities work harder) gay men tend to be higher up on the income scale. No, I can't find a reference in a second -- but if you insist I'll dig one up. Those knowing my opinions closely enough will know that I loathe fundamentalist christians and that I'm quite rabbid in attacking discrimination against homosexuals. Let me note that Jews and Asians are not protected groups under Title 10 -- there are no affirmative action laws for us, and there *is* discrimination against them -- sometimes even very violent discrimination. Somehow, however, they have managed to do just fine in society. Perry From perry at imsi.com Fri Sep 9 13:44:52 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 9 Sep 94 13:44:52 PDT Subject: Introduction: Telephone traffic analysis In-Reply-To: <01HGWTBH6U4M0007DA@TITAN.SFASU.EDU> Message-ID: <9409092044.AA00292@snark.imsi.com> f_griffith at titan.sfasu.edu says: > Tom Clancy in _Clear and Present Danger_ has a description of the CIA > doing something like this to the Columbia drug cartel. I was unaware that the cartels at the University had achieved that much noteriety -- although we alumini have long known that they controlled most of the international trade in tylenol... Perry From kkk at asc.bu.edu Fri Sep 9 14:01:27 1994 From: kkk at asc.bu.edu (kkk at asc.bu.edu) Date: Fri, 9 Sep 94 14:01:27 PDT Subject: Black Cryptoanarchy (KKK, monopolies, contract killing) Message-ID: <199409092101.RAA14180@BU.EDU> >I am trying to understand the arguments for these points of view... I >consider myself to be extremely "liberal" in my political philosophy, and I >have a lot of respect for the arguments of libertarians. But I am >continually pulled back to the "test case" issue of racist employment >practices. This is the case where the argument is most difficult for me to >buy. I am not sure whether Blanc would hold that businesses should be free >to engage in racist hiring policies if that is their decision, but it seems >clear that Tim May does hold this position, and I understand that this is >in fact the classic libertarian position. The argument seems to be that in >a free society, natural cooperative processes will provide a form of >"autoregulation" to discourage the widespread development of oppression of >specific classes of individuals. So, what gives you the right to stick your nose into other peoples business practices. I believe that if I hire a person to do some task it should be my decision as to what sort of person I hire as it is my money that I am paying them and my business that suffers if I am forced into hiring someone based on something other than good business reasons. >Organizations such as the KKK could accrue the financial support of large >numbers of members to create strong social and economic pressures to >oppress segments of the population in specific areas, yet the source of >these pressures may be impossible to trace. The same could be said about the Democratic Party in the USA. >If there is a reason why these concerns are unfounded, I would very much >appreciate hearing refutations. I certainly don't want any of these >possibilities to materialize, but I don't see any way around them in a >completely "cryptoanarchic" society. I think that it would be a Healthy Change instead of the crap that you seem to perfer. From frissell at panix.com Fri Sep 9 14:03:45 1994 From: frissell at panix.com (Duncan Frissell) Date: Fri, 9 Sep 94 14:03:45 PDT Subject: Black Cryptoanarchy (KKK, monopolies, contract killing) Message-ID: <199409092102.AA06974@panix.com> At 12:36 PM 9/9/94 -0700, Doug Cutrell wrote: >I am trying to understand the arguments for these points of view... I >consider myself to be extremely "liberal" in my political philosophy, and I >have a lot of respect for the arguments of libertarians. But I am >continually pulled back to the "test case" issue of racist employment >practices. This is the case where the argument is most difficult for me to >buy. Cypherpunks is becoming "horrors" libernet. The only legitimate hook for this issue is the fact that many would oppose crypto anarchy (if they knew it existed) because it makes things like anti-discrimination laws possible. To avoid too much damage to the list, I will try and restrain myself to two observations on the subject of laws against racial discrimination (which libertarians do oppose): 1) Laws are enforced by threat of (or by actual) violence. Supporters of outlawing racial discrimination are in the position of arguing that non-violent social disagreements (the decision by someone not to deal with someone else on *bad* grounds) should be "solved" by sending armed men out to punish the person deciding to refuse to hire -- say -- whites. And of course to kill him if he resists his punishment. I would rather see deadly force limited to situations in which there has at least been a breach of the peace of some kind. 2) I have never met a person (and don't believe that there ever has been a person) who has not discriminated on all of the "prohibited" bases frequently. Has there ever been anyone who selected -- say -- their friends and lovers *purely* using random selection. Never discriminating on the basis of race, creed, color, sex, age, alienage, previous condition of servitude, marital status, sexual or affectional preference, handicap, etc. It would be hard to imagine someone who didn't use these prohibited classifications in their personal sexual lives. I observe little use of RNGs (see -- a cypherpunks technical reference after all) in social intercourse. Since it is legal (and indeed considered OK) to discriminate on all these grounds in our personal lives, libertarians believe that discrimination should at least be legal. Freedom of Choice in *everything*. DCF ************************************************************************* ATMs, Contracting Out, Digital Switching, Downsizing, EDI, Fax, Fedex, Home Workers, Internet, Just In Time, Leasing, Mail Receiving, Phone Cards, Quants, Securitization, Temping, Voice Mail. From sandfort at crl.com Fri Sep 9 14:20:48 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Fri, 9 Sep 94 14:20:48 PDT Subject: CONTROL FREAKS Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Where do I begin? Jim Choate has now retreated into subjectivism rather than Come on, Jim, you've been arguing that totalitarians can ignore economics. Answer my questions. How long did the "Thousand Year Reich" last? What totalitarian states can you name that have had any legs at all? There are none. I take it you don't take the comparison between the Roman circuses where prisoners and other misfits (ie Christians) were fed to the lions and and the Tutonic cirucses of the 30's and 40's (ie prison or relocation camps) where the criminal and other misfits (ie Jewish) were fed to the masochistic 'system' as comparable? The Warsaw Ghetto was not a form of 'circus' then? No, of course not. The Roman circuses were public spectacles. They were a form of entertainment (like professional sports today). Their propose was to distract the populace, not to eliminate enemies of the state. That's what Crucifixion and other types of execution were for. Often, the participants were pros, free men who did it for gold and glory. Hell, Rome wasn't even a totalitarian state. Where do you get these ideas? The Nazis were another matter, but they still didn't make the cut. Show me your successful totalitarian states. 'They' are the persons with money and influence and have also made it in their best interest to sustain the status quo. Just take a look at the Federal Reserve and how they manage the money in this country. Take a look at the special interest political groups who make it their job to get law-makers to look at it 'their' way. I've looked. I repeat, who are "they"? You know, like some names. They can't be too powerful, since social/cultural/legal non-compliance is a growth industry. God, what the hell are you so afraid of? Just exactly whose reality are we talking about ruling here?... people do not analyze their choices the same way you analyze some physical problem like building a bridge.... But that's the point. Economics *is* like building a bridge. You can't spend money you don't have. You can't create wealth by printing money. There are rules, and no amount of subjectivism or Roadrunner logic will exempt totalitarian states from them. But if you disagree, please prove me wrong by naming the states that have "created their own reality." I bet you can't. When I alluded that "they" weren't spending *my* money you wrote: I can assure you that the folks out there will spend their money if it is clear that they will make more of it in the long run. While it is true that public monies are the easiest to spend because of its anonymity it is not the only resource that is there. Consider under-the-table bribes and such. I give up, I don't have a clue what you're taking about. Do you? If so, please elucidate. Apparently, my comment about *structuring your life* so that you could ignore the control freaks went right over your head at the speed of light. FLAME ALERT: All Cypherpunks who disdain flamish exchanges should tune out now. I'm feeling peevish today and this sort of mindless drivel pisses me off. I have decided, therefore, to amuse myself by fucking with Mr. Choate's head for the remainder of this post. I am afraid [we know that, the question is why you are afraid?] that if you ignore a control freak you build the perfect environ [I'm sure you don't mean "environ," a verb. Perhaps "environment" or "environs" would be more suitable. Sloppy thinking; sloppy language.] for their growth. We are not talking about roses [now you've gotten SOMETHING right] here but rather ideas, a decidedly different animal. [Neither roses nor ideas are animals, Mr. Choate. Can you say mixed metaphor?] Ideas can grow long after the original thinker is gone. [Yes, but what has that got to do with our discussion. Focus, Mr. Choate.] To ignore rather than [to?] confront and expose [them?] is the best way possible [possible is redundundundant, Mr. Choate] to get what you don't want. [Interesting use of the negative in your sentence construction, but you never addressed my thesis, to wit: it is possible to structure your life so that you can ignore would-be controllers. There is no substitute for critical thinking, Mr. Choate.] Love and kisses, S a n d y "Who promises to go back on his medication tomorrow." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From jamiel at sybase.com Fri Sep 9 14:37:14 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Fri, 9 Sep 94 14:37:14 PDT Subject: Title VII v. Liberty Message-ID: At 1:40 PM 9/9/94, Perry E. Metzger wrote: >Actually, as I recall these have mostly been marketing studies. For >whatever reason (perhaps the same "oppressed group syndrome" that >tends to make several other minorities work harder) gay men tend to be >higher up on the income scale. No, I can't find a reference in a >second -- but if you insist I'll dig one up. Those knowing my opinions If you happen across one, I'd like to see it, but don't go out of your way >closely enough will know that I loathe fundamentalist christians and >that I'm quite rabbid in attacking discrimination against homosexuals. I have at least a rough sketch of your political views in mind, Perry. I wasn't trying to attack you - I was trying to correct something that is a very common misconception. Just happens to be on a rather charged topic. Assuming it was a marketing survey, this makes a lot more sense. They are going to look places where people selling things have a good chance to sell, which tends not to be the blue collar sections (where due to violence and educational differences, people are also much more likely to be closeted, and results are skewed anyway) Also note that income brackets are, to my experience, extremely variant among gays depending on location, race and (here's the biggest, it seems) sex. >Let me note that Jews and Asians are not protected groups under Title >10 -- there are no affirmative action laws for us, and there *is* >discrimination against them -- sometimes even very violent >discrimination. Somehow, however, they have managed to do just fine in >society. Although I believe this is an apples/oranges situation on a number of grounds (no comments on discussing fruit, please :), I see your point. I still strongly disagree that such legislation isn't nessessary, but that's neither here nor there... >Perry -j -- "Blah Blah Blah" ___________________________________________________________________ Jamie Lawrence From tcmay at netcom.com Fri Sep 9 14:48:22 1994 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 9 Sep 94 14:48:22 PDT Subject: Black Cryptoanarchy (KKK, monopolies, contract killing) In-Reply-To: Message-ID: <199409092148.OAA01362@netcom11.netcom.com> (I can only respond very briefly to the excellent post Doug Cuttrell has made....I'm trying to finish something by tonight in preparation for tomorrow's Cypherpunks meeting in Mountain View.) Doug has correctly figured out what strong crypto implies, and just how badly it nukes the "liberal" view of society. Like I said, I'll be brief, even telegraphic: > I am trying to understand the arguments for these points of view... I > consider myself to be extremely "liberal" in my political philosophy, and I > have a lot of respect for the arguments of libertarians. But I am There's no time for any of us to write pro-libertarian essays here. Plenty of books. Etc. > to engage in racist hiring policies if that is their decision, but it seems > clear that Tim May does hold this position, and I understand that this is > in fact the classic libertarian position. The argument seems to be that in > a free society, natural cooperative processes will provide a form of > "autoregulation" to discourage the widespread development of oppression of > specific classes of individuals. I never worry about whether my choices are "racist" or "sexist" or "ageist" or "looksist" (a real term used here in Santa Cruz), etc. They're just my choices. Nobody else's business. Of course, they don't have to do business with me, either. Sounds fair to me. The original meaning of "liberalism" (yes). > There further seems to be an assumption that the tools of strong crypto > will facilitate this system of checks and balances through natural > cooperative processes. I am not convinced. Moreover, it seems to me that > cryptoanarchy may in fact facilitate a new type of "mob rule". For > example, imagine the development of a multitude of secret "crypto-posse" Yes, though I've called them "digilantes." Crypto Star Chambers. > organizations. Individuals could join any number of these secret > societies, which might require some sort of dues payment for participancy. > They might be fleeting in duration, forming spontaneously to achieve some > specific aim (thus my term "posse"). Virtually everything about these > organizations could be secret -- their size, power, and even their very > existence. Participating companies could secretly create trade monopolies. > Organizations such as the KKK could accrue the financial support of large > numbers of members to create strong social and economic pressures to > oppress segments of the population in specific areas, yet the source of > these pressures may be impossible to trace. Yep. I call this the "Crypto Anarchy Principle": The Crypto Anarchy Principle: Strong crypto permits unbreakable encryption, unforgeable signatures, untraceable electronic messages, and unlinkable pseudonomous identities. This ensures that some transactions and communications can be entered into only voluntarily. External force, law, and regulation cannot be applied. This is "anarchy," in the sense of no outside rulers and laws. Voluntary arrangements, back-stopped by voluntarily-arranged institutions like escrow services, will be the only form of rule. This is "crypto anarchy." > Even apart from this, the availability of truly secure anonymity, strong > encryption, and untraceable digital cash could allow contract killing to be > an openly conducted business. For example, an anonymous news post > announces a public key which is to be used to encode a contract kill order, > along with a digital cash payment. The person placing the contract need > only anonymously place the encrypted message in alt.test. Perhaps it is > even possible to make it impossible to tell that the message was encrypted > with the contract killer's public key (the killer would have to attempt > decryption of all similarly encoded messages on alt.test, but that might be > quite feasible). Thus it could be completely risk free for anyone to place > a contract on anyone else. Markets for assassinations--untraceable and unlinkable--have been a topic of discussion for a long time. You'll find them explicitly mentioned in my 1988 "Crypto Anarchist Manifesto." Doug is to be congratulated for realizing the implications, if he hadn't heard about them before. This topic has been written about by me, David Friedman, Robin Hanson, Hal Finney, and others. A lot of stuff to consider. Not now. > If there is a reason why these concerns are unfounded, I would very much > appreciate hearing refutations. I certainly don't want any of these > possibilities to materialize, but I don't see any way around them in a > completely "cryptoanarchic" society. Can't be stopped. If strong crypto is allowed (and most of us don't think even a police state could stop it at this point), then these "voluntary associations" cannot be stopped. Hence..... Welcome to the New Underworld Order! (a term I have borrowed from Claire Sterling.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From jamiel at sybase.com Fri Sep 9 15:05:07 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Fri, 9 Sep 94 15:05:07 PDT Subject: Black Cryptoanarchy (KKK, monopolies, contract killing) Message-ID: Looks like someone was listening to the discussion of fake mail that took place here earlier... Hint to the sender of this - think about how to get rid of the underscored line. After that, think *content*. At 2:01 PM 9/9/94, kkk at asc.bu.edu wrote: >Return-Path: [deletia] >Date: Fri, 9 Sep 1994 17:01:12 -0400 >From: kkk at asc.bu.edu >Message-Id: <199409092101.RAA14180 at BU.EDU> >Subject: Black Cryptoanarchy (KKK, monopolies, contract killing) >Apparently-To: cypherpunks at toad.com ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >Sender: owner-cypherpunks at toad.com >Precedence: bulk >Content-Length: 1876 -j -- "Blah Blah Blah" ___________________________________________________________________ Jamie Lawrence From cactus at bb.com Fri Sep 9 15:49:37 1994 From: cactus at bb.com (L. Todd Masco) Date: Fri, 9 Sep 94 15:49:37 PDT Subject: Title VII v. Liberty In-Reply-To: <9409092040.AA00273@snark.imsi.com> Message-ID: <34qovq$iv@bb.com> In article <9409092040.AA00273 at snark.imsi.com>, Perry E. Metzger wrote: >Actually, as I recall these have mostly been marketing studies. For >whatever reason (perhaps the same "oppressed group syndrome" that >tends to make several other minorities work harder) gay men tend to be >higher up on the income scale. No, I can't find a reference in a >second -- but if you insist I'll dig one up. Those knowing my opinions >closely enough will know that I loathe fundamentalist christians and >that I'm quite rabbid in attacking discrimination against homosexuals. My understanding is that it's a bimodal distribution: the marketing studies have shown the higher modality because that's the segment that they're interested in. -- L. Todd Masco | "Hide, witch, hide! The good folk come to burn thee, their cactus at bb.com | keen enjoyment hid behind a gothic mask of duty." -JS/BATE From vvallopp at eniac.seas.upenn.edu Fri Sep 9 15:49:59 1994 From: vvallopp at eniac.seas.upenn.edu (Vinod Valloppillil) Date: Fri, 9 Sep 94 15:49:59 PDT Subject: Ecash mailing list? In-Reply-To: Message-ID: <199409092244.WAA02304@red.seas.upenn.edu> Hello all, Is anybody interested in forming a mailing list explicitly for e-cash discussion? After looking at the c'punks list for at least a year, there seems to be the critical mass of interest to create a medium volume mailing list. The most critical benefit that such a dedicated list would have is that we could probably generate interest from parties who may have an interest in alternate currency/cash systems but have no interest/ knowledge of crypto (a lot of hard core financiers that I know of come to mind...). I don't have the resources to create a list but I'd be more than glad to help out someone who has access to 'em. ------------------------------+---------------------------------------------- Vinod Valloppillil | Even if you're one in a million, Telecom/MIS/Strategic MGMT | there's still a thousand more of you Engineering/Wharton | in China..... vvallopp at eniac.seas.upenn.edu | ------------------------------+---------------------------------------------- "When buying and selling are controlled by legislation, the first things to be bought and sold are legislators." - P.J. O'Rourke From cactus at bb.com Fri Sep 9 15:55:28 1994 From: cactus at bb.com (L. Todd Masco) Date: Fri, 9 Sep 94 15:55:28 PDT Subject: CONTROL FREAKS In-Reply-To: Message-ID: <34qpd0$mb@bb.com> To try to cool the flames a bit... In article , Sandy Sandfort wrote: >Come on, Jim, you've been arguing that totalitarians can ignore >economics. Answer my questions. How long did the "Thousand Year >Reich" last? What totalitarian states can you name that have had >any legs at all? There are none. I think the point isn't that totalitarian states won't last: we know that. The point is that those trying to establish a totalitarian state can do a hell of a lot of damage to the rest of us before they fail. -- L. Todd Masco | "Hide, witch, hide! The good folk come to burn thee, their cactus at bb.com | keen enjoyment hid behind a gothic mask of duty." -JS/BATE From jamesd at netcom.com Fri Sep 9 16:15:09 1994 From: jamesd at netcom.com (James A. Donald) Date: Fri, 9 Sep 94 16:15:09 PDT Subject: Black Cryptoanarchy (KKK, monopolies, contract killing) In-Reply-To: Message-ID: <199409092315.QAA02725@netcom7.netcom.com> Doug Cutrell writes > The argument seems to be that in > a free society, natural cooperative processes will provide a form of > "autoregulation" to discourage the widespread development of oppression of > specific classes of individuals. Actually the argument is that who I choose to associate with is no damned business of the state. If you want a utiltarian argument, no problem: Obviously laws regulating who can associate with who, can be used, will be used, and are being used to oppress those minority groups that are out of favor with the state. For example jews and Asians are not "protected groups" and the anti discrimination laws are enforced in a selective fashion to harass businessmen of Korean origin in California. Obviously if some individuals choose not to associate with some group for irrational reasons it will harm those who so choose more than it harms the group - but only the state can enforce discrimination with guns, and it does, thus only state sponsored discrimination is significant in practice. Plenty of Koreans have been put out of business by the state. How many homosexuals have been put out of business by private discrimination? But I piss on utilitarian arguments. From the fact that anti discrimination laws violate peoples rights, we could have immediately inferred that the unjust use of force would follow, and that this would lead to undesired and unintended outcomes, without bothering with the specific details. > Moreover, it seems to me that > cryptoanarchy may in fact facilitate a new type of "mob rule". For > example, imagine the development of a multitude of secret "crypto-posse" > organizations. Individuals could join any number of these secret > societies, which might require some sort of dues payment for participancy. > They might be fleeting in duration, forming spontaneously to achieve some > specific aim (thus my term "posse"). That is the plan. Consider the excellent and great campaign of intimidation and harassment against Cantor and Segal. We really trashed those guys. Hurray for cybervigilantes and Silicon cowboys. > Virtually everything about these > organizations could be secret -- their size, power, and even their very > existence. Right on. It is called "freedom of association". You will just have to get used to it. > If there is a reason why these concerns are unfounded, I would very much > appreciate hearing refutations. I certainly don't want any of these > possibilities to materialize, but I don't see any way around them in a > completely "cryptoanarchic" society. Most of us hope, desire, and intend, that your worst fears will be realized. As for contract killings - what else is new. Just as today you will have to start by asking "who has motive and money to put out a contract on X". Of course you could prevent contract killings by requiring everyone to carry government "escrowed" tape recordings to record all their conversations and requiring them to keep a diary at all times alibing their all their activities. This would also make it much easier to stamp out child pornography, plutonium smuggling, and social discrimination against the politically correct. --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From turner at telecheck.com Fri Sep 9 16:30:58 1994 From: turner at telecheck.com (Joe Turner) Date: Fri, 9 Sep 94 16:30:58 PDT Subject: Title VII v. Liberty In-Reply-To: <24090820325010@vms2.macc.wisc.edu> Message-ID: <9409092330.AA01303@TeleCheck.com> > As to sexual orientation, um no federal law protects the class. And yet >magic- ally, massive discrimination exists. This is a natural result >of the condition... [snip] > In my last position there were 43 women working and 2 men. I was one of those men. Not to flame, but what is the motivation for claiming massive discrim- ination exists? I have worked with a wide array of people from many different countries, ethnic backgrounds, and sexual orientation. I have never been in a situation where I believe someone else was descriminated against. As far as descrimination goes, I am a white male just out of high school. I applied for government grants but uncle sam thought my unemployed father was just too rich. While my minority friends were getting grants and loans, I was forced to get a job and work my way through community college. I'm not complaining-- Two years later, I am now a Systems Engineer for Telecheck International (and they are going to pick up the tab for my tuition), programming on a myriad of computer operating systems (VMS, OpenVMS, OSF, AIX, and MS-DOS) in C, C++ and assembly language, while my friends are still trying to figure out what they want to major in. I just get really frustrated when I hear about is being discriminated against. More often then not its just used as a justification for government funding, an excuse for a light prision sentence, or to gather a few liberal votes at the polling place. I have never felt that whinning about discrimination or making excuses will get you anywhere. > Sometimes intervention works. Granted, usually it does not. But removing > the regs now would work to do one thing - perpetuate the past effects of > discriminatory intent in today's world. Just the other day I was reading the Business section of the Houston Chronicle, in which a Clinton administrative official was quoted as saying, "its OK to fire whites to promote ethnic diversity." My interpritation of this is that its OK to fire people because of thier skin color. I thought this was illegal. I am scared of the day when I go into a job interview and before I am able to shake the CEO's hand he stops me from proceeding futher by saying, "I'm sorry we've already hired our white person for this quarter. We were looking for a asian woman. Or perhaps a black homosexual.. we'll get bonus points for that!" -- Joe N. Turner Telecheck International turner at telecheck.com 5251 Westheimer, PO BOX 4659, Houston, TX 77210-4659 compu$erv: 73301,1654 (800) 888-4922 * (713) 439-6597 From jya at pipeline.com Fri Sep 9 16:47:44 1994 From: jya at pipeline.com (John Young) Date: Fri, 9 Sep 94 16:47:44 PDT Subject: Black Cryptoanarchy (KKK, monopolies, contract killings) Message-ID: <199409092347.TAA03412@pipe1.pipeline.com> Responding to msg by doug at OpenMind.com (Doug Cutrell) on Fri, 9 Sep 12:36 PM: Your critique has elicited some of the best responses I've seen here. There is still, indeed, the task of proving that cryptoanarchy is not itself a play for power by those who write and master its cryptographic code. But better to test that in the public arena rather remain hidden and protected like the state secrecy of governmental cryptography. The state will probably fiercely oppose it, not least by stigmatizing cryptoanarchy and impugning its motives by exaggeration and distortion. (It is worth recalling that classical black anarchy, the secret, lethal version as distinguished from open black flag type, is used by despots to justify their ruthless measures. Black anarchists, as agents of despots, mingle with avowed flag-wavers to spy and provoke acts that lead to repressive crackdowns. Black anarchists never announce themselves as such but may freely admit to being "anarchistic" as a wild-eyed subterfuge. Inept provocations sometimes reveal them but the most able are never detected.) I may be helpful to read one writer's view of how cryptoanarchy may be lumped with and targeted like other stigmatized groups whose attributes it may claim: Quotes are from: "Stigma, Notes on the Management of Spoiled Identity", Erving Goffman, Simon and Schuster, 1963. pp. 143-45: DEVIATIONS AND DEVIANCE One such deviation is important here, the kind presented by individuals who are seen as declining voluntarily and openly to accept the social place accorded them, and who act irregularly and somewhat rebelliously in connection with our basic institutions -- the family, the age-grade system, the stereotyped role-division between the sexes, legitimate full-time employment involving maintenance of a single governmentally ratified personal identity, and segregation by class and race. These are the "disaffiliates." Those who take this stand on their own and by themselves might be called eccentrics or "characters." Those whose activity is collective and focused within some building or place (and often upon a special activity) may be called cultists. Those who come together into a sub-community or milieu may be called "social deviants", and their corporate life a deviant community. They constitute a special type, but only one type, of deviator. If there is to be a field of inquiry called "deviance," it is social deviants as here defined that would presumably constitute its core. Prostitutes, drug addicts, delinquents, criminals, jazz musicians, bohemians, gypsies, carnival workers, hobos, winos, show people, full time gamblers, beach dwellers, homosexuals, and the urban unrepentant poor -- these would be included. These are the folk who are considered to be engaged in some kind of collective denial of the social order. They are perceived as failing to use available opportunity for advancement in the various approved runways of society; they show open disrespect for their betters; they lack piety; they represent failures in the motivational schemes of society. Once the core of social deviancy is established, one can proceed to peripheral instances: community-based political radicals who not only vote in a divergent way but spend more time with those of their own kind than is politically necessary; the traveling rich who are not geared into the executive's work week, and spend their time drifting from one summering place to another; expatriates, employed or not, who routinely wander at least a few steps from the PX and the American Express; the ethnic assimilation backsliders who are reared in the two worlds of the parent society and the society of their parents, and resolutely turn away from the conventional routes of mobility open to them, overlaying their public school socialization with what many normals will see as a grotesque costume of religious orthodoxy; the metropolitan unmarried and merely married who disavail themselves of an opportunity to raise a family, and instead support a vague society that is in rebellion, albeit mild and short-lived, against the family system In almost all of these cases, some show of disaffiliation is made, as is also true of eccentrics and cultists, providing in this way a thin line that can be drawn between all of them and deviators on the other side, namely, the quietly disaffiliated--hobbyists who become so devoted to their avocation that only a husk remains for civil attachments, as in the case of some ardent stamp collectors, club tennis players, and sports car buffs. Social deviants, as defined, flaunt their refusal to accept their place and are temporarily tolerated in this gestural rebellion, providing it is restricted within the ecological boundaries of their community. Like ethnic and racial ghettos, these communities constitute a haven of self-defense and a place where the individual deviator can openly take the line that he is at least as good as anyone else. But in addition, social deviants often feel that they are not merely equal to but better than normals, and that the life they lead is better than that lived by the persons they would otherwise be. Social deviants also provide models of being for restless normals, obtaining not only sympathy but also recruits. (Cultists acquire converts too, of course, but the focus is on programs of action not styles of life.) The wise can become fellow-travelers. p. 25: STIGMA AND SOCIAL IDENTlTY Often those with a particular stigma sponsor a publication of some kind [list cypherpunks?] which gives voice to shared feelings, consolidating and stabilizing for the reader his sense of the realness of "his" group and his attachment to it. Here the ideology of the members is formulated -- their complaints, their aspirations, their politics. The names of well-known friends and enemies of the "group" are cited, along with information to confirm the goodness or the badness of these people. Success stories are printed, tales of heroes of assimilation who have penetrated new areas of normal acceptance. Atrocity tales are recorded, recent and historic, of extreme mistreatment by normals. Exemplary moral tales are provided in biographical and autobiographical form illustrating a desirable code of conduct for the stigmatized. The publication also serves as a forum for presenting some division of opinion as to how the situation of the stigmatized person ought best to be handled. Should the individual's failing require special equipment [crypto?], it is here advertised and reviewed. The readership of these publications provides a market for books and pamphlets which present a similar line. It is important to stress that, in America at least, no matter how small and how badly off a particular stigmatized category is, the viewpoint of its members is likely to be given public presentation of some kind. It can thus be said that Americans who are stigmatized tend to live in a literarily-defined world, however uncultured they might be. If they don't read books on the situation of persons like themselves, they at least read magazines and see movies; and where they don't do these, then they listen to local, vocal associates. An intellectually worked-up version of their point of view is thus available to most stigmatized persons End quotes From jamiel at sybase.com Fri Sep 9 16:54:29 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Fri, 9 Sep 94 16:54:29 PDT Subject: Title VII v. Liberty Message-ID: At 4:30 PM 9/9/94, Joe Turner wrote: >I just get really frustrated when I hear about is being >discriminated against. More often then not its just used as a justification >for government funding, an excuse for a light prision sentence, or to gather >a few liberal votes at the polling place. I have never felt that whinning >about discrimination or making excuses will get you anywhere. Oh, Christ. -j -- "Blah Blah Blah" ___________________________________________________________________ Jamie Lawrence From jamesd at netcom.com Fri Sep 9 16:55:08 1994 From: jamesd at netcom.com (James A. Donald) Date: Fri, 9 Sep 94 16:55:08 PDT Subject: CONTROL FREAKS (nee, AIDs testing and privacy) In-Reply-To: <199409091849.NAA09278@zoom.bga.com> Message-ID: <199409092323.QAA03690@netcom7.netcom.com> I wrote: > > the ideology that made that political movement possible is dead, > > dead, dead, dead. > > > > Get it. > > > > > > Dead. > > > > Fascism was an idea. That idea has been proven false. Jim choate writes > Somebody needs to tell the Aryian Brotherhood, The KKK, Louis Farackim (sp?), > etc. that what the beliefes they are acting on have been disproven. Fascism is not racism. Racism, like war and trade restrictions, was an accidental and almost unintentional byproduct of a complex ideological system that is now dead as stone, even though racism and so forth still live. This is now totally off cypherpunk issues, so I will not respond to further replies on this topic. > > -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jamiel at sybase.com Fri Sep 9 17:03:46 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Fri, 9 Sep 94 17:03:46 PDT Subject: Lame security software Message-ID: In showing a co-worker why a lot of the cryptographic software out there is really bad to use, I found one of the worst examples I've ever run across, and I'm in a sharing mood today. For those Mac users out there, get ahold of Norton Partition, which ships with Norton Utilities 2.0. I was demoing the only way it should be counted on for anything, and then not much, by setting up a non-automounting DES encrypted soft partition. I chose the password 'cheesetoast', and explained why this was a bad choice, etc. Well, upon mounting the disk to demo something else, I misstyped 'cheeseto " (that last character is a space), and whad do you know, it mounted. I suspect it checks a hash of the first eight characters, tossing the rest, but don't have time to check and see if that is the case. Happy ending - My coworker then asked "What is that PGP think again?" -j -- "Blah Blah Blah" ___________________________________________________________________ Jamie Lawrence From ravage at bga.com Fri Sep 9 17:30:13 1994 From: ravage at bga.com (Jim choate) Date: Fri, 9 Sep 94 17:30:13 PDT Subject: CONTROL FREAKS In-Reply-To: Message-ID: <199409100029.TAA24880@zoom.bga.com> > > Come on, Jim, you've been arguing that totalitarians can ignore > economics. Answer my questions. How long did the "Thousand Year > Reich" last? What totalitarian states can you name that have had > any legs at all? There are none. > You have obviously misinterpreted my statements intent. I do not hold that any government can ignore economics. As a matter of fact, back there a ways I alluded to the fall of most totalitarian regimes being linked to the economics of open trade. As long as their is a market outside the totalitarian keen there is a threat to its stability. The Thousand Year Reich lasted less than a thousand years. I fail to see how this is relevant to the discussion. I have not addressed in any manner the concept that governments, totalitarian or otherwise, are guaranteed a endless bounty of curruption. All governments and structures fail. As to legs, I assume you mean sufficient force to exist? The fist couple that come to mind are China and Singapore. Neither are at this moment in any kind of collapse that is apparent. As to their being good examples from your point of view, they have only existed since the end of WWII so they may be too young... > > No, of course not. The Roman circuses were public spectacles. > They were a form of entertainment (like professional sports > today). Their propose was to distract the populace, not to > eliminate enemies of the state. That's what Crucifixion and > other types of execution were for. Often, the participants were > pros, free men who did it for gold and glory. Hell, Rome wasn't > even a totalitarian state. Where do you get these ideas? The > Nazis were another matter, but they still didn't make the cut. > Show me your successful totalitarian states. > I fail to understand how 'public' the spectacle needs to be before it qualifies under your definition. Littery thousands of Christians were killed in the Arena because of failure to make their citizenship oaths. I see this as the main point and why I feel justified in making the comparison between the Romans and the Germans (not to mention the fact that Hitler was a big Roman freak..ever look at standards for Rome and for Nazi Germany?). > I've looked. I repeat, who are "they"? You know, like some > names. They can't be too powerful, since social/cultural/legal > non-compliance is a growth industry. God, what the hell are > you so afraid of? > How about the folks involved in Whitewater? About The Pentagon Papers, Air America, etc. Afraid? I am not afraid. > > But that's the point. Economics *is* like building a bridge. > You can't spend money you don't have. You can't create wealth by > printing money. There are rules, and no amount of subjectivism > or Roadrunner logic will exempt totalitarian states from them. > But if you disagree, please prove me wrong by naming the states > that have "created their own reality." I bet you can't. > The US government does exactly that, they print money that has no backing other than a few equations and then wonder why our economy cycles the way it does. Economics is NOT like building a bridge. A bridge consists of aa few well known interactions and a basic understanding of the limits of the materials that you use. Economics is about trying to understand what happened and why in a system revolving around the concepts of stock exchanges, banks that are government backed, etc. In Oregon there is no longer any reference to 'pornography' in their laws. In short their legal body has decided that such concepts are not applicable to their society. The French have government enforced board which reviews the language and decides on what is leglal or not; they also prohibit the use of crypto by their citizens to a large extent. The Mormons build a religion which strongly influences a government in Utah which effects all those peoples reality. In Shanghai, China it is against the law to own a cat or dog without government permission. > > Apparently, my comment about *structuring your life* so that you > could ignore the control freaks went right over your head at the > speed of light. > And in the process you become a control freak. You become what you most hate (or want to avoid). From frissell at panix.com Fri Sep 9 18:13:25 1994 From: frissell at panix.com (Duncan Frissell) Date: Fri, 9 Sep 94 18:13:25 PDT Subject: Copulating Camels and Digital Cash Message-ID: <199409100113.AA29404@panix.com> This week's Economist has one (or rather two) of the subject items on the cover and an article on the other inside. Also one on "Doing Business on the Net." DCF From tcmay at netcom.com Fri Sep 9 18:47:58 1994 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 9 Sep 94 18:47:58 PDT Subject: Ecash mailing list? In-Reply-To: <199409092244.WAA02304@red.seas.upenn.edu> Message-ID: <199409100147.SAA08070@netcom9.netcom.com> > Is anybody interested in forming a mailing list explicitly for e-cash > discussion? After looking at the c'punks list for at least a year, > there seems to be the critical mass of interest to create a medium > volume mailing list. Half a dozen such special sub-list exists on Cypherpunks--bet you didn't know that, eh? That's because they go unused, for reasons I've written about before. And there _are_ money-related lists: IMP-Interest, DigLib, AltInst, and probably others I've missed. Why start yet another one? > The most critical benefit that such a dedicated list would have is > that we could probably generate interest from parties who may have > an interest in alternate currency/cash systems but have no interest/ > knowledge of crypto (a lot of hard core financiers that I know of > come to mind...). If you're not on _their_ lists, why do you think they'll join _your_ list? > > I don't have the resources to create a list but I'd be more than > glad to help out someone who has access to 'em. > > ------------------------------+---------------------------------------------- > Vinod Valloppillil | Even if you're one in a million, Creating such a list is the easy part (Duncan and Sandy just did it for PRIVACY 101)..the hard part is having it survive infancy. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From nobody at jpunix.com Fri Sep 9 20:12:29 1994 From: nobody at jpunix.com (nobody at jpunix.com) Date: Fri, 9 Sep 94 20:12:29 PDT Subject: Thank you Bob Anderson Message-ID: <199409100311.WAA12423@jpunix.com> SUBJECT: RC4 Source Code I've tested this. It is compatible with the RC4 object module that comes in the various RSA toolkits. /* rc4.h */ typedef struct rc4_key { unsigned char state[256]; unsigned char x; unsigned char y; } rc4_key; void prepare_key(unsigned char *key_data_ptr,int key_data_len, rc4_key *key); void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key); /*rc4.c */ #include "rc4.h" static void swap_byte(unsigned char *a, unsigned char *b); void prepare_key(unsigned char *key_data_ptr, int key_data_len, rc4_key *key) { unsigned char swapByte; unsigned char index1; unsigned char index2; unsigned char* state; short counter; state = &key->state[0]; for(counter = 0; counter < 256; counter++) state[counter] = counter; key->x = 0; key->y = 0; index1 = 0; index2 = 0; for(counter = 0; counter < 256; counter++) { index2 = (key_data_ptr[index1] + state[counter] + index2) % 256; swap_byte(&state[counter], &state[index2]); index1 = (index1 + 1) % key_data_len; } } void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key) { unsigned char x; unsigned char y; unsigned char* state; unsigned char xorIndex; short counter; x = key->x; y = key->y; state = &key->state[0]; for(counter = 0; counter < buffer_len; counter ++) { x = (x + 1) % 256; y = (state[x] + y) % 256; swap_byte(&state[x], &state[y]); xorIndex = state[x] + (state[y]) % 256; buffer_ptr[counter] ^= state[xorIndex]; } key->x = x; key->y = y; } static void swap_byte(unsigned char *a, unsigned char *b) { unsigned char swapByte; swapByte = *a; *a = *b; *b = swapByte; }  From blancw at pylon.com Fri Sep 9 20:25:55 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Fri, 9 Sep 94 20:25:55 PDT Subject: Societies & Your Health Message-ID: <199409100326.UAA21830@deepthought.pylon.com> Responding to msg by Doug Cutrell: "Blanc seems to be concerned principally with the soundness and health of the business entity." Well, if you mean that I was defending the prerogative of a corporate entity against an angry mob of voters descending upon it to coerce services from it, health (& safety!) is the concern. But actually I was taking your argument of equal fairness and noting that voters who responded that way to a denial of service would be expecting automatic beneficence, without considering the means to the end: if there is no existing service, there is no one to coerce into providing it. The voting public which bands together to use coercion takes services & benefits for granted, without any respect for the source. " I am not sure whether Blanc would hold that businesses should be free to engage in racist hiring policies if that is their decision...." Since I wouldn't claim to own either the corporations or the society within which they operate, I wouldn't presume to direct their hiring policies either. "The argument seems to be that in a free society, natural cooperative processes will provide a form of "autoregulation" to discourage the widespread development of oppression of specific classes of individuals." Societies, I hear tell, develop with the intent of deriving positive benefits from an association with people who want to interact with each other. In a "free" society, oppressed classes of individuals would be at liberty to leave to form their own, repressive arrangements and establish their own discriminative hiring policies. "....... imagine the development of a multitude of secret "crypto-posse" organizations. .......Organizations such as the KKK could accrue the financial support of large numbers of members to create strong social and economic pressures to oppress segments of the population. . . . . . " One thing I can say about this, is that there already exist a large number of this type of organization, and they are not very secret about it. In Bosnia, in Iran, in South America, in South Africa, et al. They suppress & decimate whole populations in full view. Perhaps if there were a larger number of secret organizations, they would target each other and kill each other off. The world could become one big, happy family of paranoids instead of just a horde of " nattering nabobs of negativism" ( is that an endangered species?). Blanc From vznuri at netcom.com Fri Sep 9 20:29:35 1994 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Fri, 09 Sep 94 20:29:35 -0700 Subject: help! Message-ID: <7fb00796f6fa0266f4390bb3e7b04079@NO-ID-FOUND.mhonarc.org> I'm having problems posting to the cypherpunks list. I was hoping you might be able to help me. could you post this? thanks-- Subject: beta test volunteers wanted I am in the process of starting beta tests on some server-based email filtering software. I need some volunteers to help debug the system. I'll have to ask you to commit to an informal, temporary nondisclosure agreement. If you are interested, please send me mail. Thanks-- vznuri at netcom.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From rishab at dxm.ernet.in Fri Sep 9 20:31:04 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 9 Sep 94 20:31:04 PDT Subject: Social punishment 2/3: communication societies Message-ID: Social punishment 2/3: communication societies If one examines the use of social punishment, one sees that that it is strongest in the smallest of units (a family - 'if you do that again, we won't talk to you') and while best seen as a way of keeping order in small villages or tribes, is gradually replaced by more formal legal systems, with some form of judiciary, police and prison as populations gather in towns and cities. Social punishment also works best with non-lethal 'crimes' rather than murder and rape, presumably more common in cities than in villages (or cyberspace). It has been argued that cities need formal legal systems due to the complex situations created by a large, concentrated population. More people means more people who don't know (and therefore trust) each other, and leads to more crime. Taboo and other social punishment can't work because the people are not as strongly bound together as in a smaller community. This may be partially true. I would say, however, that the primary reason that social punishment works in a village is that it is a _communication society_. People depend on each other (rather than on faceless municipal corporations or public utilities) for most activities. Most of all, they depend on each other to _talk_ - for social interaction. Social interaction is a far more important component of life in a village than in a big city. It is because of this greater need for communication, rather than the size of the population, that ostracization is so effective. Cyberspace is also a communication society. While McLuhan's Global Village has become extremely cliched, in this aspect cyberspace does resemble a village. People on the Net may not be dependent on each other for food and clothing, but they are for almost anything else concerned with a cyber life. There is thankfully no Internet Municipal Corporation that takes care of all roads (net connections), supplies (of information and public keys), and order (through centralized credentials or certification). Most would be repelled at the thought of such a thing. Cyberspace is full of vibrant communities that do little else but talk. Social interaction is at a higher level than at any time in history. The 'crimes' committed in cyberspace are non-lethal and primarily violations of protocol. Like the other communication society, the tribe or village, cyberspace is well suited to a system of social punishment. It's not as if taboos and ostracization don't already exist in cyberspace, to keep people within the few unwritten rules that exist at present. Flames, newbies, kill files etc. As a variety of activities take place in cyberspace, from digital cash transfers to elections to escrow, the number of rules will grow, but there is no reason why the system of punishment cannot be equally effective. No, I'm not saying that you can solve electronic fraud by putting a name in your kill file. More recent technologies - cancelbots, reputation systems (in concept if not in fact) - can make social punishment in cyberspace highly practical. And in cyberspace, if noone reads your posts, you're dead. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From hfinney at shell.portal.com Fri Sep 9 20:38:50 1994 From: hfinney at shell.portal.com (Hal) Date: Fri, 9 Sep 94 20:38:50 PDT Subject: digital reputation capital In-Reply-To: <199409091646.MAA16843@bwh.harvard.edu> Message-ID: <199409100338.UAA09358@jobe.shell.portal.com> Adam Shostack writes: > I'm currently writing up a design for a digital reputation >capital system. The intent is not to provide a framework for >licensing or formal endorsement system, but instead, allow people to >automatically discover the opinions of others about various entities. At one time there was something similar to this called the Hawthorne Exchange (or HEX) associated with the Extropians list. Various entities (like people and nyms, and later, confusingly, ideas) could be registered and people could buy and sell "shares" in these registered entities. The market price of a share was supposed to in some sense represent the value of the reputation. At least, that's how I understood it. The goals were never 100% clear to me. It did not seem to work very well. You need to give people an incentive to participate, to register their opinions. Because you could actually make "monetary units" by buying low and selling high, there seemed to be a lot of volatility and price manipulation in the market, especially since there wasn't much to tie the prices to reality. You might check on the Extropians list for more information. Hal From rishab at dxm.ernet.in Fri Sep 9 20:48:22 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 9 Sep 94 20:48:22 PDT Subject: ITARs around the world Message-ID: M.Gream at uts.EDU.AU (Matthew Gream): > [quoting alt.pgp.security] > I'm afraid I have to post a clarification to a clarification. I've just > been in contact with the relevant people at the Defence Signals > Directorate. It seems that regardless of advice obtained from other > departments and documentation that points to the contrary, there are > restrictive controls on software. Is the document mentioned the equivalent (with similar legal standing) of the US ITAR? When the Scandinavian countries join the EU next year, what will the implications for crypto be? France bans it, is there any EU policy proposal? Maybe crypto software should all be written by cheap programmers in Bangalore. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Fri Sep 9 22:30:10 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 9 Sep 94 22:30:10 PDT Subject: Social punishment 3/3: reputation systems Message-ID: Social punishment 3/3: reputation systems Social punishment works because individuals know that someone has broken rules, and _voluntarily_ cooperate with enforcing the accused's punishment. (Of course part of the reason is the risk of similar punishment for non-cooperation, but a major part, particularly in cybercrimes, is that if an individual could harm someone else, he or she could harm you too.) Social punishment works through reputation. XXX, after breaking rules, is seen to be a 'bad character'. Soon everyone knows XXX as a 'bad character' and behaves accordingly, usually by avoiding contact. Once XXX gets a bad REPUTATION (and this is how _I_ define the term, not as some centrally imposed certificate), in traditional societies it is very difficult for XXX to regain a good one. People _individually_ decide whether a 'bad character' is indeed 'bad' and depending on the stature of the individual and the bad character, may or may not cooperate with any punishment. A priest in traditional society or someone else with impeccable reputation is permitted to interact with even the worst of characters. One problem with such a wildfire reputation system is it can be _too_ effective. Once ostracized, the decentralized system makes it very difficult for someone to rejoin society, to have his/her 'reformation' recognized. The channels in traditional societies include lots of 'good work' and recommendation by 'good citizens' such as the priest etc. The other is a new identity. The most powerful illustration of a reputation system I can think of is Victor Hugo's Les Miserables, where ex-convict Jean Valjean finds himself ostracized by society despite having been released. A priest's kindness is not enough, and he later gains a very good reputation building an industry. The notable thing is that he rejoins society only when he gets a _new identity_ - and later gets back into prison when his old identity is discovered. This is a strong case for universal pseudonymity - BAN TRUE NAMES - which, together with strong voluntary reputation and social punishment systems can form the basis for cyberspatial order. I can't really say as yet how a cyberspace reputation system should be implemented. Old-timers will recognize the distinction between my proposed voluntary reputation and certification - the difference between PGP and central public key directories. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Fri Sep 9 23:49:07 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 9 Sep 94 23:49:07 PDT Subject: Citizen-Unit Donald De-Certified Message-ID: To all Certified Citizen-Units, We are most disappointed to inform you of the sad fate of a bright young Citizen-Unit, James A Donald. Citizen-Unit Donald has fallen prey to the increasingly common disease of incorrect thinking. He has actually suggested the possibility that this august and universally respected Board be replaced with what he calls a 'reputation' system. In his system, Citizen-Units would not be Certified by a central Board of Credentials, but would actually have 'reputations' - semi-certificates of approval by each Citizen-Unit. These reputations would be independent of any group of Citizen-Units, and would represent the trust placed by _individual_ Units in the recipient. In such a system, a wrong-thinking Unit may have a bad reputation with most people, but a good one with others! This suggestion seems dangerously close to pre-civilization tribal society, and makes the insupportable assumption that a Citizen-Unit knows what is best for itself. As we all know, any individual's opinions are hopelessly inadequate when compared with the Collective, as expressed by this Board. It is hoped that other Units will keep themselves away from such incorrect attitudes. Citizen-Unit Donald shall henceforth be treated as De-Certified. Citizen-Unit Rishab Ghosh, Senior Certifier, Central Board of Credentials and Certification ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From usura at vox.xs4all.nl Sat Sep 10 03:26:54 1994 From: usura at vox.xs4all.nl (Alex de Joode) Date: Sat, 10 Sep 94 03:26:54 PDT Subject: ITARs around the world Message-ID: rishab at dxm.ernet.in writes: : M.Gream at uts.EDU.AU (Matthew Gream): : > [quoting alt.pgp.security] : > I'm afraid I have to post a clarification to a clarification. I've just : > been in contact with the relevant people at the Defence Signals : > Directorate. It seems that regardless of advice obtained from other : > departments and documentation that points to the contrary, there are : > restrictive controls on software. : : Is the document mentioned the equivalent (with similar legal standing) of the : US ITAR? : : When the Scandinavian countries join the EU next year, what will the : implications for crypto be? France bans it, is there any EU policy proposal? : The EU has published a plan of action for how to proceed into the informationsociety. -> COM(94) 347 def. Brussels, 19.07.1994 This document only states that: (translated from dutch, lousy english I know) The Commision plans, advised by a group of officials concerning the security of informationsystems, to make a proposal in september 1994 for requirements that encryption systems and signature verification systems must follow. [..] The Community will research the possiblities for cooperation in the field of encryption with third countries, notably the US. Other relevant publications are: -> COM(94) 128 def. COD 288 Brussels, 13.06.1994 ISDN and mobile networks (cellular for US folks) -> COM(92) 422 Outline of Privacy Protection [If you are in the EU, most University Law Libraries will have these documents, in the US or elsewhere one should look for an depository Library for EU publications] EnJoY -- Exit! Stage Left. Alex de Joode From merriman at metronet.com Sat Sep 10 06:41:39 1994 From: merriman at metronet.com (David K. Merriman) Date: Sat, 10 Sep 94 06:41:39 PDT Subject: Bumper Stickers Message-ID: I finally got around to calling the number that was posted along with the announcement of Williams and Macias' bumper sticker printer stock of a few weeks ago. They were quite willing to send me samples of it :-) When it shows up, I'll take it for a 'test drive' and let you all know how it turns out. Their number is 1-800-310-0890, if you want to play with it yourself. Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From sandfort at crl.com Sat Sep 10 06:47:09 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Sat, 10 Sep 94 06:47:09 PDT Subject: FORWARD Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . From smart at mel.dit.csiro.au Sat Sep 10 07:04:23 1994 From: smart at mel.dit.csiro.au (Bob Smart) Date: Sat, 10 Sep 94 07:04:23 PDT Subject: Proposal for an Electronic Commerce Testbed Message-ID: <199409101403.AA28987@shark.mel.dit.csiro.au> As Tony Rutkowski said recently in Tokyo, the Internet works best when things come from the bottom up. Things that require a lot of sophisticated infrastructure before you can even get started are hard to get off the ground. This tends to be a problem with all security technology and particularly with proposals for electronic commerce. We need a testbed where we can play with the various proposals without having the dangers associated with using real money in an experimental environment. On the other hand we need a large number of people using the experimental software because scalability and usability are two key criteria. This document will describe: 1. The technical requirements for such a testbed. 2. The social engineering necessary to get a large number of Internet users participating in the testbed. Testbed Structure ----------------- Initially there would be only one bank. Multiple banks and inter-bank issues would be brought in later. Protocols should be designed to allow for multiple banks. The intention would be to implement (and thus compare) multiple forms of electronic money: everything from open electronic cheques (and other EDI) to sophisticated double-blinded digital cash schemes. All source for software used in the testbed is openly available. It is not necessarily available for reuse - all that is required for the testbed's purposes is to ensure that there is no security-through- obscurity. The system must support multiple currencies in simultaneous use. The only requirement for a currency is that the mechanism for creating new money is defined and does not allow people to get an arbitrarily large amount of money. [E.g. if it is done by allowing registered people to receive an "income" then people shouldn't be able to register multiple times in different guises without sustaining a real cost for doing so.] I discuss some ideas for how to do this later. A currency market should be set up at an early stage, if only as a fun application. People are encouraged (preferably by real physical prizes) to try to break the electronic commerce protocols. To facilitate this all communication for the system goes through "virtual" paths which are are on one or more computers. People who register as attackers can take over one or more virtual links and can delete/insert/change packets on those links. Denial of service attacks are not allowed. Nor (obviously) are attacks that don't use the officially sanctioned attack points. While the last sentence seems obvious it needs to be made strongly so we don't get people claiming in court "I broke into their machine because they wanted people to try to break their system". Finally, and this is perhaps the hardest part, we need applications which use the electronic commerce protocols and which a lot of people will want to use. This is hard with only "play" money, but I have a few ideas below. The protocols and the applications will not be tied to particular currencies. Particular servers and users will only accept particular currencies. This might be partly handled by having a currency market but ultimately some currencies may have real value while others don't, and the problem of acquiring the currencies with real value will be no different to our experience of real life. Possible Detail: Creation of Money ---------------------------------- The Internet Society might issue "Internet Dollar" play money to all its (financial) members who are interested, at some steady rate. Then organizations wishing to support the Internet Society while participating in the testbed might provide some services (e.g. by www) and charge with Internet$s. This would encourage people to join the Internet Society to use those services. It will also allow people to provide services which they would provide free except for a fear that they would be overused and thus affect the organizations network link - the play money charge limits possible use. A charity (or group of charities) could provide play money to people making donations. For example a donation of $100 to charity X might get you 100 X$s. Then organizations wishing to support charity X can provide services which are charged for in X$s. All the people involved in these experiments need to be aware that the software is experimental and that people are encouraged to break the protocols and "steal" the play money. So they shouldn't use it for anything serious. However when things stabilize and become trusted it is possible to imagine slightly more serious uses before we get to pure commercial applications. Network providers could experiment with charging algorithms. For example AARNet could issue AARNet units to its customers in proportion to their bill. A certain amount, say 40%, of the international link could be reserved for priority traffic. Users wanting a share of that priority component of the link would participate in an auction that is run every 30 minutes using AARnet units as currency. Possible Detail: Competitions and Gambling ------------------------------------------ I've speculated above on the possibility of people supporting the testbed by providing some useful services while charging play money. We shouldn't depend on that. There is a class of applications which are fun but need (or at least are helped by) money to give the measure of success or failure. These are games, competitions and gambling. I believe that done right they can be sufficiently interesting with play money that people will want to take part: enough people to test the scalability of the various proposals. Some of the games that can be played between individuals on the Internet really need the ability to have a bet to make play really meaningful: poker and backgammon are examples. The question is: will betting with "play" money work or will people play frivolously because the money does not have real value? The key here is that the currency used is reasonably hard to obtain. If you play badly and lose your money you can't play. If you win and get a lot of money you can move into the higher stake games where, presumably, the better and thus more interesting opponents play. I think it could work quite well. Beyond that we can produce a lot of gambling games which we know interest a lot of people and perhaps if they played with play money on the Internet their kids would eat better: casino games, lotteries, numbers games, bingo, poker machines, betting on events like horse races. I have some ideas in this area that can only be done on a computer network. Possible Detail: Getting Things Done ------------------------------------ I think the best way to move this forward would be through the IETF. There would be an ect working group. The rules for taking part in the testbed would be published as informational or experimental RFCs. We would need machines to run the Internet Experimental Bank and the attacker-accessible virtual links. I imagine that many organizations would be keen for the cachet of providing these services provided that the banks protocols didn't require human intervention. I imagine that account numbers will be PGP public keys. Subscribers claiming to be financial members of the Internet Society will receive an initial allocation and steady income of Internet-dollars. Other currencies will be created as required. The particular electronic commerce protocols experimented with may require additional infrastructure. For example accounts can be associated with other keys, for the use with protocols which don't use RSA, by means of appropriate PGP-signed documents. Clearly there is a lot of coding to be done, from hack to cryptographic. I think if we got the support of the IETF then we'd get support from individuals and organizations. The fact that it would add a certain respectability to playing games over the Internet would also help to attract some young and talented contributors. Interest? --------- Without endorsing the particular details above, if you think an Electronic Commerce Testbed is possible and that you would be prepared to contribute to an IETF WG on the subject then let me know. With sufficient interest I will propose the idea to Jeff Schiller (IETF Security Area Director). Bob Smart From merriman at metronet.com Sat Sep 10 10:03:05 1994 From: merriman at metronet.com (David K. Merriman) Date: Sat, 10 Sep 94 10:03:05 PDT Subject: E.C.T. Message-ID: The ECT proposal sounds pretty good, and I'd like to toss in my nickle's worth.... What to do about the non-Unix (and Unix variants) world? Granted that the majority of the net is "unix" based, there are still a *lot* of folks that run MSDOS, Windows, Amigas, Ataris, and god-knows-what-else. If they can't 'play', that would seem to put a semi-serious limitation on the testbed. What hooks are going to be available to let the other kids play? (I count myself in there - I run Windows) There was recently a not-so-brief thread about what to call the electronic "cash" - why not just go with that old Sci-Fi standby of "credits" (abbreviated C| ? Or the copyright symbol?)? It's not specific to any country/currency, and fairly accurately describes the nature of the medium. Are the creditbanks going to be available on a 24-hour basis, with the attendant load/reliability questions? If not, what to do about overdrafts, or refusals-of-service because a creditbank is 'down'? How to deal with getting account balances (if appropriate)? Do we handle the transactions as cash (each "bill" serial numbered and sealed)) or checks (available in virtually any "denomination" - with the related check-based concerns)? If it's going to be in "denominational" form, how are these "bills" going to be identified? This is related to the unix/MSDOS/Atari/Amiga/??? question - discrete monetary denominations should at least have filenames that are usable by all participants (regrettably, that means the MSDOS limitation of 8.3 - *sigh*). If checks, what format do they take (I'll assume they'll still meet the minimum filename limitations of MSDOS)? How are the credits actually transferred (ie, how would I send C|35 to Tim May :-) - attachment, inclusion (uuencoded? MIME?), or ???? Would I be correct that these credits would only be available in integer units? Please understand - I'm not trying to throw cold water on the idea, or pretend I'm playing "devil's advocate", or anything of the sort. I like the idea of implementing a testbed for e-money, and would like to contribute whatever I can: I've followed the e-money discussions as theory, but my 'real world' job is as an engineering tech - the one who tries to get from the design/theory stage to real implementation. You "engineers" get to work out the gory details of what's the best "design"; us "technicians" have to work out the details of how to implement your designs - and provide feedback when something doesn't "look right", or ask questions when there's a _perceived_ problem with the implementation. The design/implementation process generally works best when the engineer can tell the technician what he's trying to do, and the technician gets to provide feedback by asking dumb questions about why and how and what-happens-if :-) Finally, I think it would be better if the foundation for the ECT were in place before trying to spread the gospel, so to speak. I know that's kind of obvious, but if we had the creditbanks in place, the creditnotes or creditchecks available, and the tools (MS-Windows CreditWriter? Atari CreditPurse?) to allow unix/DOS/Atari/Amiga users to actually use the system, more folks would be willing to at least give it a *try*. It's the old bird-in-the-hand vs two-in-the-bush deal....... One thing did occur to me after reading the ECT proposal: it would seem to be ideal for mailing lists and moderated newsgroups. Someone wanting to post an article/message pays (say) C|10 for the privelege; if others like it, they send the author C|1. Flamers don't make much (if any) money, and good stuff increases wealth. Leaves folks free to write whatever they want, but not for free (translation: you've *really* got to want to say it before you'll pay for it). Kinda brings new meaning to the phrase "putting in my .02 worth" :-) Dave Merriman - Playing "Straight Man" to the Cypherpunks Comedy Troupe :-) - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From pierre at shell.portal.com Sat Sep 10 11:18:19 1994 From: pierre at shell.portal.com (Pierre Uszynski) Date: Sat, 10 Sep 94 11:18:19 PDT Subject: E.C.T. Message-ID: <199409101818.LAA12810@jobe.shell.portal.com> Dave Merriman explains: > > One thing did occur to me after reading the ECT proposal: it would seem to be > ideal for mailing lists and moderated newsgroups. Someone wanting to post an > article/message pays (say) C|10 for the privelege; if others like it, they > send the author C|1. Flamers don't make much (if any) money, and good stuff > increases wealth. You don't need any Testbed Administration to do that. You can start such a mailing list right now, based on "silly name" NetCash/NetBank. They have the advantage of being right here, right now, and they are real money (so far :-). The fact that they receive their funds only through 900 numbers does not even necessarily limit them to USA residents: others can easily buy and sell "credits" through said USA residents. After all, people have been selling software and T-shirts internationally for a while. AMIX was based on such a system, albeit somehow considering they didn't need internet access, and building a pricing schedule more in line with Dialog than with internet (read "out of this world" :-). Pierre. pierre at shell.portal.com From cwalton at earthlink.net Sat Sep 10 12:00:26 1994 From: cwalton at earthlink.net (Conrad Walton) Date: Sat, 10 Sep 94 12:00:26 PDT Subject: Crypto Anarchist Manifesto Message-ID: At 2:48 PM 9/9/94 -0700, Timothy C. May wrote: > >Markets for assassinations--untraceable and unlinkable--have been a >topic of discussion for a long time. You'll find them explicitly >mentioned in my 1988 "Crypto Anarchist Manifesto." > >--Tim May > And is it possible to obtain a copy of your 1988 "Crypto Anarchist Manifesto."? Sounds like fun. FTP Site? ***************************************** Conrad Walton cwalton at earthlink.net ***************************************** Without JOY there can be no STRENGTH. Without STRENGTH, all other virtures are worthless. Edward Abbey From klbarrus at owlnet.rice.edu Sat Sep 10 12:20:49 1994 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Sat, 10 Sep 94 12:20:49 PDT Subject: Crypto Anarchist Manifesto (location) In-Reply-To: Message-ID: <9409101920.AA24297@snowy.owlnet.rice.edu> Conrad Walton wrote: > And is it possible to obtain a copy of your 1988 "Crypto Anarchist > Manifesto."? Sounds like fun. FTP Site? It is available via FTP at ftp.csua.berkeley.edu (I'm pretty sure this is the new name of soda.berkeley.edu!) in pub/cypherpunks. It is also available via gopher at chaos.bsu.edu in the Essays subdirectory of the "Cypherpunks Archive Site" directory (gopher://chaos.bsu.edu/Cypherpunks Archive Site/Essays/Cypherpunks Manifesto) I guess it should be renamed it to "Crypto Anarchist Manifesto" ;) It is probably elsewhere too; I'm currently reorganizing the gopher site (still have to do "Anonymous Mail" and "Misc") and hope to finish with adding extra material, including pointers to other the other sites I know exist. -- Karl L. Barrus: klbarrus at owlnet.rice.edu 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 "One man's mnemonic is another man's cryptography" - K. Cooper From mark at unicorn.com Sat Sep 10 12:28:34 1994 From: mark at unicorn.com (Mark Grant) Date: Sat, 10 Sep 94 12:28:34 PDT Subject: Crypto Anarchist Manifesto (location) Message-ID: On Sat, 10 Sep 1994, Karl Lui Barrus wrote: > It is probably elsewhere too; I have an HTML version on the WWW at : http://www.c2.org/~mark/lib/ca.html feel free to add links to it from anywhere else... Mark From jburrell at crl.com Sat Sep 10 12:32:40 1994 From: jburrell at crl.com (Jason Burrell) Date: Sat, 10 Sep 94 12:32:40 PDT Subject: Crypto Anarchist Manifesto Message-ID: <199409101931.AA06053@mail.crl.com> >And is it possible to obtain a copy of your 1988 "Crypto Anarchist Manifesto."? >Sounds like fun. FTP Site? I found it on soda.csua.berkeley.edu last night. I don't think it was there before. Look for it in /pub/cypherpunks/rants/. -- Jason Burrell Finger for PGP public key. There is no such thing as limited censorship. If you want your freedom, fight now. Don't wait until you've lost it. From adam at bwh.harvard.edu Sat Sep 10 12:53:47 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Sat, 10 Sep 94 12:53:47 PDT Subject: Reputation credits 1/3 Message-ID: <199409101953.PAA01613@bwh.harvard.edu> After Rishab's posts on the uses of digital reputation credentials, I'd like to present some thoughts on how to implement them. Thoughts on creating a Reputation Capital Framework This document is split into three parts: A creating a useful, basic system of service, methods of distribution and implementation of reputation information, and possibilities for extending the system which may make the whole thing unworkably complex, but also may make it much more useful. I am going to begin by not rigorously defining reputation capital. The initial application, IMHO anyway, is magic filtering. The cypherpunks list gets up to 500 messages per week. Right now, I filter based on whose messages I like to read. This is a weak system that requires manual updating. It does not automatically respond when someone who I respect says "I've enjoyed XX's posts." I think that the framework I outline here can do magic filtering well. It also has the ability to evolve into a full fledged system for complex digital reputations in various realms. The simplest system would be where people collect statements of the form "I respect Alice. /s/ Bob." * Alice would collect statements like this, and append them to the bottom of her writings so that people who respected Bob would have a clue that they might be interested in what Alice has to say. A 'web of respect' could easily be formed, with each step away causing some reduction in value. The number would have to be large enough that reputations could spread--ie, that people could get some use out of this beyond an elaborate name for a kill/hotfile. It would also need to be small enough that reputations lines do not extend forever. Eventually, you don't care what Kim thinks of Loius. I would guess that some multiplier between .9 and .05 would work well. People you respect directly get the highest rating, people further away lose some amount of that respect until it trickles down to nothing. * the statement "I respect Alice. /s/ Bob." is analogous to "I find Alice's work interesting, informative, or otherwise worth reading. If someone would like to suggest a name other than reputation credentials for this, I'd be happy to hear it. Note that in this simple system, statements do not have any numerical value attached. Bob can not respect Alice 30% or 99% of the time, he only gets a binary statement. Its an obvious extension to let Bob say "I respect Alice 80% of the time. /s/ Bob." I only point this out because it is not mandatory that a system be constructed this way, and in fact, even a very simple system could be quite useful. With the addition of partial respect, the need for an automatic reduction in value becomes much less clear. If Alice respects Bob 50% of the time, and Bob respects Charlie 50% of the time, then Alice will probably find that a 25% respect rating for Charlie is good enough. (I'm not going to get into possible variations here; things seem to work well using percentages for reputation credentials and negative percentages for disrespect. The numbers are multiplied together, shrinking away to nothing pretty quickly, except in the case of a group of people with a good deal of mutual respect for each other.) Also, if several reputation credentials come in for one entity, they can simply be averaged together. This respect rating is relative; there is no central organization to say that Charlie's Used Cars sells great vehicles 25% of the time, its just what Alice's agents will be able to gauge how interesting Alice might consider someones work to be. Someone she occasionally respects sometimes thinks well of Charlie, so its more likely that she will be interested in what Charlie has to say, at least in comparison to someone Alice has never heard of at all. In this system, it makes sense for Charlie to spend a lot of time making his customers happy at first, and holding on to their endorsements of him, because there is no time limit on the statements, and no way to retract opinions. So, those are two natural enough extensions. Decaying reputations, based on the age of the signature, cause a reputation cred. to eventually become useless. Then there is the matter of retracting, or post-facto changing your statement of a reputation. This is more problematic. Remember right now, Alice, Bob and Charlie are simply collecting these reputation credentials, and storing them themselves. If Bob sends Alice a statement "I no longer respect Alice at all. /s/ Bob, 1 Sept 1994," Alice can simply forget to include it in her list of reputation credentials. If she commits to it through some crytpographically strong protocol based on her actions, she can probably dump it, and do business for some period of time before someone runs through all the work to confirm her reputation is as she presents it, and discovers she is lying based on outdated credentials. A solid system needs to ensure that up to date, complete credentials are available for most people most of the time. In my next message, I'll show several possible designs for systems that could exist in parallel to distribute reputation information, and explain why each would be useful. I'll also sketch out a set of programs to demontstrate how the system could be used. From adam at bwh.harvard.edu Sat Sep 10 12:54:18 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Sat, 10 Sep 94 12:54:18 PDT Subject: reputation credit 2/3 Message-ID: <199409101954.PAA01625@bwh.harvard.edu> Design criterion for a reputation service: * Reliable * trustworthy * resistant to dropping unflattering credentials * decentralized * easy to use * easier to automate * needs to support distributions of pseudonyms reputations without providing information about the nym. Designing a solid credential server is not an easy task. There are many requirements that one should meet. The basic server I am considering is designed for Internet as it is today. Mostly academics, researchers and students, operating on a highly insecure internet for mostly personal reasons. There are few large transactions occurring on the net; there is not a lot at stake in the grand scheme of things. OTOH, there is an awful lot at stake; specifications, especially bad ones, tend to live forever. Remember the RISKS piece on trains and horses? Thus the server I present could work well today in conjunction with MPAs, (Mail Processing Agents, such as procmail and filter) with newsreaders, and other similar software in order to handle bright filtering (the next generation of kill & hot files should be based on a distributed idea of whose work is worth reading, and whose is not. After that, the system should expand to cover reputations in various realms, reputations for various characteristics, and other things which I'll talk about in the next message. There are three basic models for sophisticated reputation distribution. The simplest method, of each person handling their own, has too many failure modes to be useful. The sophisticated models are essentially mail, Usenet and server based. I assume all transactions are signed, and encrypted at the users request to provide some amount of security against forgeries and traffic analysis. In a server based system, some set of databases exists to collect reputation certificates. A user (better yet, their agent) asks for a reputation certificate for some entity. The server sends it back. This could be built on the send everything you know model, or the request could be for certificates of people who the requester respects. Such filtering might be better done on local CPU. The system has the advantage of carrying all information in an easily queried format. It also has the advantage of concentrating certifications. Thus you could say things like 'The well regarded spaf' or 'The often ignored Marjorie Simpson,' because the server would collect such data. The next system would be based on Usenet. People would occasionally post their opinions to a newsgroup, and people who respected those people, directly or transitively, would pull in their postings. This system has the advantage of using existing technologies, and propagating widely, probably even past most firewalls. A third system would be based on mail. People would subscribe to lists, or send mail to folks they respect saying 'please put me on your reputations list.' The folks thus honored would then respond by sending out regular lists of who they respect or disrespect. This really requires everyone to run some sort of filtering agent. It has the advantage of allowing people to set up closed lists for propagation, and only distributing information on a demand basis. Note that this mail system is not the only one that could use mail for propagation, it simply uses mail as an automatic and regular carrier of information, while a server system would only do so on request. Both the mail and news systems may fail to provide timely information about new individuals who may have a reputation, but because you never asked for it in mail anywhere, or because articles have expired on your newserver, you can not find it. This is the reason the server system would be useful. Not so much in a filtering context, but instead in a system where reputations are relied on for various semi-real time services. The expandability of the system relies on part on its ability to find arbitrary reputation information quickly and automatically. That is something that a server system does well, but a mail or news system does not. To build a mail system, you would need some sort of decent filter (such as MH filter, procmail, or mailagent) which can run programs based on a set of conditions. You would need a rule which would watch for incoming reputation cred. certificates (which would be signed, maybe encrypted). This would pipe into your assesment program, which would keep track of how you relate to each of the various people who send you reputations cred. certificates. It would turn all the information into a database. On any high volume forum, you could filter incoming mail into a set of filters which react based on the numeric scores given to a person by your assesment program. Anyone whose carries enough reputation credits to pass your filter goes into one box, everyone else goes into another. (Clearly, you can be more selective, set up several boxes, or whatever else you want.) The tough part of making this system work is in the generation of reputations credits. Hal mentioned that the Extropians built a system based on buying and selling of reputations on a market. I don't see these reputation credits as being something tangible. You can't carry your reputation credit with you; they exist as a result of your participation in a web of respect. I don't care that Homer Simpson is a well respected authority in rec.drink.brewing; his worlds and mine rarely cross. He can't pick up his reputation credit and plop down in cypherpunks, expecting to be well respected; none of us know him. Or maybe someone does, in which case, they can (automatically) tell us what they think. Becuase reputation credit is not fungible, and because it propogates itself, buying and selling it may be confusing. If someone well respected gets an additional unit of reputation, then all the people who he/she respects will also gain slightly. I expect that a system based on giving away reputation credits would work well. If you respect too many people too mcuh, your value as a link in peoples chain will decrease, and people will start disrepecting you, becuase you disturb their filter. Eventually, if you keep it up, the value of your reputation credit will drop close to zero, as no one cares about what you have to say anymore. This may fail if someone with interesthing things to say decides to disrupt the system. I'm not sure why someone with interesting things to say would think it was worthwhile to disrupt the system, but I don't like designing things on expect and oughts. Perhaps a system could be implemented that would allow you to give reputation credit in 'transferable' and 'non-transferable' forms, so you could respect what someone had to say, but pay no attention to their opinions of people. I hope, but don't know if I can expect, that a system like this would get its initial momentum from people who want to be able to use it for their own smart filtering. If the system were well designed (easy to change how much reputation credit you give someone), then making a change in your filtering would be as simple as saying "slander tcmay at netcom.com +50" (slander is the working name I've been using to describe the program to enter reputations, good or bad. It came from thinking of this as a Usenet based system.) If the system could build up some initial momentum from people using it for personal filtering, then it would probably accelerate from there. As more people use the system, it becomes more useful to use it, accelerating its growth. Its growth hopefully, is not constrained by the underdesign of servers, since each person serves themselves. As the software becomes more useful, it is easy to build and design alterate systems of spreading reputations because the system is decentralized. If I decide I want to build a system where each person whose first name begins with a vowel gets an extra 5% added to their reputation, and then add 10% to my perception of the reputation credits of any one who three people I give more than 75% reputation credit to, then I can implement that in my local assesment program without disturbing everyone who relies on my server. (Admittedly, the people who currently pay attention to who I gvie rep cred to may no longer do so, after strange credits start coming out, but thats a seperate problem.) From adam at bwh.harvard.edu Sat Sep 10 12:58:50 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Sat, 10 Sep 94 12:58:50 PDT Subject: reputation credit 3/3 Message-ID: <199409101958.PAA01656@bwh.harvard.edu> Assume the distribution problem to be solved, in that people can now easily and reliably get the complete reputation information on an identity that interests them. What extensions to the basic system can be made to make it more useful? What will these extension do to the usability of the system? I think the most interesting extension would be to make reputations that apply only in one realm, a realm being some online community, whether that community consists of a single mailing list (Cypherpunks) or several lists, newsgroups (firewalls, bugtraq, comp.security.unix), or even a larger area, perhaps compromising mail, news, www, other interactive service. Clearly, there is some overlap between some realms (security, cypherpunks, hackers). A good reputation in one area might carry over into another, or it might lead to a negative reputation. This effect will probably arise spontaneously from the webs of interaction. Initially, I was going to propose that it be somehow formalized, but now I see that it will arise on its own accord, given a sufficiently flexible and strong system of distributing digital reputation capital on the net. This does require that negative opinions be made possible, not just low opinions. If Charlie can say "I disrespect David 90% of the time. /s/ Charlie 1 sept 94" and those opinions can spread the same way as positive ones, then most of the useful interaction between groups is possible in a decentralized, out of control sort of way. I've sort of assumed in other places that negative opinions were possible, I just wanted to explicitly state it. Another potential extension would be the addition of more varying formalized opinions than the formalistic "I respect/disrespect..." that I've been basing this on. This also has the possibility of just taking way too much work, but has the possibility, with careful design, to be a very useful tool. What if Alice can say "I think David is a fanatic. I also think David is a windbag." and she says these things in such a way that they can be automatically responded to by software? This would require a carefully chosen list of opinions that the system would support. If you had too many opinions, then the system would be worthless, because, in all probability, people would pick different descriptors, and the information would not correlate into anything useful. The list could probably be fairly short, allowing for terms like windbag, funny, fanatical, reasonable, knowledgeable, trustworthy. That would greatly expand what you could say (or hear) about someone in a simple digital format for automatic scanning and filtering. The inclusion of terms like trustworthy or reliable could act as the basis for some business. A set of 'reliable' endorsements stretching back 20 years would make me much more comfortable with a remailer business than one that sprung up yesterday and is now well respected by 300 federal agents. None of these endorsements need be formal "I'd do business with them again" statements, the objective is to give an idea of who is thought of well, and who is not. With the addition of an encrypted open books protocol then people could automatically get an idea of what businesses are stable, and liked by their customers. I've toyed with the idea of being able to rate personalities this way, which would be useful at times, since there reputations do exist in the personal world as well as the professional. But any system of personal reputations would fail, because bad mouthing someone with a digital reputation is an open act. Very few people would talk about Alice in a negative light if they know she will hear about it. And even if they do want to, there doesn't need to be an automated system to make it easier. However, this does raise the interesting idea of a private reputations system. If a group for one reason or another wants to build a reputation service that is closed; in who may add to it and who may access it, would they be able to? It would probably be fairly simple. The slander program could be modified so that no one who didn't already have some reputation capital could be discussed. Using a system that A useful bit of reputation capital can not be anonymous, although it can be pseudononymous. If it is anonymous, there is no way to give it weight. Cooperative protocols for undeniable digital signatures could probably be designed and made workable. However, I would expect that it would be far too much work to run. I prefer to design a system that requires much less effort. If you want to protect your privacy while participating, work under a nym. There you have it, an outline of a system for possibly efficient, decentralized digital reputation capital. A bunch of extensions that may or may not work. How to distribute is addressed, but needs more work, and probably a prototype. The big question in my mind is how to get people to feed enough information into it to seed the system? Once it gets started, it will run for a while on slow growth, and then explode at some random point. (Probably right after a serious design bug is discovered. :) After it explodes in terms of use, it will be self-perpetuating because of its usefulness. Please feel free to comment on what wouldn't work. How could the system be extended to make it more useful? It might be that building something would be the best way to answer these kinds of questions. From hfinney at shell.portal.com Sat Sep 10 13:37:53 1994 From: hfinney at shell.portal.com (Hal) Date: Sat, 10 Sep 94 13:37:53 PDT Subject: reputation credit 3/3 In-Reply-To: <199409101958.PAA01656@bwh.harvard.edu> Message-ID: <199409102037.NAA19749@jobe.shell.portal.com> Adam Shostack writes a very interesting set of articles on a concrete proposal for reputation credentials. A couple of suggestions: maybe you should distinguish between respecting someone as a writer and respecting them as a reviewer. In the real world, we have editors, publishers, and others whose main job is to discover and facilitate the good writers. Just because you write well doesn't mean you will be good at recommending other writers, and vice versa. Adam brings this up himself when he talks about a good writer who intentionally makes bad recommendations. Creating these two different kinds of credentials would help solve this. A related point is that doing this helps remove some of the normative or reward/punishment aspects of this system. Saying that you like someone's recommendations is similar to saying that you have similar tastes to theirs. There is not so much stigma or insult associated with refusal to give a credential saying that you like someone as a reviewer. It just means your tastes differ. OTOH refusing to endorse someone as a writer is a stickier business. It may offend others and it could bring retribution upon yourself. It could be a way to create enemies. Especially if you went with numerical rankings so you said "I like John Doe's writing 5% of the time", this could be insulting. If you don't have these "negative" credentials it is not so bad but it still may be noticable if someone endorses a lot of people with a few notable exceptions. The problem, then, is that people may be reluctant to be honest with their opinions. They may find it safer to follow the crowd and add their own endorsements to those already popular than to take a chance with honest praise of some pariah. There was some discussion about this in the development of PGP. Should there be a way for people to say how much they trust another person as a signer? If you had this (in a public way) then you could have transitive trust to some extent and it would expand the web of trust considerably. But again the concern was that people would not want to expose what they truly thought of the signing policies of their friends. I suppose you could get around this by having one set of opinions for public consumption and another set used for personal message rankings, but that seems a bit extreme. Still, I think it would be a worthwhile thing to try. It would be nice if we could do some more interesting cryptographic stuff than just simple signatures, though. Hal From lcottrell at popmail.ucsd.edu Sat Sep 10 17:12:48 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Sat, 10 Sep 94 17:12:48 PDT Subject: Black Cryptoanarchy (KKK, monopolies, contract killing) Message-ID: <199409110008.RAA01851@ucsd.edu> -----BEGIN PGP SIGNED MESSAGE----- James A. Donald writes >Obviously if some individuals choose not to associate with some >group for irrational reasons it will harm those who so choose >more than it harms the group - but only the state can enforce >discrimination with guns, and it does, thus only state sponsored >discrimination is significant in practice. > Only the state can enforce discrimination with guns?!?!? In the South there is a long history of non-governmental groups enforcing discrimination with guns. The argument that discriminating companies will be at a competitive disadvantage is only valid if all players are rational and informed. There is good historical evidence that whole cultures are willing to assume this "disadvantage" in order to perpetuate some status quo. It could easily become the case than non-discriminating companies would be boycotted putting the disadvantage on them. I know that anarchy is near and dear to many hearts here, but there are some really nasty drawbacks to it tyranny of the majority being just one. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLnJR4VVkk3dax7hlAQGKGwP9EelH2mqmVDqQJ7k9a0ADGkJH+lkXzIBQ gImHALeHsYe5U7MKVbAyVVoRbDfUsEoRN2L1pJ7Yze1tJd3woPxpHspCmBZuYYqQ CMQSx9ly2RNtKa7hcoarHgxuLepBaMTcPE0ka8L79365kzTLplUH4N2a8QZ1tAQb BzHxy2GtRHE= =LQeH -----END PGP SIGNATURE----- -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From nobody at vox.xs4all.nl Sat Sep 10 17:21:30 1994 From: nobody at vox.xs4all.nl (An0nYm0Us UsEr) Date: Sat, 10 Sep 94 17:21:30 PDT Subject: No Subject Message-ID: <199409110021.AA03772@xs1.xs4all.nl> Is PGP v 2.6.1 up on any ftp sites where we poor non-US scum could get a look at it? As Sat. Sept. 10 it seems like mathew over in the UK hadn't seen the source code yet. From hibbert at netcom.com Sat Sep 10 18:20:35 1994 From: hibbert at netcom.com (Chris Hibbert) Date: Sat, 10 Sep 94 18:20:35 PDT Subject: PRIVACY REGULATIONS In-Reply-To: Message-ID: <199409110120.SAA14980@netcom8.netcom.com> >>If you are stopped by the police, you are required to identify >>yourself if asked. This is not true. If you're driving a car you are required to have a license. If you're just walking around, you're not required to have a name, or to tell it. A cop has to have a probable cause to arrest you, and not giving your name doesn't provide it. If you're surly, a cop can take you in, but if you politely decline to identify yourself, the cop has to work harder to find a reason to do anything. Just say "Officer, someone is waiting for me. May I go now?" This has been tested in court. There was a black lawyer several years ago who liked to walk a lot. He lived in one of the fashionable neighborhoods in LA, and occasionally got picked up becasue he "looked like he didn't belong there". He sued them and won in court every time, and got the police to leave him alone. [No, I don't have references.] Chris From hibbert at netcom.com Sat Sep 10 18:23:25 1994 From: hibbert at netcom.com (Chris Hibbert) Date: Sat, 10 Sep 94 18:23:25 PDT Subject: SSNs and Privacy regulations In-Reply-To: Message-ID: <199409110123.SAA15189@netcom8.netcom.com> The reason not to give your Social Security Number when MCI asks is not to keep MCI from knowing it, but to keep them from treating your knowledge of it as proof of your identity. Insist that they use a different number so anyone willing to pay TRW for a credit report can't get access to your account. Chris (author of the SSN FAQ) From nobody at kaiwan.com Sat Sep 10 22:34:31 1994 From: nobody at kaiwan.com (Anonymous) Date: Sat, 10 Sep 94 22:34:31 PDT Subject: Anon MailSources of Remailers Keys Message-ID: <199409110534.WAA17529@kaiwan.kaiwan.com> Can someone post again the source for the various cypherpunks remailers public keys? I assume they are all in one file somewhere (likely on berkeley.edu) thats ftp'able. From sameer at c2.org Sun Sep 11 00:23:17 1994 From: sameer at c2.org (sameer) Date: Sun, 11 Sep 94 00:23:17 PDT Subject: Crypto Anarchist Manifesto (location) In-Reply-To: <9409101920.AA24297@snowy.owlnet.rice.edu> Message-ID: <199409110720.AAA14131@infinity.c2.org> > > It is available via FTP at ftp.csua.berkeley.edu (I'm pretty sure this > is the new name of soda.berkeley.edu!) in pub/cypherpunks. > The new name of soda.berkeley.edu is soda.csua.berkeley.edu. The ftp site should be referenced as ftp.csua.berkeley.edu because although right now the ftp site is on soda.csua, it will move soon to scotch.csua. -- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From Anonymous Sat Sep 10 17:21:24 1994 From: Anonymous (Anonymous) Date: Sun, 11 Sep 1994 02:21:24 +0200 Subject: No Subject Message-ID: <0216bb45273b1b707ea67d63a32f8eb3@NO-ID-FOUND.mhonarc.org> When I have a moment I will diff the sources. Maybe someone will anon. post 2.6.1. onto alt.security.pgp just to annoy S***light. -- Richard Parratt From dawagner at phoenix.Princeton.EDU Sun Sep 11 02:28:25 1994 From: dawagner at phoenix.Princeton.EDU (David A. Wagner) Date: Sun, 11 Sep 94 02:28:25 PDT Subject: Cracking MD5 for $10M In-Reply-To: <9409091639.AA29959@mycroft.rand.org> Message-ID: <9409091916.AA01012@bow.Princeton.EDU> > > Hal discusses using the Distinguished Points method to find hash > collisions presented by Michael Wiener with Paul van Oorschot at Rump > Crypto '94, and lists two benefits: > > (1) saves space in searching for loops on a single processor; > (2) allows parallel searches for collisions over multiple processors. > > I claim it's useful only for (2), because another algorithm dominates it > for single processor loop detection... at least in storage space. > [...describes nifty algorithm (which seems to be well-known in the folklore?) for finding cycles in linear time and constant space...] Yeah! I was discussing this algorithm 4 or 5 months ago on alt.math.iams; it's quite elegant. If there is a collision after the n-th value, then I believe this algorithm will find it after generating (at most) 2n values. It's been kinda simmering in the back of my head for months, me wondering how to parallelize this algorithm -- and it's really cool to see how Wiener and van Oorschot found a way to find cycles efficiently in parallel! Apparently two professors here (Yao & Sedgewick) wrote a paper on this in SIAM Journal of Computer in 1981 -- I'm gonna go dig through the library to see if I can find this, when I get a chance... > > The distinguished points across machines is a great idea for (2), though, > and doesn't depend on anything looping... cool stuff! > Uh.. I think it *does* depend on looping! A collision in *any* point means that there will soon be a collision in a distinguished point, when you use looping. This probably won't be true with any other generation method. Suppose we use the sequence a_n = MD5(n). Then a collision a_i = a_j will only be detected if a_i is a distinguished point. But because we use the sequence a_n = MD5( a_{n-1} ), a collision a_i = a_j implies that there will soon be a collision a_{i+m} = a_{j+m} with a_{i+m} a distinguished point (after m ~= 2^32 extra iterations, on average, if 1 in 2^32 points are distinguished). > > Do you (Hal?) or anybody else know whether Wiener and van Oorschot were > taking into account the contraction of the range each time you iterate > MD5? I think the size of the set of all numbers that are the result of > MD5ing a 128-bit number is considerably smaller than 2^128... is it 1/e of > that? > Hrmm, why should this change the expected number of iterations required to find a collision? If I'm being dense, hopefully you'll spell it out for me. :-) I've been thinking about writing a program to test the single-processor cycling algorithm with (for example) crypt(3) for a while now -- maybe this'd be a good excuse to write it now, and try the parallel distinguished point stuff, too. Does anybody think it'd be interesting to get some practical experience here? Sound like an interesting doable project? A few things I've been thinking about, which maybe will spark your interest enough to answer all my questions. (one can always hope! :-) First of all, there's some non-zero probability that (when using the parallelized distinguished points algorithm) two processors will have their streams match exactly without yielding a useful collision. Suppose one processor picks the random starting value 3 and generates a sequence starting with 3,1,4,5,2,7,9,... Now further suppose that MD5(6)=3 and that another processor picks the random starting value 6; then the second processor will generate 6,3,1,4,5,2,7,9,... We'll eventually notice this: if 9 is a distinguished point, then we'll see that two processors have seen the value 9, and we'll start backtracing, but we won't get any useful collision in MD5 out of this -- we'll only get the information that MD5(6)=3, which is useless, since both 6 and 3 were random choices. This means that the second processor's computer power was wasted. Can anyone estimate how often this will happen so that we can know it won't slow things down too much? Also, there was the arbitrary choice of making the distinguished points be those with the lower 32 bits all zero -- I wonder what is the effect of requiring (say) all 48 least significant bits to be zero? This will increase the time required to backtrack (unless some fancy schmancy rescursive or parallel algorithm is used?) but it would also decrease the space and inter-chip communication required significantly. Any comments? Another thing -- I'm not sure this method is (directly) useful for generating lots of collisions, if that is what is desired. I believe Dr. Hellman wrote some paper about the cycling properties of random functions (out of interest in DES), and he concluded (if I remember correctly) that when you generate lots of random starting values and look at their cycling properties, most starting values will drain into a very few specific cycles. [I think this was in some volume of CRYPTO: maybe '86 or so? I think the title was something like "Drainage properties of the DES" or somesuch. I'll have to look it up.] Doesn't that reduce the number of different collisions that you can generate by a large factor? If so, are there any simple modifications to the iteration function which would help? How about a_n = MD5( a_{n-1} XOR V ) for some random V picked anew each time we want a new collision? Finally, is there a way to adopt an approach like this to reduce the space requirements needed to break double DES? Let P and P' be two plaintexts, and C=E(k,E(k',P)) and C'=E(k,E(k',P')) be their encipherment under double DES; we want to find the unknown keys k, k'. For any X in {0,1}^128, , define the function function h : {0,1}^128 -> {0,1}^128 by h(X) = E(y,P) concatenated with E(y,P') if z=0, or h(X) = D(y,P) concatenated with D(y,P') if z=1 where y consists of bits 0-55 of X and z is bit 56 of X. If h(X)=h(X') and X != X' and w != w', then with high probability the collision in h gives us the enciphering keys y and y'. Can we use some parallel distinguished points cycling - like algorithm to find the appropriate collision in h? If we generate enough values of h, we will exhaust the entire keyspace, and will necessarily find the enciphering keys. (By the coupon collector's paradox, this should require something like 2^57 * 57 * log 2 iterations or so on average.) The only problem is that there will probably be lots of collisions X,X' with h(X)=h(X') and X != X' and w = w' -- I think. Can anyone think of a way to deal with these useless collisions in h to make finding a useful collision in h easy? If so, this should give a method to break double DES in 2^64 time and very little memory. But maybe this all useless drivel... Anyhow, this message has gotten very long. Thanks for reading. And many many thanks to Hal for typing in the description of Wiener and van Oorschot's idea! ------------------------------------------------------------------------------- David Wagner dawagner at princeton.edu From frissell at panix.com Sun Sep 11 08:04:46 1994 From: frissell at panix.com (Duncan Frissell) Date: Sun, 11 Sep 94 08:04:46 PDT Subject: CONTROL FREAKS Message-ID: <199409111501.AA02333@panix.com> >I think the point isn't that totalitarian states won't last: we know >that. The point is that those trying to establish a totalitarian >state can do a hell of a lot of damage to the rest of us before they >fail. That's not clearly true. The totalitarian states we know of developed years ago in a much less fluid environment. A few years ago, there was a UK TV drama about a contemporary Labour Party Prime Minister. In the course of the show, the new PM announced that he would immediately impose exchange controls to "keep money in Britain." (This was written before the real Labour Party officially eschewed exchange controls in a furtue Labour government.) The joke is that two weeks before the election of a Labour PM, all the loose investment funds would have left the UK anyway. Nothing left to block. I think that a *new* totalitarian state would have a hell of a time borrowing money and all of the existing states are cash poor. They need to borrow. They don't want to be distracted by rioting pensioners. Even the secret police don't work for free. Currency devaluation would hurt as well. After all, there can't be a totalitarian state that doesn't massively change (introduce uncertainly into) the conduct of life and business in its country (and if it is large, in the world). Markets have a way of dealing with uncertainty. Capital flight (seeking safer investments) and high interest rates (to compensate for risk). DCF From jya at pipeline.com Sun Sep 11 09:09:17 1994 From: jya at pipeline.com (John Young) Date: Sun, 11 Sep 94 09:09:17 PDT Subject: RFC Crypto Anarchist Manifesto Message-ID: <199409111608.MAA27707@pipe1.pipeline.com> Kudos, Tim, for adept mix of philosophy and gritty specifics, for brevity and wit. When the mood strikes you, an update would be appreciated. And, please, comments from those who have not seen this before or who may have forgotten. John -------------------- The Crypto Anarchist Manifesto Timothy C. May tcmay at netcom.com A specter is haunting the modern world, the specter of crypto anarchy. Computer technology is on the verge of providing the ability for individuals and groups to communicate and interact with each other in a totally anonymous manner. Two persons may exchange messages, conduct business, and negotiate electronic contracts without ever knowing the True Name, or legal identity, of the other. Interactions over networks will be untraceable, via extensive re-routing of encrypted packets and tamper-proof boxes which implement cryptographic protocols with nearly perfect assurance against any tampering. Reputations will be of central importance, far more important in dealings than even the credit ratings of today. These developments will alter completely the nature of government regulation, the ability to tax and control economic interactions, the ability to keep information secret, and will even alter the nature of trust and reputation. The technology for this revolution--and it surely will be both a social and economic revolution--has existed in theory for the past decade. The methods are based upon public-key encryption, zero-knowledge interactive proof systems, and various software protocols for interaction, authentication, and verification. The focus has until now been on academic conferences in Europe and the U.S., conferences monitored closely by the National Security Agency. But only recently have computer networks and personal computers attained sufficient speed to make the ideas practically realizable. And the next ten years will bring enough additional speed to make the ideas economically feasible and essentially unstoppable. High-speed networks, ISDN, tamper-proof boxes, smart cards, satellites, Ku-band transmitters, multi-MIPS personal computers, and encryption chips now under development will be some of the enabling technologies. The State will of course try to slow or halt the spread of this technology, citing national security concerns, use of the technology by drug dealers and tax evaders, and fears of societal disintegration. Many of these concerns will be valid; crypto anarchy will allow national secrets to be trade freely and will allow illicit and stolen materials to be traded. An anonymous computerized market will even make possible abhorrent markets for assassinations and extortion. Various criminal and foreign elements will be active users of CryptoNet. But this will not halt the spread of crypto anarchy. Just as the technology of printing altered and reduced the power of medieval guilds and the social power structure, so too will cryptologic methods fundamentally alter the nature of corporations and of government interference in economic transactions. Combined with emerging information markets, crypto anarchy will create a liquid market for any and all material which can be put into words and pictures. And just as a seemingly minor invention like barbed wire made possible the fencing-off of vast ranches and farms, thus altering forever the concepts of land and property rights in the frontier West, so too will the seemingly minor discovery out of an arcane branch of mathematics come to be the wire clippers which dismantle the barbed wire around intellectual property. Arise, you have nothing to lose but your barbed wire fences! -- ................................................................. Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP Public Key: by arrangement From hal at alfred.econ.lsa.umich.edu Sun Sep 11 11:45:15 1994 From: hal at alfred.econ.lsa.umich.edu (Hal Varian) Date: Sun, 11 Sep 94 11:45:15 PDT Subject: Proposal for an Electronic Commerce Testbed Message-ID: <9409111839.AA01802@alfred.econ.lsa.umich.edu> Bob Smart > I've speculated above on the possibility of people supporting the > testbed by providing some useful services while charging play > money. We shouldn't depend on that. There is a class of applications > which are fun but need (or at least are helped by) money to give the > measure of success or failure. These are games, competitions and > gambling. I believe that done right they can be sufficiently > interesting with play money that people will want to take part: enough > people to test the scalability of the various proposals. > > Some of the games that can be played between individuals on the > Internet really need the ability to have a bet to make play really > meaningful: poker and backgammon are examples. The question is: will > betting with "play" money work or will people play frivolously because > the money does not have real value? You should take a look at the Iowa Electronic Markets. There have been a few thousand participants betting real money on these markets for two or three years. They would be a natural testbed for Internet dollars. To see what it's like look at telnet://iem.biz.uiowa.edu. --- Hal.Varian at umich.edu Hal Varian voice: 313-764-2364 Dept of Economics fax: 313-764-2364 Univ of Michigan Ann Arbor, MI 48109-1220 From kinney at bogart.Colorado.EDU Sun Sep 11 12:59:25 1994 From: kinney at bogart.Colorado.EDU (W. Kinney) Date: Sun, 11 Sep 94 12:59:25 PDT Subject: Lame security software In-Reply-To: Message-ID: <9409111958.AA00309@bogart.Colorado.EDU> Jamie Lawrence writes: > I found one of the worst examples > I've ever run across, and I'm in a sharing mood today. For those > Mac users out there, get ahold of Norton Partition, which ships > with Norton Utilities 2.0. I was demoing the only way it should > be counted on for anything, and then not much, by setting up a > non-automounting DES encrypted soft partition. I chose the password > 'cheesetoast', and explained why this was a bad choice, etc. Well, > upon mounting the disk to demo something else, I misstyped 'cheeseto " > (that last character is a space), and whad do you know, it mounted. I > suspect it checks a hash of the first eight characters, tossing the > rest, but don't have time to check and see if that is the case. Oh, it's worse than that. Try it out and you'll find that Norton Partition gets 56 bits from 64 by throwing away the _low_ bit in each of the eight characters of your password. Worse still, Norton Partition includes a block of data at the beginning of the disk partition you create, which encrypts your password with an xor cipher. I haven't had time to work out the complete mapping as of yet, but change one bit in your password, and one bit in the header block changes. This goes beyond a poor implementation and into the territory of a deliberate back door. Damned irresponsible. -- Will From tcmay at netcom.com Sun Sep 11 13:26:13 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Sep 94 13:26:13 PDT Subject: Announcement: "CYPHERNOMICON" FAQ available Message-ID: <199409112025.NAA08719@netcom15.netcom.com> [I haven't received Cypherpunks list mail since Friday. I don't know if the list is down or if Netcom is simply not delivering mail...it's been having severe problems. So I'm sending this blind to the list, and copying Hugh Daniel and Eric Hughes, to make sure it at least gets to _somebody_.] Greetings Cypherpunks, The FAQ I've been working on for many months is now available by anonymous ftp, details below. Because there is no "official" Cypherpunks group, there shouldn't be an "official" Cypherpunks FAQ, as I see it. Thus, others can write their own FAQs as they see fit. Cypherpunks write FAQs? I've decided to give my FAQ a name, to prevent confusion. "THE CYPHERNOMICON" is what I call it. (If the reference is obscure, I can explain.) The main file is 1.3 MB. It takes about 12-15 minutes to transfer with a 14.4 modem, proportionately slower with a slower modem. And of course very fast if you're already on Netcom or on a T1 connection. (I may split the 20 chapters into pieces, later, but this could add unwelcome confusion. And I'm holding off on gzip compressing the file(s) right now, for similar reasons.) Yes, the FAQ is very long. Yes, it is not what others may have wanted (the MFAQ, described below, is the "short" version that newcomers can get, or have mailed to them if they lack anonymous ftp access). It is the FAQ I _wanted_ to write, which is reason enough for the form it's in. The CYPHERNOMICON is especially detailed in the areas that have gotten little coverage in existing books: crypto anarchy, reputations, black merkets, and the uses of digital cash. The crypto and PGP sections are fairly long, but not nearly as long as they could be, given the vast amount of material out there already. (I didn't see the need to cover these areas in great detail.) The "anonymity and remailers" chapter is also very long, and is the most disorganized, in my opinion. The plethora of sites, URLs, various remailers, features, ideas, issues, and miscellaneous cruft is just overwhelming....I hope I've made some order out of it. (The "Release-Notes" and "README" docs have more explanations of the form and rationale, including the meta-FAQ question of why this FAQ is not a Web doc.) Details: anonymous ftp site: ftp.netcom.com cd to pub/tcmay "get" the files in the standard anonymous ftp way (feel free to move it to other sites, but for now it may be best to leave it here; I think the files are all reasonably OK, with no fatal flaws (Harry Bartholomew helped test the access), but wider distribution should perhaps be slowed for several days, to make corrections of serious flaws easier to make) The following 6 files are included: Contents-Long (A detailed table of contents, about 10 KB) CP-FAQ (The complete CYPHERNOMICON, uncompressed for the time being, about 1.3 MB) Contents-Short (A brief table of contents) MFAQ (One of the chapters, the "Most Frequently Asked Questions") Release-Notes (Some comments on the FAQ.) README (Much more detailed comments, also included as the final chapter) Here is the Contents-Short: THE CYPHERNOMICON 1. Introduction 2. MFAQ--Most Frequently Asked Questions 3. Cypherpunks -- History, Organization, Agenda 4. Goals and Ideology -- Privacy, Freedom, New Approaches 5. Cryptology 6. The Need For Strong Crypto 7. PGP -- Pretty Good Privacy 8. Anonymity, Digital Mixes, and Remailers 9. Policy: Clipper,Key Escrow, and Digital Telephony 10. Legal Issues 11. Surveillance, Privacy, And Intelligence Agencies 12. Digital Cash and Net Commerce 13. Activism and Projects 14. Other Advanced Crypto Applications 15. Reputations and Credentials 16. Crypto Anarchy 17. The Future 18. Loose Ends and Miscellaneous Topics 19. Appendices 20. README Comments should be sent to me. Future releases will be coming. Enjoy. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From cactus at bb.com Sun Sep 11 15:40:55 1994 From: cactus at bb.com (L. Todd Masco) Date: Sun, 11 Sep 94 15:40:55 PDT Subject: CONTROL FREAKS In-Reply-To: <199409111501.AA02333@panix.com> Message-ID: <35019f$8p@bb.com> In article <199409111501.AA02333 at panix.com>, Duncan Frissell wrote: > >>I think the point isn't that totalitarian states won't last: we know >>that. The point is that those trying to establish a totalitarian >>state can do a hell of a lot of damage to the rest of us before they >>fail. > >That's not clearly true. The totalitarian states we know of developed years >ago in a much less fluid environment. In the rise of a sudden totalitarian state, you're probably right: frankly, I don't think that's got a high probability. Even were a radical group to win elections, it takes time to change the way a country works: a real example is that Clinton was elected two years ago, and he's only now gotten around to gutting the second amendment. I think the biggest danger we face is graduaully increasing totalitarianism across the board, through mechanisms such as GATT and European Union -- there seems to be a world-wide push to smooth differences among nations out into a single (yes, here it comes) "New World Order." It's not the sudden that'll cause the damage: it's the gradual. "Picture world boiling frogs." -- L. Todd Masco | "Hide, witch, hide! The good folk come to burn thee, their cactus at bb.com | keen enjoyment hid behind a gothic mask of duty." -JS/BATE From tcmay at netcom.com Sun Sep 11 16:46:14 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Sep 94 16:46:14 PDT Subject: Crypto Anarchist Manifesto In-Reply-To: <199409101931.AA06053@mail.crl.com> Message-ID: <199409112345.QAA10420@netcom11.netcom.com> > >And is it possible to obtain a copy of your 1988 "Crypto Anarchist Manifesto."? > >Sounds like fun. FTP Site? > > I found it on soda.csua.berkeley.edu last night. I don't think it was there > before. Look for it in /pub/cypherpunks/rants/. My "rant" has been there since the beginning of the ftp site at soda, nearly 2 years ago. I suspect it was why the directory was named "rants." (I'm just starting to get mail again...AVOID NETCOM IF YOU CAN!) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From sandfort at crl.com Sun Sep 11 16:55:32 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Sun, 11 Sep 94 16:55:32 PDT Subject: PRIVACY REGULATIONS Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, When I wrote: >>If you are stopped by the police, you are required to >>identify yourself if asked. Chris Hibbert responded: This is not true. If you're driving a car you are required to have a license. If you're just walking around, you're not required to have a name, or to tell it. Nope, *this* is wrong. In most jurisdictions, you do not have to provide *physical ID* if you are not in a car, but you do have to identify yourself AND give some account as to what you are up to. A cop has to have a probable cause to arrest you, and not giving your name doesn't provide it. /Au contraire/, you are "interfering with an investigation" or "obstructing justice" or whatever it's called in the particular jurisdiction. If you're surly, a cop can take you in, ... Nonsense. Where do you non-lawyers get this stuff? Surly, rude, impolite, etc. are all protected speech. (Threatening *ACTS* or physical resistance, however, is another thing.) ... Just say "Officer, someone is waiting for me. May I go now?" Just say "no"? I *guarantee* this won't work. If you are asking permission ("May I go?"), aren't you ceding to the officer the legal right to say "no"? If you believe you don't have to interact with the nice man, why not just turn your back and walk away without a word? (I wouldn't advise it.) This has been tested in court. There was a black lawyer several years ago who liked to walk a lot. He lived in one of the fashionable neighborhoods in LA, and occasionally got picked up because he "looked like he didn't belong there". He sued them and won in court every time, and got the police to leave him alone. [No, I don't have references.] A little knowledge is a dangerous thing. The gentleman in question was not a lawyer. He was a black man who was dressed and coiffured in dreadlocks and Rasta man clothes. He did not live in Beverly Hills nor Belaire, but he did like to take long walks in those neighborhoods in the middle of the night. He was arrested for not identifying himself with an "official" ID. When he sued, the court issued a temporary injunction against the police for requiring *documentary* identification. The right of the police to require a person to identify himself was never in question. I'm not sure what the disposition of this particular case was, but that's irrelevant, as it only went to the issue of documentary ID. (If memory serves, there was an interesting result of this case. The California legislature attempted to pass, or passed, a law that required to showing of official identification if demanded by a police officer. I don't know how this law ended up, unfortunately.) S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From lile at art.net Sun Sep 11 17:00:04 1994 From: lile at art.net (Lile Elam) Date: Sun, 11 Sep 94 17:00:04 PDT Subject: PRIVACY REGULATIONS Message-ID: <199409112358.QAA08118@art.net> I just always remember that the cop has the gun, I don't. -lile From adam at bwh.harvard.edu Sun Sep 11 17:08:26 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Sun, 11 Sep 94 17:08:26 PDT Subject: CONTROL FREAKS In-Reply-To: <35019f$8p@bb.com> Message-ID: <199409112341.TAA06256@bwh.harvard.edu> Todd Masco: | I think the biggest danger we face is graduaully increasing totalitarianism | across the board, through mechanisms such as GATT and European Union -- | there seems to be a world-wide push to smooth differences among nations | out into a single (yes, here it comes) "New World Order." While the harmonization of laws can threaten freedoms, it can also substantially reduce the cost of doing buisness in multiple jurisdications, while only slightly reducing the amount of jurisdictional hacking that can be dome to protect yourself from governments. The substantial reductions in cost that harmonization bring will create stronger multinational companies, while weakening the control of governments. As multinationals grow in strength, governments become more willing to bow before them; witness the bidding war that both Toyota and BMW got state governments into when building plants lately. The New World Order being created is one of multinationals that control huge amounts of money, capital and talent. Companies such as Honda, Mitsubishi, IBM, GE, Boeing and AT&T control a goodly portion of the world. And they are not able to react to market conditions as fast as smaller companies that are eating their lunch. The order created, much to the dismay of Governments and the CEOs of these companies, will be one where small companies manage to do much that big companies do today, and do it cheaper and better. Exceptions come in a few areas where economies of scale really exist; aircraft and computer chips spring to mind. The real new world order will not be controlled by any 'super power,' (althoguh we will have to contend with the remains of the great powers for a long time), but by the international nature of buisness, which doesn't like the added cost of working in a totalitarian state. Adam From paul at hawksbill.sprintmrn.com Sun Sep 11 17:09:40 1994 From: paul at hawksbill.sprintmrn.com (Paul Ferguson) Date: Sun, 11 Sep 94 17:09:40 PDT Subject: Curious content Message-ID: <9409120112.AA11016@hawksbill.sprintmrn.com> Tim, I'm not so sure I'm very fond of the quote that you used in the CP-FAQ: - As Paul Ferguson, Cypherpunk and manager at US Sprint, puts it: "We're located in Herndon, Virginia, right across the street from Dulles Airport and a hop, skip & jump down the street from the new NRO office. ,-)" [P.F., 1994-08-18] As I did say this, and it _is_ true, it somehow lends conjecture to the scenario that Sprint is somehow involved with US Gov't wiretapping schemes. I'd appreciate it if you could either strike the quote or clarify it to reflect the true meaning of my remarks. Concerned, _______________________________________________________________________________ Paul Ferguson US Sprint Managed Network Engineering tel: 703.904.2437 Herndon, Virginia USA internet: paul at hawk.sprintmrn.com From pkm at maths.uq.oz.au Sun Sep 11 17:21:07 1994 From: pkm at maths.uq.oz.au (pkm at maths.uq.oz.au) Date: Sun, 11 Sep 94 17:21:07 PDT Subject: Proposed changes to the Queensland criminal code. Message-ID: <9409120020.AA22505@hypothesis.maths.uq.oz.au> It seems the fight against evil never ends... This is a clipping from the Sunday Mail, the local sunday newspaper (althogh tabloid would be a better word for it). As you can observe, it is one of those papers that have a paragraph:sentence ratio of 1:1. I hope it is of interest to you all. All spelling mistakes are mine. All grammatical awkwardness are his. :-) .... ONLINE MOVES 'OUT OF LINE'. [Date: 11/09/94 - PKM.] (COMPUTERS with Peter Young) [Title of a regular column - PKM.] Proposed changes to the Queensland Criminal Code to crack down on computer networks carrying information used for criminal acts are sparking an outcry. The proposals have been denounced as unworkable by a number of online information providers who claim their businesses will become untenable if the changes are brought in. As part of a sweeping overhaul of the State's criminal code, Attourney-General Wells plans to create two new offences falling into the category of unlawful use of a computer. They would make persons liable for up to 10 years for providing information via computer networks which contributes to a crime. One charge would relate to aiding the commission of a crime and the other would deal with being an accessory before the fact. Instructions on how to make bombs [like gunpowder? -PKM] or set up a child pornography ring are the type of material the proposed legislation wants to target. The laws would apply equally to material downloaded from a local electronic bulleting board system or that acquired by using a commercial gateway to the international Internet system. The legislation is intended to facilitate prosecution of people who knowingly make such information available on their systems, a spokesman for the Attorney-General said. But Australian Internet service providers have condemned the proposals as impractical and unable to be policed and have called for "common carrier" protection similar to that enjoyed by Telecom. Ian Peter, founder of Queensland-headquartered Internet provider Pegasus Networks, branded the proposed laws "unworkable", saying that they were out of touch with overseas thinking on the problem of balancing free speech against the need to control access to unsuitable information. Rhys Weatherley, president to the non-profit Internet access group BrisNet [Brisbane Net, for the geopolitically deprived - PKM], said the proposed laws would give police "licence to arrest" power over any computer network operator merely because offending material was available on their networks. He said the legislation would make scapegoats out of honest network operators while failing to catch real offenders. BrisNet would be forced to shut down rather than run the risk of prosecution if the laws were adopted in their reputed form. Hugh Irvine, a Melbourne businessman, whose company Connect.com.au is a leading commercial gateway to the Internet, said he was happy to co-operate with authorities to prevent hackers or child molesters from using his service to pursue their practices. However, he said that the planned Queensland legislation was equivalent to charging Australia Post executives because criminals used the mail to help plan a bank robbery. "It is heading down the path of the wrong sort of State-run surveillance and Connect.com.au would be unable to continue functioning as a business if laws in the proposed form become a reality, he said. Also wading into the fray is Electronic Frontiers Australia (EFA), a public interest group set up to monitor threats to civil liberties in cyberspace. EFA skokesman Garth Kidd labelled the Queensland proposals "a worrying development that would stifle the implementation of online services in Australia". .... Comments: The article (and also the proposed legislation) were brought to my attention by my father late last night. As a com- puter professional with ~30 years experience, he was as disgusted as I am with the proposals. He also understood quite clearly how it was unworkable in practice. Some time this week, he will be having a little chat on the subject with Wendy Edmonds, the local MLA (Member of the [State] Legislature Assembly). It seems representative cluelessness is the same the world over. :-< Peter Murphy. From tcmay at netcom.com Sun Sep 11 17:27:28 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Sep 94 17:27:28 PDT Subject: Curious content In-Reply-To: <9409120112.AA11016@hawksbill.sprintmrn.com> Message-ID: <199409120026.RAA13682@netcom11.netcom.com> Paul Ferguson writes: ... > I'm not so sure I'm very fond of the quote that you used in the > CP-FAQ: .... > As I did say this, and it _is_ true, it somehow lends conjecture to the > scenario that Sprint is somehow involved with US Gov't wiretapping > schemes. > > I'd appreciate it if you could either strike the quote or clarify it > to reflect the true meaning of my remarks. > > Concerned, I will remove it, in an upcoming release (may not be for several weeks, as I noted in the docs), but it illustrates some interesting points: 1. That people's words on open lists are of course archived in many places. 2. Unless Paul's a speed reader, he probably grepped for his own name to find what quotes were used, what credit was given, what mention was made. I suspect a _lot_ of people will do that first thing. Some will be pissed to _not_ find their name enough times (or at all, perhaps). Others will want their words changed, their thoughts expanded upon. 3. In general, I don't want to encourage the dozens of you who are quoted to send me messages asking for this. Your words are your words, and others have been linking them in Web pages, quoting them, etc. 4. If someone thinks I _seriously_ am misrepresnting them (and I don't think Paul can claim my comment did...after all, I was discussing the heavy concentraiton of spooks and telcos in the Northern Virginia nexus, and Paul was making the same point when he added the bit about the NRO headquarters in Chantilly), then send me a private not and I will consider taking some action. (But don't take this as an invitation to grep for your name and then ask for changes.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From jdwilson at gold.chem.hawaii.edu Sun Sep 11 17:33:44 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Sun, 11 Sep 94 17:33:44 PDT Subject: AIDs testing and privacy In-Reply-To: Message-ID: > Actually, this points to a potential problem for anarchic societies. > Suppose that HIV would spread by airborne droplets, like the flu. > Then measures of isolation, like those stated here, would seem very > adequate. But could such measures be taken without strong government? See the xtians "Old Testament" re Hansons's (Leprocy) - their government was little better than anarchy yet dealt with this - perhaps not as well as Castro has dealt with AIDS (by segragating them to date.) -NetSurfer #include standard.disclaimer >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From tcmay at netcom.com Sun Sep 11 17:50:10 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Sep 94 17:50:10 PDT Subject: Running PGP on Netcom (and Similar) Message-ID: <199409120049.RAA15757@netcom11.netcom.com> A "Cypherpunk RISK" (apologies to the "RISKS" list) to running PGP on Netcom, Portal, America Online, etc. systems (and on university, corporate, etc. systems), is the obtaiing of *all* records, directories, etc. by court order. This has happened more than once, and will likely happen more and more in the future, as law enforcement realizes what a treasure trove this can be. (The person being monitored may not be told about it, of course.) The latest such case involved Lewis De Payne, a user, and Netcom, his (and my) Internet provider. Details are being discussed in Usenet groups, and were brought up also at yesterday's Cypherpunks meeting. Not that had Mr. De Payne been using PGP on Netcom, with his secret key stored there, the cops would have it. (The passphrase maybe not, depending on whether he stored _that_ there, too. And whether Netcom had logs of keystrokes entered, which strikes me as something they would probably have--we really need a "zero knowledge" kind of "reach-back" for remotely-run PGP.) I just don't think the dangers are worth it. All the theoretical hot air about whether kestroke timings are "random enough" is moot if Netcom is turning over records to investigators. It creates a dangerous illusion of security. (For those with no home machines, and perhaps those who mainly use campus services, workstations, etc., I'm not faulting you; people use what they have to use. Longer term, though, PGP needs to run on secure hardware. Secure meaning not easily grabbed by the authorities without even one's knowledge!!) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From paul at hawksbill.sprintmrn.com Sun Sep 11 17:55:20 1994 From: paul at hawksbill.sprintmrn.com (Paul Ferguson) Date: Sun, 11 Sep 94 17:55:20 PDT Subject: Curious content In-Reply-To: <199409120026.RAA13682@netcom11.netcom.com> Message-ID: <9409120158.AA11207@hawksbill.sprintmrn.com> An additional note: I appreciate Tim's effort to compile a document we can all call our own. In my opinion, its been a long time in coming. Tim and I share many idealisms, including those of cryptoanarchy, zero-tolerance and non-governmental manipulation. Any and all remarks I make to the list are public, and believe it or not, I understand that when I make them. One would be a fool not to understand the implications. Just thought I'd toss in these few pennies... Cheers, - paul From alano at teleport.com Sun Sep 11 18:54:31 1994 From: alano at teleport.com (Alan Olsen) Date: Sun, 11 Sep 94 18:54:31 PDT Subject: Just In Case You Missed It Message-ID: <199409120154.SAA02958@teleport.com> >Date: Sun, 11 Sep 1994 18:33:16 -0700 >From: Bruce Baugh >To: alano at teleport.com >Subject: Just In Case You Missed It > > >>Path: news.teleport.com!news.world.net!news.sprintlink.net!redstone.interpath.net! ddsw1!panix!zip.eecs.umich.edu!newsxfer.itd.umich.edu!europa.eng.gtefsd.com! swiss.ans.net!malgudi.oar.net!news.ysu.edu!doug >>From: acbul1 at penfold.cc.monash.edu.au (Andrew Bulhak) >>Newsgroups: alt.humor.best-of-usenet >>Subject: [alt.discordia] "official" Discordian secret code >>Followup-To: alt.humor.best-of-usenet.d >>Date: 12 Sep 1994 01:09:02 GMT >>Organization: best of usenet humor >>Lines: 89 >>Approved: best at cc.ysu.edu >>Message-ID: <3509ne$4rm at news.ysu.edu> >>NNTP-Posting-Host: unix1.cc.ysu.edu >>X-Disclaimer: the "Approved" header verifies header information for article transmission and does not imply approval of content. See .sig below. >>Originator: doug at unix1.cc.ysu.edu > >From: snorri at nwu.edu (Snorri Abrahamsen) >Newsgroups: alt.discordia >Subject: "official" Discordian secret code > > > In these days of NSA and Clipper and Key/Escrow and PGP and Wilkesman >Kid Ranger Decoder Rings, it seems one of the things most on everyone's >collective hive-like minds must be security. Security and privacy, make >that. > Now Discordians have always had a versatile and powerful secret code, >one that has defied the efforts of the world's greatest spy-masters and >crypto-fiends to crack for countless centuries (or at least since 1962 or >so). It goes like this: > > A B C D E F G H I J K L M N O P Q R S T U V W X Y Z > 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 > > It's a damn fine code, and whoever invented it should get a big gold >star, lots of LDD medals, and a beefy slap on the ass for good effort and >sheer genius. But I'm afraid that now I have some *SHOCKING NEWS*! > > I have reason to believe that the Discordian secret code has been >_compromised_. You know, "Loose lips sink ships" and all that, right? >(Or is it, "Loose lips sink Golden Apple Corps"? I'm never sure...). >Well, it was worse than loose lips. It is my suspiscion that some >traitorous Discordian actually gave the code to the NSA. > > What to do now for all your Discordian encryption needs? I mean, it >would now be insanely dangerous (or at least not very private) to use the >old encryption scheme. > > I therefore propose creating a new Discordian secret code, perhaps based >on a cypher model (where each character is represented by some word), >although other models might work really well, too. Anyway, here's a start >to a Discordian cypher... > > A Andersianism > B Quasimodo > C yorba linda > D colostomy > E chao > F mojo > >etc... > > This is a fun scheme because the utter apparent randomness of it. Or at >least it seems random... Anyway, it's probably not the best possible >scheme for a Discordian Secret Code. Here's are some alternate schemes I >had for encoding messages: > > * Implosion Method. Write message on lightbulb. Implode lightbulb. >Recipient then reverses time continuum and grabs pre-imploded lightbulb >from alternate timeline, reads message, and tosses back for implosion >before anybody notices. > Advantages: NSA Clipper plans (oddly enough) do not extend as far as >including key/escrow chips in all time travel devices. > Disadvantages: Useless against the Great Race of Yith. > > * St. Gulik Method. Write the message in radioactive ink on box paste >and feed to specially trained homing cockroaches. Release the homing >cockroaches to skitter home. Reassemble message from roach entrails. > Advantages: Enemy cryptographers don't like touching roaches. > Disadvantages: Kills the roaches; difficult to train them to go home. > > * O'Leary's Cow Method. Write message on paper and burn to ashes. >Send ashes to recipient. > Advantages: No way for enemy to decode message. > Disadvantages: No way for recipient to decode message. > > * Formless Spawn Method. Write message on outer surface of trained >Shoggoth in really strong permanent ink. As Shoggoth moves, message will >be scrambled on its surface. With the proper command word, recipient can >command shoggoth to assume original form(lessness), descrambling the >message. > Advantages: Message devours any enemy crytographer who tries to decode it. > Disadvantages: No good if recipient fails sanity check. > > > Any other suggestions for good encryption schemes would be welcome... >I'm beginning to feel insecure already, as well as a little on the insane >side (you try training a shoggoth to act as your message-pod...) > > >-- >Postings to alt.humor.best-of-usenet reflect what the submittor considers to be >the best in usenet humor, and the poster is responsible for the content. The >moderator removes duplicates, copyrighted material, posts without headers, but >does not drop articles based on content. See the group charter for more info. >Sigs may be truncated. Moderator address: best at cc.ysu.edu >-- >/-------------------------------------------------------------------------\ >|bruceab at teleport.com Bruce Baugh, thoroughly unaffiliated with Teleport| >| "An' besides you IS a rabbit." "Not a 'nothing-BUT-a-rabbit', tho'." | >\-------------------------------------------------------------------------/ > > |"I would call him a Beastialic Sadomasochistic | alano at teleport.com | |Necrophile but that would be beating a dead | Disclaimer: | |horse." -- Teriyaki (What's up Tiger Lily?) | Ignore the man | | -- PGP 2.61 key available on request -- | behind the keyboard.| From tcmay at netcom.com Sun Sep 11 18:58:21 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 11 Sep 94 18:58:21 PDT Subject: Stone Soup FAQs, and Mechanics of Information Gathering In-Reply-To: <9409120158.AA11207@hawksbill.sprintmrn.com> Message-ID: <199409120157.SAA15071@netcom3.netcom.com> Paul Ferguson wrote: > An additional note: > > I appreciate Tim's effort to compile a document we can all call our > own. In my opinion, its been a long time in coming. Thanks...I also think my doc has been slow in coming. Like I said, it's taken too long to write. Out of curiousity, I did a search of the doc for Paul's name and was surprised to see that I'd only used one of his quotes. Oh well. People should bear in mind the random nature of how I pulled quotes. Since there may be some interest in this, I'll comment: - Though the FAQ covers material going back for _years_, especially the past 2 years, more recent material is more heavily weighted. That is, recent stuff is likelier to be used. - In particular, once the overall structure took shape (the major chapter headings, the themes), I often would see something that looked "interesting" and would directly attach it, with some massaging of the text, selective elisions, etc., to the appropriate branch of my outline structure. - This means that postings in the last several months are over-represented as compared to earlier stuff from the "archives." (Side Note: I spent perhaps too long, several months back, laboriously using Eudora to sort into folders the many thousands of posts I had on nearly as many topics. The result was awe-inspiring: an optical cartridge containing folders on every conceivable variant of digital money, for example, and containing many hundreds of folders on other topics. The *usefulness* of all this effort--which was by no means a "set it up and walk away" filtering job, as I had to decide on the search criteria, created the filters, etc.--has been less awe-inspiring, as I don't have time to _re-read_ the sorted posts to find good stuff! Still, on each and every topic in the FAQ, I can call up multiple posts by people, and I could probably double the size of the FAQ just by including tidbits from these posts. The Cypherpunks have written a truly astounding amoun to good stuff.) I also don't want to leave the impression that I am not looking for additional comments and elaborations. I am. But there's great danger in people using the points made in the FAQ to just expand or elaborate on. I know how addictive it is to comment on what people have written.... So, send your comments. I'm skeptical of "stone soup FAQs" ("Here's a short outline...send me stuff"), which is why I've written what I've written. But comments and corrections are always welcome, as I make clear in the accompanying docs. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From sw at tiac.net Sun Sep 11 20:40:14 1994 From: sw at tiac.net (Steve Witham) Date: Sun, 11 Sep 94 20:40:14 PDT Subject: Cracking MD5 for $10M Message-ID: <199409120339.XAA22462@zork.tiac.net> >...another algorithm dominates it >for single processor loop detection... at least in storage space. It >works as follows: get a sequence of values v(i+1) = MD5(v(i)); >simultaneously get another sequence w(i+1) = MD5(MD5(w(i))), and start them >at the same place, v(0) = w(0). That is, you're running one of them twice >as fast as the other. I like to call this the "two race cars" algorithm--you start a fast car ahead of a slow car on a single-lane track, and if the fast one runs into the slow one it's a looped track. Funny, just two weeks ago a coworker put a 32-bit CRC function into the programming language I use, and I was playing with finding collisions. (I bet a dollar there would be a non-trivial collision between CRCs of the 76,000 files on our biggest disk and lost.) Has anyone mentioned using this sort of method to generate same-hash texts with, say, opposite meanings? David Wagner says-- >Another thing -- I'm not sure this method is (directly) useful for >generating lots of collisions, if that is what is desired. I believe >Dr. Hellman wrote some paper about the cycling properties of random >functions (out of interest in DES), and he concluded (if I remember >correctly) that when you generate lots of random starting values and >look at their cycling properties, most starting values will drain into >a very few specific cycles. Seems to me that even if lots of random starting points drain into the same cycle, you've still got lots of collisions. Either points where the sequences join the cycle, or points where different tributaries join each other before joining the cycle. --Steve - - - - - - - - - - They say the User exists *outside* of the net. No one knows for sure, but I intend to find out! --ReBoot (Saturday morning 3D animated cartoon) From CCGARY at MIZZOU1.missouri.edu Sun Sep 11 21:35:00 1994 From: CCGARY at MIZZOU1.missouri.edu (Gary Jeffers) Date: Sun, 11 Sep 94 21:35:00 PDT Subject: CEB September 11, 1994 issue 2 Message-ID: <9409120434.AA27988@toad.com> CYPHER-REBELS ELECTRONIC BOOK (CEB) SEPTEMBER 11, 1994 ISSUE 2 Publisher Gary Lee Jeffers ccgary at mizzou1.missouri.edu A compendium of the best software & info for today's electronic privacy freedom fighters. This text may be distributed in part or in full anywhere you want. It may be given away freely or copies may be sold. CEB wants to be free & valuable. If, as Chairman Mao says: "Political power grows out of the barrel of a gun.", then what is democracy? TABLE OF CONTENTS Chapter 1. PGP Section 1. PGP general Section 2. Michael Johnson's PGP FAQ contribution Section 3. Stealth PGP. Chapter 2. Steganography. "A picture is worth a thousand words." Chapter 3. Shells for PGP Section 1. Christopher W. Geib's WinPGP26.ZIP Section 2. Ross Barclay's WinFront 3.0 Chapter 4. Generally cool things. Section 1. Loompanics sources. Section 2. Viruses sources. Chapter 5. Getting the Cypherpunks' archived & indexed list. Chapter 6. Remailers & chained remailers. Chapter 7. Current problems in Crypt. Chapter 8. Text sources. Section 1. Books Section 2. Rants Section 3. CYPHERNOMICON - Tim May's "official" Cypherpunks' FAQ. Chapter 9. Cypherpunks' mailing list. getting on etc.. CCCCCCCCCC YYYY YYYY PPPPPP HH HH EEEEEEE RRRRRRRRR CCCCCCCCCC YY YY PP PP HH HH EEEEEEE RRRRRRRRR CCC YY YY PP PP HH HH EE RR RR CCC YY YY PPPPPP HHHHHHHH EE RR RR CCC YYY PP HHHHHHHH EEEEEEE RR RR CCC YYY PP HH HH EEEEEEE RRRRRRRR CCC YYY PP HH HH EE RRRRRRR CCC YYY PP HH HH EE RRRRRR CCCCCCCCCC YYY PP HH HH EE RR RR CCCCCCCCCCC YYY PP HH HH EEEEEEE RR RR PP HH HH EEEEEEE RR RR RRRRRRRRRRR RR RR RRRRRRRRRRRRRR EEEEEEEEE RRRRRRRRRRR EEEEEEEEEEE BBBBBBBB EEEEEEEEEE SSSSSSS RRRRRRRR EEEEEEEEE BBBBBBBBBBB EE EEEEEEE SSSSSSSSS RR RRRR EEEEEEEEEE BBBBBBBBBB EEEEEEE SSSSSSSSS RRR RRRR EEEEEEEE BBBBBBBB EEEEEEE SSSSSSSS RRR RRRRR EEEEEE BBBBBB EEEEEEEE SSSSSSSSS RRRRRRRRRRRRRR EEEEEEE BBB EEEEEEEEEEE SSSSSSSSSS RRRRRRRRRRRRRR EEEEEEEEEE BB EEEEEEEEEEE SSSSSSS RRRRRRR RRRR EEEEEEEEEE BBB EEEEEEEEEEEEEE SSSSSSSSSSSSS RRR RRRRR EEEEEEEEEEEE BBBBB EEEEEEEEEEEEEEE SSSSSSSSSSSS RRRRR RR EEEEEEEE BBBBBBB EEEEEEEEE SSSSSSSSSS RR RRRRR EEEEEE BBBBBBBBB EEEEEEE SSSSSSSSSS RR RRRRR EEEEEE BBBBBBBBB EEEEEEE SSSSSSSSSS RRR RRRRRR EEEEEEEEEEE BBBBBBBB EEEEEEEEEEEE SSSSSSSSSSS RRRR RRRRRRR EEEEEEEEEEEEE BBBBBBB EEEEEEEEEEEEE SSSSSSSSSSSS PPPPPPPPPPP GGGGGGGGG PPPPPPPPPPP PPPPPPPPPPP GGGGGGGGG PPPPPPPPPPP PPP PP GGG PPP PP PPPPPPPPPPPP GGG GGGGGGG PPPPPPPPPPP PPPPPPPPPP GGG GGGGGGG PPPPPPPP PPP GGG GG PPP PPP GGGGGGGGGGGGG PPP PPP GGGGGGGGGGGG PPP Chapter 1. PGP general. PGP is Pretty Good Privacy from Phil Zimmermann. It is currently the best available encryption available to civilians at large. Zimmermann is the programmer on the original PGP versions but now, apparently, just guides other programmers in making improved versions. PGP uses two encryption algorithms: RSA for its Public Key powers & IDEA for its bulk encryption. The advantages of PGP over other crypt/decrypt systems are: 1. RSA algorithm. Allows users to communicate without needing a secure channel to exchange keys. - PUBLIC KEY ENCRYPTION. 2. The program system has been very well done & has huge development support. 3. It has huge popularity. 4. Security is guaranteed with distribution of source code & public investigation. 5. Its free. 6. Both RSA & IDEA are "STRONG" algorithms. MIT,s PGP 2.6 has the blessing of Zimmermann. PGP 2.6 ui is believed to have Zimmermann's approval because he has not attacked it. It is believed that Zimmermann will not endorse the ui version due to possible legal problems. Section 2: Michael Johnson's PGP FAQ contribution Michael Paul Johnson has an excellent faq on Subject: Where to Get the Latest PGP (Pretty Good Privacy) FAQ (Last modified: 7 September 1994 by Mike Johnson) You can get this faq by anonymous ftp to: ftp.csn.net /mpg/getpgp.asc It is also posted monthly on alt.security.pgp The latest versions of PGP are VIACRYPT PGP 2.7 , MIT PGP 2.6.1 & PGP 2.6ui. Which is best? I would say MIT PGP 2.6.1. It has source code which VIACRYPT doesn't give you & it is more advanced than the ui version. In comparing the MIT & ui versions, Michael Johnson had this to say: "The "unofficial international" versions are really just PGP 2.3a, modified just enough to make it compatible ust with MIT PGP 2.6, but do not include all of the fixes in MIT PGP 2.6 the and MIT PGP 2.6.1. They are named pgp26ui* or have "ui" somewhere a in their file names." In his faq, he gives some instances in which sions the ui version might be preferable. Section 3: Michael Johnson's PGP bomb contribution. From: Michael Johnson Subject: PGP Time Bomb FAQ PGP TIME BOMB FAQ Michael Johnson writes: "There has been some confusion about the annoying "Time Bomb" in MIT PGP2.6, as well as some other PGP version compatibility issues. This is an attempt to clear up some of that confusion." You can get this faq by anonymous ftp to: ftp.csn.net /mpj/pgpbomb.asc Section 3. Stealth PGP 37 Stealth PGP refers to a PGP file that does not have the RSA prefix tag on the beginning of a PGP encrypted file or to PGP utility software that disguises this tag. Possibly, a later version of PGP with have this as an option. The advantages of "Stealthy" PGP are that its files cannot be found by Internet search programs that hunt for the PGP/RSA tag & that a "Stealthy" file may be more securely hidden by a good steganography program. From: Mark Grant Subject: Stealth PGP Responding to my question "Has Stealth PGP been done yet?" Mark Grant says: Kind of, there's a 'stealth' filter available that strips and attaches headers to PGP messages after encryption. It's available from various places, and the documentation is available on my 'other people's PGP addons' WWW page : http://www.c2.org/~mark/pgp/other.html There's also information about Privtool, my PGP-aware mail program for Sun workstations at : http://www.c2.org/~mark/privtool/privtool.html Mark EMAIL: mark at unicorn.com URL : http://www.c2.org/~mark/ Chapter 2. Steganography "A picture is worth a thousand words." ============================================= %% = !I = %% %%% = !!! BB = %%%* *%%%% = **!!** & = *** @** = u \ x! ) < = * *** + m ) c $ = ** = # k } � = � = $%- & u = = ------- = @!p +e$ ~ # = � = h �6& ; | = � = =,# {{ = � = = � � = = � � = = � � ============================================= � � STILL LIFE WITH CRYPT +++++++++++++++++++++++++++++++++++++++++++++ Steganography is the craft of hiding messages in pictures. The text is, of course, encrypted text rather than plain text. The current best steganography program has been done by Arsen Arachelian Below, follows his text contribution: From: rarachel at prism.poly.edu (Arsen Ray Arachelian) WNSTORM is available from: ftp.wimsey.bc.ca:/pub/crypto/software/dist/US_or_Canada_only_XXXXXXX/Steg Usual routine to get it. i.e. cd /pub/crypto/software, get the README file, and if you agree to the terms then follow the instructions. Short description off the top of my head (I wrote the beastie) Another info scrap should be in the same directory as WNSTORM. WNSTORM is a data encryption/steganography utility which is pretty secure for most uses. Unlike some stego systems WNSTORM is expandible, all you have to do is write your own LSB injector/extractor for whatever data format you wish to hide information into. WNSTORM doesn't require the recipient of the host picture, sound, movie, etc. to have the original un-stormed picture. Unlike primitive stego programs, WNSTORM doesn't compare an stormed picture with an unstormed picture. WNSTORM will cover its tracks statistically. If it changes a 0 bit in the LSB data stream to a zero, or a 1 bit to a 1, it does nothing. If it changes a 1 bit to a zero, it will balance itself by changing an unused adjacent 0 bit to a 1. Ditto for a 0->1 transform. WNSTORM will NOT change every bit of the LSB in order to prevent detection. It will use a passkey along with a probabilistic algorithm to decide which bits it will change. The algorithm for picking bits depends on the previous succesfully encoded/decoded cyphertext AND the passkey. Internally WNSTORM works by picking "windows" or "packets" of bytes out of either a random number stream or an LSB stream extracted from a picture, sound, movie, etc. It then injects eight bits of cyphertext into this window. Each window is of variable size. The bit locations where the bits are inserted are randomly exchanged for each pass. The bit values are also randomly exchanged for each pass. WNSTORM includes an injector/extractor for PCX images, however I will write more injecotr/extractor programs for it in the future, and OTHERS can do so as well. Chapter 3. Shells for PGP. Section 1. Christopher W. Geib's WinPGP26.ZIP From: "David K. Merriman" Subject: Christopher W. Geib's Windows PGP shell I've just finished making an ftp deposit to soda in the cypherpunks/ incoming directory of WinPGP26.ZIP; it's the latest version of the Windows PGP shell Shareware, and understands 2.6/2.6ui/2.7. Dave Merriman Section 2. Ross Barclay's WinFront 3.0 From: Ross Barclay Subject: PGP WinFront 3.0 Now Available! (New Windows front end for PGP) To: cypherpunks at toad.com, ~rbarclay at TrentU.ca -----BEGIN PGP SIGNED MESSAGE----- Announcing PGP WinFront 3.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ A freeware Windows front end for PGP 2.3a and 2.6 Copyright 1994 Ross Barclay (rbarclay at trentu.ca) WHAT IT IS: - PGP WinFront is the most fully featured free (or otherwise) Windows front end available. It will make using PGP easy for beginners, and it will drastically increase the speed at which experts use it too. PGP WinFront is now into is third revision and I have tried to implement as many of the suggestions that I received as possible. PGP WinFront was designed by its users, but was coded by me. Features: - Supports secret key ring placement on floppy drive - Support en/decryption to/from clipboard - Move / Copy / Delete files - Online hypertext help - Online hypertext PGP help - Keyring reader to pick names, view key characteristics - Keyring reader supports less-often used "huge" keyrings - Signature Checker - Very configurable - over 25 user-definable settings - more . . . This program does too much to list here. And it's free! This version is a complete rewrite of the popular PGP WinFront 2.0. The feature-set has largely been set by users who sent in suggestions. Please read the file README.TXT and peruse the help files. Please send me your comments. HOW TO GET IT: At the moment, there are 2 ways to get this program: 1) Via FTP - The PGP WinFront 3.0 filename is called PWF30.ZIP. - It has been uploaded to the incoming directories of the following FTP sites: ftp.cica.indiana.edu ftp.eff.org ftp.wimsey.bc.ca black.ox.ac.uk soda.berkeley.edu ftp.informatik.uni-hamburg.de ftp.ee.und.ac.za ftp.demon.co.uk - Hopefully, they will be slotted into the PGP directories soon. On CICA, it will be placed into \pub\pc\win3\utils. That is where PWF20.ZIP was placed. - Once you get the program, please upload it to other FTP sites! 2) From Colorado Catacombs BBS - dial (303)772-1062. The file is called PWF30.ZIP - once you get the program, please upload it to other BBSs. *** The mail access system I had was discontinued. This is because the file was too big to fit into my account. However, you can still register PWF and request certain PGP and PWF related items using my mail access system. Details of these are on the "About" screen of PWF 30. - --Ross Barclay - ------------------------------------------------------------------------- Ross Barclay (rbarclay at trentu.ca), Assistant Editor | To receive my PGP | public key, send PC NEWS Review: Windows Edition | me e-mail with the Bellevue, WA (206) 399-8700 | subject: GET KEY - ------------------------------------------------------------------------- To receive PC NEWS Review, send me e-mail with the subject: GET PNR. - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLmZ7fdgpRteEZ9JhAQFeXgIAxIpvJQeMsx7YecNgtusBDMqL662XFeX2 qL0qF8HcN4ReZ9MYjtn9t8N1zWGxkPOXQEI3KfM7uk8JTzxjZ5LG2g== =gSYT -----END PGP SIGNATURE----- Chapter 4. Generally cool things. Section 1. Loompanics sources. Something cool from Vincent: Most of the Loompanics Unlimited catalog is online as: gopher://gopher.well.sf.ca.us/00/Business/catalog.asc And you can send mail to them at: loompanx at pt.olympus.net You can also get their catalog at: Loompanics Unlimited PO box 1197 33 Port Townsend, Wa. 98368 P id Send $5.00 for their general catalog - free with any order. Section 2. Viruses sources. AMERICAN EAGLE PUBLICATIONS Cypherpunks, I have found a source of info. that I just must share! American Eagle Publications, Inc. P. O. Box 41401 Tucson, AZ 85717 I'm sure they will send you a catalog just for the asking. So, what are they about? They are about VIRUSES! They don't just carry a couple of virus things - they are the VIRUSES-ARE-US of the virus world! They have a journal: Computer Virus Developments Quarterly. They have books on viruses, virus protection, cryptanalysis, the science fiction book "Heiland", a CD-ROM for $99.95 of several thousand live viruses, disks of viruses with source code, executable & utilities, programs & cards for boot protection, & even a virus IDEA computer system protector. Copy follows for two items of particular interest to Cypherpunks: POTASSIUM HYDROXIDE, KOH By the "King of Hearts" A sophisticated piece of software which uses ideas first developed by computer virus writers to secure your computer system against those who would like to get their hands on the information in it. You give KOH a pass phrase, & it uses state of the art IDEA data encryption algorithm to encrypt all of the information on your hard disk & your floppies. It is, for all intents & purposes, unbreakable, & works well with DOS & Windows. Many encryption programs offered commercially are easily cracked, but this one is not. Some people call this program a virus, come say it is not. In ways, it acts like a virus to do some of your security housekeeping for you. Yet at worst it is a friendly virus that lets you choose when & how it will replicate. program & manual on disk, $10 program, full source, & manual on disk, $20 (Overseas customers add $12: KOH cannot be exported from the US, but since it was not developed in the US, we will forward your order to the overseas distributor. Please allow 6 weeks for delivery) HEILAND By Franklin Sanders 276 pages, Paperback, 1986 Here's an entertaining book about America in the year 2020. If you wonder if it's proper to use viruses in wartime or if such a virus could be termed "good", this book will give you some food for thought. Sanders makes use of computer "worms" when the oppressed people of the US attack the federal government in an all-out war against tyranny. Sanders uses his worms right too - not as some all-powerful monster. Rather, they are deployed as part of a larger military strategy. For a book written in 1986, that's not bad! And if you're fed up with the government, this book is sure to give you a vision for the future. Sanders has been part of the mounting tax protest in this country. He's fought the IRS in court for years & won some important battles. Unfortunately the government seems to be con- firming some of his worst suspensions about them. Now you can get a good dose of his philosophy & his ideas about remedying our problems. And if you work for the government, don't be offended - this book is doubly recommended for you! Book, $8.00 for shipping add $2 per book. 5% sales tax for AZ. residents. It is my belief that in the next few years more uses for viruses than just being a vandal will be found. Also, they may find a place in protecting our electronic freedom. - for instance virus remailers. Also see my previous post - The FREEDOM DEAMON. Also, they have a place in my CHATTERBOX concept(a remailer for chat mode or commands). "Viruses aren't just for Sociopaths anymore!" Also, I suspect the state may start cracking down on virus tech- nology. Incidentally, did you all know that crypt has a place in modern viruses? Encryption is used to hide "nasty" code & virus signatures until they get into the system & decrypt. Yours Truly, Gary Jeffers PUSH EM BACK! PUSH EM BACK! WWWAAAYYY BBBAAACCCKK! BBBEEEAAATTTTT STATE ! Chapter 5. Getting the Cypherpunks' archived & indexed list. Vincent also tells us about the complete Cypherpunk's text on line & indexed with fast access times: Eric Johnson has put one together as: http://pmip.maricopa.edu/crypt/cypherpunks/Cypherpunks.src Please don't think that you used to be safe doing something illegal on this list and that you no longer are. That would be foolish. -- Vince The "http" is for "Hyper-Text Transport Protocol". This is not FTP, though it is a protocol similar in function to FTP. It is used by "WWW" (World Wide Web) of which Mosaic is the most popular implementation. If you have Mosaic, you can just give the above path. If you do not have mosaic, you should spend some time trying to get it. Mosaic makes it really easy to quickly move through lots of information on the net. Mosaic is a point and click hypertext interface. You can FTP to ftp.ncsa.uiuc.edu and go into Mosaic. WWW has a simple language for writting your own hypertext documents - "HTML" (Hyper Text Markup Language). You can think of this as sort of like Troff, LaTeX or Postscript, but for hypertext documents. One page of HTML can make dozens of normal files easy to access. For example, my README.html security page points to many normal files: ftp://furmint.nectar.cs.cmu.edu/security/README.html It turns out that the mail database is really in "WAIS" (Wide Area Information Server). You can use WAIS directly, though I think it is easier to use through mosaic. To use WAIS you would do: ws -h pmip.maricopa.edu -d cpindex/Cypherpunks The "ws" may be "waissearch" on your system. You can get lots of info on WAIS from ftp://wais.think.com/comp.infosystems.wais-FAQ As someone pointed out, this "http" method does not yet work with "lynx" (a text only implementation of WWW) on the cypherpunks mail database. It seems it will take a new version of lynx or WAIS for this to work. But the Unix "xmosaic" works fine. :-) This form of global filename starting with something like "ftp://", "http://", "gopher://" etc is also part of the WWW architecture. These names are called "URLs" for Universal Resource Locator. Well, that is probably enough acronyms for today. :-) -- Vince From: Vincent.Cate at FURMINT.NECTAR.CS.CMU.EDU To: cypherpunks at toad.com Subject: WWW Acronyms (was Re: Cypherpunks' mail database does exist) Gary Jeffers: > Vincent, you state that a fully archived, indexed cypherpunks >mailing list exists as: >http://pmip.maricopa.edu/crypt/cypherpunks/cypherpunks.src >Ok, so I ftp'ed to pmip.maricopa.edu & tried to get to cypherpunks.src, >but even the subdirectories weren't there. The "http" is for "Hyper-Text Transport Protocol". This is not FTP, though it is a protocol similar in function to FTP. It is used by "WWW" (World Wide Web) of which Mosaic is the most popular implementation. If you have Mosaic, you can just give the above path. If you do not have mosaic, you should spend some time trying to get it. Mosaic makes it really easy to quickly move through lots of information on the net. Mosaic is a point and click hypertext interface. You can FTP to ftp.ncsa.uiuc.edu and go into Mosaic. You also have a typo, it is "Cypherpunks.src" with a capital C. WWW has a simple language for writting your own hypertext documents - "HTML" (Hyper Text Markup Language). You can think of this as sort of like Troff, LaTeX or Postscript, but for hypertext documents. One page of HTML can make dozens of normal files easy to access. For example, my README.html security page points to many normal files: ftp://furmint.nectar.cs.cmu.edu/security/README.html It turns out that the mail database is really in "WAIS" (Wide Area Information Server). You can use WAIS directly, though I think it is easier to use through mosaic. To use WAIS you would do: ws -h pmip.maricopa.edu -d cpindex/Cypherpunks The "ws" may be "waissearch" on your system. You can get lots of info on WAIS from ftp://wais.think.com/comp.infosystems.wais-FAQ As someone pointed out, this "http" method does not yet work with "lynx" (a text only implementation of WWW) on the cypherpunks mail database. It seems it will take a new version of lynx or WAIS for this to work. But the Unix "xmosaic" works fine. :-) This form of global filename starting with something like "ftp://", "http://", "gopher://" etc is also part of the WWW architecture. These names are called "URLs" for Universal Resource Locator. Well, that is probably enough acronyms for today. :-) -- Vince PS I only read cypherpunks once a day, some time after midnight when my collection for the day is done. From: rishab at dxm.ernet.in Subject: Accessing the Cpunk WAIS archive "Gary Jeffers" > http://pmip.maricopa.edu/crypt/cypherpunks/Cypherpunks.src > is the location of all the Cypherpunks' posts with index. I can > get to this place by placing a "www" in front of this instruction. Do an archie search for lynx or mosaic or some other decent browser. This is a WAIS indexed archive; no hyper links; you type in a keyword, and get a list of matching articles, and select one (or more) of them to look at. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA Chapter 6. Remailers & chained remailers. From: wcs at anchor.ho.att.com (bill.stewart at pleasantonca.ncr.com +1-510-484-6204) Message-Id: <9408300753.AA22369 at anchor.ho.att.com> To: CCGARY at MIZZOU1.missouri.edu Subject: Re: Using remailers, chained remailers? There's somebody who posts a remailer summary to the list about monthly. There are three or four sets of remailers out there: - anon.penet.fi, which gives you an account an12345 at anon.penet.fi which people can reply to. Send "Subject: help" to anon at anon.penet.fi and it'll probably give you a useful reply. Its big use is for anonymous Usenet posting with working replies. - The cypherpunks remailers, which are mostly one-way no-reply mailers; some also support Usenet posting. Soda is pretty typical. - Various enhanced cypherpunks remailers, which have features like encrypted reply addresses you can attach at the end. You can get information on using the soda remailer by sending email to remailer at csua.berkeley.edu, with "help" somewhere in the posting; I'm not sure if it wants it in the Subject: or in the body. That's the remailer that posts from "Tommy the Tourist" with random NSA-bait at the bottom of postings. Here's a recent posting on getting status of remailers. Note that some really only remail once per day, so they may be working fine even if it says they're not. ---- Date: Mon, 15 Aug 1994 13:39:33 -0700 From: Raph Levien To: cypherpunks at toad.com Subject: "finger remailer-list at kiwi.cs.berkeley.edu" now operational Hi all, I have written and installed a remailer pinging script which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, at http://http.cs.berkeley.edu/~raph/remailer-list.html Please do not take the uptime figures too seriously, at least for another week or so. The script has only been running reliably for a few days. Please let me know about any other remailers which I missed. I've only included remailers which can mail to arbitrary addresses, so I already know chop and twwells are missing. If you've got a Web page, please feel free to include a link to this page. If you think your Web page is relevant to the subject of remailers, let me know and I'll link it in. Comments and suggestions welcome! Raph Levien ------- # Bill Stewart AT&T Global Information Solutions, aka NCR Corp # 6870 Koll Center Parkway, Pleasanton CA, 94566 Phone 1-510-484-6204 fax-6399 # email bill.stewart at pleasantonca.ncr.com billstewart at attmail.com # ViaCrypt PGP Key IDs 384/C2AFCD 1024/9D6465 Chapter 7. Current problems in Crypt. 1. We need an Internet Chat PGP system for conversations in real time. Note: #Freedom channel on the Internet Chat system has carried out fast encrypted conversations for years. When a Cypherpunk contacted one of their members (Sargent someone), he was politely told that their system was private. Sargent was unwilling to disclose method. Is their system some kind of security by obscurity code that cannot be varied (like by a drop in crypt/decrypt algorithm)? Or maybe the crypt method could be a drop in variable method & Sarge was unaware of it? Possibly other #Freedom members would be more knowledgeable? Possibly, a knowledgeable & diplomatic Cypherpunk could hit paydirt by pursuing this. 2. Has Arsen Arachelian really solved the problem of discovery of crypt in steganograpy by statistical examination of the least significant bits in his WNSTROM? I have seen no debate on this. 3. If the Feds capture the internet & put their anti-privacy hardware & protocols in place & outlaw remailers, does anyone have any idea how to build secure & effective remailers? A "Fortress remailer"? 4. If the above possibility happens & Cyperpunks' list is outlawed, does anyone have ideas how to make a "Fortress list"? Chapter 8. Text sources. Section 1. Books. From: Stanton McCandlish Subject: O'Reilly PGP book Date: Wed, 7 Sep 1994 13:38:58 -0400 (EDT) coming soon, PGP hits the mainstream: PGP: Pretty Good Privacy by Simson Garfinkel 1st Edition November 1994 (est.) 250 pages (est),ISBN: 1-56592-098-8, $17.95 (est) PGP is a freely available encryption program that protects the privacy of files and electronic mail. It uses powerful public key cryptography and works on virtually every platform. PGP: Pretty Good Privacy by Simson Garfinkel is both a readable technical users guide and a fascinating behind-the-scenes look at cryptography and privacy. Part I of the book describes how to use PGP: protecting files and email, creating and using keys, signing messages, certifying and distributing keys, and using key servers. Part II provides background on cryptography, battles against public key patents and U.S. government export restrictions, and other aspects of the ongoing public debates about privacy and free speech. -- Stanton McCandlish


mech at eff.org

Electronic Frontier Fndtn.

Online Activist The best book in cryptography is: APPLIED CRYPTOGRAPHY Protocols, Algorithms, and Source Code in C by Bruce Schneier Loompanics advertising copy follows: In Applied Cryptography, data security expert Bruce Schneier details how programmers can use cryptography - the technique of enciphering messages - to maintain the privacy of computer data. Covering the latest developments in practical cryptographic techniques, the book shows programmers who design computer software and systems we use every day. Along with more than 100 pages of actual C source code of working cryptographic algorithms, this pratical handbook: * Explains data encryption protocols and techniques currently in use and likely to be used in the future. * Offers numerous present day applications - from secure correspondence to anonymous messaging. * Includes numerous source code fragments and shows how to incorporate them into larger programs. * Discusses related issues like patents, export laws, and legal rulings. And much more! 1994, 7 1/2 x 9, 636 pp, Illustrated, indexed, soft cover. APPLIED CRYPTOGRAPHY: $44.95 (order number 10062) $4.00 for shipping and handling. UPS ground. Additional $7.50 if you want UPS w day air(blue)- that would be $11.50. Loompanics Unlimited PO Box 1197 Port Townsend, WA 98368 Section 2. Rants. For good rants FTP to soda.berkeley.edu /pub/cypherpunks/rants Section 3. CYPHERNOMICON - Tim May's "official" Cypherpunks' FAQ. This is a giant (1.3MB uncompressed) faq by Tim May. To get it by anonymous ftp: ftp to ftp.netcom.com /pub/tcmay - This directory has it & its associated files. Chapter 9. Cypherpunks' mailing list. getting on etc.. ======================================================================== 63 X-Delivery-Notice: SMTP MAIL FROM does not correspond to sender. Received: from MIZZOU1 (SMTP) by MIZZOU1 (Mailer R2.10 ptf000) with BSMTP id 8875; Sun, 11 Sep 94 23:25:40 CDT Received: from relay2.UU.NET by MIZZOU1.missouri.edu (IBM VM SMTP V2R2) with TCP; Sun, 11 Sep 94 23:25:39 CDT Received: from toad.com by relay2.UU.NET with SMTP id QQxgzh01248; Mon, 12 Sep 1994 00:22:38 -0400 Received: by toad.com id AA27527; Sun, 11 Sep 94 21:22:46 PDT Date: Sun, 11 Sep 94 21:22:46 PDT Message-Id: <9409120422.AA27527 at toad.com> To: CCGARY at MIZZOU1.missouri.edu From: Majordomo at toad.com Subject: Majordomo results Reply-To: Majordomo at toad.com -- >>>> help This is Brent Chapman's "Majordomo" mailing list manager, version 1.92. In the description below items contained in []'s are optional. When providing the item, do not include the []'s around it. It understands the following commands: subscribe [

] Subscribe yourself (or
if specified) to the named . unsubscribe [
] Unsubscribe yourself (or
if specified) from the named . get Get a file related to . index Return an index of files you can "get" for . which [
] Find out which lists you (or
if specified) are on. who Find out who is on the named . info Retrieve the general introductory information for the named . lists Show the lists served by this Majordomo server. help Retrieve this message. end Stop processing commands (useful if your mailer adds a signature). Commands should be sent in the body of an email message to "Majordomo at toad.com". Commands in the "Subject:" line NOT processed. If you have any questions or problems, please contact "Majordomo-Owner at toad.com". PUSH EM BACK! PUSH EM BACK! WWWAAAYYYY BBBAAACCCK! BBBEEEAAATTTT STATE! From doug at OpenMind.com Mon Sep 12 00:10:42 1994 From: doug at OpenMind.com (Doug Cutrell) Date: Mon, 12 Sep 94 00:10:42 PDT Subject: Crypto Anarchy and the Social Body (Meta Strong Crypto) Message-ID: Thanks to all for the responses to my "Black Cryptoanarchy" post (flames and all!) I apologize for rehashing old libertarian debates, on which I am not well-informed, and I will focus here exclusively on the subject of "crypto anarchy". As I wrote the following post, it grew in size to the point where it made sense for me to cast it into "essay" format (at the risk of looking like just another net-kook). CRYPTO ANARCHY AND THE SOCIAL BODY (META STRONG CRYPTO) Let me begin by making it clear that it is not my intent to discredit cypherpunks or the goals of crypto anarchy. I have embraced these notions wholeheartedly until quite recently, when I began to question some of the assumptions about the consequences of this technology. I wish to raise these concerns openly here, and if my reasoning is flawed, I hope to have the flaws exposed. It seems likely that the complete suite of tools for crypto anarchy *will* become widely deployed in the next few years -- certainly by the end of the decade. I will argue that there are aspects of this technology which have the potential to induce powerful changes in the structure of the "social organism" of man, which have no counterpart in prior human history. The qualitatively fundamental nature of these changes makes their impact very difficult to predict. Therefore it is imperative that cypherpunks, who are perhaps best qualified to examine these issues, consider carefully what social impact these changes may have. We should discuss what, if anything, may be done with respect to development and deployment of the tools of crypto anarchy, in order to influence the final outcome for the greater liberty and standard of living of mankind as a whole. I will argue that cypherpunks should examine ways to influence the deployment and patterns of use of strong crypto tools in society, and not merely consider the construction of the tools alone. The study of social dynamics in the presence of strong crypto, and of how to introduce strong crypto tools in such a manner so as to achieve desirable patterns of deployment and social dynamics, is what I term "meta strong crypto". THE SOCIAL ORGANISM My background is in the disparate fields of biology and mathematics, so I begin in these areas. In biological terms, man is a social animal. We are evolved to survive through cooperative interactions with each other. We are by no means unique in this regard... cooperating societies of individuals have evolved many times throughout nature, often arriving at similar structures from independent origins. Almost all primates are social animals of one type or another, and the social structures of the larger primates such as baboons and chimpanzees are particularly complex. Very complex social structures also occur in distantly related (but highly intelligent) species such as porpoises and elephants. In all such cases, the social interactions are complex enough to justify describing the whole in terms of a "social body". There are universal properties of interaction which create the social body in these species, and in all human societies throughout history. These properties depend fundamentally on the publicly visible nature of most social interactions. Individual social animals exist in a relationship to the social body deriving from the visibility of their actions to others. This *defines* individuality. Relationship to group is fundamental, and creates the context of consequence, reprisal, negotiation, and positioning upon which all animal or human societies are based. Strong crypto -- the tools of crypto anarchy -- represents a break in these primal functions upon which the social body is based. The significance of this break is difficult to comprehend... it is not only a first for human societies, but a first for all of biological evolution. Picture a visual image for the traditional social body as a graph. The graph consists of numerous nodes -- individuals -- and a complex web of interrelationships between them. Now consider what the tools of strong crypto do to this graph. Nodes -- "individuals" -- may appear and disappear over extremely short time periods, as anonymous identities come and go. All nodes may have any number of unknowable links, or links which are unknowable by arbitrarily large sections of the net. Links may have new properties, such as asymmetry of identity. Individual nodes may "unknowably" represent (equate with) entire collections of other nodes. The point is that the social structure is altered along dimensions that have been constant since the dawn of the evolution of social animals. This picture implies the development of something radically different than what we now think of as a social body. It is far more complex, with new types of basic components and operations. There is no reason to expect it to resemble any society in the history of man, or to bear any resemblance to any social body which has evolved to date. It is something radically new and different. POSSIBILITIES Many people have embraced with unreserved enthusiasm the dawn of a new era to be ushered in by strong crypto. There is an expectation that the power of the new tools, and the extent of the social changes, must necessarily lead to desirable improvements. For my purposes, desirable changes would include an increased standard of living for all humans, increased communications and interactions between individuals across the whole of human civilization, as well as increased personal liberty to pursue any desired avenue of exploration/growth. On the other hand, undesirable changes would include a massive lowering in the standard of living for most peoples, the creation of Orwellian societies, increased fragmentation and decreased communications between the peoples of the world, or more marked catastrophes such as the advent of massive terrorism on a global scale (whether nuclear, biological, or merely conventional terrorist attacks are involved). SIMULATIONS/SPECULATIONS Since the effect of strong crypto on the social body of man is so difficult to understand or predict, it seems that a reasonable approach would be to conduct computer simulations of the spontaneous forms of self organization that occur in populations participating under various game-theoretic and economic models, when these populations have access to strong crypto. It would be very instructive to examine what kinds of long-term stable structures can arise under various initial conditions. It would be particularly relevant to attempt to model what structures can develop when the strong-crypto tools are introduced in various ways, rather than starting out as a ubiquitous presence in society. Various models for the spread of the technology could be developed. These are the tools of meta strong crypto. I will here venture into the realm of blatant speculation: I speculate that stable patterns of organization with the highest degrees of global liberty and prosperity would arise from scenarios in which the access to strong crypto tools is ubiquitous and uniform. I speculate that many of the more disastrous scenarios and unpleasant steady-state societies would be characterized by inhomogeneities in the deployment of strong crypto. SELF-CATALYSIS AND INSTABILITY When reading the views of those who are most optimistic about the potentials of crypto anarchy, there seems to be an implicit assumption that the advent of strong crypto will be self-catalytic and rapidly spread throughout all segments of society. I think this assumption is natural, given the history of the information age, wherein technological advances have inevitably become ever more accessible to the general public. I believe that strong crypto does indeed have the potential to be "auto-catalytic" and to rapidly spread throughout society in an unstoppable wave. However, I see this auto-catalysis as susceptible to various forms of instability that may result from immaturity in its initial deployment. The principle weakness of this auto-catalysis is the fact that strong-crypto relies upon technology which requires a certain standard quality of living. It requires computers of adequate speed and networks of sufficient bandwidth and interconnectivity. If the threshold standard of living necessary to acquire this technology lies well below the average standard of living in society, then the deployment of strong crypto may spread rapidly and uniformly throughout society. However, if this threshold standard of living is very near or above the average standard of living, then the tools of strong crypto will necessarily spread only through certain privileged channels of society. Any pre-existing class divisions in the society may become greatly pronounced, and in general inhomogeneous dynamics make predictions in the absence of simulations very difficult. CONCLUSIONS Strong crypto and crypto anarchy may well provide the mechanisms for a type of social body never before seen in the history of biological evolution. However, the mere existence of this technology in and of itself does not guarantee any particular qualities for this new social body. The new dynamics are extremely complex and will be unlike anything previously encountered. Computer simulations of populations of individuals with access to strong crypto tools under various models may give us some clues as to the stable patterns of organization likely to emerge. The modeling skills of sociobiologists, economists, and game theorists could all be applied to this problem. The exact details of the introduction and spread of the tools of strong crypto into the population may be expected to have important effects on the eventual new stable patterns which emerge. Cypherpunks should consider not just the implementation of the tools of strong crypto, but also the dynamics of its spread throughout society and the dynamics of its pattern of use. Although it is tempting to focus exclusively on the mathematical algorithms and protocols, economics and sociobiology are critical to understanding and influencing the eventual impact of strong crypto on the quality of human life. History teaches that it is a mistake to assume that a ground breaking new technology will necessarily produce the most positive changes it is capable of. Let us not follow in the foosteps of those who have made this mistake in the past. From hibbert at netcom.com Mon Sep 12 00:20:30 1994 From: hibbert at netcom.com (Chris Hibbert) Date: Mon, 12 Sep 94 00:20:30 PDT Subject: PRIVACY REGULATIONS In-Reply-To: Message-ID: <199409120719.AAA20925@netcom7.netcom.com> I was too succinct in my message about dealing with cops. I didn't want to write a long message, but by responding briefly, I said things that could easily be misconstrued, and now I'll have to spend the time. Sandy is right about a number of things. As he points out, you are not required to have documents on your person saying who you are, but you do have to give a name (and probably an address) when the police ask. However, there are many times when a cop asks a question that you don't have to answer. Cops are allowed to just "nose around," and it's in this situation that you aren't required to be very forthcoming. Cops are allowed to ask idle questions (as anyone is). They don't have as many special rights at these times. When they do have probable cause, they can insist that you cooperate or allow a search. And if you don't cooperate, they can arrest you. If they don't have probable cause, and are just poking around, they have to let you go if they haven't found anything suspicious. If you assume they always have the right to insist, you will spend more time talking to cops than you have to, and will let them dig deeper than they have a right to. The longer they poke around the better the chances they'll find something you thought of as innocent that they think is suspicious. Many people let police search when they don't have to, thinking they don't have a choice. When a cop asks if he can look in the trunk of your car, or take a look around your apartment, you can say "I'd rather not," and ask if you're free to go. **Remember that they have a gun** and the right to use it in some situations. Be polite. They'll let you know if they're insisting on your cooperation. Physical resistance is a very bad idea. But there's no need to let them look if they don't insist, and they are prohibiting from insisting if they don't have a legally justifiable reason. In my previous message, I said ... Just say "Officer, someone is waiting for me. May I go now?" and Sandy responded: Just say "no"? I *guarantee* this won't work. If you are asking permission ("May I go?"), aren't you ceding to the officer the legal right to say "no"? If you believe you don't have to interact with the nice man, why not just turn your back and walk away without a word? (I wouldn't advise it.) Again, I spoke too quickly, and so left out the caveats and details. Cops have to have probably cause before they can detain you. When they have probably cause, they'll let you know. "Just turn[ing] your back and walk[ing] away without a word" is a bad idea, but if you give them everything they ask for without objecting, you're giving in too quickly. Cops are not always your friends. If a cop asks to search you, your car or your apartment, the proper response is "I'm real busy right now, I'd rather not." "May I go" is a question that forces a cop to either claim he has a reason to hold or search you or admit that you can go. If they have a legally justifiable reason for insisting, they'll let you know. Many people try to claim in court that a search was "without probable cause," and lose because they didn't object, and so the search is deemed to have been voluntary. Anything they find in a voluntary search is admissible in court. The question isn't "Do you have something to hide?" but "Does everything you own look completely innocent from all viewpoints?" Chris Sorry for the length. From SAMUEL.KAPLIN at warehouse.mn.org Mon Sep 12 00:58:56 1994 From: SAMUEL.KAPLIN at warehouse.mn.org (SAMUEL KAPLIN) Date: Mon, 12 Sep 94 00:58:56 PDT Subject: CONTROL FREAKS Message-ID: <4FDCD93D@warehouse.mn.org> Subject: Re: CONTROL FREAKS To: cactus at bibliob.slip.netcom.com (L. Todd Masco) From: frissell at panix.com (Duncan Frissell) Subject: Re: CONTROL FREAKS Cc: cypherpunks at toad.com >> After all, there can't be a totalitarian state that doesn't massively chan >> (introduce uncertainly into) the conduct of life and business in its count >> (and if it is large, in the world). Markets have a way of dealing with >> uncertainty. Capital flight (seeking safer investments) and high interest >> rates (to compensate for risk). The main assumption here is that the populous and the markets realize that they are in a totalitarian state. We in the U.S. are evolving closer and closer to this and most seem not to see it, and if they do, not to care about it. The senario that I see, is the borders being closed. (After all we HAVE to stop all of these illegal aliens.) All of the firearms and weapons being removed from private hands. (The crime rate is SO high this is the only way to solve it.) The U.S. economy being isolated from the rest of the world. (The world doesn't trade fair with us, so we just won't trade with you.) Once your economy is isolated from the rest of the worlds who cares what a dollar is worth. If the government says a dollar buys a loaf of bread, then I guess it does. After all they have all of the weapons. The most incideous thing is that the average American would go along with all of the rationalizations listed above. --BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCNAy5pUekAAAEEAKrDj64Zj9AJU+gC7/Ivdk8b1ef6a1T9K5CGFeu1yFDSXLyD DLIdGunZR/4ilosLMxdlZcNqPwZ3HgxL+Gk3y2SwYfqKpeWExWPgb696lgzf2BRC tED15ZAwi3UDIkcouv2PBiDwPNUUmnLb5diDXdA3qtALb+XzlwpnimeWAf3FAAUT tCFTYW11ZWwgS2FwbGluIDwrMSAoNjEyKSA1MzAtNzMxNj6JAJUCBRAuaVLjQqfV nzRSzxkBAcXuA/47yIN+sltMyIRqCgUZz/gubdI6LUcpFsTcXsFWppROpAWFPJv0 J9z/UoP1kjJ+nrAAizuKuhmC5eg5OOxUE+tUgSPl6hAtu2xJYmKtCbQpxF0sG8ni 4e8I8Zsk5vcopO5Vub96CiVgPjI5vITCb32kcLKI1yyFaztbHdtOasUthg== =M8Dh --END PGP PUBLIC KEY BLOCK----- ----------------------------------------------------------------------------- Fido: Sam Kaplin 1:282/1018 | "...vidi vici veni" - Overheard Compuserve: 75240,131 | outside a Roman brothel. samuel.kaplin at warehouse.mn.org | 75240,131 at compuserve.com | Change is the only constant in the For confidential communications use PGP | Universe..."Four quarters, please." ----------------------------------------------------------------------------- =========================================================================== Processed by WILDUUCP! v1.00 for WILDCAT! =========================================================================== From SAMUEL.KAPLIN at warehouse.mn.org Mon Sep 12 00:59:03 1994 From: SAMUEL.KAPLIN at warehouse.mn.org (SAMUEL KAPLIN) Date: Mon, 12 Sep 94 00:59:03 PDT Subject: Proposed changes to the Q Message-ID: Subject: Proposed changes to the Queensland criminal code. From: pkm at maths.uq.oz.au To: cypherpunks at toad.com Subject: Proposed changes to the Queensland criminal code. Cc: ijc at axiom.maths.uq.oz.au, ma157727 at mailbox.uq.oz.au, >> It seems the fight against evil never ends... >> This is a clipping from the Sunday Mail, the local >> sunday newspaper (althogh tabloid would be a better >> word for it). As you can observe, it is one of those >> papers that have a paragraph:sentence ratio of 1:1. >> I hope it is of interest to you all. All spelling >> mistakes are mine. All grammatical awkwardness are his. :-) .... >> ONLINE MOVES 'OUT OF LINE'. [Date: 11/09/94 - PKM.] Sounds like Australia is catching up with the U.S.A. :( Many local governments here are trying to implement this type of crap. Welcome to 1984 ten years late!! :) ----------------------------------------------------------------------------- Fido: Sam Kaplin 1:282/1018 | "...vidi vici veni" - Overheard Compuserve: 75240,131 | outside a Roman brothel. samuel.kaplin at warehouse.mn.org | 75240,131 at compuserve.com | Change is the only constant in the For confidential communications use PGP | Universe..."Four quarters, please." ----------------------------------------------------------------------------- =========================================================================== Processed by WILDUUCP! v1.00 for WILDCAT! =========================================================================== From SAMUEL.KAPLIN at warehouse.mn.org Mon Sep 12 00:59:09 1994 From: SAMUEL.KAPLIN at warehouse.mn.org (SAMUEL KAPLIN) Date: Mon, 12 Sep 94 00:59:09 PDT Subject: Running PGP on Netcom (an Message-ID: Subject: Running PGP on Netcom (and Similar) From: tcmay at netcom.com (Timothy C. May) Subject: Running PGP on Netcom (and Similar) To: cypherpunks at toad.com Cc: tcmay at netcom.com (Timothy C. May) >> Not that had Mr. De Payne been using PGP on Netcom, with his secret >> key stored there, the cops would have it. (The passphrase maybe not, >> depending on whether he stored _that_ there, too. And whether Netcom >> had logs of keystrokes entered, which strikes me as something they >> would probably have--we really need a "zero knowledge" kind of >> "reach-back" for remotely-run PGP.) Never mind the keystroke logs, if his line was wiretapped they have all of the keystrokes coming in and going out. Get his secret keyring from Netcom and they could monitor his communications with out a problem. >> I just don't think the dangers are worth it. All the theoretical hot >> air about whether keystroke timings are "random enough" is moot if >> Netcom is turning over records to investigators. >> It creates a dangerous illusion of security. What illusion of security? If I have my secret keyring residing someplace where I can't physically control who has access to it, no way is this keyring secure!! It goes against the definition of a secret. Once you tell someone a secret, It no longer is a secret. In effect this person has told Netcom his secret, therefore it no longer is a secret. Just because you're paranoid, doesn't mean they're not out to get you. Be paranoid!! >> (For those with no home machines, and perhaps those who mainly use >> campus services, work stations, etc., I'm not faulting you; people use >> what they have to use. Longer term, though, PGP needs to run on secure >> hardware. Secure meaning not easily grabbed by the authorities without >> even one's knowledge!!) This just goes to prove that no matter how secure the crypto system is, if it is implemented in an insecure way, the whole system is compromised. If you are using a "One Time Pad" to communicate with someone and you make an extra set of pages and give them to someone that you really don't know and trust (Netcom), no way can you call this secure. Even though most will agree that the "One Time Pad" is the most secure crypto system, it is being implemented in an insecure way hence it is insecure. --BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCNAy5pUekAAAEEAKrDj64Zj9AJU+gC7/Ivdk8b1ef6a1T9K5CGFeu1yFDSXLyD DLIdGunZR/4ilosLMxdlZcNqPwZ3HgxL+Gk3y2SwYfqKpeWExWPgb696lgzf2BRC tED15ZAwi3UDIkcouv2PBiDwPNUUmnLb5diDXdA3qtALb+XzlwpnimeWAf3FAAUT tCFTYW11ZWwgS2FwbGluIDwrMSAoNjEyKSA1MzAtNzMxNj6JAJUCBRAuaVLjQqfV nzRSzxkBAcXuA/47yIN+sltMyIRqCgUZz/gubdI6LUcpFsTcXsFWppROpAWFPJv0 J9z/UoP1kjJ+nrAAizuKuhmC5eg5OOxUE+tUgSPl6hAtu2xJYmKtCbQpxF0sG8ni 4e8I8Zsk5vcopO5Vub96CiVgPjI5vITCb32kcLKI1yyFaztbHdtOasUthg== =M8Dh --END PGP PUBLIC KEY BLOCK----- ----------------------------------------------------------------------------- Fido: Sam Kaplin 1:282/1018 | "...vidi vici veni" - Overheard Compuserve: 75240,131 | outside a Roman brothel. samuel.kaplin at warehouse.mn.org | 75240,131 at compuserve.com | Change is the only constant in the For confidential communications use PGP | Universe..."Four quarters, please." ----------------------------------------------------------------------------- =========================================================================== Processed by WILDUUCP! v1.00 for WILDCAT! =========================================================================== From anonymous at extropia.wimsey.com Mon Sep 12 02:07:16 1994 From: anonymous at extropia.wimsey.com (anonymous at extropia.wimsey.com) Date: Mon, 12 Sep 1994 02:07:16 -0700 Subject: "Will You Be a Terrorist?" Message-ID: <199409120907.AA15385@xtropia> in [Check it out - Cross-posted from Fidonet:] The "Crime Bill" passed by Congress recently (truename: Violent Crime Control and Law Enforcement Act of 1994) has a frightening provision that hides a boogeyman under its superficially appealing surface: *----------* *----------* *----------* SEC. 120005. PROVIDING MATERIAL SUPPORT TO TERRORISTS. (a) Offense.--Chapter 113A of title 18, United States Code, is amended by adding the following new section: ``Sec. 2339A. Providing material support to terrorists ``(a) Definition.--In this section, `material support or resources' means currency or other financial securities, financial services, lodging, training, safehouses, false documentation or identification, communications equipment, facilities, weapons, lethal substances, explosives, personnel, transportation, and other physical assets, but does not include humanitarian assistance to persons not directly involved in such violations. ``(b) Offense.--A person who, within the United States, provides material support or resources or conceals or disguises the nature, location, source, or ownership of material support or resources, knowing or intending that they are to be used in preparation for, or in carrying out, a violation of section 32, 36, 351, 844 (f) or (i), 1114, 1116, 1203, 1361, 1363, 1751, 2280, 2281, 2331, or 2339 of this title or section 46502 of title 49, or in preparation for or carrying out the concealment of an escape from the commission of any such violation, shall be fined under this title, imprisoned not more than 10 years, or both. ``(c) Investigations.-- ``(1) In general.--Within the United States, an investigation may be initiated or continued under this section only when facts reasonably indicate that-- ``(A) in the case of an individual, the individual knowingly or intentionally engages, has engaged, or is about to engage in the violation of this or any other Federal criminal law; and ``(B) in the case of a group of individuals, the group knowingly or intentionally engages, has engaged, or is about to engage in the violation of this or any other Federal criminal law. ``(2) Activities protected by the first amendment.--An investigation may not be initiated or continued under this section based on activities protected by the First Amendment to the Constitution, including expressions of support or the provision of financial support for the nonviolent political, religious, philosophical, or ideological goals or beliefs of any person or group.''. (b) Technical Amendment.--The chapter analysis for chapter 113A of title 18, United States Code, is amended by adding the following new item: ``2339A. Providing material support to terrorists.''. *----------* *----------* *----------* In the U.S. Title 18 Code, terrorism is defined as "engaging in any act or conspiring to engage in any act intended to intimidate or coerce the civilian population or the government" or close words to that effect. What does this mean? Suppose you organize a militia and some little jot or tittle is just that much off -- and the thugs at the BATF or FBI or NatPol decide that your militia is an "armed group"? They can now seize your house, your car, your bank account and anything else even remotely connected with the maintenance or support of the militia, and make *you* prove your innocence before the Federal thugs will grudgingly return your life to you. Suppose you participate in a demonstration against abortion and just one member of the peaceful demonstration gets into a fistfight with an escort. You had given a ride to this demonstrator -- is the fistfight "terrorism" and you a collaborator in this "terrorism" to be arrested and thrown in jail and your car seized until you can prove that you did not know that the other demonstrator did intend to fight with an escort? Suppose you demonstrate against national health care and you yell that Clinton should be thrown out of office and make a threatening gesture -- will the thugs treat this as an "attempt to intimidate the government" and take your car and perhaps your home if you used it to prepare materials for the demonstration? Suppose you quote Thomas Jefferson's words about a revolution being due every twenty years -- will you be thrown into jail for that? Note that the above section does not allow anything but "NON-violent" goals. This is another direct attack upon the First Amendment and deeply disturbing in its implications when considered as part of a set of other federal statutes scattered across Title 18 criminal law. ***end of quoted section*** -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, From usura at xs4all.nl Mon Sep 12 03:58:11 1994 From: usura at xs4all.nl (Alex de Joode) Date: Mon, 12 Sep 94 03:58:11 PDT Subject: Running PGP on Netcom (and Similar) Message-ID: <199409121057.AA01026@xs1.xs4all.nl> Timothy C. May (tcmay at netcom.com) did write: : Not that had Mr. De Payne been using PGP on Netcom, with his secret : key stored there, the cops would have it. (The passphrase maybe not, : depending on whether he stored _that_ there, too. And whether Netcom : had logs of keystrokes entered, which strikes me as something they : would probably have--we really need a "zero knowledge" kind of : "reach-back" for remotely-run PGP.) Would a "challange response" type of verification do the "trick", ie is it secure enough for passphrase monitering ? : I just don't think the dangers are worth it. All the theoretical hot : air about whether kestroke timings are "random enough" is moot if : Netcom is turning over records to investigators. : --Tim May -- ____ Alex de Joode \ /__ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- \/ / "It's dangerous to be right when the government is wrong." \/ --Voltaire --finger usura at xs4all.nl for PGPpublicKEY-- From snyderra at dunx1.ocs.drexel.edu Mon Sep 12 06:16:20 1994 From: snyderra at dunx1.ocs.drexel.edu (Bob Snyder) Date: Mon, 12 Sep 94 06:16:20 PDT Subject: Running PGP on Netcom (an Message-ID: At 3:52 AM 9/12/94, SAMUEL KAPLIN wrote: >What illusion of security? If I have my secret keyring residing someplace >where I can't physically control who has access to it, no way is this >keyring secure!! It goes against the definition of a secret. Once you tell >someone a secret, It no longer is a secret. In effect this person has told >Netcom his secret, therefore it no longer is a secret. Just because you're >paranoid, doesn't mean they're not out to get you. Be paranoid!! But keeping it on your home machine, the bad guys could break into your house, set up a keyboard monitoring program, and get it that way. Or if they wanted to, grab you and force you to reveal your key. It's not black and white. There are degrees of security. I keep my encrypted secret key on dunx1, a UNIX box used by many other people. Anyone who has the ability to can either watch my keystrokes, probe through memory to retrieve my key or message, or probably a few other things I haven't thought of. The benefit, though, of being able to decode messages as soon as I receive them, and being able to send encrypted messages when I'm not at home is major. For me at least, it's a fair trade-off. There isn't anything I send right now that I would find particularly embarassing should it become public knowledge. If I did get into that situation, I'd probably create a second key pair for use only at home, and keep both in use. The bad guys will almost always be able to get your key. Even if they have to get you to get it. The goal is to raise the difficulty such that they aren't willing to do it. Bob -- Bob Snyder N2KGO MIME, PGP, RIPEM mail accepted snyderra at post.drexel.edu PGP & RIPEM keys on key servers When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. From habs at panix.com Mon Sep 12 06:37:03 1994 From: habs at panix.com (Harry S. Hawk) Date: Mon, 12 Sep 94 06:37:03 PDT Subject: Interns Sought (tele-commute), c++, tech writers & requirements Message-ID: <199409121336.AA10482@panix.com> ____________ The Position ____________ We are looking for several Interns from now through December. Internships are unsalaried. At the successful completion of the Internship a $200 stipend will be paid. These are "work at home" and telecommuting internships. ___________ Who We Want ___________ We are looking for C++ programmers We are looking for Tech Writers We are looking for Technical Requirements Researchers ___________ Requirements ___________ Must have the ability to communicate in English (mostly written, but verbal as well). Experience with mail applications, sendmail, and mime a plus. Programmers must have access to a system with the g++ 2.5.8 and the ability to send RFC-822 E-mail. Tech Writers should have access to an ASCII editor (emacs preferred). Researchers should be able to surf the Internet and have access to technical libraries. You can be located anywhere in the world. We hire without regard to race, religion, gender, sexual orientation, or any physical disabilities. Be able to sign and return by mail a non-disclosure agreement. __________ Who we are __________ We are PowerMail, Inc. a privately funded commercial venture incorporated in the state of Delaware. We are building a state of the art e-mailing list software in C++; The name of the product is MailWeir(tm). _______ Details _______ We are looking for programmers with solid C++ skills to build objects for us. There a lots to chose from; many are quite interesting. We are looking for tech writers to help with system level and end user documentation. We are looking for technical requirements researchers. These researchers will investigate various standards including RFC, ISO, IEEE, etc. and write functional requirements for various objects to be compliant with these standards. __________________ Please get in touch __________________ Please send your resume and qualifications to: exi-powermail at powermail.com Please send ASCII resumes only. _______________ For Information _______________ For more information on any position, please send mail to habs at powermail.com Don't send resumes here. /hawk -- Harry S. Hawk habs at panix.com Product Marketing Manager PowerMail, Inc. Producers of MailWeir(tm) & PowerServ(tm) From raph at CS.Berkeley.EDU Mon Sep 12 06:49:44 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Mon, 12 Sep 94 06:49:44 PDT Subject: List of reliable remailers Message-ID: <199409121350.GAA03322@kiwi.CS.Berkeley.EDU> I have written and installed a remailer pinging script which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, at: http://www.cs.berkeley.edu/~raph/remailer-list.html Please let me know about any other remailers which I missed. I've only included remailers which can mail to arbitrary addresses, so I already know chop and twwells are missing. This information is used by premail, a remailer chaining and PGP encrypting client for outgoing mail, which is available at: ftp://kiwi.cs.berkeley.edu/pub/raph/premail-0.22.tar.gz For the PGP public keys of the remailers, as well as some help on how to use them, finger remailer.help.all at chaos.bsu.edu This is the current info: REMAILER LIST This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the 10-day history, and average latency and uptime for each remailer. You can also get this list by fingering remailer-list at kiwi.cs.berkeley.edu. $remailer{"chaos"} = " cpunk hash ksub"; $remailer{"vox"} = " cpunk oldpgp. post"; $remailer{"avox"} = " cpunk oldpgp post"; $remailer{"extropia"} = " cpunk pgp special"; $remailer{"kaiwan"} = " cpunk pgp hash latent cut"; $remailer{"portal"} = " cpunk pgp hash"; $remailer{"alumni"} = " cpunk pgp hash"; $remailer{"bsu-cs"} = " cpunk hash ksub"; $remailer{"rebma"} = " cpunk pgp hash"; $remailer{"jpunix"} = " cpunk pgp hash latent cut post"; $remailer{"wien"} = " cpunk pgp hash nsub"; $remailer{"c2"} = " eric pgp hash"; $remailer{"soda"} = " eric pgp. post"; $remailer{"penet"} = " penet post"; $remailer{"ideath"} = " cpunk hash ksub"; $remailer{"usura"} = " cpunk pgp. hash latent cut post"; $remailer{"leri"} = " cpunk pgp hash"; $remailer{"desert"} = " cpunk pgp."; Last ping: Mon 12 Sep 94 6:00:01 PDT remailer email address history latency uptime ----------------------------------------------------------------------- wien remailer at ds1.wu-wien.ac.at -*+*******-* 17:09 99.99% bsu-cs nowhere at bsu-cs.bsu.edu ****##****+* 7:12 99.99% c2 remail at c2.org -+***+*+**** 18:16 99.99% jpunix remailer at jpunix.com **++##**** * 5:40 99.99% extropia remail at extropia.wimsey.com --..-+-++-- 2:29:43 99.99% chaos remailer at chaos.bsu.edu ######*****# 1:57 99.98% ideath remailer at ideath.goldenbear.com **+*#+*+**** 8:14 99.96% leri remail at leri.edu **+*#+****** 9:34 99.95% kaiwan ghio at kaiwan.com ++--*-+*.-+ 29:35 99.83% soda remailer at csua.berkeley.edu +++..+++++++ 1:29:40 99.89% vox remail at vox.xs4all.nl --- ...--- 11:43:07 99.72% alumni hal at alumni.caltech.edu *+ * **-**** 50:25 99.53% portal hfinney at shell.portal.com *+ #**-**** 56:07 99.31% desert remail at desert.xs4all.nl ..-- 26:50:26 99.03% rebma remailer at rebma.mn.org +--- ----*- 6:41:53 98.76% usura usura at xs4all.nl +* -******* 9:57 96.99% penet anon at anon.penet.fi __++******** 10:53:28 93.49% Suggested path: c2;bsu-cs;wien For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html Options and features cpunk A major class of remailers. Supports Request-Remailing-To: field. eric A variant of the cpunk style. Uses Anon-Send-To: instead. penet The third class of remailers (at least for right now). Uses X-Anon-To: in the header. pgp Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID. oldpgp Remailer does not like messages encoded with MIT PGP 2.6. Other versions of PGP, including 2.3a and 2.6ui, work fine. hash Supports ## pasting, so anything can be put into the headers of outgoing messages. ksub Remailer always kills subject header, even in non-pgp mode. nsub Remailer always preserves subject header, even in pgp mode. latent Supports Matt Ghio's Latent-Time: option. cut Supports Matt Ghio's Cutmarks: option. special Accepts only pgp encrypted messages. History key * # response in less than 5 minutes. * * response in less than 1 hour. * + response in less than 4 hours. * - response in less than 24 hours. * . response in more than 1 day. * _ response came back too late (more than 2 days). If you've got a Web page, please feel free to include a link to this page. If you think your Web page is relevant to the subject of remailers, let me know and I'll link it in. Comments and suggestions welcome! Note to remailer operators: this script generates hourly ping messages. If you don't want that, let me know and I will take your mailer off the list, or increase the interval between pings. Raph Levien From huntting at glarp.com Mon Sep 12 07:47:36 1994 From: huntting at glarp.com (Brad Huntting) Date: Mon, 12 Sep 94 07:47:36 PDT Subject: Running PGP on Netcom (and Similar) In-Reply-To: <199409120049.RAA15757@netcom11.netcom.com> Message-ID: <199409121441.IAA11650@misc.glarp.com> > A "Cypherpunk RISK" (apologies to the "RISKS" list) to running PGP on > Netcom, Portal, America Online, etc. systems (and on university, > corporate, etc. systems), is the obtaiing of *all* records, > directories, etc. by court order. > This has happened more than once, and will likely happen more and more > in the future, as law enforcement realizes what a treasure trove this > can be. I am under the impression that many if not all Internet providers which provide interactive logins have been raided durring the past year. The raids I know of were conducted by U S Marshalls acting on behalf of a few large electronics firms (who just happen to all have the same intelectual property atourney). brad From frissell at panix.com Mon Sep 12 08:17:37 1994 From: frissell at panix.com (Duncan Frissell) Date: Mon, 12 Sep 94 08:17:37 PDT Subject: Phil Zimmerman in Atlanta Message-ID: <199409121517.AA13900@panix.com> I am authorized to announce... Phil Zimmerman is in Atlanta for Interop and will be a "commentator" at a separate panel discussion (Tuesday 13 September) on Clipper/DTI sponsored by EPIC. The subject of the panel is "Issues of Trust" -- "Can we trust the government?" All the usual suspects: Clinton Brooks (late of NSA) Jim Bidzos (RSA) John Droge (?) Dorthey Denning (Georgetown) Barbara Simons (ACM) David Sobel (EPIC) From Ron_Bardarson at smtp.esl.com Mon Sep 12 08:25:32 1994 From: Ron_Bardarson at smtp.esl.com (Ron Bardarson) Date: Mon, 12 Sep 94 08:25:32 PDT Subject: Introduction- Telephone Message-ID: Reply to: RE>>Introduction: Telephone traffic analysis >> I stumbled upon this great explanation of telephone traffic analysis and >> thought I'd share it with the list: >It is to evade this sort of traffic analysis that complex routing, batching >and clustering of anon remailer traffic is being evolved. As long as 'someone else' controls the medium thru which the messages pass, traffic analysis will be possible. It may be a large problem, but it will still be doable with sufficient motivation. When you have an untappable wire between the sender and recipient, then traffic analysis is impossible (and crypto unnecessary). In order to get to the remailer chain you mention, I (for instance) can ONLY pass thru a couple a machines, which if properly monitored, reveal the traffic flow despite the remailers. You can still beat traffic analysis (and you still need crypto), but not in this medium. From sandfort at crl.com Mon Sep 12 08:41:00 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 12 Sep 94 08:41:00 PDT Subject: ACAPULCO H.E.A.T. Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, You won't believe what a chatterbox I'm going to be today. This is just the first of several posts I am planning. Of course, the most important must come first. This week's installment of Acapulco H.E.A.T. was the second part of a two-episode show called "Code Name: Stalemate." As you may recall, from last week, the story, set at a chess tournament in Venezuela, involved the attempted assassination of an ex-KGB spy named Andre by H.E.A.T.'s archenemy, Strake. I should mention that Andre was a dead ringer for Barry Goldwater (except with a bad Russian accent.) This week's episode hardly seemed connected to last week's. Strake is still holding Krissie hostage, but he seems more intent now on killing the entire H.E.A.T. The actor who plays Strake, a total megalomanic, completely chews the scenery in the worst case of over-acting I've seen in years. This, of course, leads to gratuitous gun play (God, women with guns make me so hot), a boat chase, an exploding boat and the inevitable climactic fist fight between the Good Guy and the Bad Guy. (The Good guy wins.) During the show we have Strake bugging H.E.A.T. HQ and shutting it down (again). Only this time Ashley breaks the "Kasporov algorithm" and breaks Stake's hold over the H.E.A.T. center AND infiltrates Strake's system. Strake also spoofs a phone call so that H.E.A.T. can't trace it. The Team uses small tracking devices to locate kidnapped members (they are discovered). I got some heat (pun intended) for not mentioning last week's bikini/Fabio ratio. When these episodes were make, Fabio was not part of the Team. They are all re-runs, so I don't know if he was part of the original cast and dropped later, or the other way around. Anyway, no Fabio. None of the principles were in bikinis, except for Krissie in the romantic flashback Marcos had while she was being held hostage by Strake. A number of beach background scenes were used, however, to pump up the bikini quotient. Finally, we did have a curious exchange between Tony and Cat in which he explained Zen. It had something to do with water and ice, but I guess I wasn't spiritual enough to grok it. IMPORTANT ANNOUNCEMENT: My operatives are everywhere. Even as I write, one of them is on the trail of Alison Armitage .GIFs! If he is successful in bagging them, he will reveal his identity and make said .GIFs available to interested Cypherpunks. Stay tuned. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From adam at bwh.harvard.edu Mon Sep 12 08:55:58 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Mon, 12 Sep 94 08:55:58 PDT Subject: Running PGP on Netcom (and Similar) In-Reply-To: <199409121057.AA01026@xs1.xs4all.nl> Message-ID: <199409121554.LAA10096@bwh.harvard.edu> Alex de Joode: | Timothy C. May (tcmay at netcom.com) did write: | | : Not that had Mr. De Payne been using PGP on Netcom, with his secret | : key stored there, the cops would have it. (The passphrase maybe not, | : depending on whether he stored _that_ there, too. And whether Netcom | : had logs of keystrokes entered, which strikes me as something they | : would probably have--we really need a "zero knowledge" kind of | : "reach-back" for remotely-run PGP.) | | Would a "challange response" type of verification do the "trick", ie | is it secure enough for passphrase monitering ? If the system is well designed. I sent the following to Phil Z. back in July to address exactly this problem. Hopefully, it will be in pgp3. > > As a user of PGP for a while, there is a feature that I would >like to see added to PGP 3, when that comes out. The enhancement >would allow PGP to be used with an untrusted local CPU/network. (Of course, I should have said 'untrusted network.' If the local CPU really is untrustworthy, you might be running a comprimised version of PGP, etc.) > To do this properly, you would want one shot passphrases, >similar to S/Key. The implementation I see would have PGP hash your >pass phrase some large number of times (say 1000, which takes less >than a second on my 68030 mac) before using it to decrypt your pass >phrase. > > Then, when logged in from a line being sniffed, you would >invoke PGP -1es ..., and when prompted for your pass phrase you would >enter 800/something-ugly-that-md5-makes. PGP would then md5 this 200 >times, and you'd have demonstrated your knowledge of your passphrase >without ever sending it over a line. Clearly, PGP would need to store >the fact that you had used #800, and only accept lower numbers. From perry at imsi.com Mon Sep 12 09:00:46 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 12 Sep 94 09:00:46 PDT Subject: Cryptography Mailing List (was Re: Ecash mailing list? ) In-Reply-To: <199409100147.SAA08070@netcom9.netcom.com> Message-ID: <9409121600.AA00569@snark.imsi.com> Timothy C. May says: > > Is anybody interested in forming a mailing list explicitly for e-cash > > discussion? After looking at the c'punks list for at least a year, > > there seems to be the critical mass of interest to create a medium > > volume mailing list. > > Half a dozen such special sub-list exists on Cypherpunks--bet you > didn't know that, eh? That's because they go unused, for reasons I've > written about before. I'm thinking (again) about setting up a specialized mailing list for discussing cryptography... Perry From eckerg at is.NYU.EDU Mon Sep 12 09:04:32 1994 From: eckerg at is.NYU.EDU (greg ecker) Date: Mon, 12 Sep 94 09:04:32 PDT Subject: CONTROL FREAKS (nee, AIDs testing and privacy) In-Reply-To: <199409091528.KAA28635@zoom.bga.com> Message-ID: this mailing list has swayed far from it's original purpose. "cypherpunks" ? sounds more like daytime t.v. to me. From sandfort at crl.com Mon Sep 12 09:10:15 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 12 Sep 94 09:10:15 PDT Subject: CRYPTO ANARCHY/SOCIAL BODY Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Doug Cutrell offered some well thought out speculations on the social consequences of "crypto anarchy" in an essay he just posted to the list. I would like to respond to a few of his comments. Doug wrote: ... it is imperative that cypherpunks,... consider carefully what social impact these changes may have.... cypherpunks should examine ways to influence the deployment and patterns of use of strong crypto tools in society, and not merely consider the construction of the tools alone.... With all due respect, I think this has already been done by most Cypherpunks. We have looked at societal trends, seen problems, posited strong crypto as the solution to some of those problems and examined the consequences of strong crypto solutions. No one is writing code just to write code. The Cypherpunks list has always been ideologically driven. Though Cypherpunks cover the political spectrum, they have put aside sectarian differences to work towards the narrow ideology of personal privacy. At the same time, we have always thought about crypto "side effects." ... man is a social animal. We are evolved to survive through cooperative interactions with each other.... There are universal properties of interaction which create the social body in these species, and in all human societies throughout history. These properties depend fundamentally on the publicly visible nature of most social interactions.... Well, here I must disagree. While there is no disputing that man is a social animal, I find the last claim untenable. There are numerous historical forms of cooperative interaction that do not depend--"fundamentally" or otherwise--on a "publicly visible" interaction (e.g., postal mediated relationships, private clubs and other private relationships and most aspects of the market). Individual social animals exist in a relationship to the social body deriving from the visibility of their actions to others. This *defines* individuality.... While this is an interesting concept of individuality, it doesn't jive with any definition I've ever heard. If you were the only person on the planet, you would be just as much an "individual" (perhaps MORE so) than you are with 5.5 billion other folks blocking your view of the parade. ... Strong crypto -- the tools of crypto anarchy -- represents a break in these primal functions upon which the social body is based.... it is not only a first for human societies, but a first for all of biological evolution.... nodes -- "individuals" -- may appear and disappear over extremely short time periods, as anonymous identities come and go. All nodes may have any number of unknowable links, or links which are unknowable by arbitrarily large sections of the net. Links may have new properties, such as asymmetry of identity. Individual nodes may "unknowably" represent (equate with) entire collections of other nodes. The point is that the social structure is altered along dimensions that have been constant since the dawn of the evolution of social animals. Here is the crux of the matter. Doug obviously believes that crypto anarchy represents a paradigm shift or quantum leap in human interaction. I don't think so. every one of the "unique" properties Doug claimed existed for crypto anarchy already exists in the non-crypto society. I won't (unless asked) enumerate such analogs, but I will give two "clues" as an exercise for the student: John Paul Jones and Delaware corporations. [1] This picture implies the development of something radically different than what we now think of as a social body. [2] It is far more complex, with new types of basic components and operations. [3] There is no reason to expect it to resemble any society in the history of man, or to bear any resemblance to any social body which has evolved to date... [1] Only if the picture is correct, which has not been shown. [2] Granted, it is more complex, but really "new components" has yet to be demonstrated. [3] I most heartily disagree. Humans are conservative; when they make progress, it usually looks like an extension of what went before. (Ever notice how the first autos looked like buggies? Why do computer graphic interfaces use "desk" and "folder" metaphors?) There is *every* reason to expect crypto anarchy will resemble historical social models. ... For my purposes, desirable changes would include an increased standard of living for all humans, increased communications ... undesirable changes would include ... Crypto anarchy is coming whether we like it or not. With it, your hopes and fears are much more in your hands then they have ever been before. I hope we all use our super powers for good rather than evil. In any event, the cat is out of the bag. ... it seems that a reasonable approach would be to conduct computer simulations of the spontaneous forms of self organization that occur in populations participating under various game-theoretic and economic models, when these populations have access to strong crypto.... In my opinion (offered without a shred of proof), (1) it ain't gonna happen, (2) wouldn't work even if it did happen. In closing, I want to thank Doug for refocusing discussion of social implications in such organized and thoughtful way. I want to reiterate, this is not something that Cypherpunks have not thought about and discussed before. Nevertheless, it is always good to go over old ground if it can be done in a reasoned and comprehensive manner. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From sandfort at crl.com Mon Sep 12 09:10:53 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 12 Sep 94 09:10:53 PDT Subject: PRIVACY REGULATIONS Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Thanks to Chris Hibbert for the clarification of his (her?) police stop scenario. The first impression would have constituted very bad advice for dealing with your friend, the policeman. In his second message, Chris wrote: ... you do have to give a name (and probably an address) when the police ask. Of course, it might be added that you have to give a *correct* name, address and whatever. In common law countries, such as the US and UK, this requirement might not be as unequivocal as one might think. What name would "John Wayne" (or "Bill Clinton" for that matter) have to give? Neither was born with those names. What if Paul Stubens(?) hadn't volunteered that he was "Pee Wee Herman" when he got busted for lewd conduct? Maybe he'd still be on TV in his Playhouse. ... When they do have probable cause, they can insist that you cooperate or allow a search. And if you don't cooperate, they can arrest you. "Probably cause" is not required for a police officers to make what is called a "field stop." The criterion for a field stop is "reasonable suspicion." During a field stop, an officer can hold on to you only as long as it takes to determine if there is probable cause to believe you have committed a crime (this could include checking to see if you have any wants or warrants). Incidental to the field stop, the officer is allowed to do a gross pat-down search of you and anything you are wearing or carrying. The purpose of this pat-down is solely to determine if you have weapons that would endanger the officer. They can't, for example, look inside an envelope (which might contain drugs), because it could not reasonably be expected to conceal a weapon such as a knife or gun. ... If you assume they always have the right to insist, you will spend more time talking to cops than you have to, and will let them dig deeper than they have a right to. The longer they poke around the better the chances they'll find something you thought of as innocent that they think is suspicious.... Amen, to that. When a cop asks if he can look in the trunk of your car, or take a look around your apartment, you can say "I'd rather not," and ask if you're free to go. **Remember that they have a gun** and the right to use it in some situations. Be polite. They'll let you know if they're insisting on your cooperation. Physical resistance is a very bad idea. But there's no need to let them look if they don't insist, and they are prohibiting from insisting if they don't have a legally justifiable reason. Dittos. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From sandfort at crl.com Mon Sep 12 09:11:42 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 12 Sep 94 09:11:42 PDT Subject: CONTROL FREAKS Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Samuel Kaplin responded to Duncan's assertion that markets have ways of dealing with uncertainty, by writing: The main assumption here is that the populous and the markets realize that they are in a totalitarian state. We in the U.S. are evolving closer and closer to this and most seem not to see it, and if they do, not to care about it. I think this misses Duncan's point. Neither the populace nor the market (the economic interactions of the populace) need to realize they are in a totalitarian state, to take appropriate action. What the market does "know" is how to shift capital from lesser to more remunerative investments. This is a homeostatic flow just like water seeking its own level. The senario that I see, is [1] the borders being closed.... [2] All of the firearms and weapons being removed from private hands.... [3] The U.S. economy being isolated from the rest of the world.... Once your economy is isolated from the rest of the worlds who cares what a dollar is worth.... [1] If they stopped foreign businesspeople and tourists, the economy suffers. Without Mexican "guest workers" the price of agricultural products go through the ceiling. The US can afford to close its boarders. [2] I'm a gun nut; I know gun nuts. If you want to see a civil war, just try to remove the *200 million* guns from private hands. Gun ownership is *growing* not declining. These folks are *serious* about keeping their weapons. Contrary to popular belief, most cops strongly support the rights of civilians to keep and bear arms. Who are you going to get to grab the guns? [3] The US economy is broad, but not that broad. Without world trade (especially for petroleum) we would grind to a halt. In the meantime, the billions of people who depend on food grown in America would not quietly lay down and starve. The government can, of course, call a dollar whatever it wants. The more unrealistic the assessment, however, the faster black markets will bloom in the "alternative economy." S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From hughes at ah.com Mon Sep 12 09:28:16 1994 From: hughes at ah.com (Eric Hughes) Date: Mon, 12 Sep 94 09:28:16 PDT Subject: Introduction- Telephone In-Reply-To: Message-ID: <9409121550.AA07793@ah.com> When you have an untappable wire between the sender and recipient, then traffic analysis is impossible (and crypto unnecessary). Yet you can create an untappable wire with cryptography! The device in question is called a link encryptor. Take a stream cipher and run it continuously across the channel in question. Pad the asynchronous traffic when it's not flowing and add some synchronization to both the stream and the data insertion. You can tap the physical line still, but the interceptions reveal zero information (computationally--the stream cipher _is_ keyed, after all). A good project would be virtual link encryptors for the Internet. Eric From hughes at ah.com Mon Sep 12 09:29:11 1994 From: hughes at ah.com (Eric Hughes) Date: Mon, 12 Sep 94 09:29:11 PDT Subject: the usual suspects In-Reply-To: <199409121517.AA13900@panix.com> Message-ID: <9409121551.AA07804@ah.com> John Droge (?) John Droge is the product manager for Mykotronx in charge of Clipper products. Eric From nobody at shell.portal.com Mon Sep 12 09:42:59 1994 From: nobody at shell.portal.com (nobody at shell.portal.com) Date: Mon, 12 Sep 94 09:42:59 PDT Subject: Cyphernomicon - Critical Acclaim! Message-ID: <199409121642.JAA15317@jobe.shell.portal.com> Critical Acclaim for the Cyphernomicon ! ---------------------------------------- "My dusty old tomes were showing their age, but the Cyphernomicon has given me a new lease on life. It's going to be fun!" - Old Ned "I think he's trying to confuse us. Don't believe a word he says." Fission Chips "Enlightening." - The King in Yellow "I liked the part about trust." - Ronald Reagan "Now I understand why Lucy always yanked the football away from me." Charlie Brown "I fear for T. C. May's soul." - Jerry Falwell "What a stupid jerk I've been!" - Ollie North "It's nothing but words. No swords, horsemen, or foot soldiers. He doesn't scare me!" - Attilla the Hun "Stay tuned for the blueprint of the next century. But first, Page Two ..." - Paul Harvey "This is a terrible document! I detest it ... and I'm printing a copy for all my friends." - Rush Limbaugh "I am recommending that we ban public use of assault keys, and that only appropriate Federal agencies be allowed to use them." - Janet Reno "I resent his appropriation of the term 'BlackNet'!" - Jesse Jackson "It's nothing really. I've communicated with pseudonyms for years." Miss Manners "That's how we _should_ have done our real estate deals!" Hillary Rodham Clinton "Here are the top ten reasons why you should read the Cyphernomicon ..." David Letterman "What a lucrative market Mr. May has shown! Nobody will ever know how much this means to me." - Bill Gates "He made it all perfectly clear, except perhaps the chapter on anonymity and remailers." - Richard Nixon "If I had had this book, they would be naming high schools after me." Richard Nixon "What, me worry?" - Alfred E. Neuman "Pull my thumb ... if you can find it! Heh heh heh." - Beavis & Butthead From jamesd at netcom.com Mon Sep 12 10:26:17 1994 From: jamesd at netcom.com (James A. Donald) Date: Mon, 12 Sep 94 10:26:17 PDT Subject: Crypto Anarchy and the Social Body (Meta Strong Crypto) In-Reply-To: Message-ID: <199409121725.KAA02972@netcom8.netcom.com> Doug Cutrell writes > CRYPTO ANARCHY AND THE SOCIAL BODY (META STRONG CRYPTO) > .... > > THE SOCIAL ORGANISM The social organism does not exist. If it did exist, and was an organism then it would have goals and purposes. If it had goals and purposes, then these goals would probably be best served by prohibiting strong crypto, encouraging children to rat on their parents, teaching a uniform ideology in compulsory public schools, and forcibly dissolving families and other private bonds and relationships. > Strong crypto -- the tools of crypto anarchy -- represents a break in these > primal functions upon which the social body is based. So why does the number one chimp spend a lot of time hanging out in private with the number two chimp? Why do male dolphins go off in groups of two and three and do syncronized swimming games together? The significance of strong crypto is that it allows us to interact privately with the whole world, not that it allows us to interact privately. It allows us to interact privately on a large enough scale to sustain a modern business and a modern economy. We have always been able to interact privately for a subsistence economy, which is why medieval tax rates were so low. (There is considerable disagreement as to what medieval tax rates were, and it is difficult to distinguish between irregular robbery, which was sometimes large, and regular taxes which were alway low, but the large number of peasants required to support one man at arms, indicates a modest tax rate) It is impossible to predict what the outcome of crypto anarchy will be because, as Hayek has pointed out, it is impossible to predict the consequences of freedom. The weakening of central control will probably mean that some aspects of medieval and dark age society will recur, but at a vastly higher standard of living and literacy. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From tcmay at netcom.com Mon Sep 12 10:40:09 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 12 Sep 94 10:40:09 PDT Subject: CONTROL FREAKS (nee, AIDs testing and privacy) In-Reply-To: Message-ID: <199409121712.KAA20734@netcom16.netcom.com> > > this mailing list has swayed far from it's original purpose. > "cypherpunks" ? sounds more like daytime t.v. to me. > I was busy last week, so did anyone tape Oprah's episode on crypto? Sally Jesse Raphael is doing "The Dining Transexual Cryptographers Problem" and Montel Williams is doing "Men who love women who love PGP." It's so exciting to see crypto enter the mainstream. Me, I can't wait for next month's Barbara Walters interview with Dorothy Denning! --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From tcmay at netcom.com Mon Sep 12 10:43:21 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 12 Sep 94 10:43:21 PDT Subject: Running PGP on Netcom (and Similar) In-Reply-To: <199409121057.AA01026@xs1.xs4all.nl> Message-ID: <199409121657.JAA18367@netcom16.netcom.com> Alex de Joode writes: ... > : had logs of keystrokes entered, which strikes me as something they > : would probably have--we really need a "zero knowledge" kind of > : "reach-back" for remotely-run PGP.) > > Would a "challange response" type of verification do the "trick", ie > is it secure enough for passphrase monitering ? Well, I iused the "reach-back" term in a vague way, to suggest an avenue...it may not be the correct term. We need a system where a user, Alice, computes *something different every time*...a conventional "challenge-response" is not good enough, as anyone monitoring the line or having access to the logs can then impersonate Alice. Zero knowledge interactive proof systems offer such a thing...in fact, password schemes are one of the applications that have been written about. Maybe in PGP 4.0.... --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From hayden at krypton.mankato.msus.edu Mon Sep 12 11:09:55 1994 From: hayden at krypton.mankato.msus.edu (Robert A. Hayden) Date: Mon, 12 Sep 94 11:09:55 PDT Subject: "Packet Sniffers" Message-ID: I know this is probably the wrong forum, but I also know that the quality of hte people here is ample to get my question answered. I am an undergraduate student at a state university in Minnesota. This summer as part of a long-term independent study I set up a Linux machine on the campus ethernet, get it assigned an IP, and then proceeded to do a practicum on system administration and information management. (This is also the same machine that briefly rand the digested version of the Cypherpunks mailing list). Following some departmental conflicts and (IMHO) illegal sanctions, the machine was shut down for some unspecified "security concerns". Essentially, it turns out, the computer science department didn't was this kind of independent project around. So I trundled across campus to another college, got the proper faculty behind me and submitted for the continuance of the project. After three weeks of jumping through the correct hoops and over the correct hurdles, there appears to be only one "concern" remaining. Some junior computer administrator has raised the concept of "packet sniffers" as being a suitable bar for my project (the machine is a 486/66 Linux machine). Unfortunately, I haven't a clue what exactly a "packet sniffer" is and am really not in a position to answer the arguments in even a semi-informed manner. Thus, I am posting here in the hope that one or more of you can take a moment to give me the lowdown on what these things are. Common sense seems to indicate that it is a piece of software or firmware that will display the contents of any packets that pass through the machine on its way to the correct destination. The specific setup would have the machine on a thinnet link in a lab with about 20 other PCs which are used primarily as word processors and terminals to the campus VAX or UNIX machines. The specific upstream setup is unknown, but I assume there is some kind of a line to a router upstream, eventually winding its way into the real world. It seems to me that a packet sniffer on the lowest link of the network wouldn't be able to look at those packets passing upstream because the router would never pass them down, but I could be just plain wrong and thats why I'm asking for some clarification. Thanks for your help. Sorry if this seems confusing. ____ Robert A. Hayden <=> hayden at krypton.mankato.msus.edu \ /__ -=-=-=-=- <=> -=-=-=-=- \/ / Finger for Geek Code Info <=> I do not necessarily speak for the \/ Finger for PGP Public Key <=> City of Mankato or anyone else -=-=-=-=-=-=-=- (GEEK CODE 2.1) GJ/CM d- H-- s-:++>s-:+ g+ p? au+ a- w++ v* C++(++++) UL++++$ P+>++ L++$ 3- E---- N+++ K+++ W M+ V-- -po+(---)>$ Y++ t+ 5+++ j R+++$ G- tv+ b+ D+ B--- e+>++(*) u** h* f r-->+++ !n y++** From tcmay at netcom.com Mon Sep 12 11:16:59 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 12 Sep 94 11:16:59 PDT Subject: How to Handle Corrections/Additions to Cyphernomicon Message-ID: <199409121732.KAA23467@netcom16.netcom.com> Thanks all for the responses to the Cyhernomicon. Some people have begun to send corrections, clarifications, elaborations, etc., and others have asked me what _form_ such points shold be made in, e.g., should they list the "16.3.1" section numbers, etc.? So here are some points: 1. By all means send corrections, etc., as I said in the docs (the Release Note). 2. Include a *fragment of text* you are responding to. This will allow me to grep for the fragment or keyword and thus make the changes. 3. The section numbers ("13.9.1") are *NOT* useful, as they change automatically everytime I rearrange material. (By the way, I only chose to number the stuff out to 3 levels..."MORE" will do it to any number of levels, or mix in bullets, stars, Roman numbers, etc.) 4. If you think some points ought to be publically discussed, use your judgement and, then, go ahead and do so. Obviously I didn't intend the FAQ as a static, undiscussable document. (There are themes in it that don't get enough discussion, and that need discussion.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From jamiel at sybase.com Mon Sep 12 11:17:26 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Mon, 12 Sep 94 11:17:26 PDT Subject: They Know How Many Letters You Send Message-ID: I stopped to get money at an ATM for my bank (Wells Fargo) this morning, and there were little flyers littering the area informing me that I can now purchase stamps there, just as easily as I can get money. There was no surcharge for the convienience. I instantly saw visions of new junkmail. "Since you are such an active user of the postal service, we'd like to offer you this wonderful automatic stamp licker for only..." And then I thought of that data building up somewhere, in a creaky database somewhere, and heard the dialog "Citizen IYTC804HI3 has purchased 845 stamps to date this year and isn't a registered home business owner. Red Flag." Maybe I'm getting cranky and paranoid in my old age. From adam at bwh.harvard.edu Mon Sep 12 11:47:10 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Mon, 12 Sep 94 11:47:10 PDT Subject: "Packet Sniffers" In-Reply-To: Message-ID: <199409121847.OAA17194@arthur.bwh.harvard.edu> The way thinnet ethernet works, all machines on the net will probably see all packets going to/from any of them. If you have root access, you can look at all packets coming across the network. (You can do this with a PC or Mac as well.) The way telnet works has no encryption in it; the password you type gets sent across the network as you type it. This is barely even a secret anymore. Thats the technical side of it. What the junior admin type says is correct. You will be able to snarf the passwords of anyone who logs in over the local thinnet segment. My response to this is, so can anyone with a Mac or PC. There is code out there that will sniff passwords for you. (I've heard its in the public domain on PCs, but do not know.) The question is, what is your institution doing about this threat in general? Do they let people log in over the internet? If so, passwords have been stolen. Do they maintain full physical control of the wires between data centers? Does the institution have a policy for dealing with this? The problem seems to be the lack of a security policy to provide guidance in saying why your machine is different from all these other machines out there. If there is a solid difference, then maybe they should keep you out. But I'd guess that you are quite vulnerable to sniffing. I am no longer handing out copies of sniff.c. Track down the phrack. Some sample log output from esniff.c (part of phrack 45) >-- TCP/IP LOG -- TM: Mon Sep 12 14:41:15 -- > PATH: machine1(1625) => machine2(telnet) > STAT: Mon Sep 12 14:41:29, 39 pkts, 46 bytes [TH_FIN] > DATA: (255)(253)^C(255)(251)^X(255)(250)^X > : SUN-CMD(255)(240)(255)(253)^A(255)(252)^Aadam > : ********(127)^ (My password for local logins replaced with ***) Robert Hayden: | The specific setup would have the machine on a thinnet link in a lab with | about 20 other PCs which are used primarily as word processors and | terminals to the campus VAX or UNIX machines. The specific upstream | setup is unknown, but I assume there is some kind of a line to a router | upstream, eventually winding its way into the real world. | | It seems to me that a packet sniffer on the lowest link of the network | wouldn't be able to look at those packets passing upstream because the | router would never pass them down, but I could be just plain wrong and | thats why I'm asking for some clarification. From tcmay at netcom.com Mon Sep 12 11:48:00 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 12 Sep 94 11:48:00 PDT Subject: "The Book of Encyphered Names" Message-ID: <199409121806.LAA28195@netcom16.netcom.com> Somebody asked me what the name "Cyphernomicon" means, another said it was not at all an obscure reference. And another asked if I was claiming that encyption is in some way "evil." I merely borrowed the name from the original "Cyphernomicon," also called "The Book of Encyphered Names." It came to us early this century via the Black Russian anarchist Peter Krypotkin, who had obtained his copy from Sheik Ibn al-Taz Khallikak, the Pine Barrens Horror. It apparently originated in ancient Sumeria, where the cuneiform writing lent itself to encypherment, and spread from the gates of Ishtar to the back alleys of Damascus. A knock-off of it was done by the Mad Arab Al-hazred, and translated by John Dee (better known for his work with Kool John Dee and the Rappin' Cryps). The Cyphernomicon was apparently the basis for the crypto system used by King Solomon for his "Keys of Solomon" (Solomon-Strasser primality test). The original manuscript is on display in the Crypto Museum in Twenty-Nine Primes, California (a few miles from the NSA SIGINT post at Zzyzx). I got this information from my friend Klaus! von Future Prime. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From tcmay at netcom.com Mon Sep 12 12:28:23 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 12 Sep 94 12:28:23 PDT Subject: Cyphernomicon in compressed forms Message-ID: <199409121927.MAA29104@netcom4.netcom.com> I've put two versions of the FAQ up in compressed forms, labelled "compressed" and "gzipped" (with the .Z and .z suffixes). These can be handled in the normal way, with "uncompress" (at your end) and "gunzip" at your end (I'm not sure the trick of forcing the gunzip at my end will work, with the chmod bits I set...that's a reason I left it in uncompressed form). I'm doing this because someone said their VAX won't take files bigger than 1 MB. This may help, as the compressed files are around 450K each. But please don't ask me for other versions. In particular, I can't help the CompuServe users, etc. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From blancw at microsoft.com Mon Sep 12 13:00:28 1994 From: blancw at microsoft.com (Blanc Weber) Date: Mon, 12 Sep 94 13:00:28 PDT Subject: CONTROL FREAKS Message-ID: <9409122001.AA09412@netmail2.microsoft.com> >From 1) Samuel Kaplin & 2) Sandy Sandfort: The senario that I see, is [1] the borders being closed.... [2] All of the firearms and weapons being removed from private hands.... [3] The U.S. economy being isolated from the rest of the world.... [1] If they stopped foreign businesspeople and tourists, the economy suffers. Without Mexican "guest workers" the price of agricultural products go through the ceiling. The US can[not] afford to close its borders. [2] . . . Gun ownership is *growing* not declining. These folks are *serious* about keeping their weapons. . . . . [3] The US economy is broad, but not that broad. Without world trade (especially for petroleum) we would grind to a halt. . . . ...................................................................... ........... Although I can't see the US arriving at Samuel's scenario completely, neither can I prevent from seeing the threat which does rear its ugly head; the trend is towards the proposal & acceptance of more controls. It may not succeed 100%, but still there is an intervening time to consider during which the "legislators" attempt to accomplish just these things. 1) The suffering of the economy has not stopped the big G in the past from preventing "guest workers" or others from crossing the borders, or at least giving them & their US employers a hard time in the process. 2) Gun ownership may be increasing (among the "inner city youth" mostly, it appears sometimes), but nevertheless there are many other groups building up their campaigns against the possession of certain weapons and against "violence" per se. 3) There are always groups in govmt & private industry who wish for protection against the vicissitudes of world trade problems; if it were not for the efforts of those who constantly oppose them it is conceivable that the US could be closed to most areas of trade (even if only temporarily, until the pain becomes too great). It isn't conceivable that the US would ever become 100% isolated and totalitarian, but it is true that there are many people who would support such measures as would arrive at that stage eventually, if they could have their way. Sandy & others (including myself) may be able to reason that it wouldn't work to do such-and-such, because of the adverse consequences and because it wouldn't make economic sense, but it doesn't follow logically that the members of Congress & their supporters will also reason along the same lines. Unfortunately I am constantly reading in the news that just such restrictive, constraining ideas and interests are being proposed in Congress and applauded by private groups. I think that there may be a big tug-of-war between the growing contrasts in the political/philosophical inclinations of the citizenry of the US. The lines between them are becoming more clearly demarcated (to myself, anyway). (Oh - and of course, there will be a role in there, in between, for crypto, what with all the secret messages they will all want to send to each other.) Blanc From SAMUEL.KAPLIN at warehouse.mn.org Mon Sep 12 13:06:26 1994 From: SAMUEL.KAPLIN at warehouse.mn.org (SAMUEL KAPLIN) Date: Mon, 12 Sep 94 13:06:26 PDT Subject: Running PGP on Netcom Message-ID: <35D68629@warehouse.mn.org> Subject: Re: Running PGP on Netcom (an >> But keeping it on your home machine, the bad guys could break into your >> house, set up a keyboard monitoring program, and get it that way. Or if >> they wanted to, grab you and force you to reveal your key. It's highly doubtful that they could physically get to my computer without my knowledge. I service alarms for a living. I work for the company who monitors my alarm. I am the only person who knows the specs on my alarm. It would be pretty tough to conceal a court order to suspend the monitoring from me. Someone would tip me off. Plus the system will communicate with me via 2 other methods that no one knows about. Pretty doubtful. >> It's not black and white. There are degrees of security. I keep my >> encrypted secret key on dunx1, a UNIX box used by many other people. >> Anyone who has the ability to can either watch my keystrokes, probe throug >> memory to retrieve my key or message, or probably a few other things I >> haven't thought of. The benefit, though, of being able to decode messages >> as soon as I receive them, and being able to send encrypted messages when >> I'm not at home is major. For me at least, it's a fair trade-of I guess it depends on your level of paranoia or guilt. :) If I was just putzing around with the software, then I wouldn't be too concerned. If I was actually doing something illegal or confidential with the software then I would be greatly concerned. But under no circumstances would I consider that arrangement secure. If the cops nail this guy, he has no one to blame but himself. He hanged his own ass. >> There isn't anything I send right now that I would find particularly >> embarassing should it become public knowledge. If I did get into that >> situation, I'd probably create a second key pair for use only at home, and >> keep both in use. Then you have the possibility of people sending you secure messages on a compromised key. (The one on the Unix Box) In most cases, its not the technology that nails you, it's human error. Take for example the recent Tiffany's robbery. The police hadn't a clue who pulled it off. I heard statements of grudging praise from many members of the NYPD police department. It was very close to the perfect robbery. They received a tip from a citizen that someone was selling rings matching the description of the stolen merchandise on the street. They busted this individual and he sang. If they would have left the goods sit for a couple of years, they would have gotten away with it. Human stupidity compromised the whole operation. >> The bad guys will almost always be able to get your key. Even if they hav >> to get you to get it. The goal is to raise the difficulty such that they >> aren't willing to do it. This is probably true, but in most cases they won't have to take it from you. Somehow someone will screw up and hand it to them on a silver platter. Instead of John the Baptist's head, its yours! ;{ --BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCNAy5pUekAAAEEAKrDj64Zj9AJU+gC7/Ivdk8b1ef6a1T9K5CGFeu1yFDSXLyD DLIdGunZR/4ilosLMxdlZcNqPwZ3HgxL+Gk3y2SwYfqKpeWExWPgb696lgzf2BRC tED15ZAwi3UDIkcouv2PBiDwPNUUmnLb5diDXdA3qtALb+XzlwpnimeWAf3FAAUT tCFTYW11ZWwgS2FwbGluIDwrMSAoNjEyKSA1MzAtNzMxNj6JAJUCBRAuaVLjQqfV nzRSzxkBAcXuA/47yIN+sltMyIRqCgUZz/gubdI6LUcpFsTcXsFWppROpAWFPJv0 J9z/UoP1kjJ+nrAAizuKuhmC5eg5OOxUE+tUgSPl6hAtu2xJYmKtCbQpxF0sG8ni 4e8I8Zsk5vcopO5Vub96CiVgPjI5vITCb32kcLKI1yyFaztbHdtOasUthg== =M8Dh --END PGP PUBLIC KEY BLOCK----- ----------------------------------------------------------------------------- Fido: Sam Kaplin 1:282/1018 | "...vidi vici veni" - Overheard Compuserve: 75240,131 | outside a Roman brothel. samuel.kaplin at warehouse.mn.org | 75240,131 at compuserve.com | Change is the only constant in the For confidential communications use PGP | Universe..."Four quarters, please." ----------------------------------------------------------------------------- =========================================================================== Processed by WILDUUCP! v1.00 for WILDCAT! =========================================================================== From macorp!moonlight!ken at uu4.psi.com Mon Sep 12 14:46:21 1994 From: macorp!moonlight!ken at uu4.psi.com (Ken Landaiche) Date: Mon, 12 Sep 94 14:46:21 PDT Subject: E.C.T. Message-ID: <9408310233.AA02707@moonlight.noname> First, I like the idea of running important social engineering experiments, like ECT, in cyber-simulations. It gives pretty realistic feedback. But Second, I worry about discovering clever ways to "charge" the play money for general internet services. This will condition people to accept paying in all kinds of novel ways for services that were once freely available. After that, the folks who are trying to figure out how to charge for internet use the way phone companies charge will find little resistance from the net users. Ken From macorp!moonlight!ken at uu4.psi.com Mon Sep 12 15:46:00 1994 From: macorp!moonlight!ken at uu4.psi.com (Ken Landaiche) Date: Mon, 12 Sep 94 15:46:00 PDT Subject: reputation credit 1-3 Message-ID: <9408310328.AA02830@moonlight.noname> In my varied experience with performance appraisals, I have found that one person's "respect 50%" is another person's "respect 90%". Collecting reputation endorsements from many people would have to include this wide margin of error. In practice, when the reputation system reached critical mass, it would develop a norm for how much to trust the average respect number. In fact, the stabilization of this reputation norm is one criterion for reaching the critical mass. Ken From schirado at lab.cc.wmich.edu Mon Sep 12 16:44:11 1994 From: schirado at lab.cc.wmich.edu (No Taxes through No Government) Date: Mon, 12 Sep 94 16:44:11 PDT Subject: PRIVACY REGULATIONS Message-ID: <199409122343.TAA17729@grog.lab.cc.wmich.edu> Yes, physical resistance to authority is, more often than not, a bad idea, and hopefully most of us know why (even if you're right and even if you're being attacked, they're not above planting a gun/drugs/other thing on you to justify beating/killing you). But the Supreme Court has said, most emphatically, that there is no "requirement to identify oneself", regardless of whether an officer has probable cause to stop and question the individual. Brown v. Texas, 443 US 47 (1979). I'd repost the relevant excerpts from this great case again if I hadn't already posted it so many times to so many different fora. Suffice it to say, regardless of whatever else may be at issue, the "ruling establishment" (i.e., the highest legal authority in the country) has stated that there is no requirement to identify oneself. Just had to get that off my chest. We now return you to our regularly scheduled stuff. From pcw at access.digex.net Mon Sep 12 17:06:12 1994 From: pcw at access.digex.net (Peter Wayner) Date: Mon, 12 Sep 94 17:06:12 PDT Subject: "The Book of Encyphered Names" Message-ID: <199409130004.AA22368@access3.digex.net> >Somebody asked me what the name "Cyphernomicon" means, another said it >was not at all an obscure reference. And another asked if I was >claiming that encyption is in some way "evil." > >I merely borrowed the name from the original "Cyphernomicon," also >called "The Book of Encyphered Names." It came to us early this >century via the Black Russian anarchist Peter Krypotkin, who had >obtained his copy from Sheik Ibn al-Taz Khallikak, the Pine Barrens >Horror. This book can't exist because Arthur Clarke proved that the world would end when all "Nine Billion Names of God" were listed. Of course, he didn't deal with the technical point of what would happen if they were encrypted. If the nine billion names were merely a list of all possible combinations of a certain length of a certain alphabet, then the encrypted list should be equal to the regular list if the encryption carries the set in an arc that is one-to-one and onto itself. I.e. automorphic. But I seem to remember that the monks in the list had certain rules about the combinations of their letter. That would make it still a very interesting question of what would happen if the 9 billion names came out encrypted. If no one knew the key, then the world is still safe. But what if one guy knows the key? What if that guy is a mute? What if he's merely an obstreperous hermit? What if he sets out to decrypt the list for his own personal communion with G*d? (Is my email listing the common "G*d" bringing us one step closer to glory or one step closer to destruction?) What if he has access to the neat Cray/SRC machine about which I carried on so intently? So many questions! (?) From tcmay at netcom.com Mon Sep 12 19:22:01 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 12 Sep 94 19:22:01 PDT Subject: Distribution of FAQ to CompuServe, American Online, etc. Message-ID: <199409130205.TAA20370@netcom16.netcom.com> I've had two messages this afternoon asking if people could/should post the Cyhernomicon on AOL and CompuServe. I replied in a negative way to each request, but maybe I need to explain further. My "Crypto Anarchist Manifesto" has been spread to many boards. Which is good, I guess. What's not good in this electronic age is dealing with the dozen or so messages I get in most weeks asking questions, challenging the assumptions, requestiing explanations of terms like "MIPS" and "ISDN," etc. ("Like, dewd, anarchy is like cool..heh heh heh" or "I'm writing a paper for my Poli Sci class and I have some questions...") I just don't have the time to do this kind of "outreach." Some of them I tell about the Cypherpunks list--some of you may've joined via this sort of thing--but others I just thank, telling them I can't engage in a letter-writing process with them. Back to CompuServe and AOL. The FAQ I wrote has a lot of Cypherpunks-centric material in it, and is not intended as an "outreach" document (as, say, some short libertarian books by Hazlitt and Karl Hess were intended to be). I don't even plan to announce it on Usenet, so announcing it on CompuServe, AOL, etc., seems like a bad idea. On the other hand, putting it on these services and then announcing it only to Cypherpunks is OK...just another distribution channel. But don't advertise it to non-Cypherpunks, for these reasons. I just can't handle the questions that would arise. I hope you all can understand this. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From schneier at chinet.chinet.com Mon Sep 12 21:18:26 1994 From: schneier at chinet.chinet.com (Bruce Schneier) Date: Mon, 12 Sep 94 21:18:26 PDT Subject: RC4 Message-ID: I've been out of e-mail range for a while, so some of sci.crypt has fallen off the back end of my host. And I don't read the full Cypherpunks feed. So some of these may be dumb questions, but they're mine and I would like them answered. Does anyone know if this is really RC4? Has anyone compiled it to see if it will run? Has anyone tried to use it to decrypt messages encrypted with some commercial RC4 program? I see that it has been posted anonymously. Was it posted to Cypherpunks only, or did it also get on sci.crypt? If not, did someone from Cypherpunks, anonymously or not, crosspost it to sci.crypt? Has there been any reaction from anybody? RSADS? NSA? NIST? I just sent a copy of Bidzos asking for comment. This seems to be a REALLY GOOD THING, but I would like some verification that it is not a hoax. Inquiring minds want to know. Bruce From cjl at welchlink.welch.jhu.edu Mon Sep 12 21:21:21 1994 From: cjl at welchlink.welch.jhu.edu (cjl) Date: Mon, 12 Sep 94 21:21:21 PDT Subject: CEB September 11, 1994 issue 2 In-Reply-To: <9409120434.AA27988@toad.com> Message-ID: On Sun, 11 Sep 1994, Gary Jeffers wrote: > > CYPHER-REBELS ELECTRONIC BOOK (CEB) SEPTEMBER 11, 1994 > ISSUE 2 > Publisher Gary Lee Jeffers > ccgary at mizzou1.missouri.edu > > > > CCCCCCCCCC YYYY YYYY PPPPPP HH HH EEEEEEE RRRRRRRRR > CCCCCCCCCC YY YY PP PP HH HH EEEEEEE RRRRRRRRR > CCC YY YY PP PP HH HH EE RR RR > CCC YY YY PPPPPP HHHHHHHH EE RR RR > CCC YYY PP HHHHHHHH EEEEEEE RR RR > CCC YYY PP HH HH EEEEEEE RRRRRRRR > CCC YYY PP HH HH EE RRRRRRR > CCC YYY PP HH HH EE RRRRRR > CCCCCCCCCC YYY PP HH HH EE RR RR > CCCCCCCCCCC YYY PP HH HH EEEEEEE RR RR > PP HH HH EEEEEEE RR RR > RRRRRRRRRRR RR RR > RRRRRRRRRRRRRR EEEEEEEEE > RRRRRRRRRRR EEEEEEEEEEE BBBBBBBB EEEEEEEEEE SSSSSSS > RRRRRRRR EEEEEEEEE BBBBBBBBBBB EE EEEEEEE SSSSSSSSS > RR RRRR EEEEEEEEEE BBBBBBBBBB EEEEEEE SSSSSSSSS > RRR RRRR EEEEEEEE BBBBBBBB EEEEEEE SSSSSSSS > RRR RRRRR EEEEEE BBBBBB EEEEEEEE SSSSSSSSS > RRRRRRRRRRRRRR EEEEEEE BBB EEEEEEEEEEE SSSSSSSSSS > RRRRRRRRRRRRRR EEEEEEEEEE BB EEEEEEEEEEE SSSSSSS > RRRRRRR RRRR EEEEEEEEEE BBB EEEEEEEEEEEEEE SSSSSSSSSSSSS > RRR RRRRR EEEEEEEEEEEE BBBBB EEEEEEEEEEEEEEE SSSSSSSSSSSS > RRRRR RR EEEEEEEE BBBBBBB EEEEEEEEE SSSSSSSSSS > RR RRRRR EEEEEE BBBBBBBBB EEEEEEE SSSSSSSSSS > RR RRRRR EEEEEE BBBBBBBBB EEEEEEE SSSSSSSSSS > RRR RRRRRR EEEEEEEEEEE BBBBBBBB EEEEEEEEEEEE SSSSSSSSSSS > RRRR RRRRRRR EEEEEEEEEEEEE BBBBBBB EEEEEEEEEEEEE SSSSSSSSSSSS > CYPHER REBES ???? I have heard of Coptic Christians but Cryptic Jews is a new one on me. Maybe this has something to do with the "Keys of Solomon" that tcmay aka Klaus was talking about. :-) C. J. Leonard ( / "DNA is groovy" \ / - Watson & Crick / \ <-- major groove ( \ Finger for public key \ ) Strong-arm for secret key / <-- minor groove Thumb-screws for pass-phrase / ) From mpj at csn.org Mon Sep 12 21:37:58 1994 From: mpj at csn.org (Michael Johnson) Date: Mon, 12 Sep 94 21:37:58 PDT Subject: Boulder, Colorado RMIUG Crypto-Fest 9/13 6:30pm Message-ID: -----BEGIN PGP SIGNED MESSAGE----- What: Rocky Mountain Internet User's Group (RMIUG) Crypto-Fest When: Tuesday 13 September 1994 7:00pm-9:00pm, cookies at 6:30pm Where: NCAR (West end of Table Mesa Drive), Boulder, COLORADO Who: Philip Dubois (Philip Zimmermann's lawyer and a very nice guy) and Mike Johnson (alledged crypto expert, designer of the Diamond Encryption Algorithm, PGP beta tester, and PGP user). Sorry, Philip Zimmermann had a change of plans and will be at a conference in Atlanta. The show must go on! RMIUG "Crypto-Fest" A users approach to encryption with PGP (Pretty Good Privacy): I. A Very Short History of Cryptography A. Single Key Systems B. Two Key Systems (Public Key Cryptography) C. Hash Functions (MD4, MD4, SHA) D. What can be done with encryption? II. Current crypto applications III. PGP Building Blocks A. Public Key Algorithm (RSA) B. Hash function (MD5) C. Symmetric Key Algorithm (IDEA) D. Compression engine (Info-ZIP) E. ASCII armor engine F. Key database G. File formats IV. What can PGP do? What are its advantages? A. Privacy B. Authentication with nonrepudiation C. Compression (ZIP) D. ASCII armor C. Distributed Key Management (the Web of Trust) D. Inter-platform compatibility E. Wide availability F. Source code available (except for Viacrypt Digi-Sig) G. Ease of use (best around, but could be better) V. Who uses PGP? What do they use it for? VI. How do you use PGP? Read the fine manual. 2 books coming. A. Getting PGP B. Installing PGP C. Generate your key D. Distribute your public key E. Add keys from your correspondents E. Signing messages F. Encrypting messages (public key method) G. Conventional encryption pgp -c VII. History/development of PGP & Legal Issues A. Why did Philip Zimmermann write pgp? B. Legal Issues C. Version History VIII. What's happening now? A. Legal Actions & Status B. Political Action C. Future Development Plans There will be opportunities to ask questions of the two panelists during and after the presentation. ___________________________________________________________ | | |\ /| | | Michael Paul Johnson Colorado Catacombs BBS 303-772-1062 | | \/ |o| | PO Box 1151, Longmont CO 80502-1151 USA Jesus is alive! | | | | / _ | mpj at csn.org aka mpj at netcom.com m.p.johnson at ieee.org | | |||/ /_\ | ftp://ftp.csn.net/mpj/README.MPJ CIS: 71331,2332 | | |||\ ( | ftp://ftp.netcom.com/pub/mpj/README.MPJ -. --- ----- ....| | ||| \ \_/ | PGPprint=F2 5E A1 C1 A6 CF EF 71 12 1F 91 92 6A ED AE A9 | |___________________________________________________________| -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAgUBLnUoSPX0zg8FAL9FAQE6nAQAmWpomcfCcWslktsuRYPNotY8kJFOwiuL BUrh5L/UbCnM8L9Gh36CF2PGjrwuxDLhlySc70yhAGpBuMijWryTk0mPcJVKDoDm 6Z9v+L0Xs4Ql2kTshYpiJg5DlUd7CKsuREN0r07xJUMybudUXM8NLUG9YGvDz4CX tIGH4nlDAS4= =Qedh -----END PGP SIGNATURE----- From greg at ideath.goldenbear.com Mon Sep 12 21:45:55 1994 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Mon, 12 Sep 94 21:45:55 PDT Subject: Distribution of FAQ to CompuServe, American Online, etc. In-Reply-To: <199409130205.TAA20370@netcom16.netcom.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > But don't advertise it to non-Cypherpunks, for these reasons. > I just can't handle the questions that would arise. > I hope you all can understand this. Hmm .. sounds like a good opportunity to spawn off a pseudonym. The Cyphernomicon can stand on its own two feet with respect to being useful - it's nice to know that Tim May wrote it, but it'd be interesting if some nobody did, also. Perhaps the next edition *should* be (apparently) published by some unknown nobody .. Klaus! von Future Prime, or some other fictional character who doesn't get (or need to reply to) E-mail. Important corrections or other comments can get sent to the list for general digestion and discussion. -----BEGIN PGP SIGNATURE----- Version: 2.5 iQCVAgUBLnUs2H3YhjZY3fMNAQHaUwP+Kse2MPMfSiPuf/qzR0sE1UeWsIyuO6Cs EAcr/DVTXptmrypGhbvcpHrIrDWb9/uIHI5bmWLRBL8zk/IUZHoTk27+yXDd4DEG dB7PL3QZoj4U16b3V2qYwKojv5Mm+MuKuJUb2trXCN07j/EkZzE1A52dPQPSLn09 1XDN6PgvCqs= =0Flc -----END PGP SIGNATURE----- From hfinney at shell.portal.com Mon Sep 12 23:05:45 1994 From: hfinney at shell.portal.com (Hal) Date: Mon, 12 Sep 94 23:05:45 PDT Subject: RC4 In-Reply-To: Message-ID: <199409130605.XAA24133@jobe.shell.portal.com> schneier at chinet.chinet.com (Bruce Schneier) writes: >Does anyone know if this is really RC4? Has anyone compiled it to see >if it will run? Has anyone tried to use it to decrypt messages encrypted >with some commercial RC4 program? I thought this posting was very interesting. RC4, as I understand it, is a secret-key algorithm from RSADSI which has been kept secret. I have no information about RC4 so I can't judge whether this is really it. A couple of comments, though. First, there was one obvious typo: xorIndex = state[x] + (state[y]) % 256; should clearly be xorIndex = (state[x] + state[y]) % 256; The second thing I notice is, this is a surprisingly simple algorithm. I say "surprising" for a couple of reasons. First, it seems like this algorithm would not have been difficult to deduce from disassembled object code. Of course, maybe that is where it came from. But it has been around for a number of years without this being published before. Also, this algorithm is not too different from some "naive" algorithms that get posted on sci.crypt from time to time. It basically makes a random (key-based) permutation of 0..255, then indexes into that table a couple of times, adds the results, and uses that as the final index, xor'ing the result with the plaintext. It gets complicated by a simple swap of the two index values, and the choice of the initial indexes is a matter of stepping; one steps by one and the other steps by the table value of the first index. Despite the simplicity, there are no obvious (to me) attacks. The one thing that I notice is that with known plaintext you can recover the table lookup values which are being xor'd. If you can find two identical xor values which are pretty close together, chances are the underlying final index (the sum of the two lookup values) is the same. But since it is a sum there are still a wide range of possible values which made up the sum. It's just really hard to pin things down. Without the swap you could probably do it with enough text, but that swap is constantly stirring the table at a low level, so by the time you had enough data to try to get a handle on the table structure, the table has changed. It's pretty clever. This raises the question about why it is secret. It is (hopefully!) not because the algorithm is weak when exposed. Presumably it is a matter of trade secrecy. Now that the algorithm is exposed (assuming this is the real thing) then this is an apparently unpatented secret-key cypher. Would it be possible for them to have a "backup" patent application that they could push through now? I recall some claims of a similar strategy with respect to Clipper. >I see that it has been posted anonymously. Was it posted to Cypherpunks >only, or did it also get on sci.crypt? If not, did someone from >Cypherpunks, anonymously or not, crosspost it to sci.crypt? I haven't seen it anywhere but here. We could probably get a lot more informed comment on sci.crypt. Maybe it will show up there eventually. >This seems to be a REALLY GOOD THING, but I would like some verification >that it is not a hoax. Yes, it will be interesting to see what comes of it. Hal Finney From ob at id.dtu.dk Tue Sep 13 00:14:24 1994 From: ob at id.dtu.dk (Oluf Bagger) Date: Tue, 13 Sep 94 00:14:24 PDT Subject: "Packet Sniffers" Message-ID: <199409130807.JAA04919@chip2.id.dtu.dk> You should tell the staff at your campuss that a Linux box is no greater threat than any of those PC's used for word processing. A packet sniffer can hide itself as a resident program on a doze box and collect data into a data file. Such a program can be installed by any user on the doze box or even spread as a virus. On a Linux box only root programs have access to the ethernet driver. Any packet sniffer programs can therefore only be installed by root. On a Linux box you only allow access to known users and you have log files stating when users have logged in and out. If the machine have been abused in some way you can trace the problem using the log files. Best Regards, Oluf -------------------------------------------------------------------- Oluf Bagger, Eurochip DTU. tlf: +45 4593 3332 lok. 5722 fax: +45 4593 0216 From schneier at chinet.chinet.com Tue Sep 13 00:21:24 1994 From: schneier at chinet.chinet.com (Bruce Schneier) Date: Tue, 13 Sep 94 00:21:24 PDT Subject: RC4 Message-ID: It occurs to me that if the code has not been posted to sci.crypt, then some cypherpunks reader outside the US/Canada should do so. Bruce From ianf at wiley.sydney.sgi.com Tue Sep 13 00:34:21 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Tue, 13 Sep 94 00:34:21 PDT Subject: RC4 In-Reply-To: Message-ID: <9409131731.ZM4418@wiley.sydney.sgi.com> On Sep 13, 2:00am, Bruce Schneier wrote: > It occurs to me that if the code has not been posted to sci.crypt, then > some cypherpunks reader outside the US/Canada should do so. As long as they never have any intention of visiting the USA... :) Ian. From HALVORK at sofus.hiof.no Tue Sep 13 00:35:54 1994 From: HALVORK at sofus.hiof.no (HALVORK at sofus.hiof.no) Date: Tue, 13 Sep 94 00:35:54 PDT Subject: RC4 Message-ID: <5C425D27B7@sofus.hiof.no> >It occurs to me that if the code has not been posted to sci.crypt, then >some cypherpunks reader outside the US/Canada should do so. > >Bruce Ops... I never saw this original posting. Could somebody please re-post it? Please include RC4 in the Subject. - Halvor Kise jr. (from Norway ( From ianf at wiley.sydney.sgi.com Tue Sep 13 01:17:21 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Tue, 13 Sep 94 01:17:21 PDT Subject: "Packet Sniffers" In-Reply-To: <199409121847.OAA17194@arthur.bwh.harvard.edu> Message-ID: <9409131812.ZM11343@wiley.sydney.sgi.com> On Sep 12, 2:47pm, Adam Shostack wrote: > The way thinnet ethernet works, all machines on the net will > probably see all packets going to/from any of them. All machine on the same PHYSICAL network will. If the university is worried about password sniffing, they should put the machine on a bridged ethernet segment. If they're really concerned, give them their own subnet and apply an appropriate routing policy. This is not difficult. > The way telnet works has no > encryption in it; the password you type gets sent across the network > as you type it. This is barely even a secret anymore. It never was a secret. Ian. From trollins at tis.telos.com Tue Sep 13 05:57:56 1994 From: trollins at tis.telos.com (Tom Rollins) Date: Tue, 13 Sep 94 05:57:56 PDT Subject: RC4 Source Code Message-ID: <199409131253.IAA10859@tis.telos.com> Hello, Strange, I didn't see the RC4 code at my site. Would someone that saved it please E-mail me a copy. Thanks, Tom Rollins From snyderra at dunx1.ocs.drexel.edu Tue Sep 13 06:18:33 1994 From: snyderra at dunx1.ocs.drexel.edu (Bob Snyder) Date: Tue, 13 Sep 94 06:18:33 PDT Subject: PGP on Multiuser machines Message-ID: At 4:25 PM 9/12/94, SAMUEL KAPLIN wrote: >It's highly doubtful that they could physically get to my computer without >my knowledge. I service alarms for a living. I work for the company who >monitors my alarm. I am the only person who knows the specs on my alarm. It >would be pretty tough to conceal a court order to suspend the monitoring >from me. Someone would tip me off. Plus the system will communicate with >me via 2 other methods that no one knows about. Pretty doubtful. But they *could*. It would involve a lot of work, but theoretically, they could, right? That still puts it in the catagory of "trade off." Besides, I suspect your situation isn't a common one. ;-) >I guess it depends on your level of paranoia or guilt. :) If I was just >putzing around with the software, then I wouldn't be too concerned. If I >was actually doing something illegal or confidential with the software >then I would be greatly concerned. But under no circumstances would I >consider that arrangement secure. If the cops nail this guy, he has no one >to blame but himself. He hanged his own ass. I don't consider myself "putzing" around with the software. Besides the fact that the more encrypted messages are out there, the less "suspicious" one becomes, I send things like credit card numbers and the like via email. Nothing that would embarass me, but not something I like to have floating around. >Then you have the possibility of people sending you secure messages on a >compromised key. (The one on the Unix Box) In most cases, its not the >technology that nails you, it's human error. Take for example the recent Good point. Although I would hope that if I were doing something nefarious, I would have smarter partners than that. :-) Bob -- Bob Snyder N2KGO MIME, PGP, RIPEM mail accepted snyderra at post.drexel.edu PGP & RIPEM keys on key servers When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. From schneier at chinet.chinet.com Tue Sep 13 07:15:56 1994 From: schneier at chinet.chinet.com (Bruce Schneier) Date: Tue, 13 Sep 94 07:15:56 PDT Subject: RC4 In-Reply-To: <5C425D27B7@sofus.hiof.no> Message-ID: > > > >It occurs to me that if the code has not been posted to sci.crypt, then > >some cypherpunks reader outside the US/Canada should do so. > > > >Bruce > > Ops... > I never saw this original posting. Could somebody please re-post it? > Please include RC4 in the Subject. > > - Halvor Kise jr. > (from Norway ( > Ah. So the odd subject line resulted in many people not seeing. I don't know if any US residents would be willing to repost. I'm not. Bruce From Derek_L_Davis at ccm.ch.intel.com Tue Sep 13 07:21:21 1994 From: Derek_L_Davis at ccm.ch.intel.com (Derek L Davis) Date: Tue, 13 Sep 94 07:21:21 PDT Subject: RC4 Message-ID: <940913072102_1@ccm.hf.intel.com> Text item: Text_1 I didn't see the RC4 post either (subject didn't catch my eye) and now its gone. Anyone care to repost?? From rparratt at london.micrognosis.com Tue Sep 13 07:32:07 1994 From: rparratt at london.micrognosis.com (Richard Parratt) Date: Tue, 13 Sep 94 07:32:07 PDT Subject: PGP2.6.1 Message-ID: <9409131431.AA15354@pero> ----- Begin Included Message ----- From sommerfeld at orchard.medford.ma.us Tue Sep 13 08:13:32 1994 From: sommerfeld at orchard.medford.ma.us (Bill Sommerfeld) Date: Tue, 13 Sep 94 08:13:32 PDT Subject: alleged-RC4 In-Reply-To: <199409130605.XAA24133@jobe.shell.portal.com> Message-ID: <199409131449.KAA00544@orchard.medford.ma.us> Since I haven't seen a statement by anyone who I would believe that this is, in fact, RC4, I'm calling it "Alleged-RC4".. Actually, all the %256 operations in the code are superfluous on 8-bit-byte platforms since the indices are declared as `unsigned char'. There are two interesting features in this alleged-RC4 which clearly put it above the typical xor-based homebrew cypher.. 1) the "pad" is maintained as a permutation of 0..255, so the output should always have a close-to-uniform distribution of output values. 2) the operations which stir the "pad" all have two counters: one (x) which increments by 1 each time, and one (t) which moves in a way dependant on the "pad" values. The x counter guarantees that all bytes in the pad get shuffled with roughly equal frequency, so you're less likely to get stuck in a shorter-length cycle. The y counter moves in a "chaotic" data-dependant way, and each slot in the pad affects its stepping in turn. Probably the only potential weakness I can see is that the `x' and `y' counters are always initialized to zero when starting off; this means that an attacker can almost always know the `x' value used to encrypt each byte of cyphertext they find. I can't see any way to exploit this, though. It would seem that you could (slightly) strengthen the cipher by starting with x=state[0] and y=state[1], then cranking the key generation loop for two more iterations.. The fact that the NSA allows export of this cipher (albeit with keys limited to 40 bits) is interesting.. unlike DES, the alleged-RC4's key setup does not appear to be particularly parallelizeable. A fully-pipelined alleged-RC4 key breaker would require 256 stages of key setup followed by n stages of "encryption" (with ~2k bits of state per stage). This is significantly more complex than the 16-stage pipeline with ~128 bits of state per stage in the pipelined DES-breaker. - Bill From doug at OpenMind.com Tue Sep 13 08:40:13 1994 From: doug at OpenMind.com (Doug Cutrell) Date: Tue, 13 Sep 94 08:40:13 PDT Subject: RC4 Message-ID: >Ah. So the odd subject line resulted in many people not seeing. I don't >know if any US residents would be willing to repost. I'm not. > >Bruce Would you be willing to post simply the subject line and the date of the posting? Many of us may be able to find the post with that information. Doug From sommerfeld at orchard.medford.ma.us Tue Sep 13 08:42:14 1994 From: sommerfeld at orchard.medford.ma.us (Bill Sommerfeld) Date: Tue, 13 Sep 94 08:42:14 PDT Subject: Alleged RC4 source code (message header only) Message-ID: <199409131532.LAA00655@orchard.medford.ma.us> In case any of you had filtered this one out based purely on sender and subject, I've enclosed the *headers* of the message and its first paragraph. The message also contained two source files, "rc4.h" and "rc4.c", implementing a stream cypher which is based on incremental shuffling of a permutation of the numbers 0..255, and seems to be fairly well-suited for efficient implementation in software. For obvious reasons, I'm not including the source files here. ------ Date: Fri, 9 Sep 1994 22:11:49 -0500 Message-Id: <199409100311.WAA12423 at jpunix.com> To: cypherpunks at toad.com From: nobody at jpunix.com Subject: Thank you Bob Anderson Remailed-By: remailer at jpunix.com Complaints-To: postmaster at jpunix.com Sender: owner-cypherpunks at toad.com Precedence: bulk SUBJECT: RC4 Source Code I've tested this. It is compatible with the RC4 object module that comes in the various RSA toolkits. ------ From perry at imsi.com Tue Sep 13 08:55:14 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Sep 94 08:55:14 PDT Subject: RC4 In-Reply-To: Message-ID: <9409131554.AA01795@snark.imsi.com> Doug Cutrell says: > >Ah. So the odd subject line resulted in many people not seeing. I don't > >know if any US residents would be willing to repost. I'm not. > > Would you be willing to post simply the subject line and the date of the > posting? Many of us may be able to find the post with that information. Here are the important headers: Date: Fri, 9 Sep 1994 22:11:49 -0500 Message-Id: <199409100311.WAA12423 at jpunix.com> To: cypherpunks at toad.com From: nobody at jpunix.com Subject: Thank you Bob Anderson From Derek_L_Davis at ccm.ch.intel.com Tue Sep 13 09:31:35 1994 From: Derek_L_Davis at ccm.ch.intel.com (Davis, Derek L) Date: Tue, 13 Sep 94 09:31:35 PDT Subject: RC4 Message-ID: <9408137794.AA779473631@fmsmt13.intel.com> The RC4 post was subjected: "Thanks to Bill ..." (I think) My copy is gone, but someone must still have it. Please repost at least to cypherpunks. Thanks. The following mail header is for administrative use and may be ignored unless there are problems. ***IF THERE ARE PROBLEMS SAVE THESE HEADERS***. Precedence: bulk Sender: owner-cypherpunks at toad.com Cc: cypherpunks at toad.com Subject: Re: RC4 From: doug at OpenMind.com (Doug Cutrell) To: schneier at chinet.chinet.com (Bruce Schneier) Date: Tue, 13 Sep 1994 08:35:40 -0700 Content-Type: text/plain; charset="us-ascii" Mime-Version: 1.0 Message-Id: X-Sender: doug at bluesky.openmind.com Received: from [198.211.130.8] by BlueSky.OpenMind.com (Mercury 1.12); Tue, 13 Sep 94 8:32:16 -700 Received: from MAILQ by OPENMIND (Mercury 1.12); Tue, 13 Sep 94 8:32:22 -700 Received: from OPENMIND/MAILQ by BlueSky.OpenMind.com (Mercury 1.12); Tue, 13 Sep 94 8:32:47 -700 Received: from BlueSky.OpenMind.Com by beeblebrox.tbyte.com (NX5.67d/NX3.0M) id AA10087; Tue, 13 Sep 94 08:32:47 -0700 Received: from beeblebrox.tbyte.com by toad.com id AA27882; Tue, 13 Sep 94 08:40 Received: by toad.com id AA27888; Tue, 13 Sep 94 08:40:13 PDT Received: from toad.com by relay2.UU.NET with SMTP id QQxhet29743; Tue, 13 Sep 1994 11:45:12 -0400 Received: from relay2.UU.NET by hermes.intel.com (5.65/10.0i); Tue, 13 Sep 94 08 Received: from hermes.intel.com by ormail.intel.com with smtp (Smail3.1.28.1 #12) id m0qka63-000MNxa; Tue, 13 Sep 94 08:48 PDT Received: from ormail.intel.com by relay.jf.intel.com with smtp (Smail3.1.28.1 #2) id m0qka64-000twca; Tue, 13 Sep 94 08:48 PDT From rah at shipwright.com Tue Sep 13 10:22:22 1994 From: rah at shipwright.com (Robert Hettinga) Date: Tue, 13 Sep 94 10:22:22 PDT Subject: e$: WSJ, CyberCash, and the Falling Barometer Message-ID: <199409131718.NAA27622@zork.tiac.net> On the front page of today's (9/13/94) Wall Street Journal Marketing section (Page B-1, lower right hand column) is an article about internet commerce. It talks about a group of companies who formed a consortium called CyberCash. The companies and players include the guy who started Interop, and RSA. They are claiming the ability to do credit cards and bank drafts and they say they are in negotiations with Chaum about licencing digital cash. Anonymity was specifically mentioned as a distinguishing marketable feature of digital cash. They still don't get it, but they will soon enough, I suppose. BTW, there was a veiled reference to Bibliobytes(?). At least the WSJ got their story straighter than the Times did. Like I said before, Secure Mosaic meant that "Wallets" and "Cash Registers" for digital cash were imminent. They're not imminent anymore, they're here, and they were just announced at Interop this week. I should have realized something was up, the barometer was falling at a pretty good clip. It started when I was chatting offline with someone from buyinfo and they said that they were under non-disclosure about something very big, but that I would know about it when Interop opened. Then, last Tuesday, I got an interesting cold call from a stringer for a largeish venture capital outfit in Menlo Park. He was doing due dillegence and wanted to ask me some questions about Internet Commerce, and in particular, about digital cash. I told him what I knew, and referred him to some of the senior members of these lists for much better information. I bent his ear a bit about off-line cash underwriting, and I hope it's healing now. I also sent him all of the traffic I had archived since I subscribed to cypherpunks having to do with the internet and the economics thereof. He had the buyinfo and imp-interest archives already. He seemed to think a "schmooze" conference on e$, including invitations to all the usual crypto suspects, plus people in financial operations, regulatory, political, and the institutional investor community might be a good idea. When I came back from a hike(!) in the White Mountains this weekend, I found at long last a reply to my query to DigiCash, Inc. for information. I answered the beta test questionnaire they sent me and sent it back. The barometric pressure was going down very fast all last week, and I didn't even realize it until this morning. My wife got a membership at the Harvard club. A couple of months ago we decided it was time for me to exercise (I push 350), so I work out in the morning there and walk back to the office in my house here in Roslindale (about 7 miles) about 3 or 4 times a week. (ever see the senior senator from Massachusetts' bare butt? You will... at the Harvard Club) This morning, when I looked at the Journal in the locker room, I let out a whoop. (not from seeing Teddy. From seeing the WSJ e$ article.) I was born in El Paso. I whoop a lot. Everyone in the locker room looked at me like I was from Yale, or something. Jeez. I hope we don't get blackballed. A very happy Tuesday to you all, Bob Hettinga Oh. If anyone's crazy enough to want to work on the technology part (development and integration and eventual operations) for very small startup offline digital cash underwriter, let me know. I've already started talking to a finance guy and a (very) part-time treasury management person. It also looks like the legal stuff has been figured out, or CyberCash wouldn't have done a triple-gainer into the pool like that. Any job offer would be contingent upon funding, of course. ;-). ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From LAURENN%smtpgate at earth.wri.org Tue Sep 13 10:40:58 1994 From: LAURENN%smtpgate at earth.wri.org (LAURENN%smtpgate at earth.wri.org) Date: Tue, 13 Sep 94 10:40:58 PDT Subject: Int'l Workshop on Electronic Commerce Message-ID: <9409131338.aa13745@earth.wri.org> With all the discussion relating to financial transactions on this list, I thought I'd forward the following call for papers that appeared in INFOSYS this weekend. -- LaurenN at wri.org * CALENDAR OF UPCOMING EVENTS * *The INFOSYS Calendar of Upcoming Events is updated * *fortnightly and can be obtained in the following ways: * * * *--E-mail: send the following one-line message to * * listserv at american.edu: get infosys calendar * *--FTP: anonymous FTP to ftp.american.edu; file is \infosys\ * * infosys.calendar * *--Gopher: gopher to auvm.american.edu; choose INFOSYS * *--WWW: http://gopher://auvm.american.edu/INFOSYS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ** 0298* * * * * * * * * * * * * * * * * * * * * * * * * * * * ** CALL FOR PAPERS - International Workshop on Electronic Commerce Richard Holowczak, Rutgers Univ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ACM International Workshop on Electronic Commerce In conjunction with The Third International Conference on Information and Knowledge Management (CIKM'94) December 2, 1994 National Institute of Standards and Technology (NIST) Gaithersburg, Maryland OBJECTIVE The workshop will provide an international forum to discuss evolving research issues and applications in the area of Electronic Commerce. Invited speakers from industry, universities and government will present their experiences and vision for the future. The Workshop will begin with a kick-off dinner on Thursday, December 1 evening and a full program on Friday, December 2. The final version of the papers will be included in an edited book that will be published by Springer Verlag as part of its Lecture Notes Series on Computer Science. INFORMATION TO AUTHORS Authors interested in participating in the workshop are invited to submit 2-3 page abstract by October 10 to: Prof. Nabil R. Adam Rutgers University 180 University Avenue Newark, NJ 07102 Fax: (201) 648-1459 E-mail: ecomm at adam.rutgers.edu Notification of acceptance will be sent by October 25. * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ABOUT INFOSYS INFOSYS is an electronic newsletter for faculty, students, and practitioners in the field of Information Systems. INFOSYS publishes news items, requests for assistance, announcements of professional meetings and conferences, position notices, a calendar of upcoming events, comments on recent publications, abstracts of papers that authors are willing to share, and other items of interest to the Information Systems community. INFOSYS is published biweekly, more frequently if volume requires it. INFOSYS operates as an electronic mailing list on listserv software at American University in Washington, DC. The editor is Dennis W. Viehland . To subscribe to INFOSYS send the following one-line electronic mail message to listserv at american.edu (Internet) or listserv at auvm (Bitnet): subscribe infosys yourfirstname yourlastname (e.g., subscribe infosys John Smith). You will receive a welcome letter that will tell you more about INFOSYS and listserv. Guidelines for submitting articles to INFOSYS are published in the Welcome message each new subscriber receives (or e-mail "GET infosys welcome" to listserv at american.edu). Send articles to infosys at american.edu or d.viehland at massey.ac.nz. * * * * * * * * * * * * * * * * * * * * * * * * ------------------------------ End of NEWSLTR Digest - 12 Sep 1994 to 13 Sep 1994 - Special issue ****************************************************************** From perry at imsi.com Tue Sep 13 11:02:27 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 13 Sep 94 11:02:27 PDT Subject: cybercash Message-ID: <9409131802.AA13185@webster.imsi.com> Well, this looks interesting, especially given Steve Crocker's involvement being listed in the article... $whois cybercash.com Trusted Information Systems, Inc. (CYBERCASH-DOM) 3060 Washington Road Glenwood, MD 21738 Domain Name: CYBERCASH.COM Administrative Contact, Technical Contact, Zone Contact: Crocker, Stephen D. (SDC4) crocker at TIS.COM (301) 854-6889 Record last updated on 30-Aug-94. Domain servers in listed order: NS.TIS.COM 192.94.214.100 NS.LA.TIS.COM 198.147.66.1 The InterNIC Registration Services Host contains ONLY Internet Information (Networks, ASN's, Domains, and POC's). From hfinney at shell.portal.com Tue Sep 13 11:07:04 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 13 Sep 94 11:07:04 PDT Subject: alleged-RC4 Message-ID: <199409131806.LAA05147@jobe.shell.portal.com> Bill Sommerfeld writes: >Actually, all the %256 operations in the code are superfluous on >8-bit-byte platforms since the indices are declared as `unsigned >char'. Ah, good point. So my "typo" doesn't really matter (although I think it is a typo.) >Probably the only potential weakness I can see is that the `x' and `y' >counters are always initialized to zero when starting off; this means >that an attacker can almost always know the `x' value used to encrypt >each byte of cyphertext they find. I can't see any way to exploit >this, though. It would seem that you could (slightly) strengthen the >cipher by starting with x=state[0] and y=state[1], then cranking the >key generation loop for two more iterations.. A related point is how the key-dependent state-table permutation is set up. The algorithm is, in pseudo-code, for i from 0 to 255 swap state[i] and state[j] where j is incremented by state[i] plus the next key byte, mod 256. Notice the similarity to the naive random-permutation generator: for i from 0 to 255 j = random (256) swap state[i] and state[j] where random (n) returns a random number less than n. This naive algorithm is not quite right, as it generates 256 to the 256th power equally likely arrangements, when there are actually only 256! arrangements and 256! doesn't even divide 256^256 evenly. The similarity I see is that j is chosen in the prepare_key as a slightly complicated function of the key byte and the current state, and we can view this as a key-dependent substitute for random (256). So it would appear that the prepare_key algorithm, even with a fully random key, may produce a bias in the permutation table. A correct algorithm for a random permutation is: for i from 0 to 255 j = random (i+1) swap state[i] and state[j] Here we choose the random number from among the ones we have already done. This algorithm can be easily proven correct. Perhaps it would be better if the prepare_key algorithm did a similar thing, choosing the entry with which to swap modulo the current "i" value plus one rather than mod 256. One implication of the existing implementation is that there may be a simple relation between at least state[0] and the first character of the key. Initially state[0] will be swapped with the value in the table at the position of the first byte of the key. Since the table is initialized to 0..255, this means that state[0] will hold the value of the first key byte after that swap. Now, it is probable that state[0] will be chosen "randomly" to be swapped with a later entry in the table. But as we discussed here a few days ago, there is about a 1/e chance (about 37%) that it will not be swapped after its first guaranteed swap. This means that 37% of the time that this algorithm is used, state[0] holds the first key byte at startup. OTOH if the modification I suggested above were made, no such conclusion could be drawn and I don't see anything simple you could say about the likely permutation after prepare_key is complete. Now, having said this, I don't see any way to exploit this knowledge to attack the cypher. The "lookup, sum, and lookup" structure of the cypher has too many degrees of freedom to allow this information about state[0] to expose a hint of what the key might be, as far as I can see. But it is an interesting aspect of the key setup, nevertheless. Hal From 0045642 at CCMAIL.EMIS.HAC.COM Tue Sep 13 12:21:31 1994 From: 0045642 at CCMAIL.EMIS.HAC.COM (John L Tocher) Date: Tue, 13 Sep 94 12:21:31 PDT Subject: Key Signing Party? Message-ID: Anybody interested in having a key signing party in the Los Angeles area? John Tocher Tocher at Igate1.HAC.com From rishab at dxm.ernet.in Tue Sep 13 12:29:56 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Tue, 13 Sep 94 12:29:56 PDT Subject: Crackdown in Queensland, Australia? Message-ID: When I saw the Sunday Mail post here on Queensland's prpposed crackdown on cyberspace (for _child pornography_ if you please! I hereby decree that a concerted effort must be made by all to increase the pedophile population of the Net from 97% to 100% - universal coverage. All new subscribers must provide oridinal photographs as evidence of their tendencies before being given a connection), I thought I'd ask Ian Peter himself. Ian Peter, who is quoted in the article and whom I met in February, replied: > Re the Qld stuff - there really are no firm details yet, its proposed > legislation and may well change before becoming law - and the journos > concerned are going on rumnours because no copies of the legislation are > available yet. > > So it's wait and see! > > [... Ian Peter] ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Tue Sep 13 12:31:50 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Tue, 13 Sep 94 12:31:50 PDT Subject: Mailing list for cryptography Message-ID: "Perry E. Metzger" : > I'm thinking (again) about setting up a specialized mailing list for > discussing cryptography... While I agree with Perry's implication that the CP list does tend to go off track rather often, it _was_ set up specifically to bring together the social and technical aspects of cryptography, and does generate useful discussion on occasion ;-] If you want to discuss only cryptography, there's always sci.crypt... ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Tue Sep 13 12:32:16 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Tue, 13 Sep 94 12:32:16 PDT Subject: Social body and crypto Message-ID: I enjoyed Doug's clear statement on the implications of crypto anarchy on society. It should be compulsory reading for all newbies so that they don't get worried next time Larry Detweiler comes bouncing in raving about EVIL LIES MURDER and pseudospoofing. I'd like to point out, however, that crypto anarchy poses no threat whatsoever to personal or corporate relationships based on physical or other concrete identity (truenames). It just makes these relationships _voluntary_ - no one's _forcing_ you to be anonymous. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From jazz at hal.com Tue Sep 13 12:39:06 1994 From: jazz at hal.com (Jason Zions) Date: Tue, 13 Sep 94 12:39:06 PDT Subject: Distribution of FAQ to CompuServe, American Online, etc. Message-ID: <9409131939.AA26407@jazz.hal.com> I considered suggesting that I strip Tim's email address out of the text; then I realized there are probably dozens of copies of it scattered through the document. Even if the Cyphermonicon were written by Sy Ferpunq and not by Tim, there are enough email addresses in the body of the document that this wouldn't save him from email. Completely sanitizing the document with respect to contact info (i.e. using names/nyms only and no addresses) would be something of a project. And it still wouldn't help. The only counterpoint I could make is that CompuServe users are unlikely to join cpunks (too much mail == too much money) and the service is illequipped to help a member find an internet mail address for a person given just a real name. Sanitization might be enough in that environment. Jason From tcmay at netcom.com Tue Sep 13 12:50:48 1994 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 13 Sep 94 12:50:48 PDT Subject: Mailing list for cryptography In-Reply-To: Message-ID: <199409131948.MAA26992@netcom4.netcom.com> Rishab Aiyer Ghosh writes: > "Perry E. Metzger" : > > I'm thinking (again) about setting up a specialized mailing list for > > discussing cryptography... > > While I agree with Perry's implication that the CP list does tend to go off > track rather often, it _was_ set up specifically to bring together the > social and technical aspects of cryptography, and does generate useful > discussion on occasion ;-] > > If you want to discuss only cryptography, there's always sci.crypt... > Not to mention "sci.crypt.research," a moderated group which was just approved and should appear soon. I wish Perry well, but I personally think there are already too many newsgroups, mailing lists, and Web pages out there. I'd rather see people reading the crypto literature ("Paper rulz!") than getting on so many mailing lists and other forums. I know of at least several crypto groups (not counting PGP per se), several PGP groups, several "security" groups, and half a dozen mailing lists on "digital money" in one form or another (IMP-Interest, EDI, NetCommerce (or somesuch), LibTech, AltInst, etc.). Personally, though I'm biased, I think Cyhperpunks has show itself to have the staying power and overall size and depth of knowledge that most of these other groups have lacked. Surprisingly, there is no Usenet group devoted to digital money, no "alt.e$" or "alt.netcash." A better idea might be "sci.econ.????," where the "????" is something appropriate. (I say "sci." because sci.econ and sci.econ.research already exist, not because I believe economics is a science.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From merriman at metronet.com Tue Sep 13 13:19:44 1994 From: merriman at metronet.com (David K. Merriman) Date: Tue, 13 Sep 94 13:19:44 PDT Subject: Mailing list for cryptography Message-ID: <199409132017.AA02968@metronet.com> >"Perry E. Metzger" : >> I'm thinking (again) about setting up a specialized mailing list for >> discussing cryptography... > >While I agree with Perry's implication that the CP list does tend to go off >track rather often, it _was_ set up specifically to bring together the >social and technical aspects of cryptography, and does generate useful >discussion on occasion ;-] > >If you want to discuss only cryptography, there's always sci.crypt... > Snicker, snicker. What planet are *you* living on? :-) The only reason it's sci._crypt_ is because that's what 90% of the flame-fests get started on. I'd guesstimate that only 1 posting in 100 is actually about crypto, or some directly crypto-related matter. The rest of it is S*****light vs. The World name-calling and character assassinations. Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From nobody at vox.xs4all.nl Tue Sep 13 13:37:09 1994 From: nobody at vox.xs4all.nl (An0nYm0Us UsEr) Date: Tue, 13 Sep 94 13:37:09 PDT Subject: RC4 ? Message-ID: <199409132036.AA24724@xs1.xs4all.nl> SUBJECT: RC4 Source Code I've tested this. It is compatible with the RC4 object module that comes in the various RSA toolkits. /* rc4.h */ typedef struct rc4_key { unsigned char state[256]; unsigned char x; unsigned char y; } rc4_key; void prepare_key(unsigned char *key_data_ptr,int key_data_len, rc4_key *key); void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key); /*rc4.c */ #include "rc4.h" static void swap_byte(unsigned char *a, unsigned char *b); void prepare_key(unsigned char *key_data_ptr, int key_data_len, rc4_key *key) { unsigned char swapByte; unsigned char index1; unsigned char index2; unsigned char* state; short counter; state = &key->state[0]; for(counter = 0; counter < 256; counter++) state[counter] = counter; key->x = 0; key->y = 0; index1 = 0; index2 = 0; for(counter = 0; counter < 256; counter++) { index2 = (key_data_ptr[index1] + state[counter] + index2) % 256; swap_byte(&state[counter], &state[index2]); index1 = (index1 + 1) % key_data_len; } } void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key) { unsigned char x; unsigned char y; unsigned char* state; unsigned char xorIndex; short counter; x = key->x; y = key->y; state = &key->state[0]; for(counter = 0; counter < buffer_len; counter ++) { x = (x + 1) % 256; y = (state[x] + y) % 256; swap_byte(&state[x], &state[y]); xorIndex = state[x] + (state[y]) % 256; buffer_ptr[counter] ^= state[xorIndex]; } key->x = x; key->y = y; } static void swap_byte(unsigned char *a, unsigned char *b) { unsigned char swapByte; swapByte = *a; *a = *b; *b = swapByte; } From rarachel at prism.poly.edu Tue Sep 13 13:38:18 1994 From: rarachel at prism.poly.edu (Arsen Ray Arachelian) Date: Tue, 13 Sep 94 13:38:18 PDT Subject: Finger me for MEDUSA Message-ID: <9409132025.AA18580@prism.poly.edu> Sorry I took so long. It's hard having much time left over after getting a job as a novell network administrator (though it's lots of fun.) Anyway, for anyone who is interested in Medusa, I hope you can use finger. If you can't, we'll arange something else... Anyhow, just pipe the output of finger to uudecode in the background and that should do the trick... ie: finger rarachel at photon.poly.edu | uudecode And hope it works. This should generate a file called medusa1b.zip which is a beta version complete with sources. Sometime in the future, I will ftp this program to the usual sites... But first I need some free time. :-) From cactus at bb.com Tue Sep 13 13:56:43 1994 From: cactus at bb.com (L. Todd Masco) Date: Tue, 13 Sep 94 13:56:43 PDT Subject: e$: WSJ, CyberCash, and the Falling Barometer In-Reply-To: <199409131718.NAA27622@zork.tiac.net> Message-ID: <3553tb$15q@bb.com> In article <199409131718.NAA27622 at zork.tiac.net>, Robert Hettinga wrote: >BTW, there was a veiled reference to Bibliobytes(?). At least the WSJ got >their story straighter than the Times did. Excellent. Anybody have the text? It's a bit late in the day to find a copy (though I am working on it: I'm not trying to get others to do my legwork, I'm just following all the paths available to me). -- L. Todd Masco | "Hide, witch, hide! The good folk come to burn thee, their cactus at bb.com | keen enjoyment hid behind a gothic mask of duty." -JS/BATE From rarachel at prism.poly.edu Tue Sep 13 14:02:26 1994 From: rarachel at prism.poly.edu (Arsen Ray Arachelian) Date: Tue, 13 Sep 94 14:02:26 PDT Subject: Distribution of FAQ to CompuServe, American Online, etc. In-Reply-To: Message-ID: <9409132047.AA19013@prism.poly.edu> > > But don't advertise it to non-Cypherpunks, for these reasons. > > > I just can't handle the questions that would arise. > > > I hope you all can understand this. > > Hmm .. sounds like a good opportunity to spawn off a pseudonym. > The Cyphernomicon can stand on its own two feet with respect to > being useful - it's nice to know that Tim May wrote it, but it'd > be interesting if some nobody did, also. Perhaps the next edition > *should* be (apparently) published by some unknown nobody .. > Klaus! von Future Prime, or some other fictional character who > doesn't get (or need to reply to) E-mail. Important corrections or > other comments can get sent to the list for general digestion and > discussion. How about The Mad Cryptographer Abdul RSAed :-) [As opposed to the Mad Arab Abdul Alzhared] From cactus at bb.com Tue Sep 13 14:02:31 1994 From: cactus at bb.com (L. Todd Masco) Date: Tue, 13 Sep 94 14:02:31 PDT Subject: NNTP access to cypherpunks Message-ID: <355473$18p@bb.com> I've been meaning to let folks know about this for a while, but was lame... If anbody wants to read/post Cypherpunks via NNTP, I've set our NNTP server to export "hks.lists.cypherpunks" (as well as the last year of the homebrew digest in "hks.lists.homebrew") to world. To access it, just point your NNTPSERVER (or whatever) to "bb.com" (that'll change in the medium future to "nntp.bb.com", but not yet). It slow, over a 14.4 SLIP link (for now: 56Kbps in a week), but it's manageable. If anybody wants a real feed of it (or any of the security lists), let me know. -- L. Todd Masco | "Hide, witch, hide! The good folk come to burn thee, their cactus at bb.com | keen enjoyment hid behind a gothic mask of duty." -JS/BATE From seeyou at nsc.ernet.in Tue Sep 13 16:49:53 1994 From: seeyou at nsc.ernet.in (Calicut University) Date: Tue, 13 Sep 94 16:49:53 PDT Subject: No Subject Message-ID: <9409131802.AA11052@nsc> Dear Sir, I am working as research scholar at Nuclear Science Centre, New Delhi. I kindly request you to include my name in your mailing list. My e-mail address is seeyou at nsc.ernet.in Thanking you in anticipation. yours sincerely, Vinod Kumar A M Nuclear Science Centre P B No. 10502 New Delhi-110 067. From jrochkin at cs.oberlin.edu Tue Sep 13 16:58:38 1994 From: jrochkin at cs.oberlin.edu (Jonathan Rochkind) Date: Tue, 13 Sep 94 16:58:38 PDT Subject: PRIVACY REGULATIONS Message-ID: <199409132358.TAA15296@cs.oberlin.edu> There is no requirement to identity yourself, but the police will regularly lock you up in jail until you do identify yourself. They can't _force_ you to identify youself, and you can't go to trial for not doing so (partially because they dont' know who you are, but even if they later find out for other means), but nevertheless police departments everywhere will lock you up until you provide ID if you are stopped for a traffic violation. There is a guy around here-abouts who will routinely gets stopped for speeding and refuses to show ID out of principal. They put him in jail. He's tried to sue them, and lost. If it made it all the way to the supreme court, I'm not sure what they would decide. But the point remains, in real life, they put you in jail. Just be aware of it. From vznuri at netcom.com Tue Sep 13 17:15:59 1994 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Tue, 13 Sep 94 17:15:59 PDT Subject: prototype reputation system READY Message-ID: <199409132322.QAA15325@netcom16.netcom.com> I have a prototype reputation system ready for testing. I think many cypherpunks who have debated this topic will be very interested to see the model. It comes very close to ideas knocked around here recently and in the distant past. I'm looking for some volunteers who can help me debug it to the point of being a reliable "production" version. This will involve nothing more than subscribing to a mailing list and testing some of the commands (whichever you wish to experiment with). The entire system is email- and server- based. Email me for more information. I intend that the software, after refined to a degree of stability, will be released in the public domain. I think that reputation or "ratings" systems will ultimately be very important elements of future cyberspatial infrastructure (in some ways even more so than the current Usenet structure), and I hope that there are some hardy pioneers here would would like to contribute to "civilizing cyberspace". Thanks in advance-- Vladimir Z Nuri vznuri at netcom.com ``Imagination is more important than knowledge.'' (Einstein) From thad at pdi.com Tue Sep 13 17:21:22 1994 From: thad at pdi.com (Thaddeus Beier) Date: Tue, 13 Sep 94 17:21:22 PDT Subject: Crypto tie-in to crash at White House Message-ID: <9409140016.AA03500@fulcrum.pdi.com> The Treasury department official in charge of enforcement, Ron Noble, said, in regard to security for the White House "Just as if you had a security measure or alarm system in your house, you wouldn't give me the code for it, I'm not going to give you at this point any specific answers..." Hmm. thad Thad Beier Pacific Data Images 408)745-6755 thad at pdi.com From greg at ideath.goldenbear.com Tue Sep 13 17:50:35 1994 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Tue, 13 Sep 94 17:50:35 PDT Subject: PRIVACY REGULATIONS In-Reply-To: <199409132358.TAA15296@cs.oberlin.edu> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > There is no requirement to identity yourself, but the police will regularly > lock you up in jail until you do identify yourself. They can't _force_ > you to identify youself, and you can't go to trial for not doing so > (partially because they dont' know who you are, but even if they later > find out for other means), but nevertheless police departments everywhere > will lock you up until you provide ID if you are stopped for a traffic > violation. > There is a guy around here-abouts who will routinely gets stopped for > speeding and refuses to show ID out of principal. They put him in jail. > He's tried to sue them, and lost. This seems to conflate three separate issues: 1) being required to identify yourself (e.g., give a name and/or address and/or date-of-birth) 2) being required to "prove" your identity by producing some sort of credential 3) being required to have a valid drivers' license in your possession while driving Hopefully, we will be able to use cryptographic techniques to prevent (3) from being permanently associated with (1) and (2). I'm inclined to eliminate pre-testing and certification for drivers - cops who suspect that a certain person shouldn't be driving could administer some sort of (probably "VR" [ack, buzzwords!]) "road test" on the spot - people who pass are OK, and people who fail - because they're too young, too old, too drunk, too stupid, or too sleepy get punished for driving while incompetent. -----BEGIN PGP SIGNATURE----- Version: 2.5 iQCVAgUBLnZHCH3YhjZY3fMNAQGuwAP9HfTmL8NuheDpBojYvzDWAoJze9LnucCd k3hQnks5cXkrbYVIHsnW05VAzsEGlS6rAHo3CBoAh1lvPF49D+CZvttBKhWW9UTQ ibkLkoFEgdenSUENOuaF8CKF/Jy6zTROsqVAd1w0HaSLSq+I/RURZWny9Qh91hcg rWUbJOv//Xk= =2VHZ -----END PGP SIGNATURE----- From Ron_Bardarson at smtp.esl.com Tue Sep 13 17:53:12 1994 From: Ron_Bardarson at smtp.esl.com (Ron Bardarson) Date: Tue, 13 Sep 94 17:53:12 PDT Subject: PRIVACY REGULATIONS Message-ID: Reply to: RE>>PRIVACY REGULATIONS Can't you free yourself from jail with a writ of habeas corpus ad subjiciendum from John Doe? -------------------------------------- Date: 9/13/94 5:23 PM To: Ron Bardarson From: Jonathan Rochkind There is no requirement to identity yourself, but the police will regularly lock you up in jail until you do identify yourself. They can't _force_ you to identify youself, and you can't go to trial for not doing so (partially because they dont' know who you are, but even if they later find out for other means), but nevertheless police departments everywhere will lock you up until you provide ID if you are stopped for a traffic violation. There is a guy around here-abouts who will routinely gets stopped for speeding and refuses to show ID out of principal. They put him in jail. He's tried to sue them, and lost. If it made it all the way to the supreme court, I'm not sure what they would decide. But the point remains, in real life, they put you in jail. Just be aware of it. ------------------ RFC822 Header Follows ------------------ Received: by smtp.esl.com with SMTP;13 Sep 1994 17:21:06 -0700 Received: from relay2.UU.NET by gatekeeper.esl.com (4.1/SMI-4.1) id AA13040; Tue, 13 Sep 94 17:14:35 PDT Received: from toad.com by relay2.UU.NET with SMTP id QQxhga25260; Tue, 13 Sep 1994 20:04:37 -0400 Received: by toad.com id AA21892; Tue, 13 Sep 94 16:58:38 PDT Received: from cs.oberlin.edu (occs.cs.oberlin.edu) by toad.com id AA21882; Tue, 13 Sep 94 16:58:31 PDT Received: from localhost (jrochkin at localhost) by cs.oberlin.edu (8.6.4/8.6.4) id TAA15296; Tue, 13 Sep 1994 19:58:24 -0400 Date: Tue, 13 Sep 1994 19:58:24 -0400 From: Jonathan Rochkind Message-Id: <199409132358.TAA15296 at cs.oberlin.edu> To: schirado at lab.cc.wmich.edu Subject: Re: PRIVACY REGULATIONS Cc: cypherpunks at toad.com Sender: owner-cypherpunks at toad.com Precedence: bulk From samman at CS.YALE.EDU Tue Sep 13 18:12:11 1994 From: samman at CS.YALE.EDU (Subversive Citizen Unit) Date: Tue, 13 Sep 94 18:12:11 PDT Subject: Crypto tie-in to crash at White House In-Reply-To: <9409140016.AA03500@fulcrum.pdi.com> Message-ID: On Tue, 13 Sep 1994, Thaddeus Beier wrote: > > The Treasury department official in charge of enforcement, Ron Noble, > said, in regard to security for the White House > "Just as if you had a security measure or alarm system in your house, > you wouldn't give me the code for it, I'm not going to give you at > this point any specific answers..." Funny. As i read this, I was reminded pretty much of the whole Clipper crap and wanted to respond with, "I wouldn't give it to you, but you'd just take it from me if I wanted an alarm" Ben. From ekr at eit.COM Tue Sep 13 18:38:18 1994 From: ekr at eit.COM (Eric Rescorla) Date: Tue, 13 Sep 94 18:38:18 PDT Subject: RC4 compatibility testing Message-ID: <9409140137.AA17743@eitech.eit.com> One data point: I can't say anything about the internals of RC4 versus the algorithm that Bill Sommerfeld is rightly calling 'Alleged RC4', since I don't know anything about RC4's internals. However, I do have a (legitimately acquired) copy of BSAFE2 and so I'm able to compare the output of this algorithm to the output of genuine RC4 as found in BSAFE. I chose a set of test vectors and ran them through both algorithms. The algorithms appear to give identical results, at least with these key/plaintext pairs. I note that this is the algorithm _without_ Hal Finney's proposed modification (see <199409130605.XAA24133 at jobe.shell.portal.com>). The vectors I used (together with the ciphertext they produce) follow at the end of this message. -Ekr Disclaimer: This posting does not reflect the opinions of EIT. --------------------results follow-------------- Test vector 0 Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef Input: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 0 Output: 0x75 0xb7 0x87 0x80 0x99 0xe0 0xc5 0x96 Test vector 1 Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0 Output: 0x74 0x94 0xc2 0xe7 0x10 0x4b 0x08 0x79 Test vector 2 Key: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0 Output: 0xde 0x18 0x89 0x41 0xa3 0x37 0x5d 0x3a Test vector 3 Key: 0xef 0x01 0x23 0x45 Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0 Output: 0xd6 0xa1 0x41 0xa7 0xec 0x3c 0x38 0xdf 0xbd 0x61 Test vector 4 Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef Input: 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0 Output: 0x75 0x95 0xc3 0xe6 0x11 0x4a 0x09 0x78 0x0c 0x4a 0xd4 0x52 0x33 0x8e 0x1f 0xfd 0x9a 0x1b 0xe9 0x49 0x8f 0x81 0x3d 0x76 0x53 0x34 0x49 0xb6 0x77 0x8d 0xca 0xd8 0xc7 0x8a 0x8d 0x2b 0xa9 0xac 0x66 0x08 0x5d 0x0e 0x53 0xd5 0x9c 0x26 0xc2 0xd1 0xc4 0x90 0xc1 0xeb 0xbe 0x0c 0xe6 0x6d 0x1b 0x6b 0x1b 0x13 0xb6 0xb9 0x19 0xb8 0x47 0xc2 0x5a 0x91 0x44 0x7a 0x95 0xe7 0x5e 0x4e 0xf1 0x67 0x79 0xcd 0xe8 0xbf 0x0a 0x95 0x85 0x0e 0x32 0xaf 0x96 0x89 0x44 0x4f 0xd3 0x77 0x10 0x8f 0x98 0xfd 0xcb 0xd4 0xe7 0x26 0x56 0x75 0x00 0x99 0x0b 0xcc 0x7e 0x0c 0xa3 0xc4 0xaa 0xa3 0x04 0xa3 0x87 0xd2 0x0f 0x3b 0x8f 0xbb 0xcd 0x42 0xa1 0xbd 0x31 0x1d 0x7a 0x43 0x03 0xdd 0xa5 0xab 0x07 0x88 0x96 0xae 0x80 0xc1 0x8b 0x0a 0xf6 0x6d 0xff 0x31 0x96 0x16 0xeb 0x78 0x4e 0x49 0x5a 0xd2 0xce 0x90 0xd7 0xf7 0x72 0xa8 0x17 0x47 0xb6 0x5f 0x62 0x09 0x3b 0x1e 0x0d 0xb9 0xe5 0xba 0x53 0x2f 0xaf 0xec 0x47 0x50 0x83 0x23 0xe6 0x71 0x32 0x7d 0xf9 0x44 0x44 0x32 0xcb 0x73 0x67 0xce 0xc8 0x2f 0x5d 0x44 0xc0 0xd0 0x0b 0x67 0xd6 0x50 0xa0 0x75 0xcd 0x4b 0x70 0xde 0xdd 0x77 0xeb 0x9b 0x10 0x23 0x1b 0x6b 0x5b 0x74 0x13 0x47 0x39 0x6d 0x62 0x89 0x74 0x21 0xd4 0x3d 0xf9 0xb4 0x2e 0x44 0x6e 0x35 0x8e 0x9c 0x11 0xa9 0xb2 0x18 0x4e 0xcb 0xef 0x0c 0xd8 0xe7 0xa8 0x77 0xef 0x96 0x8f 0x13 0x90 0xec 0x9b 0x3d 0x35 0xa5 0x58 0x5c 0xb0 0x09 0x29 0x0e 0x2f 0xcd 0xe7 0xb5 0xec 0x66 0xd9 0x08 0x4b 0xe4 0x40 0x55 0xa6 0x19 0xd9 0xdd 0x7f 0xc3 0x16 0x6f 0x94 0x87 0xf7 0xcb 0x27 0x29 0x12 0x42 0x64 0x45 0x99 0x85 0x14 0xc1 0x5d 0x53 0xa1 0x8c 0x86 0x4c 0xe3 0xa2 0xb7 0x55 0x57 0x93 0x98 0x81 0x26 0x52 0x0e 0xac 0xf2 0xe3 0x06 0x6e 0x23 0x0c 0x91 0xbe 0xe4 0xdd 0x53 0x04 0xf5 0xfd 0x04 0x05 0xb3 0x5b 0xd9 0x9c 0x73 0x13 0x5d 0x3d 0x9b 0xc3 0x35 0xee 0x04 0x9e 0xf6 0x9b 0x38 0x67 0xbf 0x2d 0x7b 0xd1 0xea 0xa5 0x95 0xd8 0xbf 0xc0 0x06 0x6f 0xf8 0xd3 0x15 0x09 0xeb 0x0c 0x6c 0xaa 0x00 0x6c 0x80 0x7a 0x62 0x3e 0xf8 0x4c 0x3d 0x33 0xc1 0x95 0xd2 0x3e 0xe3 0x20 0xc4 0x0d 0xe0 0x55 0x81 0x57 0xc8 0x22 0xd4 0xb8 0xc5 0x69 0xd8 0x49 0xae 0xd5 0x9d 0x4e 0x0f 0xd7 0xf3 0x79 0x58 0x6b 0x4b 0x7f 0xf6 0x84 0xed 0x6a 0x18 0x9f 0x74 0x86 0xd4 0x9b 0x9c 0x4b 0xad 0x9b 0xa2 0x4b 0x96 0xab 0xf9 0x24 0x37 0x2c 0x8a 0x8f 0xff 0xb1 0x0d 0x55 0x35 0x49 0x00 0xa7 0x7a 0x3d 0xb5 0xf2 0x05 0xe1 0xb9 0x9f 0xcd 0x86 0x60 0x86 0x3a 0x15 0x9a 0xd4 0xab 0xe4 0x0f 0xa4 0x89 0x34 0x16 0x3d 0xdd 0xe5 0x42 0xa6 0x58 0x55 0x40 0xfd 0x68 0x3c 0xbf 0xd8 0xc0 0x0f 0x12 0x12 0x9a 0x28 0x4d 0xea 0xcc 0x4c 0xde 0xfe 0x58 0xbe 0x71 0x37 0x54 0x1c 0x04 0x71 0x26 0xc8 0xd4 0x9e 0x27 0x55 0xab 0x18 0x1a 0xb7 0xe9 0x40 0xb0 0xc0 From claborne at microcosm.sandiegoca.NCR.COM Tue Sep 13 19:26:37 1994 From: claborne at microcosm.sandiegoca.NCR.COM (Claborne, Chris) Date: Tue, 13 Sep 94 19:26:37 PDT Subject: Key Signing Party? Message-ID: <2E763306@microcosm.SanDiegoCA.NCR.COM> -----BEGIN PGP SIGNED MESSAGE----- > From: John L Tocher <0045642 at ccmail.emis.hac.com> > Subject: Key Signing Party? > ---------------------------------------------------------------------- - -------- >Anybody interested in having a key signing party in the Los Angeles > area? > I might be up for it but... I would like to do the same in San Diego and then have a representative of the LA group meet the San Diego group representatives to sign some keys. It would be kind of nice to have a group of trusted cypherpunk members from each city to act as kind of the "CA" allowing you to eventually have some trusted keys from MIT and others that distribute software. I guess it would be a semi formal way to build a trusted hierarchy across the country. Next step would to have cypherpunk-sponsord pub-key-servers to hold these keys. I don't want it to sound too "clubish". I've just never personally met any of the cypherpunks and therefore have very few trusted keys since I can't trust any of the sigs.. Ya gotta start somewhere. I would be interested in seeing one in San Diego to key sign and discuss things like this, GAK, and others. What do you think? - -------------- P.S. Will be out on "special mission" from 1/16 until 10/10. When I return I would like to help make this happen. If you are interested and could attend in SD, send me e-mail and I will start creating a list. Make the SUBJECT= "SD CYPHERPUNKS". 2 - -- C -- ... __o .. -\<, chris.claborne at sandiegoca.ncr.com ...(*)/(*). CI$: 76340.2422 PGP Pub Key fingerprint = A8 FA 55 92 23 20 72 69 52 AB 64 CC C7 D9 4F CA Avail on Pub Key server. -----BEGIN PGP SIGNATURE----- Version: 2.7 iQCVAwUBLnYxzlzvpSsKhLftAQFisgQA0gpYxOTYuemP9qjVeWwQFQQog1f88cOZ o1U2SIPHgiRSXNl+eFhIXr/tZzt7tZRN40UuaMcJ5ZCROCi3FMqW6e8RyqzQVAYp TxLrwCj6Y1+Do3TMWYsUSLNI2j1uXJIUX0HItPvKHgo5/X9tJTNmK6M6mbTzcdX9 hDQ9+3ISooA= =fCeq -----END PGP SIGNATURE----- From rarachel at prism.poly.edu Tue Sep 13 19:38:20 1994 From: rarachel at prism.poly.edu (Arsen Ray Arachelian) Date: Tue, 13 Sep 94 19:38:20 PDT Subject: Medusa on ftp.wimsey.bc.ca Message-ID: <9409140225.AA22198@prism.poly.edu> Hey guys, I just sent medusa to ftp.wimsey.bc.ca, so you don't have to finger me if you can't or don't feel up to it. Right now it's in the uploads directory, but it will probably move later... Now for the software authors in all of us, a good question: WHAT ARE THE BEST FTP SITES TO SEND CRYPTO SOFTWARE TO? Is Soda being managed again for instance? From loofbour at cis.ohio-state.edu Tue Sep 13 20:05:32 1994 From: loofbour at cis.ohio-state.edu (Nathan Loofbourrow) Date: Tue, 13 Sep 94 20:05:32 PDT Subject: RC4 compatibility testing In-Reply-To: <9409140137.AA17743@eitech.eit.com> Message-ID: <199409140305.XAA20174@boa.cis.ohio-state.edu> Eric Rescorla writes: > I note that this is the algorithm _without_ Hal Finney's > proposed modification > > (see <199409130605.XAA24133 at jobe.shell.portal.com>). Hal Finney's patch makes syntactic sense, but won't affect the results of the algorithm. Therefore, Eric's test suite holds for both versions. nathan From hfinney at shell.portal.com Tue Sep 13 21:02:52 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 13 Sep 94 21:02:52 PDT Subject: alleged-RC4 In-Reply-To: <199409131449.KAA00544@orchard.medford.ma.us> Message-ID: <199409140402.VAA26572@jobe.shell.portal.com> Another thing that is pretty obvious is that this kind of cypher is not suitable for certain applications. For example, if you wanted to encrypt individually a lot of different files on your disk, all using the same key, this kind of stream cypher would be totally unsuitable. Any success in guessing the plaintext which corresponds to a given cyphertext reveals the XOR stream that the key generates, and that is the same stream that would be XOR'd to encrypt any other file with the same key. Doing this would be similar to re-using a "one time" pad for many encryptions. This kind of cypher is more appropriate for a communications channel where the key is never re-used, and the two sides can keep persistent and synchronized state. Hal From jdwilson at gold.chem.hawaii.edu Tue Sep 13 22:23:23 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Tue, 13 Sep 94 22:23:23 PDT Subject: Stallings Talk (fwd) Message-ID: I checked my mail and did not find any posts of this article - apologies if I missed it. ---------- Forwarded message ---------- Date: Tue, 13 Sep 1994 20:25:08 GMT From: Quantum Books To: Multiple recipients of list TCP-IP Subject: Stallings Talk Quantum Books will host a luncheon talk on PGP by internationally acclaimed author Bill Stallings at 12:30 p.m. Thursday, September 22. The talk PGP: A Peek Under the Hood will last approximately 30 minutes and provide an overview on the internals of PGP, the e-mail privacy and digital signature application for the masses. Bill Stallings, author of the recently published Network and Internetwork Security and of a forthcoming guide on PGP will also be available to sign copies of his book. The talk is free and a light lunch will be provided. Seating is limited so a reservation is required. RSVP quantum at shore.net -- Quantum Books | A Technical and Professional Bookstore ----------------------------+------------------------------------------ Cambridge: 617-494-5042 | E-Mail: quanbook at world.std.com Philadelphia: 215-222-0611 | Mailing List: quanlist at world.std.com From jdwilson at gold.chem.hawaii.edu Tue Sep 13 23:28:47 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Tue, 13 Sep 94 23:28:47 PDT Subject: 2600 account (fwd) Message-ID: I know this is off subject but I don't have access to (ab)Usenet. Do any of you know how to get in touch with 2600? I've tried, phone, fax and email. -NetSurfer #include standard.disclaimer >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> == = = |James D. Wilson |V.PGP 2.7: 512/E12FCD 1994/03/17 > " " o " |P. O. Box 15432 | finger for full PGP key > " " / \ " |Honolulu, HI 96830 |====================================> \" "/ G \" |Serendipitous Solutions| Also NetSurfer at sersol.com > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ---------- Forwarded message ---------- Date: Tue, 13 Sep 1994 19:04:41 -1000 (HST) From: NetSurfer To: WELL Support Staff Cc: NetSurfer Subject: Re: 2600 account On Tue, 13 Sep 1994, WELL Support Staff wrote: > Date: Tue, 13 Sep 1994 10:49:49 -0700 > From: WELL Support Staff > To: jdwilson at gold.chem.hawaii.edu > Subject: 2600 account > > > >> Is the account 2600 at well.sf.ca.us still an active account? > > No it is not. Mahalo (thanks!) -NetSurfer From jdwilson at gold.chem.hawaii.edu Tue Sep 13 23:31:25 1994 From: jdwilson at gold.chem.hawaii.edu (NetSurfer) Date: Tue, 13 Sep 94 23:31:25 PDT Subject: CIAC Notice - Virus with Crypto Tech... Message-ID: Excerpted from CIAC, a report of a stealth virus that uses encryption as part of its attack. If the list thinks its of interest, I'll zap it over. But briefly: September 13, 1994 1600 PDT Number E-34 _____________________________________________________________________________ PROBLEM: A previously unknown computer virus is damaging systems. PLATFORM: All MS-DOS, PC-DOS, Windows systems, all versions. DAMAGE: Damages files, encrypts hard drive. SOLUTION: Update your Anti-Virus program to detect/remove the virus. _____________________________________________________________________________ VULNERABILITY While it is not epidemic, the virus has been seen at an East ASSESSMENT: coast site and it isn't detected by the current versions of most virus scanners (revised versions are upcoming.) The virus is intentionally damaging and all files on an infected machine are at risk. Warning: Removing the virus may make some files inaccessible (see below.) _____________________________________________________________________________ The virus is intentionally damaging. Every time an infected machine boots, the virus encrypts two cylinders of the DOS partition of the hard drive starting with the highest numbered cylinder and progressing to lower numbered ones. The virus then hides the fact that it is encrypting the hard drive by decrypting any of the encrypted sectors whenever they are accessed by the system. Only with the virus out of memory do you see the encrypted sectors. WARNING: Because of the encryption the virus does, be sure you copy any important files to a floppy disk or tape before removing the virus. The CHK_HALF program described below does not decrypt any encrypted cylinders, so when the virus is removed, the encryption key is lost with it and any files in the encrypted cylinders are lost. =========================================================================== From tcmay at netcom.com Wed Sep 14 00:18:03 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 14 Sep 94 00:18:03 PDT Subject: (fwd) RC4 Algorithm revealed. Message-ID: <199409140716.AAA20646@netcom5.netcom.com> Someone (probably one of you!) has posted this item to several newsgroups. Note the forgery, a la port 25, of "David Sterndark"'s name. I, too, am shocked, simply shocked, and will be nofifying the "Casa Blanca" of this breach. -TCM Newsgroups: sci.crypt,alt.security,comp.security.misc,alt.privacy Path: netcom.com!sterndark From: sterndark at netcom.com (David Sterndark) Subject: RC4 Algorithm revealed. Message-ID: Sender: sterndark at netcom.com Organization: NETCOM On-line Communication Services (408 261-4700 guest) Date: Wed, 14 Sep 1994 06:35:31 GMT I am shocked, shocked, I tell you, shocked, to discover that the cypherpunks have illegaly and criminally revealed a crucial RSA trade secret and harmed the security of America by reverse engineering the RC4 algorithm and publishing it to the world. On Saturday morning an anonymous cypherpunk wrote: SUBJECT: RC4 Source Code I've tested this. It is compatible with the RC4 object module that comes in the various RSA toolkits. /* rc4.h */ typedef struct rc4_key { unsigned char state[256]; unsigned char x; unsigned char y; } rc4_key; void prepare_key(unsigned char *key_data_ptr,int key_data_len, rc4_key *key); void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key); /*rc4.c */ #include "rc4.h" static void swap_byte(unsigned char *a, unsigned char *b); void prepare_key(unsigned char *key_data_ptr, int key_data_len, rc4_key *key) { unsigned char swapByte; unsigned char index1; unsigned char index2; unsigned char* state; short counter; state = &key->state[0]; for(counter = 0; counter < 256; counter++) state[counter] = counter; key->x = 0; key->y = 0; index1 = 0; index2 = 0; for(counter = 0; counter < 256; counter++) { index2 = (key_data_ptr[index1] + state[counter] + index2) % 256; swap_byte(&state[counter], &state[index2]); index1 = (index1 + 1) % key_data_len; } } void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key) { unsigned char x; unsigned char y; unsigned char* state; unsigned char xorIndex; short counter; x = key->x; y = key->y; state = &key->state[0]; for(counter = 0; counter < buffer_len; counter ++) { x = (x + 1) % 256; y = (state[x] + y) % 256; swap_byte(&state[x], &state[y]); xorIndex = (state[x] + state[y]) % 256; buffer_ptr[counter] ^= state[xorIndex]; } key->x = x; key->y = y; } static void swap_byte(unsigned char *a, unsigned char *b) { unsigned char swapByte; swapByte = *a; *a = *b; *b = swapByte; } Another cypherpunk, this one not anonymous, tested the output from this algorithm against the output from official RC4 object code Date: Tue, 13 Sep 94 18:37:56 PDT From: ekr at eit.COM (Eric Rescorla) Message-Id: <9409140137.AA17743 at eitech.eit.com> Subject: RC4 compatibility testing Cc: cypherpunks at toad.com One data point: I can't say anything about the internals of RC4 versus the algorithm that Bill Sommerfeld is rightly calling 'Alleged RC4', since I don't know anything about RC4's internals. However, I do have a (legitimately acquired) copy of BSAFE2 and so I'm able to compare the output of this algorithm to the output of genuine RC4 as found in BSAFE. I chose a set of test vectors and ran them through both algorithms. The algorithms appear to give identical results, at least with these key/plaintext pairs. I note that this is the algorithm _without_ Hal Finney's proposed modification (see <199409130605.XAA24133 at jobe.shell.portal.com>). The vectors I used (together with the ciphertext they produce) follow at the end of this message. -Ekr Disclaimer: This posting does not reflect the opinions of EIT. --------------------results follow-------------- Test vector 0 Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef Input: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 0 Output: 0x75 0xb7 0x87 0x80 0x99 0xe0 0xc5 0x96 Test vector 1 Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0 Output: 0x74 0x94 0xc2 0xe7 0x10 0x4b 0x08 0x79 Test vector 2 Key: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0 Output: 0xde 0x18 0x89 0x41 0xa3 0x37 0x5d 0x3a Test vector 3 Key: 0xef 0x01 0x23 0x45 Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0 Output: 0xd6 0xa1 0x41 0xa7 0xec 0x3c 0x38 0xdf 0xbd 0x61 Test vector 4 Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef Input: 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0 Output: 0x75 0x95 0xc3 0xe6 0x11 0x4a 0x09 0x78 0x0c 0x4a 0xd4 0x52 0x33 0x8e 0x1f 0xfd 0x9a 0x1b 0xe9 0x49 0x8f 0x81 0x3d 0x76 0x53 0x34 0x49 0xb6 0x77 0x8d 0xca 0xd8 0xc7 0x8a 0x8d 0x2b 0xa9 0xac 0x66 0x08 0x5d 0x0e 0x53 0xd5 0x9c 0x26 0xc2 0xd1 0xc4 0x90 0xc1 0xeb 0xbe 0x0c 0xe6 0x6d 0x1b 0x6b 0x1b 0x13 0xb6 0xb9 0x19 0xb8 0x47 0xc2 0x5a 0x91 0x44 0x7a 0x95 0xe7 0x5e 0x4e 0xf1 0x67 0x79 0xcd 0xe8 0xbf 0x0a 0x95 0x85 0x0e 0x32 0xaf 0x96 0x89 0x44 0x4f 0xd3 0x77 0x10 0x8f 0x98 0xfd 0xcb 0xd4 0xe7 0x26 0x56 0x75 0x00 0x99 0x0b 0xcc 0x7e 0x0c 0xa3 0xc4 0xaa 0xa3 0x04 0xa3 0x87 0xd2 0x0f 0x3b 0x8f 0xbb 0xcd 0x42 0xa1 0xbd 0x31 0x1d 0x7a 0x43 0x03 0xdd 0xa5 0xab 0x07 0x88 0x96 0xae 0x80 0xc1 0x8b 0x0a 0xf6 0x6d 0xff 0x31 0x96 0x16 0xeb 0x78 0x4e 0x49 0x5a 0xd2 0xce 0x90 0xd7 0xf7 0x72 0xa8 0x17 0x47 0xb6 0x5f 0x62 0x09 0x3b 0x1e 0x0d 0xb9 0xe5 0xba 0x53 0x2f 0xaf 0xec 0x47 0x50 0x83 0x23 0xe6 0x71 0x32 0x7d 0xf9 0x44 0x44 0x32 0xcb 0x73 0x67 0xce 0xc8 0x2f 0x5d 0x44 0xc0 0xd0 0x0b 0x67 0xd6 0x50 0xa0 0x75 0xcd 0x4b 0x70 0xde 0xdd 0x77 0xeb 0x9b 0x10 0x23 0x1b 0x6b 0x5b 0x74 0x13 0x47 0x39 0x6d 0x62 0x89 0x74 0x21 0xd4 0x3d 0xf9 0xb4 0x2e 0x44 0x6e 0x35 0x8e 0x9c 0x11 0xa9 0xb2 0x18 0x4e 0xcb 0xef 0x0c 0xd8 0xe7 0xa8 0x77 0xef 0x96 0x8f 0x13 0x90 0xec 0x9b 0x3d 0x35 0xa5 0x58 0x5c 0xb0 0x09 0x29 0x0e 0x2f 0xcd 0xe7 0xb5 0xec 0x66 0xd9 0x08 0x4b 0xe4 0x40 0x55 0xa6 0x19 0xd9 0xdd 0x7f 0xc3 0x16 0x6f 0x94 0x87 0xf7 0xcb 0x27 0x29 0x12 0x42 0x64 0x45 0x99 0x85 0x14 0xc1 0x5d 0x53 0xa1 0x8c 0x86 0x4c 0xe3 0xa2 0xb7 0x55 0x57 0x93 0x98 0x81 0x26 0x52 0x0e 0xac 0xf2 0xe3 0x06 0x6e 0x23 0x0c 0x91 0xbe 0xe4 0xdd 0x53 0x04 0xf5 0xfd 0x04 0x05 0xb3 0x5b 0xd9 0x9c 0x73 0x13 0x5d 0x3d 0x9b 0xc3 0x35 0xee 0x04 0x9e 0xf6 0x9b 0x38 0x67 0xbf 0x2d 0x7b 0xd1 0xea 0xa5 0x95 0xd8 0xbf 0xc0 0x06 0x6f 0xf8 0xd3 0x15 0x09 0xeb 0x0c 0x6c 0xaa 0x00 0x6c 0x80 0x7a 0x62 0x3e 0xf8 0x4c 0x3d 0x33 0xc1 0x95 0xd2 0x3e 0xe3 0x20 0xc4 0x0d 0xe0 0x55 0x81 0x57 0xc8 0x22 0xd4 0xb8 0xc5 0x69 0xd8 0x49 0xae 0xd5 0x9d 0x4e 0x0f 0xd7 0xf3 0x79 0x58 0x6b 0x4b 0x7f 0xf6 0x84 0xed 0x6a 0x18 0x9f 0x74 0x86 0xd4 0x9b 0x9c 0x4b 0xad 0x9b 0xa2 0x4b 0x96 0xab 0xf9 0x24 0x37 0x2c 0x8a 0x8f 0xff 0xb1 0x0d 0x55 0x35 0x49 0x00 0xa7 0x7a 0x3d 0xb5 0xf2 0x05 0xe1 0xb9 0x9f 0xcd 0x86 0x60 0x86 0x3a 0x15 0x9a 0xd4 0xab 0xe4 0x0f 0xa4 0x89 0x34 0x16 0x3d 0xdd 0xe5 0x42 0xa6 0x58 0x55 0x40 0xfd 0x68 0x3c 0xbf 0xd8 0xc0 0x0f 0x12 0x12 0x9a 0x28 0x4d 0xea 0xcc 0x4c 0xde 0xfe 0x58 0xbe 0x71 0x37 0x54 0x1c 0x04 0x71 0x26 0xc8 0xd4 0x9e 0x27 0x55 0xab 0x18 0x1a 0xb7 0xe9 0x40 0xb0 0xc0 -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From nobody at shell.portal.com Wed Sep 14 00:20:40 1994 From: nobody at shell.portal.com (nobody at shell.portal.com) Date: Wed, 14 Sep 94 00:20:40 PDT Subject: No Subject Message-ID: <199409140720.AAA07498@jobe.shell.portal.com> Many thanks to the anonymous gentileperson who reposted the RC4 source. Now I can rejoin the conversation already in progress. Louis Cypher (new Nym on the block) From gnu Wed Sep 14 01:35:48 1994 From: gnu (gnu) Date: Wed, 14 Sep 94 01:35:48 PDT Subject: Spatial Databases, Law, and Information Policy conference Message-ID: <9409140835.AA13360@toad.com> Forwarded-by: Lee Tien Forwarded-by: thardy at mail.wm.edu (Trotter Hardy) From: Harlan Onsrud Date: Thu, 8 Sep 1994 11:10:08 -0400 Subject: Conf on Law, Information Policy and Spatial Databases THE CONFERENCE on LAW and INFORMATION POLICY for SPATIAL DATABASES October 28-29, 1994 Arizona State University College of Law Tempe, Arizona SPONSORS National Center for Geographic Information and Analysis Center for the Study of Law, Science and Technology, Arizona State University College of Law CONFERENCE OVERVIEW Geographic information systems (GIS) and their associated databases are gaining widespread use throughout government and the commercial sector in our communities, the nation, and the world. These automated mapping and analysis systems are allowing the collection, integration and interrogation of vast amounts of data. The data and processing capabilities supplied by the technology will constitute a significant component of the emerging national information infrastructure. This enabling technology holds out the promise of increased efficiency in commerce, improvements in the environment, health, and safety, increased convenience for consumers, increases in participatory government, and improved public and private decision-making generally. However, increased use of detailed databases and processing capabilities also poses threats to the ideals of democracies and rights of individuals - the ideals of freedom, security, privacy, and open and free access to government. As we continue to move toward global economies and international networked environments, the need to reconcile competing social, economic, and political interests in digital geographic data will greatly expand. This conference brings together legal and information policy experts with geographic information system specialists to explore four interrelated aspects of information law critical to the handling of geographic information: namely, (1) intellectual property rights in spatial databases, with particular emphasis on copyright; (2) access rights of citizens to publicly held information, including the policies of government agencies in charging for geographic data; (3) protecting personal privacy in using geographic information systems; and (4) liability in connection with the use, sharing, and distribution of GIS data and analysis results. PRELIMINARY PROGRAM Friday, October 28 Welcome and Introduction (7:45 am - ASU Law School, Pedrick Great Hall) Access to Government's Spatial Information I (8:00 a.m.) Moderator: Robert Reis, NCGIA and School of Law, SUNY-Buffalo Establishing a Legal Setting and Organizational Model for Affordable Access to Government Owned Information Management Technology Hugh Archer, Executive Consultant Plangraphics, Inc., Frankfurt, Kentucky A Case for Commercialization of Government Information Products and Services Lori Peterson Dando, Esquire County Attorney's Office (former), Hastings, MN Spatial Databases and Information Policy: A British Perspective David Rhind, Director Ordnance Survey, United Kingdom Question and Answer Session Intellectual Property Rights in Spatial Databases I (9:00a.m.) Moderator: Helen Sharretts-Sullivan, Office of the General Counsel, Defense Mapping Agency Copyright, Licensing, and Cost Recovery: A Legal, Economic, and Policy Analysis William Holland, Executive Director Wisconsin Land Information Board, Madison, WI Surveyors' Copyright in Plans of Survey: Law and Policy John D. McLaughlin, Geographical Engineering and Norman Siebrasse, College of Law, University of New Brunswick, Fredericton Canada Copyright in Electronic Maps Dennis S. Karjala College of Law, Arizona State University Question and Answer Session Break (Coffee, tea, etc.- College of Law Lobby) (10:00 am) Intellectual Property Rights in Spatial Databases II (10:30 am) Moderator: Elaine Albright, Chair, American Library Association Committee on Telecommunications Rights in Government-generated Data Jessica Litman School of Law, Wayne State University Lessons from the Past: Legal and Medical Databases Anne Wells Branscomb Program on Information Resources Policy, Harvard University European Community Directive on Databases Pamela Samuelson School of Law, University of Pittsburgh Question and Answer Session Access to Government's Spatial Information II (11:30 a.m.) Moderator: Dorthy Chambers, J.D., Chief, Branch of Information Access Policy and Coordination, Bureau of Land Management A Review of Alaska's Public Information Access Laws Representative Kay Brown Alaska Legislature, Anchorage, Alaska Issues Concerning Access to Electronic Records Barbara Petersen, Staff Attorney Florida Legislature Joint Committee on Information Technology Resources Federal Information Dissemination and Pricing Policy Peter Weiss, Senior Policy Analyst Office of Management and Budget, Washington, D.C. Question and Answer Session Lunch (12:30 pm - Several eating places within walking distance) Access to Government's Spatial Information III (2:00 pm) Moderator: Earl Epstein, J.D., School of Natural Resources, Ohio State University Effects of Data Policies on the Evolution of the National Spatial Data Infrastructure Nancy Tosta, Staff Director U.S. Federal Geographic Data Committee The Public Interest and the Cost of Government Information: Experience Under the Federal FOIA David Sobel, Legal Counsel Electronic Privacy Information Center, Washington D.C. Promoting a Free Access, Minimal Cost-recovery, Royalty Arrangement for State Held Geographic Information Systems Keene Matsunaga, Esquire, and Jack Dangermond, President, Environmental Systems Research Institute and Prudence Adler, Assistant Director, Association of Research Libraries Question and Answer Session Access to Government's Spatial Information IV (3:00 p.m.) Moderator: Frederick K. Ganyon, J.D., Deputy Chief, Nautical Charting Division, NOAA The Value of Geographic Information. A review of international policies in cost recovery, privatization and commercialization of information gathering and dissemination. Krysia Rybaczuk and Michael Blakemore Mountjoy Research Centre, University of Durham, United Kingdom Remote Sensing Law: Obstacle or Opportunity for GIS? Joanne Gabrynowicz, Associate Professor - Remote Sensing Law and Policy Department of Space Studies, University of North Dakota Implications of Increased Access to Geographic Information Dr. Ronald Abler, Executive Director Association of American Geographers Question and Answer Session Break (4:00 p.m. - coffee, tea, soft drink - College of Law lobby) Liability for Spatial Data I (4:30 p.m.) Moderator: Daniel Strouse, Director, Center for the Study of Law, Science, and Technology, ASU College of Law Tort and Criminal Liability as a Function of the Right to Control Content Henry Perritt, Professor of Law Villanova University School of Law Local Government Liability for Erroneous Data: Law and Policy in a Changing Environment R. Jerome Anderson, Esquire, and Alan R. Stewart, Esquire Plangraphics, Inc., Frankfurt, Kentucky A Case Study in the Misuse of GIS: Siting a Low-Level Radioactive Waste Disposal Facility in New York State Mark Monmonier, Department of Geography Syracuse University Question and Answer Session Saturday, October 29 Liability for Spatial Data II (8:00 a.m.) Moderator: t.b.a. Liability for GIS Datasets as applied to the Commercial, Non- profit and Other Private Sectors Bishop Dansby, Esquire GIS Law and Policy Institute Exploitation of Intellectual Property: Liability, Retrenchment and a Proposal for Change Edward J. Obloy, General Counsel, and B. Helen Sharretts- Sullivan, Defense Mapping Agency Certification of GIS Databases: Reliance and Liability Implications Lawrence Ayers, Executive Vice President and Cliff Kottman, Exec. Manager of Federal Systems, Intergraph Corporation Spatial Data Analysis in the Formation of Public Policy and its Acceptance as Evidence: A Litigator's Perspective on Geographic Information and Analysis Terry Simmons, PhD, Attorney at Law Reno, Nevada Question and Answer Session Protecting Privacy in Using Geographic Information Systems I (9:15 a.m.) Moderator: Lawrence Winer, College of Law, ASU In Plain View: Geographic Information Systems and the Problem of Privacy Michael R. Curry Department of Geography, UCLA Privacy and the Intersection of Geographic Information and Intelligent Vehicle Highway Systems Sheri Alpert and Kingsley Haynes The Institute of Public Policy, George Mason University Privacy: Alternative Protection Scenarios Dr. David Flaherty Information and Privacy Commissioner of British Columbia Question and Answer Session Break (10:15 - Coffee, tea, juice & rolls - College of Law Lobby) Protecting Privacy in Using Geographic Information Systems II (10:45 am) Moderator: t.b.a. Fair Information Practices of the Information Industry Steven Metalitz Information Industry Association, Washington DC Marketing Community Perspectives on Protecting Privacy Tom Gordon, President and General Manager Equifax National Decision Systems, San Diego CA European Perspectives on Protection of Privacy Charles D. Raab, Department of Politics University of Edinburgh, Scotland Question and Answer Session Protecting Privacy in Using Geographic Information Systems III (11:45 a.m.) Moderator: t.b.a. Some Information Age Techno-fallacies and Some Principles for Protecting Privacy Gary Marx, Chair Department of Sociology, University of Colorado-Boulder Protecting Indigenous Peoples' Privacy from "Eyes in the Sky" Wayne Madsen Computer Sciences Corporation, Fairfax, VA Protecting Privacy in Using Geographic Information Systems Harlan J. Onsrud, Jeff Johnson, and Xavier Lopez NCGIA, University of Maine, Orono, Maine Question and Answer Session Closing Announcements (12:45 p.m.) ****************************************************** REGISTRATION FORM Maximum registration will be 250 participants NO ON-SITE REGISTRATION [ ] Full Registration (before October 3) $145 (after October 3) $195 [ ] Student Registration $70 Name: __________________________________ Title: ___________________________________ Affiliation: ______________________________ Address: ________________________________ ________________________________________ ________________________________________ ________________________________________ Phone: __________________________________ FAX: ___________________________________ Email: __________________________________ Make check payable (in US dollars) to: University of Maine and send to: Conference on Law and Information Policy for Spatial Databases NCGIA 5711 Boardman Hall, Rm. 348 University of Maine, Orono, Me 04469-5711 ****************************************************** LOCATION & TRANSPORTATION The conference will take place on October 28 and the morning of October 29, 1994 in the Pedrick Great Hall at the Arizona State University College of Law. The conference has been scheduled to follow immediately GIS/LIS '94 in Phoenix, Arizona. Those attending GIS/LIS and then staying on for this conference should be able to take advantage of reduced airfares because of the Saturday night stay over. The College of Law in Tempe is located approximately ten miles from downtown Phoenix or five miles from the airport. Taxis and hotel shuttles are convenient and moderately priced. For those traveling by car, take the University Avenue exit on Interstate 10 and head east to the ASU campus. The campus is immediately adjacent to Old Town Tempe which contains numerous restaurants and shops within easy walking distance. COOPERATING ORGANIZATIONS American Bar Association Section of Science and Technology American Congress on Surveying and Mapping American Society of Photogrammetry and Remote Sensing AM/FM International Association of American Geographers Computer Professionals for Social Responsibility Federal Geographic Data Committee Information Industry Association National States Geographic Information Council Urban and Regional Information Systems Association CONFERENCE SUPPORTERS Federal Agencies: Bureau of Land Management Coast and Geodetic Survey Defense Mapping Agency Federal Geographic Data Committee Environmental Systems Research Institute Equifax National Decision Systems Intergraph Corporation FOR FURTHER INFORMATION Conference on Law and Information Policy for Spatial Databases 5711 Boardman Hall, Rm 348 University of Maine, Orono, Maine 04469-5711 Phone: (207) 581-2149 Fax: (207) 581-2206 E-mail: ncgia at mecan1.maine.edu ___________________________________________ Harlan J. Onsrud National Center for Geographic Information and Analysis 5711 Boardman Hall, Rm. 348 University of Maine Orono, Maine 04469-5711 Phone (207) 581-2175 FAX (207)581-2206 E-mail: onsrud at mecan1.maine.edu From karn at unix.ka9q.ampr.org Wed Sep 14 02:15:32 1994 From: karn at unix.ka9q.ampr.org (Phil Karn) Date: Wed, 14 Sep 94 02:15:32 PDT Subject: Is cypherpunks archived somewhere? Message-ID: <199409140915.CAA01162@unix.ka9q.ampr.org> Is the cypherpunks list being automatically archived where it can be retrieved by anonymous FTP? Yes, there *are* occasional nuggets on this list. Why, there's even the occasional practical item about cryptography buried in the massive rants to the libertarian choir. But I'd hate to miss stuff like the recent note on RC4. That's why I haven't unsubscribed yet. But something has to give. The list is just too high-volume, and the signal-to-noise ratio is now below -1.6 dB. It's just not worth it. It's a major reason why I always seem to run as much as a week behind on my mail. If there were an automatic FTP archive of the list, then I could unsubscribe while keeping the option of pulling over and grepping through an archived batch every so often just to see if anybody is actually doing anything. Phil From a.brown at nexor.co.uk Wed Sep 14 04:30:01 1994 From: a.brown at nexor.co.uk (Andrew Brown) Date: Wed, 14 Sep 94 04:30:01 PDT Subject: Running PGP on Netcom (and Similar) In-Reply-To: <199409121554.LAA10096@bwh.harvard.edu> Message-ID: On Mon, 12 Sep 1994, Adam Shostack wrote: > > To do this properly, you would want one shot passphrases, > >similar to S/Key. The implementation I see would have PGP hash your > >pass phrase some large number of times (say 1000, which takes less > >than a second on my 68030 mac) before using it to decrypt your pass > >phrase. > > > > Then, when logged in from a line being sniffed, you would > >invoke PGP -1es ..., and when prompted for your pass phrase you would > >enter 800/something-ugly-that-md5-makes. PGP would then md5 this 200 > >times, and you'd have demonstrated your knowledge of your passphrase > >without ever sending it over a line. Clearly, PGP would need to store > >the fact that you had used #800, and only accept lower numbers. I can see how this gets around the problem of sending cleartext passphrases over a network, but how does it help stop the problem of the remote system running a keystroke log that is handed over to the authorities during a bust? Armed with 800/some-number they can just type the same thing into PGP (or a modified copy) and decrypt the files that you were keeping on-line. Regards, - Andy +-------------------------------------------------------------------------+ | Andrew Brown Internet Telephone +44 115 952 0585 | | PGP 2.6ui fingerprint: EC 80 9C 96 54 63 CC 97 FF 7D C5 69 0B 55 23 63 | +-------------------------------------------------------------------------+ From nobody at c2.org Wed Sep 14 05:56:00 1994 From: nobody at c2.org (Anonymous User) Date: Wed, 14 Sep 94 05:56:00 PDT Subject: e$: WSJ, CyberCash, and the Falling Barometer Message-ID: <199409141254.FAA12328@zero.c2.org> THE WALL STREET JOURNAL. (c) 1994 Dow Jones & Company, Inc. ------------------------------------------------------------------------------------------------------------------- TUESDAY, SEPTEMBER 13, 1994 Enterprise: System Planned For Shopping On the Internet ---- By Jared Sandberg Staff Reporter of The Wall Street Journal As millions of computer users browse the Internet for a burgeoning array of goods and services, most can look but not buy. That may soon change. A new company called CyberCash Inc., formed by executives from the Internet and the electronic-payment industries, plans to introduce a system that will allow on-line browsers to pay for an item, either by credit card or through bank transfers, over the global computer network. CommerceNet, a new on-line system funded by Apple Computer Inc., BankAmerica Corp. and others, expects to adopt the CyberCash system by year's end. The company has talked to America Online Inc., which has one million subscribers and to which it has close ties. By clicking a "buy" button, CyberCash users could approve electronic transfers to merchants from checking and credit-card accounts. Companies could pay invoices, and e-mail penpals could settle bets with the point of a mouse. But to do that, CyberCash must first persuade banks that the system is secure from on-line theft, which may be its toughest challenge. "I don't think there's a system that is adequately secure that has been placed on the table," says Sholom Rosen, a vice president for Citicorp, who says he isn't familiar with CyberCash. Even if one emerges, he adds, "it's going to be tough to get everybody to agree on the same system." While some companies, including Citibank, are planning their own business-to-business electronic payment systems on the Internet, CyberCash is aimed at the millions of consumer and business users who browse the Internet. "We want to make the Internet safe for commerce," says CyberCash's co-founder and president, William N. Melton, and "provide safe passage from cyberspace into the banking world." Private on-line services use proprietary software to move funds, which reduces the risk of thieves breaking into the system. But only subscribers are permitted to make on-line purchases, and then only from participating merchants. For example, fewer than 3% of the people who frequent the CompuServe "mall" each month buy anything. The Internet, by contrast, is an unsecured free-for-all that uses "open" software to let tens of thousands of computers link up. That means more computer jocks know how it really works, increasing the chances of a break-in. Mr. Melton is in a good position to overcome the banks' security concerns. He founded Verifone Inc., which makes the devices retailers use to authorize credit-card charges. He sits on the board of America Online and helped launch Transaction Network Services Inc., a data transmission network for six of the 12 largest credit-card processing centers. TNS is expected to be part of CyberCash's private banking network. CyberCash's co-founder is Dan Lynch, founder of Interop Co., a trade-show subsidiary of Ziff Communications Co. that hosts the biggest Internet gatherings. Other partners include Stephen D. Crocker, one of the Internet's architects; James Bidzos, president of RSA Data Securities Inc., a leading software-security firm; and Bruce Wilson, a former Nynex Corp. executive and one-time board member of the Electronic Funds Transfer Association, a banking trade group. The Internet today is one big yard sale of computers, t-shirts, books, compact disks, rope sandals, legal services and hundreds of other products -- with almost no way to buy. An estimated 500 companies, from travel agencies and art galleries to real-estate brokers and a Volvo dealership, have put up storefronts. Most offer only product information and customer support. To make a purchase, a browser must phone a vendor. "It's a very clunky way of conducting electronic commerce," says Jayne Levin, editor of the Internet Letter, a newsletter aimed at business users. She estimates the current value of Internet transactions at a "piddling" $10 million. A few pioneers have passed credit-card numbers safely on the Internet. In July, an electronic bookstore received its first payment over the network. Last month, a small startup retailer in Nashua, N.H., sold its first compact disk on-line. Almost no one, however, has been able to automate payment by bringing banks directly on-line, which is CyberCash's goal. Its approach would let users punch a few keys to ask their banks to set aside money in a "digital purse." When the customer clicks on a "buy" icon, the merchant's computer would pass the request to CyberCash's network, which would forward it to the bank. If funds are available in the "digital purse" or a credit-card account, the money would get tranferred from bank to CyberCash to merchant. CyberCash would receive a small fee for each transaction from the banks. "The transaction is processed instantaneously -- while you wait," says Mr. Crocker of CyberCash. He says the company is working to secure the system, "but there's no question we will have people trying our `front door.'" CyberCash plans to spend $20 million on a private network of computers, which will separate Internet merchants from users' bank accounts. To protect sensitive account information, RSA Data Securities will provide encryption to scramble the data, allowing only those who have a special software "key" to read it. Customers and their banks will hold the keys. In addition, Cybercash is discussing licensing with David Chaum, president of Digicash Inc., a key patent holder for digital-cash technology. Digicash emphasizes anonymity: A merchant is told only whether the cash is available, not who is paying. Other security measures must be taken. On the Internet, users can veil their identities or steal access accounts masquerading as someone else. Backers of RSA and CommerceNet, which posts business and product information on the Internet, are working on tools to verify user ID and keep payment requests private and tamper-proof. Even with those measures, however, CyberCash executives concede it will take some potent powers of persuasion to get the banks on board. "There is no security on the Internet," says Dan Schutzer, president of the Financial Services Technology Consortium, a group of major banks. "Your conversations can be tapped, your passwords can be obtained, and your credit card number can be filched. Clearly, it's there for the reading for a clever hacker." WSJviaNewsEDGE Copyright (c) 1994 Dow Jones and Company, Inc. Received via NewsEDGE from Desktop Data, Inc. Tickers: AAPL AMER BAC CCI TNSI Subjects: BNKM BANK TLCM COMP FIN ICSO SOFT ICS LICN NPRD SBUS INDG CA NOAM NY USA VA WSJ Page: B1 WS: Wall Street Journal From bshantz at spry.com Wed Sep 14 07:55:30 1994 From: bshantz at spry.com (Brad Shantz) Date: Wed, 14 Sep 94 07:55:30 PDT Subject: Is cypherpunks archived somewhere? Message-ID: <9409141453.AA18741@homer.spry.com> On Wed, 14 Sep, Phil Karn wrote: >Is the cypherpunks list being automatically archived where it can be >retrieved by anonymous FTP? The list is not automatically archived. Robert Hayden had been keeping a "digest" version on his machine. That was until the university he's at pulled the plug for stupid reasons. Right now, Robert is fighting to get his machine back up and running. Maybe he'd be willing to keep the digest again if the machine gets back up. Until then, anyone have any suggestions? Brad >>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<< Brad Shantz bshantz at spry.com Software Engineer Main #: (206)-447-0300 SPRY Inc. Direct #: (206)-442-8251 316 Occidental Ave FAX #: (206)-442-9008 2nd Floor Seattle, WA 98104 WWW URL: http://WWW.SPRY.COM ------------------------------------------------------------- >>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From sommerfeld at orchard.medford.ma.us Wed Sep 14 08:17:12 1994 From: sommerfeld at orchard.medford.ma.us (Bill Sommerfeld) Date: Wed, 14 Sep 94 08:17:12 PDT Subject: alleged-RC4 In-Reply-To: <199409131806.LAA05147@jobe.shell.portal.com> Message-ID: <199409141503.LAA00499@orchard.medford.ma.us> Actually, in looking at the assembly code generated by three different compilers (GCC on i386, GCC on PA, and HP's PA compiler), strangely enough, the `% 256' should be `& 0xff' (it shaves a few instructions off the inner loop for some reason which isn't immediately apparant to me..). On the PA, I got a ~30% speedup by unrolling the inner loop 4x, assembling the pad into an `unsigned long', and doing one 4-byte-wide XOR with the user data. I think most of the speedup comes from giving the instruction scheduler more instructions to reorder to avoid load-store conflicts. Your milage will vary on other architectures. - Bill From hayden at krypton.mankato.msus.edu Wed Sep 14 08:19:19 1994 From: hayden at krypton.mankato.msus.edu (Robert A. Hayden) Date: Wed, 14 Sep 94 08:19:19 PDT Subject: Is cypherpunks archived somewhere? In-Reply-To: <9409141453.AA18741@homer.spry.com> Message-ID: On Wed, 14 Sep 1994, Brad Shantz wrote: > The list is not automatically archived. Robert Hayden had been keeping a > "digest" version on his machine. That was until the university he's at pulled > the plug for stupid reasons. Right now, Robert is fighting to get his machine > back up and running. Maybe he'd be willing to keep the digest again if the > machine gets back up. Until then, anyone have any suggestions? It is my belief that I will be able to get my machine up and running within the next few working days. At that time I will re-coordinate with Eric and start keeping digests of the cypherpunks lists and those archives will be available to the public via mail-server. ____ Robert A. Hayden <=> hayden at krypton.mankato.msus.edu \ /__ -=-=-=-=- <=> -=-=-=-=- \/ / Finger for Geek Code Info <=> I do not necessarily speak for the \/ Finger for PGP Public Key <=> City of Mankato or anyone else -=-=-=-=-=-=-=- (GEEK CODE 2.1) GJ/CM d- H-- s-:++>s-:+ g+ p? au+ a- w++ v* C++(++++) UL++++$ P+>++ L++$ 3- E---- N+++ K+++ W M+ V-- -po+(---)>$ Y++ t+ 5+++ j R+++$ G- tv+ b+ D+ B--- e+>++(*) u** h* f r-->+++ !n y++** From sommerfeld at orchard.medford.ma.us Wed Sep 14 08:36:57 1994 From: sommerfeld at orchard.medford.ma.us (Bill Sommerfeld) Date: Wed, 14 Sep 94 08:36:57 PDT Subject: alleged-RC4 In-Reply-To: <199409140402.VAA26572@jobe.shell.portal.com> Message-ID: <199409141522.LAA00525@orchard.medford.ma.us> I agree; this cypher should definitely be handed a unique key each time it is used. However, you can do this pretty easily for file encryption, too.. Generate and store an "initialization vector" with each file of cyphertext. Instead of passing the user key directly to RC4, you instead pass a hash (MD5 or SHA) of the user key concatenated with the IV. If you don't have room to store the IV's, you could use some position-dependant information (e.g., per disk ID plus disk block number or file inode number) instead. - Bill From adam at bwh.harvard.edu Wed Sep 14 08:44:27 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Wed, 14 Sep 94 08:44:27 PDT Subject: Running PGP on Netcom (and Similar) In-Reply-To: Message-ID: <199409141543.LAA25195@bwh.harvard.edu> | > > Then, when logged in from a line being sniffed, you would | > >invoke PGP -1es ..., and when prompted for your pass phrase you would | > >enter 800/something-ugly-that-md5-makes. PGP would then md5 this 200 | > >times, and you'd have demonstrated your knowledge of your passphrase | > >without ever sending it over a line. Clearly, PGP would need to store | > >the fact that you had used #800, and only accept lower numbers. | I can see how this gets around the problem of sending cleartext | passphrases over a network, but how does it help stop the problem of the | remote system running a keystroke log that is handed over to the | authorities during a bust? Armed with 800/some-number they can just type | the same thing into PGP (or a modified copy) and decrypt the files that | you were keeping on-line. If they are logging everything, then they have the output of your PGP-decryptions. Unavoidable. If all they have is the 800th md5 of your passphrase, then they have a $10m route of attack. PGP will reject the 800th+ md5 of your passphrase. They need the 799th or lower to get your key. The 800th will be rejected by PGP as already used. (It would have to be hashed into your keys somehow to avoid the attackers from just resetting the number. They might be able to do that with backup tapes, old copies of your keys, etc.) This addresses some attacks; those based on network sniffing. Attackers with more resources, such as law enforcement, are inconvinienced, perhaps greatly, but not thwarted. J. Random Cracker using network sniffing is thwarted, and I think that in itself is worthwhile. Adam From MINITERS at Citadel.edu Wed Sep 14 09:06:54 1994 From: MINITERS at Citadel.edu (Syl Miniter 803-768-3759) Date: Wed, 14 Sep 94 09:06:54 PDT Subject: Noninteractive use of PGP 2.6 _help requested Message-ID: <01HH3OEZ0L928Y5PAO@Citadel.edu> I would like to know how to set up PGP 2.6 UNIX so that I can filter(ELM) mail through PGP from the filter without being signed on the(remote) system. I believe that the path variable is involved($PGPPATH). The ELM filter works fine while I am physically signed on but stops encrypting when I send mail to the filter from a remote account. Presumably the program looks at the "current"directory for public key files---/usr/local/bin/pgp and the keys are really in my personal account /usr/homef/me/.pgp. I am NOT UNIX expert so if you send a response a 4th grade programming level explanation will not be viewed as "playing down" I am assuming I can use "setenv $PGPPATH =/usr/homef/me/pgp" in csh and that will work while I am logged into the account. Question (I think)is how to provide a path statement while I am not signed on and have th csh-ell active. Some sample statements are helpful. BTW the same question is interesting for Procmail and I would apprecitae some recipes from the cyphercognoscenti for this problem regards,Syl From pjm at gasco.com Wed Sep 14 09:08:54 1994 From: pjm at gasco.com (Patrick J. May) Date: Wed, 14 Sep 94 09:08:54 PDT Subject: Is cypherpunks archived somewhere? In-Reply-To: <199409140915.CAA01162@unix.ka9q.ampr.org> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Phil Karn writes: > But something has to give. The list is just too high-volume, and the > signal-to-noise ratio is now below -1.6 dB. It's just not worth it. > It's a major reason why I always seem to run as much as a week behind > on my mail. In the past I've seen mention of using extropian-list-style software to enable recipient control of which threads to receive. Is this a possibility? (And, yes, you may consider this an offer of some time to help set it up and/or test it, if I may be of use.) Regards, Patrick May pjm at gasco.com -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCUAwUBLncfuRByYwhWPvz1AQEHhQP3U93lCxz58Hg0CEopEZ7utoOsf0IUt/25 d0eZ2EA7Lc2+WzOq6eAoFbmv+vuJdEx57w5M+18Pv8uw5YnWEWGQ4C6V2arhVwpo XPca5ZoMiCiyyTYlq6OIxQL0472PNm5xVtiN0b+WSmbGpsLFBkE+mFktJduqGAa/ Du09kxL7mw== =5EZY -----END PGP SIGNATURE----- From talon57 at well.sf.ca.us Wed Sep 14 09:14:21 1994 From: talon57 at well.sf.ca.us (Brian D Williams) Date: Wed, 14 Sep 94 09:14:21 PDT Subject: EFF's DIGICASH Archive Message-ID: <199409141614.JAA11950@well.sf.ca.us> compiled by Stanton McCandlish EFF Digital Money & Online Commercial Transactions Archive Index of: ftp.eff.org, /pub/EFF/Policy/Privacy/Crypto_Clipper_ITAR/Digital_money/ gopher.eff.org, 1/EFF/Policy/Privacy/Crypto_Clipper_ITAR/Digital_money http://www.eff.org/pub/EFF/Policy/Privacy/Crypto_Clipper_ITAR/Digital money/ chaum_privacy_id.article - David Chaum's August 1992 article from Scientific America describing "blind signature' technology and the possibilities of enhanced digital privacy. Such technology is behind Chaum's "DigiCash" e-money system. david_chaum.biblio - a 1994 list of publications by David Chaum, "the father of digital money", and strong proponent for online transaction systems that are anonymous and cryptographically secure. digicash.brochure - a 1994 brochure describing what DigiCash is. digicash.gif - the DigiCash logo. This is a GIF-format graphic file. digicash.announce - May 1994 press release hailing digicash as the first online cash payment system over computer networks. double_spend_finney.notes - October 1993 notes from a mailing list describing Chaum's digital cash in lay terms, focussing on the "double spending" problem that has so far crippled attempts to institute online transactions by others. By Hal Finney. ecash.gif - an "E-Cash" logo graphic (intended for use by merchants that accept DigiCash). magic_money.announce - may 1994 description of Magic Money V1.1 with autoclient and multiserver capability. This is an Internet-based digital money system. online_banks.info - a listing of online banks worldwide, books about online banking and a description of why online banking increases the privacy of individuals. online_cash_chaum.paper - Chaum's 1993 article describes 3 ways to make online cash exchange work. prepaid_smartcard_chaum.article - Chaum's 1994 paper explaining the technique of prepaid smartcards which contains stored value (in terms of dollars) which a user might exchange with a vendor rather than cumbersome cash. secure_newsgroup.paper - Marc Rinquette's August 1992 article on implementing electrocnic cash using secure newsgroups. visa_e-purse.announce - 1994 article and commentary discussing "electronic purse" proposal from Visa. From mech at eff.org Wed Sep 14 09:40:32 1994 From: mech at eff.org (Stanton McCandlish) Date: Wed, 14 Sep 94 09:40:32 PDT Subject: DigTel: EFF Hearing Summary - House Telecom. Subcmte. - Sept. 13, 94 Message-ID: <199409141637.MAA10559@eff.org> EFF HEARING SUMMARY September 14, 1994 ========================================================================== HOUSE TELECOMMUNICATIONS SUBCOMMITTEE CONSIDERS DIGITAL TELEPHONY PROPOSAL OVERVIEW -------- On Tuesday September 13 the House Energy and Commerce Subcommittee on Telecommunications and Finance held a hearing to examine the Digital Telephony legislation. The bill (H.R. 4922/S. 2375), introduced in August by Representative Don Edwards (D-CA) and Senator Patrick Leahy (D-VT), would require telecommunications carriers to ensure that advanced technology does not prevent law enforcement from conducting authorized electronic surveillance. Tuesday's hearing focused mainly on questions of cost. More specifically, whether all future costs associated with law enforcement surveillance capability should be borne by private industry or the government. Witnesses appearing before the panel: Louis Freeh, FBI Director Tom Reilly, Middelsex County (Mass) District Attorney Richard Metzger, FCC Common Carrier Bureau Chief Daniel Bart, Telecommunications Industry Association (TIA) V.P. Jerry Berman, Electronic Frontier Foundation (EFF) Policy Director Roy Neel, United States Telephone Association (USTA) Pres. & CEO Thomas Wheeler, Cellular Telecommunications Industry Association (CTIA) Pres. TIA's Dan Bart and USTA's Roy Neel joined EFF's Jerry Berman in questioning the necessity of any digital telephony legislation, expressing concern that the FBI has not adequately substantiated its case that its surveillance efforts are being frustrated by advanced telecommunications technologies. However, all agreed that the Edwards/Leahy bill is substantially improved over previous FBI proposals, noting its increased privacy protections, prohibition of government design authority, and requirements for public processes. On the issue of cost, TIA's Bart, USTA's Neel, and CTIA's Wheeler all argued that forcing industry to incur compliance costs may slow technological innovation and the development of the NII. EFF's Berman also argued for government reimbursement, adding that, "if the telecommunications industry is responsible for all future compliance costs, it may be forced to accept solutions which short-cut the privacy and security of telecommunications networks". He further noted that linking compliance to government reimbursement has the benefit of providing public oversight and accountability for law enforcement surveillance capability. FBI Director Freeh stated that passage of the digital telephony legislation this year is a "drop-dead issue for us", and praised the telecommunications industry for their cooperation and good faith efforts to craft a balanced compromise. While acknowledging that the costs associated with meeting the requirements of the legislation remain a significant issue, Freeh indicated that this question should be left to Congress to determine. Many Subcommittee members, apparently swayed by the FBI's intense lobbying campaign for the bill (which included many personal visits by the FBI Director), praised the privacy protections in the legislation and committed themselves to working through the remaining issues in order to pass the bill this year. As Subcommittee Chairman Edward Markey (D-MA) stated in his opening statement, the task of the Subcommittee is to "come up with a policy that 1) protects the privacy interests of our citizens, 2) is mindful of the limited financial resources of taxpayers or ratepayers, 3) meets the legitimate needs of law enforcement, and 4) does not unduly interfere with our telecommunications industry, which is racing to the future with advances in communications technology". COST -- WHO PAYS FOR LAW ENFORCEMENT CAPABILITY? ------------------------------------------------ At issue are the provisions in the legislation that require telecommunications carriers to deploy features and services which enable law enforcement to conduct authorized electronic surveillance. The current bill authorizes $500 million to cover the cost of upgrading existing equipment during the first 4 years after the bill is enacted. Carriers would be required to modify their equipment, at the governments expense, or face fines of up to $10,000 per day for each day in violation. Although the FBI maintains that $500 million is enough to cover all upgrade costs, the industry has repeatedly stated that the costs will be five to ten times higher. The industry is requesting that their liability under the bill be linked to government reimbursement -- that the government should get what it pays for and no more. After four years, the bill stipulates that carriers must ensure that all new features and services meet the wiretap requirements. The FBI has argued that future compliance costs will be minimal, because these costs will be addressed at the design stage and will be spread throughout the industry. The industry maintains it is impossible to estimate compliance costs for technologies which are not even on the drawing boards. If the costs are substantial, as industry believes, forcing industry to incur those costs may slow the deployment of advanced technology to the public. Therefore, the industry believes that the government should be responsible for all future compliance costs. PUBLIC ACCOUNTIBILITY OF LAW ENFORCEMENT SURVEILLANCE COSTS IS ESSENTIAL ------------------------------------------------------------------------ Many members of the Subcommittee stated that law enforcement's ability to conduct electronic surveillance is an important public good which must not be denied by advances in technology. However, Subcommittee members also stressed that the privacy and security of the American public must be balanced against the legitimate needs of law enforcement, and that the current bill in no way expands the authority of law enforcement to conduct electronic surveillance. Both FBI Director Freeh and Middelsex County (Mass) District Attorney Reilly noted that electronic surveillance is an essential and vital tool for law enforcement, and that public safety will be placed in jeopardy if that ability is hindered. As EFF's Berman stated, the current legislation incorporates significant new privacy protections, and, in terms of privacy, is substantially improved over previous FBI proposals. Among the privacy protections in the current bill, Berman noted: * The standard for law enforcement access to online transactional records is raised to require a court order instead of a mere subpoena * Law enforcement may not require the capability to receive information which reveals the location or movement of a subject from dialed number information. * Information revealed by pen register devices (equipment which captures numbers dialed) cannot reveal any information beyond the telephone number dialed. Law enforcement is prohibited from receiving any additional information which may be captured (such as transactions with a bank). * The bill does not preclude a citizen's right to use encryption * Privacy interests will be integral to the design process. Just as law enforcement gains the ability to specify wiretap capability,the bill requires that privacy interests are incorporated when technical standards are developed. * Privacy groups and other concerned citizens are granted the right to intervene in the administrative standard setting process if they feel that privacy and security are not being adequately addressed * Law enforcement gains no additional authority to conduct electronic surveillance. The warrant requirements specified under current law remain unchanged Berman argued that the important privacy protections in the bill turn on the question of cost. Asking government to cover compliance costs is the only way to ensure that industry dose not short-cut privacy by accepting more invasive solutions; that the law enforcement surveillance expenditures are accountable to the public, and; that industry will continue to offer advanced technologies. "In our view," Berman said, "the public interest can only be served if the government assumes the risk and pays the cost of compliance". The Next Steps -------------- The bill is expected to be considered at a markup of the House Judiciary Committee on September 20. The Senate Judiciary Committee is expected to consider the bill shortly thereafter. The House Energy and Commerce Committee may also hold a markup on the legislation, although no decision has been made. Access to Related Documents --------------------------- Documents from Tuesday's hearing, including Jerry Berman's testimony, will be placed in EFF's online archives. Berman's testimony is located at ftp.eff.org, /pub/EFF/OP/eff_091394_digtel_berman.testimony/ gopher.eff.org, 1/EFF/OP, eff_091394_digtel_berman.testimony http://www.eff.org/pub/EFF/OP/eff_091394_digtel_berman.testimony/ BBS: +1 202 638 6119 (8-N-1), file area: Privacy--Digital Telephony, file: EFF91494.TES For the text of the Digital Telephony legislation, related documents, and more testimony (when available), look in the same areas. -- Stanton McCandlish
mech at eff.org

Electronic Frontier Fndtn.

Online Activist From mech at eff.org Wed Sep 14 10:15:13 1994 From: mech at eff.org (Stanton McCandlish) Date: Wed, 14 Sep 94 10:15:13 PDT Subject: EduPage note on CyberCash "digital purse" e-money rollout Message-ID: <199409141715.NAA12236@eff.org> Any more info on this appreciated. >From EduPage, 09/14/94: "PAYDAY ON THE INTERNET A new company called CyberCash hopes to break the impasse in conducting commercial transactions over the Internet by offering a secure electronic payment system. "We want to make the Internet safe for commerce... and provide safe passage from cyberspace into the banking world," says the company's president and co-founder. CyberCash will allow users to ask their banks to set aside money in a "digital purse." The funds are then transferred to the merchant when an item is purchased. CyberCash would receive a small fee for each transaction. The company is still working on security measures, and must persuade banks that the system protects privacy and is tamper-proof. (Wall Street Journal 9/13/94 B1)" -- Stanton McCandlish


mech at eff.org

Electronic Frontier Fndtn.

Online Activist From cactus at bb.com Wed Sep 14 12:01:25 1994 From: cactus at bb.com (L. Todd Masco) Date: Wed, 14 Sep 94 12:01:25 PDT Subject: DT Summary Message-ID: <199409141906.PAA16320@bb.com> ------- Start of forwarded message ------- Date: Tue, 13 Sep 1994 23:05:49 -0700 From: "Brock N. Meeks" To: cwd-l at cyberwerks.com Subject: CWD Put Up or Shut Up CyberWire Dispatch // Copyright (c) 1994 Jacking in from the "Riding A Straw Horse" Port: Washington, DC -- If the government can't guarantee it will pay your telephone company for the full cost of making it easier to wiretap your conversations, you could end up paying for it on your phone bill. Unlike the bogus "modem tax" of urban legend fame, the costs of paying to implement the Digital Telephony bill could eventually led to a kind of "digital wiretap tax." No, this is no joke. And it's closer than you think. The idea of a kind of wiretap surcharge tax, which would be imposed on all phones, was a scene in the sub-text of an often edgy Congressional hearing Tuesday held to flesh out the problem areas of the FBI's bastard child: The Digital Wiretap Bill. The House Telecommunications & Finance Subcommittee rounded up the usual suspects are generally grilled them on two specific issues: What will this cost? How the hell are we going to pay for it? Rep. Alex McMillan (R-N.C.) went so far as to suggest that a special "Anti-Crime Surcharge" tax be levied on every single phone in the U.S. to help pay the cost of installing wiretap software throughout the U.S. "I think that the American public would be willing to pay this," he said with a straight face. The crux of the problem is that the FBI insists that the $500 million currently authorized to pay for all these wiretap software modifications is enough. When that pot of money runs out, "it's not really a concern of mine" who ends up paying, said FBI Director Louis Freeh, the corners of mouth curled ever so slightly in an almost Bruce Willis trademark smirk. But from industry's standpoint, the $500 million is "chump change" as one telephone executive whispered into the ear of his blonde companion during the hearing. Although $500 million "is hardly chump change," as Freeh later said, the economics here suck, no matter whose calculator you use. There are less than 1,000 wiretaps done each year, according to official Justice Dept. statistics. The government is giving the telephone companies $500 million and 4 years to complete the entire rewiring of America. You do the math. You're going to pay $125,000 *per* wiretap per year for the next four years. That's a lot of coin to pony up in light of the fact that last year state prosecutors "determined that only 20 percent of all [wiretapped] conversations were relevant" to on-going investigations, according to the Electronic Privacy Information Center (EPIC). At the Federal level, EPIC says, "only 17 percent were relevant." As the bill stands now, your $500 million will have to cover all the software and hardware modifications necessary to make your local telephone line "wiretap ready." It doesn't matter if you live in New York City, where the majority of wiretaps are issued to eavesdrop on guys with names like "Big Tony" or "Nick the Weasel" or in Blue Balls, PA, where there probably hasn't been a legal wiretap officially issued in decades -- the FBI wants its wiretap access to be universal and complete within 4 years, 6 at the outside. The actual cost to implement this bill is more along the lines of "billions" according to Roy Neel, president of the United States Telephone Association (USTA) and who, in another life was on the staff of Vice President Gore and served at the Cabinet level in the early months of the Clinton White House. Neel gave the example of the giant phone company BellSouth, which hasn't been cooling its jets waiting for this bill to pass. These guys have already been out getting estimates on how big a financial hit they'll take if the bill passes, Neel said. Answer: $138-$247 million for its wireline business only. And that's only one of the Seven Sisters of Our Lady of the Dial Tone. Don't forget the country's biggest local phone company, GTE, which also happens to still have a large installed base of outdated and in some cases, antique telephone switches. Then there are the 1,100 or so "mom and pop" telephone exchanges in rural areas. These smaller exchanges also will have to upgrade their systems. No one escapes. Why? Well, hell, if you're the FBI you just never know when you'll have to, say, oh... go to all the trouble of flying into some small Texas town and roll out the armored personnel carriers and firebomb the plywood compound of a religious wacko. So, just in case that shit happens again, the FBI wants to be able to listen in when the Religious Head Wacko growls on his cellular phone: "Jimmy, bust out the scatter-guns. God and an informant just told me the Feds are coming to reap their heavenly rewards." Trust Us. We'll Pay. No, Really. ================================== FBI Director Freeh admits there's no way to nail down the actual cost. "But it may turn out that it's significantly less than $500 million." That's what he desperately wants you to believe. It's a fantasy. The National Association of Regulatory and Utility Commissioners estimates that telephone companies spent $1 billion per year on software modifications alone. USTA's Neel testified that one of his association's member company's "with only moderate law enforcement obligations" ends up spending some $3.7 million yearly to handle more than 100,000 subpoenas. "These expenditures of time an personnel are borne by the companies alone, without government reimbursement, even though the companies frequently request compensation," Neel said. When it comes to paying up, the government has a poor repayment record, Neel implies. There's no reason to believe the government will actually repay the telephone companies for all their costs, even though required to, Neel said. This is because the language of the bill is too ambiguous, he said. Such ambiguity lead Thomas Wheeler, president of the Cellular Telecommunications Industry Association (CTIA) to call the bill "substantively sound but fiscally flawed." He called the bill an "unfunded mandate" in which the government demands require cellular telephone companies "obey and spend" the money to install the wiretap software,"then we'll see if we can reimburse you." When the Well Runs Dry ====================== If the money runs out, who pays? That's what Rep. Rick Boucher (D- VA) wanted to know. "I'm persuaded that these costs should be borne by the government," he said. Otherwise, it's the ratepayers that get stuck with the bill or it's industry themselves, which will only drain money from implementing emerging technologies which would slow down deployment of the information superhighway, which would leave it up to cable companies to develop and then... god help us... Boucher asked FBI's Freeh what happens if Congress fails to even give him the original $500 million. "I doubt that Congress would pass on the opportunity to make sure that our children were safe from terrorists," Freeh said. But Boucher came right back: "I wouldn't be surprised if appropriated funds don't make it... we have enough problems here coming up with money for discretionary programs." Rep. Ron Wyden (D-Ore.) said the bill should be amended to assure that if the money runs out there's no "hidden wiretap tax" imposed on the American public. He said the issue is one of "accountability." By making sure government pays, it means that someone has to track the spending, "making sure that we don't legislate a blank check." He said if the cost after 4 years is passed on to the telephone companies, state regulators would probably allow the costs to be passed on to the customers as "a legitimate business expense." And Still No Pressing Need =========================== Freeh calls the passage of the wiretap bill a "drop dead issue" for law enforcement. In Tuesday's testimony he continued to ride the straw horse of probable cause. Freeh, again, trotted out an "informal" FBI study that had identified 183 instances where FBI wiretaps have been "frustrated" by digital technologies. But when Dispatch pressed Freeh for details on these 183 instances of "wiretap frustration" (covertus interruptus), he admitted that "most" of those instances weren't officially wiretaps at all. Of those 183 instances, 30% were caused by the cellular company not having enough physical connections to allow the Bureau to borrow into the cellular switch. Easy - -- but expensive -- fix: Buy more ports for the cellular switch. The next level of "problems" came from "the inability to capture dialed digits," Freeh said. "Do you mean pen registers, as in, the things that don't need a court order to get?" Yes, Freeh said. Of the 183 "wiretap" problems caused by digital technology, about 19% were pegged to pen register problems. The "other" category took home the rest of honors and included other non-wiretap technologies used by the FBI, such as "trap and trace." USTA's Neel said, for what must be the 1000th time now: "We know of no instance where a court authorized wiretap has been thwarted by digital technologies." Hey, Boss? The Mafia Wants To Rent Office Space =========================== Another area of contention is that this bill doesn't cover every single telecommunications company. USTA wants it to cover everyone from the makers of answering machines to your local Internet provider. The FBI would like this too, however, they realized this was politically more capital than they had to spend during this congress. Even so, the FBI found an unlikely ally in the process: The Electronic Frontier Foundation (EFF). At the end of the previous hearing on this bill, FBI Director Freeh patted EFF Policy Director Jerry Berman on the shoulder and said: "Who would have thought, two years ago, that we'd be collaborating like this." And Tuesday, the subcommittee Chairman Markey (D- Mass.) thanked EFF for "brokering" a tough compromise among all interested parties. In all fairness, the EFF was able to broker stronger privacy protection for electronic communications and kept -- for now -- all online services out of the grasp of this bill. But the bill still treats some networks differently. Mainly, these are "shared tenet" networks, which are phone systems such as those strung together between buildings. These private networks handle all their own calls, billing, etc. Sometimes they can be huge, dwarfing the majority of rural telephone companies in both scope and technology. The World Trade Center is an excellent example. The WTC's network is exempt under this rule. The FBI can't wiretap it, or so it would appear. Why? Because it's digital and private and oh shit... "This creates a safe haven for criminals," says USTA's Neel. Indeed, even the FBI's Freeh admits that some criminals will be able to go "off network," allowing "a part of the sophisticated criminal world" to not be covered under this bill. Are you getting this? All a criminal has to do then, is, say, set up offices in the WTC and chatter away all they want because the FBI can't wiretap their phones because these networks won't be required to install the software! But Freeh was quick to point out that "we feel that the majority of our dangerous criminals fall under the universe of this bill's coverage." So, What the Hell Does the Public Want? ====================== Freeh is convinced that you will support this bill. It's all a matter of perspective, he said, a kind of syntactical slight of hand: "Ask the American public if they want an FBI Wiretax and they'll say 'no.' If you ask them do they want a feature on their phone that helps the FBI find their missing child they'll say, 'Yes.'" But in fact, statistics complied by the Justice Department seems to indicate otherwise. In 1991, the latest year figures are available, most Americans, across all age groups, disapproved when asked the question: "Everything considered, would you say that you approve or disapprove of wiretapping?" Some 67% of all 18-20 year olds gave the thumbs down, as did 68% of the Gen-X crowd (and Newsweek said these kids were confused...). Boomers disapproved of wiretapping almost 3-to-1 while 67% of those 50 and over disapproved. Yep, it's a "drop dead issue" alright. Meeks out... ------- End of forwarded message ------- From cme at tis.com Wed Sep 14 12:34:08 1994 From: cme at tis.com (Carl Ellison) Date: Wed, 14 Sep 94 12:34:08 PDT Subject: minor disagreement at the CSSPAB meeting this a.m. Message-ID: <9409141931.AA00941@tis.com> The CSSPAB is having an open meeting today and tomorrow at the Gaithersburg Hilton. I happened to be there to hear an interesting exchange. (Those in the area might want to drop by tomorrow to sit in. (Tomorrow's agenda: Gov't email, reaction to public meeting on NII security; Congressional privacy & security; tax systems; NIST activities; public comment (sign up in advance with the secy))) ============================================================================== Lynn McNulty of NIST was giving a summary of the KEA (Key Escrow Alternatives) meeting of Aug 17. One of his summary lines was to the effect that industry believed there was a "significant market for escrow products". William Whitehurst of IBM, who had been at the KEA meeting, raised his hand to disagree with that statement. As he remembered it, industry believed there was a significant market for encryption and that it was an international market and that we (the US) were in danger of being left in the dust by foreign competition -- but that there was no market at all for escrow encryption. Steve Walker of TIS seconded Whitehurst's observation. Lynn replied that they were saying the same thing because the government won't allow export of encryption without key escrow therefore there's a big market for escrow products. ============================================================================== Makes lots of sense, doesn't it??? :-| - Carl From cme at tis.com Wed Sep 14 12:36:06 1994 From: cme at tis.com (Carl Ellison) Date: Wed, 14 Sep 94 12:36:06 PDT Subject: TIS SKE paper by ftp Message-ID: <9409141933.AA01080@tis.com> anonymous FTP to ftp.tis.com /pub/crypto/ske will give TIS's SKE paper with figures (in sep. files). From tcmay at netcom.com Wed Sep 14 13:03:46 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 14 Sep 94 13:03:46 PDT Subject: The Importance of Filtering In-Reply-To: Message-ID: <199409141915.MAA19709@netcom11.netcom.com> The filtering/reptuations/volume issue has come up again. And a couple of people are planning "reputation servers." I applaud them for the effort, but I don't see them as needed for our list, right now. That is, I don't plan to use them. * what most people need are tools to filter out messages they don't want to read. As we don't yet have quasi-intelligent agents that can do this for us, this generally involves: - filtering based on thread - filtering based on author * having these tools is more important to me than having a database of what other people think about other people (reputation data bases). There are several approaches: * Unix kill-files, for those with the shells that support them * Eudora-type filtering (ironically, Eudora is sold by Qualcomm, Phil Karn's company), which allows various kinds of sorting. * Extropians-style filtering, now being developed as a commercial product by Harry Shapiro and Ray Cromwell. (To be clear about things, Hugh Daniel, Eric Hughes, etc., expressed their willingness to install the Extropians-style software shortly after it became available, almost 2 years ago. Various delays ensued, then the offer by the authors was put in limbo, then the commercialization phase ensued.) * Anyone can operate a refector for the list, as per several statements on this. Hal Finney, for example, offered (offers?) an encrypted-only version. My point: someone could set up a filtering service, a digester, whatever, and others could subscribe. (Yes, Robert Hayden did this for a few weeks. While it may not have been his "fault" that it went down, it shows the generally flaky and catch-as-catch-can nature of so many part-time, hobbyist systems. Like the remailers that go down when the laptop running it gets taken to Spain for the summer :-}. A "for profit" service, at some quarterly fee and with a contractual relationship to continue service, is a better long-term approach.) I sympathize with the concerns of Phil Karn and others, but let me give a warning about this. The Extropians list, when I was on it, had about the same volume at its peak that we now have, about 50-100 messages a day. Much debate about S/N ensued, much talk about charging a fee for posting, about setting up quotas, about about official reputation markets. At least 20% of all list traffic in some weeks was devoted to kvetching about this problem. A "reputation market" called the Hawthorne Exchange was set up, as discussed here by Hal Finney (and also by me in my FAQ..grep for Hawthorne or HEx). Even more jawboning went on. And then of course there what the new list software. This allowed folks to exclude authors, threads, etc., at the _point of distribution_. Is this a good idea.? Well, if one excluded 10% of the traffic, then it would "save" having to receive 5-10 messages a day. Big deal. I used the ExI software, and found it an interesting experiment, but I can't say it save me any real effort. The effort of sending the filtering message to the list site, hassling with the formats, etc., clearly outweighed the tiny effort it would have taken to manually press "d" to delete the messages when then appeared. I also found it useful to at least spend the 2-5 seconds to see what was being talked about before pressing "D." (A side issue: Whatever seconds were saved by the distribution-point filtering (and I haven't mentioned the CPU time required...an issue for us to consider with 700 list members) on the Extropians list were often negated for the others by people asking "What are you talking about?" or "Could someone send me Joe's posting on foo--I had him in my ::exclude file.") In other words, I find just being real fast on the "D" key is my best way to cope with list volume. Your mileage may vary, but I doubt that the Extropians-style software is going to help much...I used it, and my experiences are what I just described. Filtering is the wave of the future. Paul Baclace, sometimes on this list, was working on filter agents for Usenet that could learn preferences. And I've seen such things with WAIS. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From pstemari at bismark.cbis.com Wed Sep 14 13:09:04 1994 From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) Date: Wed, 14 Sep 94 13:09:04 PDT Subject: DT Summary In-Reply-To: <199409141906.PAA16320@bb.com> Message-ID: <9409142007.AA14561@focis.sda.cbis.COM> > There are less than 1,000 wiretaps done each year, according to official > Justice Dept. statistics. The government is giving the telephone companies > $500 million and 4 years to complete the entire rewiring of America. Well, perhaps that should read _legal_ wiretaps. At least one defense lawyer that I'm aware of over on the Well has asserted that "anonymous informant"'s are frequently (usually?) illegal wiretaps. This skews the economics enormously and simultaneously explains the true "urgency" of this proposal and the desire for remote LE access (originally without TPC support). It also ties in nicely with the denial of legal protection for violations of key escrow in the Clipper proposal. Paul From m5 at vail.tivoli.com Wed Sep 14 13:10:38 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Wed, 14 Sep 94 13:10:38 PDT Subject: TIS SKE paper by ftp In-Reply-To: <9409141933.AA01080@tis.com> Message-ID: <9409142010.AA15568@vail.tivoli.com> Carl Ellison writes: > anonymous FTP to ftp.tis.com /pub/crypto/ske will give > TIS's SKE paper with figures (in sep. files). The tarfile in that directory is labelled with a .Z extension; it's not compressed (or else Mosaic is smarter (or stupider) than I thought!) | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From frissell at panix.com Wed Sep 14 13:22:49 1994 From: frissell at panix.com (Duncan Frissell) Date: Wed, 14 Sep 94 13:22:49 PDT Subject: US Fascist Dictatorship? Message-ID: <199409142021.AA03068@panix.com> So is the US about to grab all the guns, seal the borders, make foreign trade a crime, and change the color of the money? Some posters here seem to think that we are moments away from a full Nazi/Commie style totalitarian state. Is this likely? Even in the more coventional areas of political discourse, there seem to be people who think that we can -- for example -- "seal the borders." Do any of these people happen to know how many people cross US borders each year? Would you believe 40,000,000! It seems unlikely that we can go from 40 million to zero without some problems. This is travel in both directions of course. Most of the crossings are of the US-Canada and US-Mexico borders. Mexican, US, and Canadian citizens have equal rights to cross each other's borders with minimal documentation. The New York Times is doing a series this week on how hopelss the INS is at any part of its job. How it is totally demoralized, unable to deport more than a few of even the felonious aliens living in the US, and unable to even answer its phones when its boss (the Butcher of Waco) calls. "Nobody wants to do his case because he is believed to carry a weapon and be dangerous." -- Deportation agent speaking of a felon they deported so that the New York Times could watch. This was a guy they picked up at his employer whose name they got from his INS file. He was shipped off to Nicaragua and promised to be back in a week. Each Deportation Officer has 4,000 cases assigned and is allowed to deport about one alien a month. You do the math. Note that the DDR was better than most countries at sealing its border but it still failed. It is no longer with us. The fgailure of border sealing shows the general inability of modern governments to cope with there enforcement problems. 1984 is no where in sight. DCF ************************************************************************* ATMs, Contracting Out, Digital Switching, Downsizing, EDI, Fax, Fedex, Home Workers, Internet, Just In Time, Leasing, Mail Receiving, Phone Cards, Quants, Securitization, Temping, Voice Mail. From schirado at lab.cc.wmich.edu Wed Sep 14 13:39:04 1994 From: schirado at lab.cc.wmich.edu (No Taxes through No Government) Date: Wed, 14 Sep 94 13:39:04 PDT Subject: The Importance of Filtering Message-ID: <199409142038.QAA07329@grog.lab.cc.wmich.edu> Tim May writes all sorts of stuff, and concludes: >I used the ExI software, and found it an interesting experiment, but I >can't say it save me any real effort. The effort of sending the >filtering message to the list site, hassling with the formats, etc., >clearly outweighed the tiny effort it would have taken to manually >press "d" to delete the messages when then appeared. I only disagree in the most trivial sense with this point. If you weren't required to re-establish your excludes every time they expired, it might not be such a hassle. >I also found it useful to at least spend the 2-5 seconds to see what >was being talked about before pressing "D." [...] >In other words, I find just being real fast on the "D" key is my best >way to cope with list volume. A secondary concern is that some net users do not have very much disk space available in their account, and would rather not have stuff come in in the first place. Once again, I find that if I set up my mailer to delete every C-punk message except the ones from Tim May, Sandy Sandfort, and Duncan Frissell, I get by just fine. They end up quoting people enough that I don't have a problem keeping track of threads. And I'm reasonably sure I haven't missed anything I might be interested in.  From huntting at glarp.com Wed Sep 14 13:47:46 1994 From: huntting at glarp.com (Brad Huntting) Date: Wed, 14 Sep 94 13:47:46 PDT Subject: PRIVACY REGULATIONS In-Reply-To: Message-ID: <199409142046.OAA16534@misc.glarp.com> > Can't you free yourself from jail with a writ of habeas corpus ad > subjiciendum from John Doe? But you have to know how to write one. brad From huntting at glarp.com Wed Sep 14 13:50:41 1994 From: huntting at glarp.com (Brad Huntting) Date: Wed, 14 Sep 94 13:50:41 PDT Subject: RC4 compatibility testing In-Reply-To: <9409140137.AA17743@eitech.eit.com> Message-ID: <199409142050.OAA16568@misc.glarp.com> Since RC4 is not patented, I could make a product out of this code. And then latter if it was patented I would be exempt from paying royalties on my product, no? brad From perry at imsi.com Wed Sep 14 14:00:16 1994 From: perry at imsi.com (Perry E. Metzger) Date: Wed, 14 Sep 94 14:00:16 PDT Subject: RC4 compatibility testing In-Reply-To: <199409142050.OAA16568@misc.glarp.com> Message-ID: <9409142059.AA03709@snark.imsi.com> Brad Huntting says: > Since RC4 is not patented, I could make a product out of this code. Yes. > And then latter if it was patented I would be exempt from paying > royalties on my product, no? Ahem. If an invention is successfully patented, any use you make of it requires royalties even if that use began before the patent was granted. However, RC4 is probably not patentable at this point -- unless Bidzos has a "submarine patent" in process, which I wouldn't put past him. Perry From Ron_Bardarson at smtp.esl.com Wed Sep 14 14:10:45 1994 From: Ron_Bardarson at smtp.esl.com (Ron Bardarson) Date: Wed, 14 Sep 94 14:10:45 PDT Subject: PRIVACY REGULATIONS Message-ID: Reply to: RE>>PRIVACY REGULATIONS I happen to have the text, is there interest? -------------------------------------- Date: 9/14/94 1:48 PM To: Ron Bardarson From: Brad Huntting > Can't you free yourself from jail with a writ of habeas corpus ad > subjiciendum from John Doe? But you have to know how to write one. brad From jya at pipeline.com Wed Sep 14 14:21:51 1994 From: jya at pipeline.com (John Young) Date: Wed, 14 Sep 94 14:21:51 PDT Subject: RC4 Sting, Contract Killings? Message-ID: <199409142121.RAA17428@pipe3.pipeline.com> Responding to msg by schneier at chinet.chinet.com (Bruce Schneier) on Tue, 13 Sep 8:57 AM >Ah. So the odd subject line resulted in many people >not seeing. I don't know if any US residents would be >willing to repost. I'm not. Bruce, Was the RC4 posting a sting? Will Bidzos arrange for an anonymous contract killing of every recipient? But then, is this list not a sting? So literal kill-files be implemented against the disreputable, that is, all of us? Are Tom Clancy and John Gilmore identical? Is Tim's epic FAQ the spy novel of our dreams? Yes, six times over. Wow. John From pjm at gasco.com Wed Sep 14 14:55:03 1994 From: pjm at gasco.com (Patrick J. May) Date: Wed, 14 Sep 94 14:55:03 PDT Subject: The Importance of Filtering In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Timothy C. May writes: > > I used the ExI software, and found it an interesting experiment, but I > can't say it save me any real effort. The effort of sending the > filtering message to the list site, hassling with the formats, etc., > clearly outweighed the tiny effort it would have taken to manually > press "d" to delete the messages when then appeared. Like the use of PGP, this may be due to the different tools in use. I read email using the vm package for emacs. While I was on the extropians list I found it very convenient to reply to the first message of a topic I was not interested in, modify the address, and enter the simple ::exclude message. Other tools and environments could make this more difficult. > (A side issue: Whatever seconds were saved by the distribution-point > filtering (and I haven't mentioned the CPU time required...an issue > for us to consider with 700 list members) on the Extropians list were > often negated for the others by people asking "What are you talking > about?" or "Could someone send me Joe's posting on foo--I had him in > my ::exclude file.") Good point. - ------------------------------------------------------------------------ A contract programmer is always intense. Patrick May pjm at gasco.com (public key available from servers) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLndwmhByYwhWPvz1AQHWbQP+MSM9YF0+OE1cPtDDSOUJhPyKNR3u7Zsi 9YBMH5TBTgh0TZCe6vs7EdSMXugRnvz0zvemqb0QrhVraTMbG70ecGnVZA5NP8pW NzRn1Id3jktYgXgzCvW8DDIx0YSL5apYlK2Zm43qAMpQZRWhIHeZNVRIrTtmUbJG PcagmiK2EfA= =mms6 -----END PGP SIGNATURE----- From eb at comsec.com Wed Sep 14 16:05:00 1994 From: eb at comsec.com (Eric Blossom) Date: Wed, 14 Sep 94 16:05:00 PDT Subject: OFFER: I'll filter Cypherpunks for $20. Message-ID: <199409142230.PAA12375@comsec.com> This is a blatant commercial offer. flames >/dev/null In response to the widely varying signal to noise ratio here on cypherpunks, I've begun offering a filtering service. The service is called Cypherpunks Lite, and contains what I consider to be the most relevant postings. I forward somewhere in the neighborhood of 5 - 10% of the total feed. The emphasis is on quality, not quantity. You can sign up for a one year subscription by sending a check or money order for US$20 along with your email address to: Eric Blossom 1275 4th Street, Suite 194 Santa Rosa, CA 95404 For a limited time, a two week "free trial" is available by sending a message to cp-lite-request at comsec.com with the body: subscribe cp-lite If I don't receive your money within two weeks, you'll be quietly dropped from the distribution. Thanks for your attention. From nobody at shell.portal.com Wed Sep 14 16:24:37 1994 From: nobody at shell.portal.com (nobody at shell.portal.com) Date: Wed, 14 Sep 94 16:24:37 PDT Subject: No Subject Message-ID: <199409142324.QAA29267@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- 9/13/94 Company Plans Payment System For Shopping On The Internet By Jared Sandberg Staff Reporter of The Wall Street Journal As millions of computer users browse the Internet for a burgeoning array of goods and services, most can look but not buy. That may soon change. A new company called CyberCash Inc., formed by executives from the Internet and the electronic-payment industries, plans to introduce a system that will allow on-line browsers to pay for an item, either by credit card or through bank transfers, over the global computer network. CommerceNet, a new on-line system funded by Apple Computer Inc., BankAmerica Corp. and others, expects to adopt the CyberCash system by year's end. The company has talked to America Online Inc., which has one million subscribers and to which it has close ties. By clicking a "buy" button, CyberCash users could approve electronic transfers to merchants from checking and credit-card accounts. Companies could pay invoices, and e-mail penpals could settle bets with the point of a mouse. But to do that, CyberCash must first persuade banks that the system is secure from on-line theft, which may be its toughest challenge. "I don't think there's a system that is adequately secure that has been placed on the table," says Sholom Rosen, a vice president for Citicorp, who says he isn't familiar with CyberCash. Even if one emerges, he adds, "it's going to be tough to get everybody to agree on the same system." While some companies, including Citibank, are planning their own business-to-business electronic payment systems on the Internet, CyberCash is aimed at the millions of consumer and business users who browse the Internet. "We want to make the Internet safe for commerce," says CyberCash's co-founder and president, William N. Melton, and "provide safe passage from cyberspace into the banking world." Private on-line services use proprietary software to move funds, which reduces the risk of thieves breaking into the system. But only subscribers are permitted to make on-line purchases, and then only from participating merchants. For example, fewer than 3% of the people who frequent the CompuServe "mall" each month buy anything. The Internet, by contrast, is an unsecured free-for-all that uses "open" software to let tens of thousands of computers link up. That means more computer jocks know how it really works, increasing the chances of a break-in. Mr. Melton is in a good position to overcome the banks' security concerns. He founded Verifone Inc., which makes the devices retailers use to authorize credit-card charges. He sits on the board of America Online and helped launch Transaction Network Services Inc., a data transmission network for six of the 12 largest credit-card processing centers. TNS is expected to be part of CyberCash's private banking network. CyberCash's co-founder is Dan Lynch, founder of Interop Co., a trade-show subsidiary of Ziff Communications Co. that hosts the biggest Internet gatherings. Other partners include Stephen D. Crocker, one of the Internet's architects; James Bidzos, president of RSA Data Securities Inc., a leading software-security firm; and Bruce Wilson, a former Nynex Corp. executive and one-time board member of the Electronic Funds Transfer Association, a banking trade group. (END) DOW JONES NEWS 09-13-94 6 06 AM - -------------------------------------------------------------------------------- 9/13/94 Company Plans -2-: A "Digital Purse" For Internet Shoppers The Internet today is one big yard sale of computers, t-shirts, books, compact disks, rope sandals, legal services and hundreds of other products -- with almost no way to buy. An estimated 500 companies, from travel agencies and art galleries to real-estate brokers and a Volvo dealership, have put up storefronts. Most offer only product information and customer support. To make a purchase, a browser must phone a vendor. "It's a very clunky way of conducting electronic commerce," says Jayne Levin, editor of the Internet Letter, a newsletter aimed at business users. She estimates the current value of Internet transactions at a "piddling" $10 million. A few pioneers have passed credit-card numbers safely on the Internet. In July, an electronic bookstore received its first payment over the network. Last month, a small startup retailer in Nashua, N.H., sold its first compact disk on-line. Almost no one, however, has been able to automate payment by bringing banks directly on-line, which is CyberCash's goal. Its approach would let users punch a few keys to ask their banks to set aside money in a "digital purse." When the customer clicks on a "buy" icon, the merchant's computer would pass the request to CyberCash's network, which would forward it to the bank. If funds are available in the "digital purse" or a credit-card account, the money would get tranferred from bank to CyberCash to merchant. CyberCash would receive a small fee for each transaction from the banks. "The transaction is processed instantaneously -- while you wait," says Mr. Crocker of CyberCash. He says the company is working to secure the system, "but there's no question we will have people trying our `front door.'" CyberCash plans to spend $20 million on a private network of computers, which will separate Internet merchants from users' bank accounts. To protect sensitive account information, RSA Data Securities will provide encryption to scramble the data, allowing only those who have a special software "key" to read it. Customers and their banks will hold the keys. In addition, Cybercash is discussing licensing with David Chaum, president of Digicash Inc., a key patent holder for digital-cash technology. Digicash emphasizes anonymity: A merchant is told only whether the cash is available, not who is paying. Other security measures must be taken. On the Internet, users can veil their identities or steal access accounts masquerading as someone else. Backers of RSA and CommerceNet, which posts business and product information on the Internet, are working on tools to verify user ID and keep payment requests private and tamper-proof. Even with those measures, however, CyberCash executives concede it will take some potent powers of persuasion to get the banks on board. "There is no security on the Internet," says Dan Schutzer, president of the Financial Services Technology Consortium, a group of major banks. "Your conversations can be tapped, your passwords can be obtained, and your credit card number can be filched. Clearly, it's there for the reading for a clever hacker." -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLneTKqyHUAO76TvRAQHrVgP+MmLm4+YTliqVMLcsNKakx/GXTsgpOGeD aPyqYRxAEEJNmAfGjrmpPHl3FOMvrnZsINDlo+n6CXArMt79YRExtO69hR2lCY7J Uwrf7EAAIhiYc5pKdRTZ29ZgSRbqEP4gOB1TPAoncjR84lXVC61wdNXz6yU7tuaF 6oyXUH5UEw4= =QHMH -----END PGP SIGNATURE----- From hayden at krypton.mankato.msus.edu Wed Sep 14 16:42:28 1994 From: hayden at krypton.mankato.msus.edu (Robert A. Hayden) Date: Wed, 14 Sep 94 16:42:28 PDT Subject: The Importance of Filtering In-Reply-To: Message-ID: One of the things that might be helpful with regards to filtering would be some kind of a user-friendly interface that will allow easy editing and manipulation of the elm filter or procmail rules. (For example, the Tin newsreader has a good entry screen for killfiles based on subject or author.) In addition, I remember way back when when I was using NN as a newsreader, there was a way to set up killfiles with a certain number of days before they would timeout and be removed from the killfile. If a program existed that would allow similiar manipulation of mail killfiles, that would be great. (regretably, I am a dreadful programmer and really am not sure how to design or write the program). As for the digested version of this list, I have received good word and hopefully my machine will be back online in the next couple days. ____ Robert A. Hayden <=> hayden at krypton.mankato.msus.edu \ /__ -=-=-=-=- <=> -=-=-=-=- \/ / Finger for Geek Code Info <=> I do not necessarily speak for the \/ Finger for PGP Public Key <=> City of Mankato or anyone else -=-=-=-=-=-=-=- (GEEK CODE 2.1) GJ/CM d- H-- s-:++>s-:+ g+ p? au+ a- w++ v* C++(++++) UL++++$ P+>++ L++$ 3- E---- N+++ K+++ W M+ V-- -po+(---)>$ Y++ t+ 5+++ j R+++$ G- tv+ b+ D+ B--- e+>++(*) u** h* f r-->+++ !n y++** From jamiel at sybase.com Wed Sep 14 16:46:57 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Wed, 14 Sep 94 16:46:57 PDT Subject: [CyberCash Media hype] Message-ID: At 4:24 PM 9/14/94, nobody at shell.portal.com wrote: > Private on-line services use proprietary software to move >funds, which reduces the risk of thieves breaking into the >system. But only subscribers are permitted to make on-line >purchases, and then only from participating merchants. For >example, fewer than 3% of the people who frequent the CompuServe >"mall" each month buy anything. > The Internet, by contrast, is an unsecured free-for-all that >uses "open" software to let tens of thousands of computers link >up. That means more computer jocks know how it really works, >increasing the chances of a break-in. These are my favorite paragraphs. 1) Proprietary == secure 2) Understanding how it works == insecure -j -- "Blah Blah Blah" ___________________________________________________________________ Jamie Lawrence From exabyte!gedora!mikej2 at uunet.uu.net Wed Sep 14 17:03:13 1994 From: exabyte!gedora!mikej2 at uunet.uu.net (Mike Johnson second login) Date: Wed, 14 Sep 94 17:03:13 PDT Subject: CEB September 11, 1994 issue 2 In-Reply-To: <9409120434.AA27988@toad.com> Message-ID: > Section 2: Michael Johnson's PGP FAQ contribution > > Michael Paul Johnson has an excellent faq on > Subject: Where to Get the Latest PGP (Pretty Good Privacy) FAQ > (Last modified: 7 September 1994 by Mike Johnson) > > You can get this faq by anonymous ftp to: > ftp.csn.net /mpg/getpgp.asc ^ should be ftp.csn.net /mpj/getpgp.asc ^ From chen at intuit.com Wed Sep 14 17:25:11 1994 From: chen at intuit.com (Mark Chen) Date: Wed, 14 Sep 94 17:25:11 PDT Subject: TIS SKE paper by ftp (fwd) Message-ID: <9409150024.AA09862@doom.intuit.com> Mike McNally writes: > Carl Ellison writes: > > anonymous FTP to ftp.tis.com /pub/crypto/ske will give > > TIS's SKE paper with figures (in sep. files). > > The tarfile in that directory is labelled with a .Z extension; it's > not compressed (or else Mosaic is smarter (or stupider) than I > thought!) Actually, Mosaic is smarter than you thought. It automatically decompresses for you. - Mark - -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From ravage at bga.com Wed Sep 14 17:25:17 1994 From: ravage at bga.com (Jim choate) Date: Wed, 14 Sep 94 17:25:17 PDT Subject: RC4 compatibility testing In-Reply-To: <9409142059.AA03709@snark.imsi.com> Message-ID: <199409150024.TAA15131@zoom.bga.com> > > > And then latter if it was patented I would be exempt from paying > > royalties on my product, no? > > Ahem. > > If an invention is successfully patented, any use you make of it > requires royalties even if that use began before the patent was > granted. > > However, RC4 is probably not patentable at this point -- unless Bidzos > has a "submarine patent" in process, which I wouldn't put past him. > If there was considerable use prior to the patent application then there would be a good case to be made that it was in the public domain because of this use. From ravage at bga.com Wed Sep 14 17:28:33 1994 From: ravage at bga.com (Jim choate) Date: Wed, 14 Sep 94 17:28:33 PDT Subject: US Fascist Dictatorship? In-Reply-To: <199409142021.AA03068@panix.com> Message-ID: <199409150028.TAA15267@zoom.bga.com> > > Even in the more coventional areas of political discourse, there seem to be > people who think that we can -- for example -- "seal the borders." Do any of > these people happen to know how many people cross US borders each year? > Would you believe 40,000,000! It seems unlikely that we can go from 40 > million to zero without some problems. This is travel in both directions of > course. Most of the crossings are of the US-Canada and US-Mexico borders. > Mexican, US, and Canadian citizens have equal rights to cross each other's > borders with minimal documentation. > Just as an aside, only about 14 -17 % of the US population has passports. > The fgailure of border sealing shows the general inability of modern > governments to cope with there enforcement problems. 1984 is no where in sight. Just wait until you become a target of the DoJ Forfieture Superfund... It may not be exactly like the prediction but there are lots of things that Huxley simply did not think about or didn't exist when the book was written. While I don't ascribe to the fall of the US I do believe the Constitution is under attack by do-gooders. The road to Hell is paved with good intentions. From frissell at panix.com Wed Sep 14 18:12:10 1994 From: frissell at panix.com (Duncan Frissell) Date: Wed, 14 Sep 94 18:12:10 PDT Subject: PRIVACY REGULATIONS Message-ID: <199409150111.AA02829@panix.com> At 02:46 PM 9/14/94 -0600, Brad Huntting wrote: > >> Can't you free yourself from jail with a writ of habeas corpus ad >> subjiciendum from John Doe? > >But you have to know how to write one. > > >brad > But if you proceed "in forma pauperis" you don't need to know how to write one. DCF "The Privilege of the Writ of Habeas Corpus shall not be suspended, unless when in Cases of Rebellion or Invasion the public Safety may require it. Or if they're just a bunch of damn Japs." -- The Constitution according to FDR, Earl Warren, Hugo Black, and William O. Douglas. From alano at teleport.com Wed Sep 14 19:46:51 1994 From: alano at teleport.com (Alan Olsen) Date: Wed, 14 Sep 94 19:46:51 PDT Subject: PGP 2.6.1 Makefile Message-ID: <199409150246.TAA25165@teleport.com> -----BEGIN PGP SIGNED MESSAGE----- Has anyone here been able to get the PGP 2.6.1 makefile to work for DJGPP? So far I will probably have to rewrite it... Also are there any special settings for 32-bit compiles in the RSAREF code? I have not found any but I may just be going blind. Thanks! -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLne2vmTJ67qS7vTpAQGrmgQAmhAZ67DCqI3WyOTMWTXdNSczgYVvw52q W2X4zKUoVOe7POGBgNhrDxAsn0HLsxvLxPTcsDK9ZOU3KnLJCQ52aUmyHgrPzeWJ AUBrtb5oNS5WAgaH5+Xt1TLiSbeyghKsif2WabqI+R1dsHa8VXlZXWx7g35ow+XH BxQAGGXsqD4= =Ops2 -----END PGP SIGNATURE----- |"I would call him a Beastialic Sadomasochistic | alano at teleport.com | |Necrophile but that would be beating a dead | Disclaimer: | |horse." -- Teriyaki (What's up Tiger Lily?) | Ignore the man | | -- PGP 2.61 key available on request -- | behind the keyboard.| From snyderra at dunx1.ocs.drexel.edu Wed Sep 14 21:09:58 1994 From: snyderra at dunx1.ocs.drexel.edu (Bob Snyder) Date: Wed, 14 Sep 94 21:09:58 PDT Subject: US Fascist Dictatorship? Message-ID: At 4:21 PM 9/14/94, Duncan Frissell wrote: >So is the US about to grab all the guns, seal the borders, make foreign >trade a crime, and change the color of the money? And the link to cryptography is what? Bob -- Bob Snyder N2KGO MIME, PGP, RIPEM mail accepted snyderra at post.drexel.edu PGP & RIPEM keys on key servers When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl. From bridges at cs.arizona.edu Wed Sep 14 23:24:12 1994 From: bridges at cs.arizona.edu (Patrick G. Bridges) Date: Wed, 14 Sep 94 23:24:12 PDT Subject: RC4 Legal Issues Message-ID: <199409150624.AA01543@hummingbird.cs.arizona.edu> So what does the publication of the reverse engineering of RC4 mean legally? AT&T claimed trade sevret and copyright protection over code that was pretty well known in the BSDI case... Can RC4 still be construed as a trade secret or proprirtary to RSADS and Bizdos or are, as I understand from previous messages, we free to use RC4 now (ignoring the submarine patent issue)? From jim at acm.org Wed Sep 14 23:44:47 1994 From: jim at acm.org (Jim Gillogly) Date: Wed, 14 Sep 94 23:44:47 PDT Subject: RC4 Legal Issues In-Reply-To: <199409150624.AA01543@hummingbird.cs.arizona.edu> Message-ID: <9409150644.AA02804@mycroft.rand.org> > "Patrick G. Bridges" writes: > So what does the publication of the reverse engineering of RC4 > mean legally? Does the answer to this question depend on whether it really was reverse engineered, or is a direct lift from the original source code? Jim Gillogly Sterday, 24 Halimath S.R. 1994, 06:43 From a.brown at nexor.co.uk Thu Sep 15 00:55:12 1994 From: a.brown at nexor.co.uk (Andrew Brown) Date: Thu, 15 Sep 94 00:55:12 PDT Subject: RC4 Legal Issues In-Reply-To: <199409150624.AA01543@hummingbird.cs.arizona.edu> Message-ID: On Wed, 14 Sep 1994, Patrick G. Bridges wrote: > Can RC4 still be construed as a trade secret or proprirtary to > RSADS and Bizdos or are, as I understand from previous messages, > we free to use RC4 now (ignoring the submarine patent issue)? I just checked the Cryptography Today FAQ from rsa.com and found precious little clues in the section about RC2 and RC4, except for the following: "RC2 and RC4 are proprietary algorithms of RSA Data Security, Inc.; details have not been published" (sic) They claim that RC4 is 10 or more times as fast as DES. Has anyone done any speed trials against libdes yet? Regards, - Andy +-------------------------------------------------------------------------+ | Andrew Brown Internet Telephone +44 115 952 0585 | | PGP 2.6ui fingerprint: EC 80 9C 96 54 63 CC 97 FF 7D C5 69 0B 55 23 63 | +-------------------------------------------------------------------------+ From frissell at panix.com Thu Sep 15 01:55:59 1994 From: frissell at panix.com (Duncan Frissell) Date: Thu, 15 Sep 94 01:55:59 PDT Subject: US Fascist Dictatorship? Message-ID: <199409150855.AA24642@panix.com> >Just wait until you become a target of the DoJ Forfieture Superfund... Unsiezable assets can't be siezed. Since each person represents a unique nexus of relationships, it is easier for that person to exercise control over those relationships than it is for an outside party to penetrate the nexus. >It may not be exactly like the prediction but there are lots of things that >Huxley simply did not think about or didn't exist when the book was written. Not Brave New World -- 1984. >The road to Hell is paved with good intentions. Not to mention the National Defense Highways Act of 1956. DCF From paul at hawksbill.sprintmrn.com Thu Sep 15 04:34:53 1994 From: paul at hawksbill.sprintmrn.com (Paul Ferguson) Date: Thu, 15 Sep 94 04:34:53 PDT Subject: (fwd) A new PGP Message-ID: <9409151238.AA02015@hawksbill.sprintmrn.com> For those of you who haven't already seen this -- my apologies for the post if you already have.... Forwarded message: > From: pgut1 at cs.aukuni.ac.nz (Peter Gutmann) > Newsgroups: alt.security.pgp,sci.crypt,talk.politics.crypto > Subject: A new PGP > Followup-To: alt.security.pgp > Date: 13 Sep 1994 16:01:08 GMT > Organization: University of Auckland > Lines: 263 > Sender: pgut1 at cs.aukuni.ac.nz (Peter Gutmann) > Message-ID: <354ic4$t54 at ccu2.auckland.ac.nz> > NNTP-Posting-Host: cs13.cs.aukuni.ac.nz > X-Newsreader: NN version 6.5.0 #7 (NOV) > Xref: news.sprintlink.net alt.security.pgp:18448 sci.crypt:31730 talk.politics.crypto:7169 > > > > [NB: Followups redirected to alt.security.pgp] > > This posting is a call for participation in a complete rehash of PGP to > parallel the existing PGP effort in the US. All contributions are welcome, > although any cryptographic material from the US won't be usable by anyone else, > so it'd be best if all crypto work was done outside the US. I believe Phil is > aware of this project but can't comment on it due to legal advice - please > don't pester him (or me) about this. > > The following sections are a preliminary sketch of what's to be done, see the > end of this message for more information on how to participate. > > Design goals for the new PGP: > > - Proper key database for fast lookup of keys. > - Something like DER-encoded ASN.1 keys and data, PKCS/X.509 compatible with > extensions for PGP's trust model and also i18n features not found in X.509 > (exact details still under debate). > - Ability to plug in alternative routines, eg RSAREF instead of independant > RSA code. > - Backwards compatibility with 2.x. > - MIME security extension compliant encoding of messages. > - Flexible, planned message/key format which allows easy expandability. > > The universal PGP rewrite emphasizes flexibility of design, modularity and > Chinese-wall seperation for ease of development, and abstraction of messy > details like low-level I/O. Some rules to go by: > > - All functional units are kept in seperate modules. There is one header file > giving the interface to that module. Only the interface given in the header > file is available to the outside world. All non-public information should be > in header files which are private to that module. This should vastly simplfy > development by multiple people since all the content-coupling of the existing > code is eliminated. > > The whole of PGP is too big for one person to get an overview of, by > enforcing modularity with a preset interface we can allow independant teams > to work on the parts they're best at, as well as allow independant developers > to user the libraries they want in PGP support software without having to > worry about all the API's breaking every time there's a new release. > > - None of the library routines perform any user I/O. This is all handled by > higher-level code, using callbacks if really necessary. The libraries should > be usable in any CLI or GUI environment without needing changes made for > different operating environments. > > - All routines return an integer status with well-defined codes. Status values > are defined in the module interface header and are of the form <3-char module > name>ERR_, eg DBXERR_READ would indicate a read error in the > database access code. No mysterious constants buried seven nesting levesl > down in routines somewhere! > > The basic modules are: > > > Streams > ------- > > A generalized stream I/O library. A stream can be a block of memory, a FILE *, > a file-descriptor-based file, a TCP socket, an X.25 virtual circuit, or > whatever. The use of memory streams does away with PGP2's overuse of temporary > files. > > int newStream( STREAM *stream ); > int attachStream( STREAM *stream, ??? ); > int ioctlStream( STREAM *stream, ??? ); > int readStream( STREAM *stream, void *buffer, size_t length ); > int writeStream( STREAM *stream, void *buffer, size_t length ); > int lengthStream( STREAM *stream ); > int deleteStream( STREAM *stream ); > > The attachStream() and ioctlStream() attach a stream to an interface, eg a > block of memory, a file, or a network connection, and change its > characteristics. The end user is never aware of any difference, or of the fact > that, for example, for a small message they might be R/W memory, but for a > larger one they might be R/W a temporary file. Perhaps an existing PD streams > library can be adapted to the task. > > Error codes: STMERR_xxx > > > PKC > --- > > A PKC library. > > int rsaEncrypt( PUBKEY *pubKey, STREAM *stream ); > int rsaDecrypt( PRIVKEY *privKey, STREAM *stream ); > int rsaKeyGen( ??? ); > > Error codes: PKCERR_xxx > > > Crypto > ------ > > A conventional-key crypto library. > > int encrypt( CRYPTINFO *cryptInfo, STREAM *stream ); > int decrypt( CRYPTINFO *cryptInfo, STREAM *stream ); > > The CRYPTINFO struct contains all the information you need to specify > encryption algorithms and modes, so you'd have something like: > > cryptInfo->algorithm = CRYPT_ALGO_IDEA; > cryptInfo->mode = CRYPT_MODE_CFB; > encrypt( cryptInfo, stream ); > > This fixes another complaint with PGP, that for every job you do there are 15 > different functions to do it, all with slightly different parameters and > options. With the unified interface, the call to encrypt data is *always* > called encrypt() (rather than encryptIdeaCfb(), encryptFooBar(), > encryptThisThatAndTheOther(), etc), and the CRYPT_INFO struct contains all the > parameters you need. A library could then implement a number of different > algorithms and you choose which one you want without having to know that the > function name for that option is encryptQwertyFoo(). You could even have a > getCryptInfo() call which queries a library as to which algorithms and modes it > implements, or the call could return CRYERR_ALGO_UNAVAIL (algorithm > unavailable) or CRYERR_MODE_UNAVAIL (encryption mode unavailable). > > Error codes: CRYERR_xxx > > > Configuration > ------------- > > Get configuration information for PGP routines. Use a proper grammar > definition, perhaps lex+yacc (tcl has also been suggested), read into (private) > vars, make available to outside world via getXXX() calls. NO GLOBAL CONFIG > VARS! > > int readConfigFiles( void ); > int getFooInfo( char *fooPtr ); > int getBarInfo( int *barPtr ); > > Error codes: CFGERR_xxx > > > Random Number Handling > ---------------------- > > A random number management library. > > int openRandomStream( STREAM *stream ); > int readRandomStream( STREAM *stream, void *buffer, size_t count ); > int closeRandomStream( STREAM *stream ); > > This could use the existing keystroke latency method, or connect the stream to > custom hardware, or whatever. > > Error codes: RNDERR_xxx > > > Key Database Management > ----------------------- > > All keys can (and should be) stored in a database, which encapsulate the full > DER-encoded keys inside a database allowing fast lookup. The general format > will be: > > { keyID, userID, encapsulated key } > > The keyID is a hash of the key (making it independant of the key itself and not > prone to denial-of-service attacks), the userID is simply the user > ID/address/whatever, the encapsulated key contains the full key. Lookup is > done on the keyID and userID which locate the required key. Details of the > exact mechanism to be decided by the database experts - need to define message > format, kludges like storage of encapsulated keys in XMS for peecee's, etc etc. > > > En/decoding > ----------- > > ASN.1 DER-encoding of keys/data, MIME en/decoding. Needs to be discussed. > > > Compatibility > ------------- > > Backwards-compatibility code to handle old PGP keys and messages. Presumably > keys will only need to be converted once, then we need to read old messages and > (possibly) write them. > > > Low-Level > --------- > > Low-level OS interface code. All OS-specific code is hidden in this module. > > > I18n > ---- > > A proper i18n system which reads the appropriate messages from a database once > and then keeps them in memory. > > int readInternationalizationDatabase( void ); > > All user I/O then uses strings from the i18n database. The database is > generated by a precompiler from some user-friendly input format, so that a > group of seperate language scripts for eg English, French, German, Russian, etc > are fed into one and, and the output is the full i18n database. Adding a new > language to PGP then involves simply creating a new script in that language and > running the database compiler on it. > > > Installation > ------------ > > Not part of PGP, but we need someone to do a decent install script which > removes from end users the need to fiddle makefiles and options. > > > Others > ------ > > Other routines as required. For example, we each library should have an init > call which registers an exit handler with a function called by atexit() to > allow a clean shutdown no matter how we exit the program. This does away with > the current need for PGP to explicitly perform exit handling all over the > place, and hides the messy details from the end user (who may not even think > about things like this). > > > What we need: > > - A well-connected site outside the US to run mailing lists, one per developers > group: > > pgp-streams - streams interface for I/O > pgp-crypto - public and private-key encryption, random number management > pgp-dbx - key database management > pgp-compat - PGP 2.x backwards-compatibility management > pgp-protocol - PGP data/key format and protocol redesign > pgp-lowlevel - low-level OS-specific glue code > pgp-misc - everything else, eg config code, i18n, installation > > There may also be a need for a seperate group to handle key-related routines > such as trust-level checks and whatnot, which is a fairly complex task. The > idea is to mimimze the amount of unnecessary traffic people will need to read > in order to get their job done. > > The only communication which should be necessary between these groups is the > header file which defines the data structures and interface and/or a written > specification of the interface to a module. This means that the PKC group > can work on the PKC code without having to worry about what the streams, > database, crypto, and os-specific groups are doing. > > An attached FTP site for distribution of code would also be nice. > > - Groups of developers with expertise in PKC crypto, conventional crypto, > database management, low-level OS-specific stuff, code optimization, protocol > design, software i18n, and everything else imaginable. > > Until the mailing lists are set up (someone volunteer a site, quickly!) I'll be > handling things in email, which means that it could take quite a while for me > to extract myself from the flood of messages I'm expecting. Please try and > keep non-essential messages to a minimum, and be patient when waiting for > replies. > > Peter (Hmm, maybe I'd better mount /usr/spool/mail on a seperate drive). > - paul From frissell at panix.com Thu Sep 15 04:39:59 1994 From: frissell at panix.com (Duncan Frissell) Date: Thu, 15 Sep 94 04:39:59 PDT Subject: US Fascist Dictatorship? Message-ID: <199409151139.AA06507@panix.com> At 12:09 AM 9/15/94 -0400, Bob Snyder wrote: > >>So is the US about to grab all the guns, seal the borders, make foreign >>trade a crime, and change the color of the money? > >And the link to cryptography is what? > >Bob Most of the members of this list are here because they see crypto as a "technological fix" that will let us ignore government and private interventions/invasions (that we want to ignore). That makes this a somewhat political list. I know we have been a bit political of late but what I was trying to do with my post was to introduce a bit of reality in to what are usually somewhat unrealistic ideas. Those who are involved in cryptography often seem to be seeking mathematically perfect security. They also assume that the oppressors are deploying mathematically perfect oppression. When I describe the total incompetence at the INS, I am just trying to point out that The Great Enemy is not all that efficient so we can make do with less than perfect security. DCF From perry at imsi.com Thu Sep 15 05:27:36 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Sep 94 05:27:36 PDT Subject: RC4 compatibility testing In-Reply-To: <199409150024.TAA15131@zoom.bga.com> Message-ID: <9409151227.AA04325@snark.imsi.com> Jim choate says: > > However, RC4 is probably not patentable at this point -- unless Bidzos > > has a "submarine patent" in process, which I wouldn't put past him. > If there was considerable use prior to the patent application then there > would be a good case to be made that it was in the public domain because > of this use. A "submarine" patent application would have been made before the public use. .pm From perry at imsi.com Thu Sep 15 06:36:48 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Sep 94 06:36:48 PDT Subject: RC4 Legal Issues In-Reply-To: Message-ID: <9409151336.AA04404@snark.imsi.com> Andrew Brown says: > They claim that RC4 is 10 or more times as fast as DES. Has anyone done > any speed trials against libdes yet? John Ioannidis, playing with the posted code, claims to have gotten 24mbps out of it, on a machine where a carefully tuned version of Phil Karn's DES code gets 2mbps. Perry From hughes at ah.com Thu Sep 15 07:34:16 1994 From: hughes at ah.com (Eric Hughes) Date: Thu, 15 Sep 94 07:34:16 PDT Subject: RC4 Legal Issues In-Reply-To: <199409150624.AA01543@hummingbird.cs.arizona.edu> Message-ID: <9409151354.AA03733@ah.com> Can RC4 still be construed as a trade secret or proprirtary to RSADS and Bizdos or are, as I understand from previous messages, we free to use RC4 now (ignoring the submarine patent issue)? A trade secret is just that, a secret. For parties unrelated to the holder of the secret, once it's no longer a secret, it's not a secret, and the former holder of the secret has no protection at all. In other words, if you're not, say, a BSAFE licensee, you are free to use the alleged RC4 algorithm. Let me repeat. If you've never made an agreement with RSADSI about not distributing their trade secrets, RSADSI has _no_ claim against you about the trade secret. (I don't know if the name "RC4" is trademarked.) Note the use of the word 'unrelated' in the sentence above. The situation is hazier there. Both licensees and agents (including employees) of the holder of the secret are liable for damages if they breach the trust of the secret holder by revealing the secret. This liability, however, does _not_ make the secret any less revealed. The former holder can sue for damages, assuming there's someone to sue and the damages can be ascertained. If you're the user of a product which includes RC4, like Lotus Notes, for example, the agreement between Lotus and RSADSI about protection of trade secrets doesn't apply to you, assuming you don't work for Lotus or RSADSI. You weren't a party to the agreement, and its terms don't directly affect thrid parties. You made a (shrink-wrap) agreement with Lotus, not RSADSI. Eric From hughes at ah.com Thu Sep 15 07:47:04 1994 From: hughes at ah.com (Eric Hughes) Date: Thu, 15 Sep 94 07:47:04 PDT Subject: RC4 Legal Issues In-Reply-To: <9409150644.AA02804@mycroft.rand.org> Message-ID: <9409151407.AA03753@ah.com> Does the answer to this question depend on whether it really was reverse engineered, or is a direct lift from the original source code? It does not matter to disinterested parties, like the average cypherpunk. If it was reverse engineered, there may be a claim by the seller of the software against the licensee for breaching a "no reverse engineering" clause. In this case RSADSI is not a party to the action because the reversing engineer did not make an agreement with RSADSI concerning trade secrets. Any disinterested party is also not subject to this action, because they made no agreement with anybody involved. It's possible that RSADSI and, say, Lotus have an indemnification agreement in the case of reverse engineering, but that only affects the distribution of resources between those two companies. If it was lifted from source code, then RSADSI has a claim of malfeasance against theft of trade secrets. This doesn't reverse the fact that it's no longer a secret, but rather allows RSADSI to sue for the damages caused by the revelation of the secret. RSADSI can only sue the person who revealed the secret, not just anybody who posesses it. It's also possible that there might be a claim against the party to whom the secret was directly divulged, were there some conspiracy to steal trade secrets. That situation does not seem to apply here. In all of the above, be mindful that anybody can file a lawsuit and claim anything at all, and if it sounds official the gullible might believe that even the most farcical claims have merit. Eric From perry at imsi.com Thu Sep 15 07:52:27 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Sep 94 07:52:27 PDT Subject: thoughts on RC4 Message-ID: <9409151452.AA03618@webster.imsi.com> I've been looking at the RC4 (or alleged RC4) code a bit. Unlike most ciphers, RC4 doesn't seem to have any particular word length dependancies in its principles. That is to say, a cipher like IDEA has lots of magic numbers involved, but RC4 does not, which means that one could, in principle, extend it from being byte oriented stream to being word oriented stream without causing particular harm. (It would, of course, become incompatible, but thats not a real issue.) Can anyone see any reason why one could not change RC4 to being a word oriented stream cipher, call it "ERC4"? The reason I ask is because this would speed things up by a factor of four on 32 bit machines, which would mean modest hardware could possibly break 100mbps speeds. The 64 bit extension on 64 bit RISC processors could go far, far, faster still. This is a real consideration in the protection of network traffic, where extremely fast encryption in software has been a stumbling block. Perry From hughes at ah.com Thu Sep 15 07:57:54 1994 From: hughes at ah.com (Eric Hughes) Date: Thu, 15 Sep 94 07:57:54 PDT Subject: RC4 Legal Issues Message-ID: <9409151418.AA03778@ah.com> Some general words on trade secrets. Trade secret law is eminently sensible. It grows out of common law and the merits and facts of real situations regarding information. Trade secret law does not attempt to reverse the disclosure of information, which would be contrary to the properties of information. It does not require that people forget something they have learned. Nor does trade secret law force tribute upon those who use that knowledge, as patent law does. It does not restrict the transmission of information, as copyright law does. If, however, you tell someone you're going to keep a secret, and they compensate you for that promise (i.e. consideration in a contract), then the law expects you to uphold your promise or make good the harm that you've caused. Lacking an agreement, the holder of the agreement has no recourse. In a cryptographic world, the model of trade secret law is worth considering. It concerns only information and agreements between individuals. Eric From hfinney at shell.portal.com Thu Sep 15 08:26:33 1994 From: hfinney at shell.portal.com (Hal) Date: Thu, 15 Sep 94 08:26:33 PDT Subject: RC4 compatibility testing In-Reply-To: <9409151227.AA04325@snark.imsi.com> Message-ID: <199409151526.IAA01380@jobe.shell.portal.com> "Perry E. Metzger" writes: >A "submarine" patent application would have been made before the >public use. I'm not familiar with this term, "submarine" patent application. But don't they have one year from the date of first publication to apply for a patent? It seems that this could count as first publication, so they would have one year from now to get their patent application in. As I said before, the NSA has indicated similar plans if Clipper is ever reverse engineered. Hal From hfinney at shell.portal.com Thu Sep 15 08:46:49 1994 From: hfinney at shell.portal.com (Hal) Date: Thu, 15 Sep 94 08:46:49 PDT Subject: thoughts on RC4 In-Reply-To: <9409151452.AA03618@webster.imsi.com> Message-ID: <199409151546.IAA02879@jobe.shell.portal.com> perry at imsi.com (Perry E. Metzger) writes: >Unlike most ciphers, RC4 doesn't seem to have any particular word >length dependancies in its principles. That is to say, a cipher like >IDEA has lots of magic numbers involved, but RC4 does not, which means >that one could, in principle, extend it from being byte oriented >stream to being word oriented stream without causing particular >harm. (It would, of course, become incompatible, but thats not a real >issue.) Can anyone see any reason why one could not change RC4 tO >being a word oriented stream cipher, call it "ERC4"? I'm not sure exactly how you would generalize it. Right now it has a 256 entry table which holds a permutation of the values in 0..255. A byte is selected from this table and xor'd with the data stream. To increase to four bytes per entry and keep it as a permutation we would have to have 4 billion entries taking up 16 GB of memory which seems a bit much. Altenatively we could still have 256 entries but have them four bytes each, but then it's not clear that you keep the cryptographic properties since you no longer have a permutation. However a good application of Perry's suggestion would be to go to a two-byte formulation. You would have 64K entries of two bytes each, holding a permutation of 0..65535, and then use the same algorithm with the 256's replaced by 65536 and the chars replaced by shorts. This would retain the cryptographic properties and IMO would make many sorts of attacks harder (at least requiring more data, probably by a factor of 256). The main down side is that key setup takes 256 times longer, but it shouldn't take much time to init a 64K entry table with a couple of indexes and xor's per entry. So on the whole it seems like a worthwhile extension. I wonder if the NSA would approve it? I think it was Bill Sommerfield who pointed out that it was a little curious that NSA approves RC4 with a 40 bit key when hardware-assisted search like the DES key cracker would appear to be impractical. Maybe some other parallel machine would be suitable, though. (But another possibility is that they can break the cypher and the key length restriction is just cover for that.) Trying to get a 16-bit RC4 approved for export would perhaps not work for 40 bit keys because key setup takes 256 times longer, but key size could be decreased to 32 bits to compensate. OTOH maybe that is not necessary because probably the whole array does not have to be set up in order to tell whether a given key will work. 1/3 of the entries in the table are fixed once they have been swapped once, so if you checked after doing the first 20 entries, say, about 7 should have their final values, and we can perhaps reject a key already in a known plaintext situation just from that. So actually the large table size may not help against exhaustive key search. (The mod I suggested to the key setup would defend against this possibility, which raises the question of whether this design aspect was chosen to allow for export approval.) Hal Hal From perry at imsi.com Thu Sep 15 08:56:58 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Sep 94 08:56:58 PDT Subject: RC4 compatibility testing In-Reply-To: <199409151526.IAA01380@jobe.shell.portal.com> Message-ID: <9409151556.AA04764@snark.imsi.com> Hal says: > "Perry E. Metzger" writes: > > >A "submarine" patent application would have been made before the > >public use. > > I'm not familiar with this term, "submarine" patent application. Basically, what you do is use administrative tricks to delay the patent from being issued for as many years as possible -- sometimes decades -- while the idea becomes popular and gets incorporated into lots of products. Patent applications in the U.S. are kept secret by law. Then, the patent finally gets granted -- resulting in lots of people suddenly finding that the product they've been building for many years is now patented by someone -- retroactively making them liable for fat juicy license fees. Another trick is to have the patent delayed by a secrecy order... Perry From perry at imsi.com Thu Sep 15 09:06:23 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Sep 94 09:06:23 PDT Subject: thoughts on RC4 In-Reply-To: <199409151546.IAA02879@jobe.shell.portal.com> Message-ID: <9409151606.AA04784@snark.imsi.com> Hal says: > perry at imsi.com (Perry E. Metzger) writes: > > >Unlike most ciphers, RC4 doesn't seem to have any particular word > >length dependancies in its principles. [...] > I'm not sure exactly how you would generalize it. Right now it has a 256 > entry table which holds a permutation of the values in 0..255. A byte is > selected from this table and xor'd with the data stream. To increase to > four bytes per entry and keep it as a permutation we would have to have 4 > billion entries taking up 16 GB of memory which seems a bit much. > Altenatively we could still have 256 entries but have them four bytes > each, but then it's not clear that you keep the cryptographic properties > since you no longer have a permutation. Am I being thick? If you simply do all array indexes modulo the length of the table, wouldn't you still have a permutation? (Its true, however, that one could slow down the algorithm quite a bit if one isn't careful with how one does this...) .pm From mech at eff.org Thu Sep 15 09:25:03 1994 From: mech at eff.org (Stanton McCandlish) Date: Thu, 15 Sep 94 09:25:03 PDT Subject: DigTel: ERRATA - correct path to Berman HR testimony 09/13/94 Message-ID: <199409151623.MAA14954@eff.org> Apologies for the incorrect path given at the end of yesterday's release of our hearing summary. The correct path to the file containing EFF Policy Director Jerry Berman's testimony at the US House of Representatives hearing on Digital Telephony of two days ago is: ftp.eff.org, /pub/EFF/Policy/FBI/eff_091394_digtel_berman.testimony gopher.eff.org, 1/EFF/Policy/FBI, eff_091394_digtel_berman.testimony http://www.eff.org/pub/EFF/Policy/FBI/eff_091394_digtel_berman.testimony -- Stanton McCandlish


mech at eff.org

Electronic Frontier Fndtn.

Online Activist From thad at pdi.com Thu Sep 15 09:34:46 1994 From: thad at pdi.com (Thaddeus Beier) Date: Thu, 15 Sep 94 09:34:46 PDT Subject: RC4 compatibility testing Message-ID: <9409151631.AA10573@fulcrum.pdi.com> To: cypherpunks at toad.com Subject: Re: RC4 compatibility testing >> "Perry E. Metzger" writes: >> >> I'm not familiar with this term, "submarine" patent application. But >> don't they have one year from the date of first publication to apply for >> a patent? It seems that this could count as first publication, so they >> would have one year from now to get their patent application in. As I >> said before, the NSA has indicated similar plans if Clipper is ever >> reverse engineered. >> >> Hal >> >> A "submarine" patent is one that was filed long ago, but kept from being issued by various ploys. Because the patent exists for 17 years from date of being granted, there is an incentive to delay the granting of the patent. Of course, patenting the invention makes it public too, which you might want to avoid, especially if you'd like to have a world-wide market on a cryptographic product. Like RC4, for example. Once it is patented in this country, anybody from the rest of the world could copy it. Once you find somebody you'd like to go after, you can speed up the process. The patent process runs pretty slow on its own, but you can slow it down further still by delaying correspondence with the patent office, by not paying fees quickly. I think that there is one final fee that must be paid after the patent is approved, but before it is granted, that you can just hold off on for a long time. thad Thad Beier Pacific Data Images 408)745-6755 thad at pdi.com From adam at bwh.harvard.edu Thu Sep 15 09:52:25 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Thu, 15 Sep 94 09:52:25 PDT Subject: The Importance of Filtering In-Reply-To: Message-ID: <199409151652.MAA10444@arthur.bwh.harvard.edu> You wrote: | One of the things that might be helpful with regards to filtering would be | some kind of a user-friendly interface that will allow easy editing and | manipulation of the elm filter or procmail rules. (For example, the Tin | newsreader has a good entry screen for killfiles based on subject or | author.) In addition, I remember way back when when I was using NN as a | newsreader, there was a way to set up killfiles with a certain number of | days before they would timeout and be removed from the killfile. | | If a program existed that would allow similiar manipulation of mail | killfiles, that would be great. (regretably, I am a dreadful programmer | and really am not sure how to design or write the program). The rep. credit system that I sketched out a few days ago would alliviate the need to edit your procmail rules by hand for those mail message you choose to filter. The way I had pictured setting it up would have a procmail rule which would query a reputation database (stored in the users account.) The query would return a number, which procmail could then act on. No timing features at the user level, but I've considered putting in a decaying value for credit, to prevent entries from living forever. I doubt this would be in early versions. Lastly, I'm getting around to sketching out data structures, the only problem I have to address in theory is how to prevent the system from becoming a spam factory; deluging people who don't use the system with piles of messages that they don't want. Several inelegant server based solutions appear (they often do), but I'm hoping to design something more elegant. Adam From hfinney at shell.portal.com Thu Sep 15 10:02:15 1994 From: hfinney at shell.portal.com (Hal) Date: Thu, 15 Sep 94 10:02:15 PDT Subject: thoughts on RC4 In-Reply-To: <9409151452.AA03618@webster.imsi.com> Message-ID: <199409151701.KAA08820@jobe.shell.portal.com> I realized a few minutes later that I was mistaken to write: >OTOH maybe that is not >necessary because probably the whole array does not have to be set up >in order to tell whether a given key will work. 1/3 of the entries in >the table are fixed once they have been swapped once, so if you checked >after doing the first 20 entries, say, about 7 should have their final >values, and we can perhaps reject a key already in a known plaintext >situation just from that. So actually the large table size may not >help against exhaustive key search. (The mod I suggested to the key >setup would defend against this possibility, which raises the question >of whether this design aspect was chosen to allow for export approval.) Just knowing several of the first few entries in the table doesn't allow you to quickly reject keys because the algorithm selects entries from throughout the table to xor with the data stream. So this does not imply that keys can be rejected quickly, nor does it suggest that the particular setup algorithm used is particularly weak or was chosen for export approval. Sorry about the error. Hal From sommerfeld at orchard.medford.ma.us Thu Sep 15 10:11:53 1994 From: sommerfeld at orchard.medford.ma.us (Bill Sommerfeld) Date: Thu, 15 Sep 94 10:11:53 PDT Subject: thoughts on RC4 In-Reply-To: <199409151546.IAA02879@jobe.shell.portal.com> Message-ID: <199409151705.NAA00703@orchard.medford.ma.us> > I wonder if the NSA would approve it? I think it was Bill Sommerfield > who pointed out that it was a little curious that NSA approves RC4 with a > 40 bit key when hardware-assisted search like the DES key cracker would > appear to be impractical. Actually, I'm not sure that it's that impractical, but I don't know a heck of a lot about VLSI or hardware design. A fully pipelined chip would require significantly more more chip area than the DES cracker, but you probably don't need that. I'm pretty sure you could make a blazingly fast, non-pipelined, chip with a "key setup" unit and then a "trial encrypt" unit which run in parallel; you clock the key setup unit 256 times to set up the key, then the key gets fed to the trial encrypt unit where it gets tried against the known plaintext/ciphertext pair.. Back of the envelope calculation: massively parallel RC4 cracker. 2**16 chips, cycled at 2**23 hz (8Mhz; fairly conservative), one trial every 2**8 cycles per chip. -> 2**31 trials per second. -> with this hardware, you can break 40-bit RC4 in 256 seconds on average (512 seconds worst case). - Bill From m1tca00 at FRB.GOV Thu Sep 15 10:30:41 1994 From: m1tca00 at FRB.GOV (Tom Allard) Date: Thu, 15 Sep 94 10:30:41 PDT Subject: key signing Message-ID: <9409151726.AA05035@mass6.FRB.GOV> Hmmm... I requested my key from the MIT key-server and it came back with two unknown signatures. So I requested those two keys, only to find that they were Bill Clinton and Al Gore. I've never met either of them (although I have seen Al Gore jogging through Rock Creek Park). Those keys had signatures also, so I got the signator's key as well, only to find that it was "Hillary's" key. Type bits/keyID Date User ID pub 384/23BDC6F9 1980/01/01 William J. Clinton sig CC3D9213 (Unknown signator, can't be checked) sig DE09D78D (Unknown signator, can't be checked) Type bits/keyID Date User ID pub 384/DE09D78D 1980/01/01 Albert Gore sig CC3D9213 (Unknown signator, can't be checked) sig DE09D78D Albert Gore sig 23BDC6F9 (Unknown signator, can't be checked) Type bits/keyID Date User ID pub 1024/CC3D9213 1993/12/25 Hillary Rodham Clinton sig CC3D9213 Hillary Rodham Clinton rgds-- TA (tallard at frb.gov) +-+ I don't speak for the Federal Reserve Board, it doesn't speak for me. |X| pgp fingerprint: 10 49 F5 24 F1 D9 A7 D6 DE 14 25 C8 C0 E2 57 9D +-+ From karn at qualcomm.com Thu Sep 15 11:06:11 1994 From: karn at qualcomm.com (Phil Karn) Date: Thu, 15 Sep 94 11:06:11 PDT Subject: RC4 Legal Issues In-Reply-To: <9409151354.AA03733@ah.com> Message-ID: <199409151806.LAA19261@servo.qualcomm.com> >A trade secret is just that, a secret. For parties unrelated to the >holder of the secret, once it's no longer a secret, it's not a secret, >and the former holder of the secret has no protection at all. In >other words, if you're not, say, a BSAFE licensee, you are free to use >the alleged RC4 algorithm. This was my understanding *before* the recent jury decision in the Microsoft vs Stac Electronics countersuit. When Stac sued Microsoft for infringing their patents on disk compression, Microsoft countersued Stac for trade secret infringement for having reverse-engineered some hidden system calls in MS-DOS. Not only did the jury uphold Stac's bogus software patent, but they also found in favor of Microsoft on their ridiculous trade secret accusation! Needless to say, this creates a very troubling precedent. Now you can now apparently infringe a trade secret merely by examining fully public information (e.g., commercially available object code.) Phil From perry at imsi.com Thu Sep 15 11:18:24 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Sep 94 11:18:24 PDT Subject: RC4 Legal Issues In-Reply-To: <199409151806.LAA19261@servo.qualcomm.com> Message-ID: <9409151814.AA05183@snark.imsi.com> Phil Karn says: > >A trade secret is just that, a secret. For parties unrelated to the > >holder of the secret, once it's no longer a secret, it's not a secret, > >and the former holder of the secret has no protection at all. In > >other words, if you're not, say, a BSAFE licensee, you are free to use > >the alleged RC4 algorithm. > > This was my understanding *before* the recent jury decision in the > Microsoft vs Stac Electronics countersuit. [...] > Microsoft countersued Stac for trade secret infringement for having > reverse-engineered some hidden system calls in MS-DOS. [...] the > jury found in favor of Microsoft on their ridiculous trade secret > accusation! Ah, but that does make some sense. You see, Stac bought MS-DOS from Microsoft, and had to adhere to Microsoft's shrink wrap agreement. They broke the agreement they made with Microsoft when they bought the software. The person that reverse engineered RC4 obviously broke the rules and can be sued by RSA -- if anyone can ever figure out who he is. On the other hand, *I* have never signed an agreement with RSA... and I doubt that you have... Perry From rah at shipwright.com Thu Sep 15 11:30:39 1994 From: rah at shipwright.com (Robert Hettinga) Date: Thu, 15 Sep 94 11:30:39 PDT Subject: e$: Multi-Industry Coalition Framework - NII (fwd) Message-ID: <199409151828.OAA18852@zork.tiac.net> Thought you folks would want to see this... >PRESS RELEASE > >FOR IMMEDIATE REALEASE CONTACT: Charles N. Brownstein >September 12, 1994 703-620-8990 > >MULTI-INDUSTRY COALITION SETS TECHNICAL FRAMEWORK >FOR THE NATIONAL INFORMATION INFRASTRUCTURE > > > >Washington, D.C. -- Today, more than forty leading communications, >computing, and services companies proposed a consensus vision of the >architecture required for tomorrow's information superhighway. In addition, >the Cross-Industry Working Team (XIWT) members detailed an example of a key >component of the National Information Infrastructure (NII) - digital cash. > >The two white papers, 1) An Architectural Framework for the NII and 2) >Digital Cash, Tokens and Payments in the NII, will be presented to the >President's NII Advisory Committee tomorrow at its meeting in New York. > >"These papers provide a technical vision and goals for the NII that cut >across a range of industries," said Robert Kahn, President of CNRI and >chair of the XIWT Executive Committee. "They provide a common foundation >for thinking about the objectives and technical requirements of the NII." > >In its Architecture paper, XIWT calls for an NII that promotes >interoperability and provides universal access, privacy, protection, >intellectual property, security, job creation and commerce in a competitive >business environment. Based on these objectives, XIWT defines the NII in >terms of a Functional Services Framework -- a model used to characterize >the NII by function and certain key characteristics. > >According to this model, the NII has three basic components: applications, >enabling services, and physical infrastructure. Together, these components >include all the NII's information and transporting machinery, the networked >software tools that facilitate manipulation and movement of digital >information, and the information processing activities of NII users. > >To meet the goals outlined for the NII, XIWT recommends that each of these >components be addressed in terms of functionality (what it does), trust >(the conditions under which it operates), and control (how it is managed). > >XIWT also provides a Reference Architecture Model for the NII -- a >description of the system in terms of the interconnection of the functional >elements of the system and the interfaces between them. XIWT identifies >four functional elements: 1) appliances: 2) networks; 3) resources; and 4) >control points. In addition, it identifies seven categories of interfaces >and protocols needed to integrate these elements and make them >interoperable. > >The Digital Cash report defines ways in which the NII will facilitate >existing and new forms of commerce. "It describes the functional >requirements and technical options for conducting everyday financial >transactions in networked electronic settings with the ease and certainty >of today's cash economy -- and with more security and control," said Dan >Schutzer of Citibank who chairs the XIWT Applications Services Working >Team. > >"The flexibility and choice implicit in the architecture we have described >will be a boon to the users of the NII and provide a challenging but >fertile business environment for savvy companies in many different >industries," said Niel Ransom of BellSouth, who chairs the XIWT >Architecture Working Team. "The members of XIWT are committed to making it >happen." > >The XIWT papers quickly received praise from the White House. "By bringing >together the views and technical recommendations of such a diverse group of >U.S. companies, the XIWT has made significant progress in moving the work >on the NII another important step forward." said Vice President Al Gore. >"We commend the work they have done so far and urge them to continue >working to define the technical aspects of the NII." > >The Cross-Industry Working Team (XIWT) was formed in 1993 to develop a >technical vision for the NII, XIWT members include over forty companies >from a range of U.S. industries. Membership list attached. > >### >PLEASE NOTE: Copies of XIWT's white papers are available in hard copy or >on-line. Please call Charles N. Brownstein at 703-620-8990, or access via >Internet from the XIWT Home Page at > > >Charles N. Brownstein >Executive Director >Cross-Industry Working Team >Corporation for National Research Initiatives >1895 Preston White Drive >Suite 100 >Reston, VA 22091 > >Tel: (703) 620-8990 >Fax: (703) 620-0913 > >Internet: cbrownst at cnri.reston.va.us > > > > > > ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From sq0nk at alt.anonymous.messages Thu Sep 15 11:35:36 1994 From: sq0nk at alt.anonymous.messages (Random Factor) Date: Thu, 15 Sep 94 11:35:36 PDT Subject: RC4 compatibility testing In-Reply-To: <199409151526.IAA01380@jobe.shell.portal.com> Message-ID: <199409151622.AA08198@xtropia> -------- -----BEGIN PGP SIGNED MESSAGE----- > Date: Thu, 15 Sep 1994 08:26:18 -0700 > From: Hal > > don't they have one year from the date of first publication to apply for > a patent? that's in the us. many countries do not recognize post-publication patents. > It seems that this could count as first publication could someone who knows comment on what us patent law considers publication? > As I said before, the NSA has indicated similar plans if Clipper is > ever reverse engineered. if they did, would it be legal to use unlicensed free software for-educational- purposes-only implementations imported to the us from europe? randy -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLnhz081Uod4Abd1NAQHn8QQAimSPIcRBpFICYDskN1bpqsrlfoykVcTu lxLDwECfKy7/4Z2QWGjne5hrYMwCgcTdV6AjqCmTvV3h0nlEFXqx2Ky4HNWuV8i6 TogXGutjnJO+DAg62FkWkOnEsrq0tez2WOjsDneGjlGBTBwD1uFk29J5/TF092GZ 98Yc0ZDduVE= =ut2E -----END PGP SIGNATURE----- -- Random Factor to send me private mail, post an article pgp encoded for 0x006DDD4D to alt.anonymous.messages. my key is available from public servers. From karn at unix.ka9q.ampr.org Thu Sep 15 11:39:29 1994 From: karn at unix.ka9q.ampr.org (Phil Karn) Date: Thu, 15 Sep 94 11:39:29 PDT Subject: Running PGP on Netcom (and Similar) In-Reply-To: <199409141543.LAA25195@bwh.harvard.edu> Message-ID: <199409151822.LAA00459@unix.ka9q.ampr.org> This discussion is ridiculous. If you can crunch keys on your own trusted machine, why not just run PGP there? Or at least the RSA secret key operations? I've been saying for a long time that there is a role for the latter device. It would hold your PGP secret key and do all RSA secret key operations (signing, decryption) locally, taking requests from and communicating the results back to hosts running PGP that do the rest: RSA public key operations such as signature verification and encryption, and IDEA encryption/decryption. Ideally this device would be a smart card, but a small palmtop might make a good prototype (except for speed). The big win is in much better protection of the RSA secret key; it would never have to leave the device, except perhaps in encrypted form for backup. By plugging this device into a (possibly hacked) host you could use your RSA key without risking all of the traffic you have ever protected or will protect with a particular RSA secret key if that particular host happens to be compromised. But any traffic that passed through the hacked host would still be compromised, as it would if the link between the secret key device and the host were tapped. There's simply nothing you can do about it. Phil From cme at tis.com Thu Sep 15 11:55:52 1994 From: cme at tis.com (Carl Ellison) Date: Thu, 15 Sep 94 11:55:52 PDT Subject: thoughts on RC4 In-Reply-To: <199409151735.KAA14334@comsec.com> Message-ID: <9409151853.AA26875@tis.com> >Date: Thu, 15 Sep 94 10:52:03 EDT >From: perry at imsi.com (Perry E. Metzger) >Can anyone see any reason why one could not change RC4 to >being a word oriented stream cipher, call it "ERC4"? Alleged-RC4 (1) requires that the table be a permutation and (2) might base security on the fact that the table is itself permuted beyond recognition after a small number of inputs. (1) You could conceivably go to an array of 65K short values and retain the permutation but I wouldn't try to go to an array of longs. I don't have 32GB of RAM on my workstation. (2) With a longer array, the amount of input until the array is indistinguishable from the one with which you started is proportionally longer. I don't know if that means that shorter arrays are more secure, but it's worth taking a look at. - Carl From cme at tis.com Thu Sep 15 11:59:51 1994 From: cme at tis.com (Carl Ellison) Date: Thu, 15 Sep 94 11:59:51 PDT Subject: if this is RC4 Message-ID: <9409151857.AA27191@tis.com> Assuming for the moment that alleged-RC4 came from the keyboard of Ron Rivest, my question is whether to look at this as an amateur cipher from a famous cryptologist -- or as a carefully designed cipher from a professional. If it's the latter, we should probably look for some underlying strengths the way the community picked apart S-box design rules years ago. - Carl From perry at imsi.com Thu Sep 15 12:01:30 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Sep 94 12:01:30 PDT Subject: e$: Multi-Industry Coalition Framework - NII (fwd) In-Reply-To: <199409151828.OAA18852@zork.tiac.net> Message-ID: <9409151901.AA05248@snark.imsi.com> Robert Hettinga says: > Thought you folks would want to see this... > > >PRESS RELEASE > > > >FOR IMMEDIATE REALEASE CONTACT: Charles N. Brownstein > >September 12, 1994 703-620-8990 > > > >MULTI-INDUSTRY COALITION SETS TECHNICAL FRAMEWORK > >FOR THE NATIONAL INFORMATION INFRASTRUCTURE I just read this document online -- it is one of the most remarkably clueless pieces of trash I've seen. I could have written better in two hours. This "white paper", obviously written by someone with minimal technical knowledge of how cryptographic money transfer systems could work, contains virtually no details and only "gee, wouldn't it be nice ifs", many of which are braindead. I'm glad to know that Al Gore is praising it, though. Feh. .pm From perry at imsi.com Thu Sep 15 12:06:52 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Sep 94 12:06:52 PDT Subject: if this is RC4 In-Reply-To: <9409151857.AA27191@tis.com> Message-ID: <9409151906.AA05269@snark.imsi.com> Carl Ellison says: > Assuming for the moment that alleged-RC4 came from the keyboard of Ron > Rivest, Well, from his mind -- its probably a reverse engineering job. It looks like it may be interoperable, which would imply that its real... > my question is whether to look at this as an amateur cipher from a > famous cryptologist -- or as a carefully designed cipher from a > professional. Hard to tell. Its remarkably simple -- the simplest cypher I've seen in some time. It obvioously needs to be studied in detail. The possible excitement comes from its speed... .pm From m5 at vail.tivoli.com Thu Sep 15 12:21:33 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Thu, 15 Sep 94 12:21:33 PDT Subject: thoughts on RC4 In-Reply-To: <199409151735.KAA14334@comsec.com> Message-ID: <9409151921.AA28584@vail.tivoli.com> Carl Ellison writes: > >Can anyone see any reason why one could not change RC4 to > >being a word oriented stream cipher, call it "ERC4"? > > (1) You could conceivably go to an array of 65K short values and retain the > permutation but I wouldn't try to go to an array of longs. I don't have > 32GB of RAM on my workstation. Perhaps some improvement on RISC architectures could be achieved by using four arrays, 32 bits wide by 256 entries long. The arrays would mirror the single array in the original code, except that the "interesting" byte would be at a different position in each. Then, the main encryption loop could be unwound so that you'd do four operations to each word, one from each array to hit the four bytes. (You'd do the increment/swap between each one.) This *might* be worthwhile. (On an Alpha, you'd have 8 arrays...) | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From karn at unix.ka9q.ampr.org Thu Sep 15 13:09:34 1994 From: karn at unix.ka9q.ampr.org (Phil Karn) Date: Thu, 15 Sep 94 13:09:34 PDT Subject: The Importance of Filtering In-Reply-To: <199409141915.MAA19709@netcom11.netcom.com> Message-ID: <199409151957.MAA00506@unix.ka9q.ampr.org> >I sympathize with the concerns of Phil Karn and others, but let me >give a warning about this. The Extropians list, when I was on it, had >about the same volume at its peak that we now have, about 50-100 >messages a day. Much debate about S/N ensued, much talk about charging >a fee for posting, about setting up quotas, about about official >reputation markets. At least 20% of all list traffic in some weeks was >devoted to kvetching about this problem. This is not what I asked for. I already have a pretty good filter: it's called "grep". Plus a few friends have volunteered to forward the occasional worthwhile article to me by private email. All I wanted was an alternate transmission mechanism - complete archives on demand by anonymous FTP rather than automatically by email. Is this so difficult? Even if I used Eudora regularly (which I don't), the problem wouldn't get much better. In some ways it would get even worse. Eudora is very nice for those who travel frequently: you can download mail in a big batch whenever you can find a phone, read and edit it offline (e.g., during a flight), and then transmit your responses when you find another phone. The problem, of course, is the severely limited bandwidth of the phone link. Sometimes I only have 10 minutes between flights. I simply don't want to waste the time downloading the day's several megabytes of cypherpunk flamage. Filtering it out after I've received it doesn't help me. Some have suggested netnews relays. This is not sufficient either, given that most sites I know keep news for only a few days to keep their disk space requirements within reason. Is it so hard to add an entry to the cypherpunks list on toad.com so that every message can be appended to a file in the anonymous FTP area? It's not like it has never been done before...but perhaps that's what makes it uninteresting to this group. Phil From danisch at ira.uka.de Thu Sep 15 13:59:08 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Thu, 15 Sep 94 13:59:08 PDT Subject: (fwd) A new PGP Message-ID: > > This posting is a call for participation in a complete rehash of PGP to > > parallel the existing PGP effort in the US. All contributions are welcome, > > although any cryptographic material from the US won't be usable by anyone else, > > so it'd be best if all crypto work was done outside the US. I am working on a crypto package. It will be able to read and write Selane, PEM and PGP messages and to handle (and convert where possible) all keys. I am writing in C++. And I am sitting in Germany. ;-) Who is interested in discussing the design of such a program? BTW: Who defines new tags in the PGP format? Phil Zimmermann? Hadmut Danisch E.I.S.S. (European Institute for System Security, University of Karlsruhe) From conference94 at bionomics.org Thu Sep 15 14:12:50 1994 From: conference94 at bionomics.org (conference94/Bionomics) Date: Thu, 15 Sep 94 14:12:50 PDT Subject: ANNOUNCEMENT: Bionomics 2nd Annual Conference, "The Next Economy- An Evolving Information Ecosystem" Message-ID: <9409152318.AA1072@notes.worldcom.com> CONFERENCE ANNOUNCEMENT * * * * * * * * * * * * * * * * * * * * * * * * * * "World class... I found the spontaneous cross-pollination of ideas extremely valuable." (Gilbert F. Amelio, President and CEO, National Semiconductor) How is NEW TECHNOLOGY transforming the economy? How will IT alter the fundamental qualities of economic life? Come explore the truths and consequences of the infoweb with us. Because 19th Century answers can't solve 21st Century problems. You are invited to attend the Bionomics Institute's 2nd Annual Conference: The Next Economy - An Evolving Information Ecosystem October 21-22,1994 San Francisco Marriott "It will rock your world." (Bill Melton, Founder & Former Chairman, Verifone) This two day event brings together leading-edge thinkers and doers from a remarkable variety of disciplines for fresh insights into the technological, economic, and political implications of the epochal shift from the Machine Age to the Information Age. Who We Are * * * * * * * * * * * * * * * * * * * * * * * * * * "Outstanding!" (Irwin Glenn, Principal Technologist, Massively Parallel Processing, Oracle Corporation) At The Bionomics Institute, we provide new ways to envision the emerging Information Age economy and the changes it will bring to our personal lives, business strategies and public policy. We'll help you comprehend what is happening and navigate the uncharted territory ahead. Please join keynote speakers >>>Walter Williams, leading free-market thinker, economist and defender of personal liberty. Prof. Williams has a nationally syndicated newspaper column and is regularly featured on *Nightline*, *Face the Nation*, *Crossfire*, *Nightly Business Report*, *Wall St. Week* and *MacNeil-Lehrer*. >>>Tom Ray, artificial life pioneer, evolutionary biologist, and creator of the first Internet reserve for the evolution of digital organisms. Prof. Ray's groundbreaking work has been featured in *Newsweek*, *Science*, *Wired*, *The Economist* and many other publications. as well as >>John Perry Barlow, co-founder, Electronic Frontier Foundation, leading defender of Information Age privacy >>Admiral John Donegan (ret.), Commander, Naval Command, Control and Ocean Surveillance Center >>James Dowe, President, Excalibur Technologies >>Jeffrey Eisenach, President, Progress and Freedom Foundation >>Dee Hock, founder and CEO emeritus, VISA >>Bernardo Huberman, Area Manager, Dynamics of Computation Group, Xerox Palo Alto Research Center >>Brewster Kahle, Pres. WAIS Inc., premier Internet navigation technology >>Joel Kotkin, author of *TRIBES: How Race, Religion & Identity Determine Success in the New Global Economy* >>Don Lavoie, Director, Program on Social & Org'l Learning, George Mason Univ. >>Axel Leijonhufvud, Director, Center for Computable Economics, UCLA >>Randal O'Toole, Director & forest economist, Cascade Holistic Economic Consultants >>Virginia Postrel, Editor, *Reason* magazine- "Free Minds & Free Markets" >>Michael Rothschild, author of Bionomics, columnist for *Forbes ASAP* and *Upside* and some of the smartest people you've never heard of. For those who still need convincing * * * * * * * * * * * * * * * * * * * * * * * * * * If you weren't there last year, you already missed one conference that "Is the second best conference I attend each year." (Dan Lynch, Chairman and Founder, INTEROP conference, Sante Fe Institute Trustee) "Provided more info in five minutes than seven days of a standard business conference." (Dave Padden, Founder, Heartland Institute, and Board Member, Cato Institute) "Taught us lessons we use every day." (Leo Linbeck, Jr., Chairman & CEO, Linbeck Corporation, and former Chairman, Federal Reserve Bank of Dallas) "Was one of the most well organized and exciting programs I have ever attended." (John Baden, Chairman, Foundation for Research on Economics & the Environment) Has a "high-powered exchange of ideas...during two intense days." (Robert Poole, Jr., President, Reason Foundation) Don't miss another. SIGN ME UP! * * * * * * * * * * * * * * * * * * * * * * * * * * San Francisco Marriott October 21-22, 1994 Become a sponsor and receive an invitation to the VIP speakers' reception before the conference and a special mention in the program, as well as your conference attendance (and The Bionomics Institute's deepest gratitude). $1,000 Sponsor $ 345 Regular $ 295 Early (by 9/15) $ 100 Student/Non-Profit Register by 9/15 (VISA/Mastercard/Checks) and receive $50 off plus a copy of "Pre-existing Condition" -- a bionomic analysis of health care policy The Bionomics Institute 415/454-1000 (voice) 415/454-7460 (fax) Conference94 at Bionomics.org Please email, fax or phone the following information Name: Title: Organization: Address1: Address2: Address3: Voice: Fax: Credit Card: Expiration: TOTAL AMOUNT ($): * * * * * * * * * * * * * * * * * * * * * * * * * * The Economy: It's Alive! From hfinney at shell.portal.com Thu Sep 15 14:21:00 1994 From: hfinney at shell.portal.com (Hal) Date: Thu, 15 Sep 94 14:21:00 PDT Subject: The Importance of Filtering In-Reply-To: <199409151957.MAA00506@unix.ka9q.ampr.org> Message-ID: <199409152120.OAA27178@jobe.shell.portal.com> Phil Karn writes: >Is it so hard to add an entry to the cypherpunks list on toad.com so >that every message can be appended to a file in the anonymous FTP >area? It's not like it has never been done before...but perhaps that's >what makes it uninteresting to this group. Script started on Thu Sep 15 14:11:52 1994 jobe% telnet toad.com 25 Trying 140.174.2.1 ... Connected to toad.com. Escape character is '^]'. HELO 220 toad.com Sendmail 4.1/Gnu-smail ready at Thu, 15 Sep 94 14:12:08 PDT 250 toad.com Hello (jobe.shell.portal.com), pleased to meet you EXPN cypherpunks-outgoing 250- [hundreds of names elided] 250- 250- 250 QUIT 221 toad.com closing connection Connection closed by foreign host. jobe% exit jobe% script done on Thu Sep 15 14:13:16 1994 This suggests that there are three possible files which are already archiving the list. How frequently they are deleted is another matter. The list volume is so high that the disk space to hold much of an archive becomes a bit expensive. Still, if one of thse could be made accessible to anon ftp it might be worthwhile (if toad allows anon ftp). Hal From kafka at desert.xs4all.nl Thu Sep 15 14:35:30 1994 From: kafka at desert.xs4all.nl (Patrick Oonk) Date: Thu, 15 Sep 94 14:35:30 PDT Subject: Remailers and hobbyism & new version of software (Was: The Importance of Filtering) In-Reply-To: <199409141915.MAA19709@netcom11.netcom.com> Message-ID: <199409152135.AA13159@xs1.xs4all.nl> -----BEGIN PGP SIGNED MESSAGE----- tcmay at netcom.com (Timothy C. May) once said: TC> The filtering/reptuations/volume issue has come up again. [massive deletia] TC> (Yes, Robert Hayden did this for a few weeks. While it may not have TC> been his "fault" that it went down, it shows the generally flaky and TC> catch-as-catch-can nature of so many part-time, hobbyist systems. Like TC> the remailers that go down when the laptop running it gets taken to TC> Spain for the summer :-}. A "for profit" service, at some quarterly Well, the remailer at desert.xs4all.nl is BACK ! Note the CHANGE OF ADDRESS ! I enjoyed my time in Spain, working as a DJ and PR-person. I used the laptop only once, to look up an address.... There's also a new version of the remailer software for Waffle 1.65. The current version is now 2.02, and it supports now "Anon-To", "Anon-Alternate-ID" now (only in 'penet' mode), and it now uses the SPAWNO routines by Ralf Brown to minimize memory use while running other programs (e.g. PGP). [more deletia] greetings, Patrick == kafka at desert.xs4all.nl: Cryptoanarchy, MDMA, Tekkkno, SL-1200 == ^^^^^^^^^^^^^^^^^ NEW EMAIL ADDRESS !!!!!!!!!!!!!!!! 1024/322D0305 : F6 F1 96 54 97 F3 FF 54 49 EF BF 34 3E 3F 0C 60 512/7994F705 : 79 8E 00 DB D5 A0 8D 62 02 C0 70 EF 76 A4 21 D0 -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLng34pRymF15lPcFAQGhDAH9FJZ4/I9hQi0nflNHIHCFi5ai8y9czTpq Jm8XX0Hvv3ToULQ2+dvfmBbTPAEj3TFZnBQG27t1FuO/Q/s8sFZ64Q== =AVDV -----END PGP SIGNATURE----- From nowhere at chaos.bsu.edu Thu Sep 15 14:41:28 1994 From: nowhere at chaos.bsu.edu (Chael Hall) Date: Thu, 15 Sep 94 14:41:28 PDT Subject: [CyberCash Media hype] In-Reply-To: Message-ID: <199409152145.QAA07648@chaos.bsu.edu> > >These are my favorite paragraphs. > >1) Proprietary == secure > >2) Understanding how it works == insecure > > >-j >-- >"Blah Blah Blah" >___________________________________________________________________ >Jamie Lawrence > I disagree. Proprietary is MORE secure, but security through obscurity is no security at all. The only thing that does is separate the proverbial men from the boys. It keeps the idiots who think they can crack a system from touching it, but the people who know what they are doing will learn it rather quickly. Understanding how it works is also not necessarily insecure either. What about PGP? Would you rather use some proprietary methond that may or may not have a backdoor or may not be as secure as it is touted to be? I prefer to use something that has been proven and tested. Chael -- Chael Hall, nowhere at chaos.bsu.edu From jamiel at sybase.com Thu Sep 15 15:17:41 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Thu, 15 Sep 94 15:17:41 PDT Subject: [CyberCash Media hype] Message-ID: Uh, I was paraphrasing the conclusions of the article in order to convey that the authors clearly have no clue about security software. I (incorrectly) thought there was sufficient sarcasm in my post to convey that. Question - where did the below-highlighted opinion come from? Also, I do disagree with your statement "security through obscurity is no security at all." A rather high degree of security can be had through obscurity, but it is often entirely unpredictable whether or not a particlar 'obscurity method' will be secure or not (any 15 year old hiding cigarettes under the bed can attest to that). I see this as an extension of the pricipals underlying modern crypto - it could be that a factoring attack on RSA is possible but really obscure. It is simply an example of more predictable security through obscurity. Perhaps I'm pushing definitions a little too far here. At 2:45 PM 9/15/94, Chael Hall wrote: >> >>These are my favorite paragraphs. >> >>1) Proprietary == secure >> >>2) Understanding how it works == insecure > > I disagree. Proprietary is MORE secure, but security through ^^^^^^^^^^^^^^^^^^^^^^^^^^ >obscurity is no security at all. The only thing that does is separate >the proverbial men from the boys. It keeps the idiots who think they >can crack a system from touching it, but the people who know what they >are doing will learn it rather quickly. > > Understanding how it works is also not necessarily insecure either. >What about PGP? Would you rather use some proprietary methond that may >or may not have a backdoor or may not be as secure as it is touted to >be? I prefer to use something that has been proven and tested. > >Chael -j -- "It's a question of semantics, and I've always been rather anti- semantic." -Gene Simmons ___________________________________________________________________ Jamie Lawrence From exabyte!gedora!mikej2 at uunet.uu.net Thu Sep 15 15:41:47 1994 From: exabyte!gedora!mikej2 at uunet.uu.net (Mike Johnson second login) Date: Thu, 15 Sep 94 15:41:47 PDT Subject: thoughts on RC4 In-Reply-To: <199409151705.NAA00703@orchard.medford.ma.us> Message-ID: On Thu, 15 Sep 1994, Bill Sommerfeld wrote: > > I wonder if the NSA would approve it? I think it was Bill Sommerfield > > who pointed out that it was a little curious that NSA approves RC4 with a > > 40 bit key when hardware-assisted search like the DES key cracker would > > appear to be impractical. > > Actually, I'm not sure that it's that impractical, but I don't know a > heck of a lot about VLSI or hardware design. A fully pipelined chip > would require significantly more more chip area than the DES cracker, > but you probably don't need that. I'm pretty sure you could make a > blazingly fast, non-pipelined, chip with a "key setup" unit and then a > "trial encrypt" unit which run in parallel; you clock the key setup > unit 256 times to set up the key, then the key gets fed to the trial > encrypt unit where it gets tried against the known > plaintext/ciphertext pair.. >... Don't forget the precomputation attack. The key setup only has to be done 2^40 times, ever. The initial state of the stream cipher can be stored on a set of tapes that are read in parallel to perform the brute force attack. From perry at imsi.com Thu Sep 15 15:50:59 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 15 Sep 94 15:50:59 PDT Subject: thoughts on RC4 In-Reply-To: Message-ID: <9409152250.AA05600@snark.imsi.com> Mike Johnson second login says: > Don't forget the precomputation attack. The key setup only has to be done > 2^40 times, ever. The initial state of the stream cipher can be stored on > a set of tapes that are read in parallel to perform the brute force > attack. You may be interested to know that the SPA/NSA agreement covered this; you are allowed to use a 40 bit "salt" thats appended to the key when you use RC4 in an exported application provided the salt is sent along with the message. .pm From Ron_Bardarson at smtp.esl.com Thu Sep 15 16:22:16 1994 From: Ron_Bardarson at smtp.esl.com (Ron Bardarson) Date: Thu, 15 Sep 94 16:22:16 PDT Subject: Re- PRIVACY REGULATIONS Message-ID: Mail*Link� SMTP Re: PRIVACY REGULATIONS I've upload the text files containing a sample Writ of Habeus Corpus to wimsey. They compress down to 20 K and a 60 K post seemed inappropriate. Look in /uploads for habeus.zip at ftp.wimsey.bc.ca From karn at qualcomm.com Thu Sep 15 16:24:17 1994 From: karn at qualcomm.com (Phil Karn) Date: Thu, 15 Sep 94 16:24:17 PDT Subject: RC4 compatibility testing In-Reply-To: <9409151556.AA04764@snark.imsi.com> Message-ID: <199409152323.QAA19842@servo.qualcomm.com> >Basically, what you do is use administrative tricks to delay the >patent from being issued for as many years as possible -- sometimes >decades -- while the idea becomes popular and gets incorporated into >lots of products. Patent applications in the U.S. are kept secret by FYI, there's a bill pending in the Senate that would change the term of a US patent from 17 years from grant to 20 years from filing. The specific intent is to deal with "submarine" patents. I understand it has already become quite controversial... Phil From blancw at microsoft.com Thu Sep 15 16:44:19 1994 From: blancw at microsoft.com (Blanc Weber) Date: Thu, 15 Sep 94 16:44:19 PDT Subject: PRIVACY REGULATIONS (A Matter of Form) Message-ID: <9409152343.AA16689@netmail.microsoft.com> From: Duncan Frissell >> Can't you free yourself from jail with a writ of habeas corpus ad >> subjiciendum from John Doe? > >But you have to know how to write one. > >brad > But if you proceed "in forma pauperis" you don't need to know how to write one. ............................................................................. Must a person carry around a legal dictionary in order to have all the right terms to use just in case they are put in jail and to need to select the proper procedure? (What shall it be: habeas corpus? subjuciendum? forma pauperis? I'm so confused.) "Don't leave home without it." Blanc From cactus at bb.com Thu Sep 15 17:12:44 1994 From: cactus at bb.com (L. Todd Masco) Date: Thu, 15 Sep 94 17:12:44 PDT Subject: The Importance of Filtering In-Reply-To: <199409151957.MAA00506@unix.ka9q.ampr.org> Message-ID: <35ao5k$lc0@bb.com> In article <199409151957.MAA00506 at unix.ka9q.ampr.org>, Phil Karn wrote: >Some have suggested netnews relays. This is not sufficient either, >given that most sites I know keep news for only a few days >to keep their disk space requirements within reason. Just FYI: hks.lists.cypherpunks on bb.com's NNTP server goes back to July 16th: We're not expiring it, and don't plan to in the near future. I could make it available for ftp, or even sup, if at least several folks were interested. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From cactus at bb.com Thu Sep 15 17:17:36 1994 From: cactus at bb.com (L. Todd Masco) Date: Thu, 15 Sep 94 17:17:36 PDT Subject: The Importance of Filtering In-Reply-To: <199409151957.MAA00506@unix.ka9q.ampr.org> Message-ID: <35aoe2$lg6@bb.com> In article <199409152120.OAA27178 at jobe.shell.portal.com>, Hal wrote: >The list volume is so high that the disk space to hold much of an >archive becomes a bit expensive. Still, if one of thse could be made >accessible to anon ftp it might be worthwhile (if toad allows anon ftp). Let's not get too silly here: disk space is cheap. The aforementioned bb.com cypherpunks newsgroup takes up 7 megs right now, since July 16, and that's not even compressed (one of these days, I'll take care of that). That's $5 at current disk prices. I'm certainly willing to shell out $2.50/month to keep all of cypherpunks around: I frequently grep for references. No, it's bandwidth of a gazillion cypherpunks getting the material that worries me... but we'll live with it. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From merriman at metronet.com Thu Sep 15 18:05:09 1994 From: merriman at metronet.com (David K. Merriman) Date: Thu, 15 Sep 94 18:05:09 PDT Subject: PRIVACY REGULATIONS (A Matter of Form) Message-ID: <199409160103.AA19490@metronet.com> >From: Duncan Frissell > > >> Can't you free yourself from jail with a writ of habeas corpus ad > >> subjiciendum from John Doe? > > > >But you have to know how to write one. > > > >brad > > > >But if you proceed "in forma pauperis" you don't need to know how to write one. >............................................................................. > >Must a person carry around a legal dictionary in order to have all the >right terms to use just in case they are put in jail and to need to >select the proper procedure? > >(What shall it be: habeas corpus? "produce (release?) the body" subjuciendum? "Show why" (????) forma pauperis? "that's not my regular job" (????) Now you know _part_ of the reason lawyers get away with charging a bazillion dollars an hour. That's okay, though, 'cause most lawyers probably think a hash is either fried potatoes or involves corned (or roast) beef :-) It's a matter of the lingua franca of the profession. :-> Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From ianf at wiley.sydney.sgi.com Thu Sep 15 18:25:33 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Thu, 15 Sep 94 18:25:33 PDT Subject: if this is RC4 In-Reply-To: <9409151906.AA05269@snark.imsi.com> Message-ID: <9409161122.ZM2097@wiley.sydney.sgi.com> On Sep 15, 3:06pm, Perry E. Metzger wrote: > > Assuming for the moment that alleged-RC4 came from the keyboard of Ron > > Rivest, > Well, from his mind -- its probably a reverse engineering job. It > looks like it may be interoperable, which would imply that its real... If it is, then the person who did it has gone to a lot of trouble to make the source layout and coding style very similar to the publicly available MD[245] sources. Compare them and you'll see what I mean. One of the original reasons I thought that this was a fake was the similarity (adds credibility), but when it was verified I began to think that this is, in fact, the real source from RSADSI. I don't think that this is a reverse engineering job, because I can't see any motive for anyone to put the work into making the code look so similar. > Hard to tell. Its remarkably simple -- the simplest cypher I've seen > in some time. It obvioously needs to be studied in detail. The > possible excitement comes from its speed... I think that we must bear in mind that most of us are familiar with block ciphers, and that there aren't a lot of stream ciphers out there which are widely used right now. The only others I know of are the various LFSR's (which are pretty simple themselves), and that alleged early prototype A5 (which was itself a group of LSFR's too). Ian. From nzook at bga.com Thu Sep 15 19:05:58 1994 From: nzook at bga.com (Nathan Zook) Date: Thu, 15 Sep 94 19:05:58 PDT Subject: Wiretap Emergency Message-ID: I just spoke with Joe Barton (R) from Texas about the FBI wiretap bill. He is on a subcommittee that is hearing the bill. He has heard _no_ citizen opposition to it. I was not prepared, but he did invite me to send him my concerns :-D Congressman Joe Barton 1514 Longworth Building Washington, D.C. 20515 p:202-225-2002 f:202-225-3052 Folks, if we can generate a few hundred calls and well-thought-out faxes tommorrow, we might have some effect. I don't know a lot about him, but he seemed to be of the opinion that he didn't really know that much about the bill. It's up to us to educate him. Nathan From vznuri at netcom.com Thu Sep 15 20:07:49 1994 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Thu, 15 Sep 94 20:07:49 PDT Subject: privacy in Unix environment Message-ID: <199409160307.UAA29221@netcom6.netcom.com> Hello everyone, here is a question well suited for the c'punks. I'm looking for some kind of utility that will allow script files to be run, to spawn off processes, but will wipe out environment and "ps" info from being read. i.e. imagine that the commands being called must shield their arguments and environment from the "ps" command run on a system. the ideal program would let me run csh scripts but make all the unix commands called (sort, grep, whatever) invisible to other users on my local system. can it be done? note: I am aware of the trick of using symbolic links to hide command names. tx. bye From warlord at MIT.EDU Thu Sep 15 20:31:36 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Thu, 15 Sep 94 20:31:36 PDT Subject: privacy in Unix environment In-Reply-To: <199409160307.UAA29221@netcom6.netcom.com> Message-ID: <9409160331.AA14761@toxicwaste.media.mit.edu> This depends on the OS. On some Operating Systems, you can overwrite the arguments and that will clear the PS listing. On other systems, however, the environment variables and process listings are kept in different memory than that of the process, so you cannot have a process hide its arguments. I hope this helps -derek From sdw at lig.net Thu Sep 15 20:38:11 1994 From: sdw at lig.net (Stephen D. Williams) Date: Thu, 15 Sep 94 20:38:11 PDT Subject: privacy in Unix environment In-Reply-To: <199409160307.UAA29221@netcom6.netcom.com> Message-ID: > > Hello everyone, here is a question well suited for the c'punks. > I'm looking for some kind of utility that will allow script files > to be run, to spawn off processes, but will wipe out environment > and "ps" info from being read. i.e. imagine that the commands > being called must shield their arguments and environment from > the "ps" command run on a system. the ideal program would let > me run csh scripts but make all the unix commands called > (sort, grep, whatever) invisible to other users on my local > system. > > can it be done? Sure: 1) rewrite ps. Since it's setuid for kmem versions, noone else should be able to use a real one. 2) rewrite device driver for /proc/ps versions. You could argue that in some situations, users should only see their own processes (very few situations). > note: I am aware of the trick of using symbolic links to hide > command names. > > tx. > bye > > -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 510 503-9227APager LIG dev./sales Internet: sdw at lig.net In Bay Area Aug94-Feb95!!! OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Internet Consulting ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Newbie Notice: I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru. From vznuri at netcom.com Thu Sep 15 21:03:07 1994 From: vznuri at netcom.com (Vladimir Z. Nuri) Date: Thu, 15 Sep 94 21:03:07 PDT Subject: reputation credit 3/3 In-Reply-To: <199409101958.PAA01656@bwh.harvard.edu> Message-ID: <199409160401.VAA05194@netcom6.netcom.com> I am replying to a message by A.Shostack about reputation systems. I regret that I will probably be unable to follow all aspects of this thread due to "engagements" but the dialogue so far has been fascinating (is anyone archiving cypherpunks for future historians? seems like it would be *hot* material when the world transitions to a "Cyberspatial Reality" (can't remember where I saw that term...) anyway, a few paragraphs caught my eye. >What if >Alice can say "I think David is a fanatic. I also think David is a >windbag." and she says these things in such a way that they can be >automatically responded to by software? This would require a carefully >chosen list of opinions that the system would support. If you had too >many opinions, then the system would be worthless, because, in all >probability, people would pick different descriptors, and the >information would not correlate into anything useful. The list could >probably be fairly short, allowing for terms like windbag, funny, >fanatical, reasonable, knowledgeable, trustworthy. there is a lot of merit in the simple idea you write about above, and I think it deserved to be explored by some "mad programmer" with enough coding talent and free time on his hands. any takers? > But any >system of personal reputations would fail, because bad mouthing >someone with a digital reputation is an open act. Very few people >would talk about Alice in a negative light if they know she will hear >about it. And even if they do want to, there doesn't need to be an >automated system to make it easier. it seems to me that a lot of good ideas are dismissed here for the wrong reasons. what is one man's junk can be another man's gold. for example, suppose such a system as you indicate is in place. I can easily imagine that people would *love* to publicly trash other's people's reputations as a way of saying "I hate his guts, and I hope everyone else will not listen to him." public *negative* reputations are very important and are already quite ubiquitous in my opinion. they are the means by which a society exerts force on the individual to conform to social norms. and as reprehensible as that sounds to some of you, you cannot deny that exactly this mechanism is employed on the cypherpunks by e.g. TCMay et.al. i.e. the way TCMay loudly *****PLONKED***** someone recently, complaining about "fools and lightweights" for the sin of sending him an encrypted message that didn't contain any interesting criminal instigations so this public broadcasting, this "*****PLONK*****" is often quite public, and you are quite mistaken in thinking people would shy away from it, those with the greatest reputations use it as a method of coercion, in a sense, a kind of cyberspatial peer pressure! "if you want to be my friend, you can't be his friend". this might be called the Larry Detweiler effect, although it appears to me he has been getting far to much credit lately, maybe the cypherpunk reputation servers have been hacked >The big question in my >mind is how to get people to feed enough information into it to seed >the system? Once it gets started, it will run for a while on slow >growth, and then explode at some random point. (Probably right after >a serious design bug is discovered. :) After it explodes in terms of >use, it will be self-perpetuating because of its usefulness. I was saying to A.S. in private mail that I thought it was a pity that the cypherpunks didn't invent something like WWW that has really taken off. For example, If remailers are the natural role of future cyberspace, why haven't they caught on? I think because there is no incentive for an operator to run one, and in fact quite a lot of disincentive (who want to get the message "postmaster: please yank this account for sending trash). the best cyberspatial technologies have an inherent incentive to everyone that comes in contact with them, operators in particular (example: NNTP servers are fun for news admins to read, WWW pages are easy to install and act like miniature bulletin boards to get responses, etc). maybe the all-important role of anonymity and pseudonymity could gain widespread acceptance by "piggybacking" some other amazingly desirable system (such as reputation systems). but I really agree with A.S. that the "self-perpetuating explosion" is critial to new cyberspatial technology. it is like a meme spreading, like people latching on to the latest Billboard hit. A lot of the cypherpunk *ideas* have caught on like this, e.g. PGP, privacy, etc. but I would like to see a total *cypherpunk* software creation reach the Cyberspatial Hall of Fame (the anon.penet.fi remailer comes pretty darned close, but it is just one site.. and pgp, well Phil Zimmerman has said at times he's *not* a cypherpunk, because he wears suits ). maybe reputation systems will be the cypherpunk magic bullet. that makes me wonder: did Julf build his server after being inspired by the cypherpunks? or did he get the idea somewhere else? well, I have dropped a lot of hints in this message, and I have asked some people to agree to nondisclosure agreements on related issues, and it would be a bit hypocritical for me to say much more, so I probably won't elaborate much further than what I've said above for awhile. Mostly I wanted to give Adam Shoestack some credit for some good ideas. bye Vladimir Z Nuri vznuri at netcom.com ``Imagination is more important than knowledge.'' (Einstein) From wessorh at ar.com Thu Sep 15 21:13:31 1994 From: wessorh at ar.com (Rick H. Wesson) Date: Thu, 15 Sep 94 21:13:31 PDT Subject: Wiretap Emergency Message-ID: <199409160411.VAA21058@ar.com> I believe you can write your congress person via E-Mail to FirstName.LastName at house.gov I was told it was up and running but I may be incorrect... -Rick From wessorh at ar.com Thu Sep 15 21:17:44 1994 From: wessorh at ar.com (Rick H. Wesson) Date: Thu, 15 Sep 94 21:17:44 PDT Subject: Wiretap Emergency Message-ID: <199409160415.VAA21075@ar.com> mail -v -s "This is a test." Barton.Joe at house.gov < test ibd{wessorh}150: Warning: alias database /etc/mail/aliases.pag out of date Barton.Joe at house.gov... Connecting to mercury.house.gov. (smtp)... 220-mercury.house.gov mail server ready at Fri, 16 Sep 1994 00:15:25 -0400 220 ESMTP spoken here >>> EHLO ar.com 250-mercury.house.gov Hello ar.com (internex-ibd.ar.com), pleased to meet you 250-HELP 250-SIZE 1714821120 250-8BITMIME 250-XONE 250 XQUE >>> MAIL From: SIZE=118 250 ... Sender ok >>> RCPT To: 250 ... Recipient ok >>> DATA 354 Enter mail, end with "." on a line by itself >>> . 250 AA187868926 Message accepted for delivery Barton.Joe at house.gov... Sent (AA187868926 Message accepted for delivery) Closing connection to mercury.house.gov. >>> QUIT 221 mercury.house.gov closing connection OK Lets get to work boys and girls..... -Rick From wessorh at ar.com Thu Sep 15 21:29:47 1994 From: wessorh at ar.com (Rick H. Wesson) Date: Thu, 15 Sep 94 21:29:47 PDT Subject: Wiretap Emergency; House E-Mail addresses Message-ID: <199409160427.VAA21105@ar.com> UNITED STATES HOUSE OF REPRESENTATIVES CONSTITUENT ELECTRONIC MAIL SYSTEM We welcome your inquiry to the House of Representatives Constituent Electronic Mail System. Currently, fortythree Members of the U.S. House of Representatives have been assigned public electronic mailboxes that may be accessed by their constituents. The nature and character of the incoming electronic mail has demonstrated that this capability will be an invaluable source of information on constituent opinion. We are now in the process of expanding the project to other Members of Congress, as technical, budgetary and staffing constraints allow. A number of House committees have also been assigned public electronic mailboxes. The names and electronic mailbox addresses of these committees are listed below after the information about participating Representatives. Please review the list of participating Representatives below, and if the Congressional District in which you reside is listed, follow the instructions below to begin communicating by electronic mail with your Representative. If your Representative is not yet on-line, please be patient. U.S. REPRESENTATIVES PARTICIPATING IN THE CONSTITUENT ELECTRONIC MAIL SYSTEM. Hon. Thomas E. Andrews 1st Congressional District, Maine Rm. 1530 Longworth House Office Building Washington, DC 20515 TANDREWS at HR.HOUSE.GOV Hon. Joe Barton 6th Congressional District, Texas Rm. 1514 Longworth House Office Building Washington, DC 20515 BARTON06 at HR.HOUSE.GOV Hon. Sherwood Boehlert 23rd Congressional District, New York Rm. 1127 Longworth House Office Building Washington, DC 20515 BOEHLERT at HR.HOUSE.GOV Hon. Dave Camp 4th Congressional District, Michigan Rm. 137 Cannon House Office Building Washington, DC 20515 DAVECAMP at HR.HOUSE.GOV Hon. Maria Cantwell 1st Congressional District, Washington Rm. 1520 Longworth House Office Building Washington, DC 20515 CANTWELL at HR.HOUSE.GOV Hon. John Conyers, Jr. 14th Congressional District, Michigan Rm. 2426 Rayburn House Office Building Washington, DC 20515 JCONYERS at HR.HOUSE.GOV Hon. Sam Coppersmith 1st Congressional District, Arizona 1607 Longworth House Office Building Washington, DC 20515 SAMAZ01 at HR.HOUSE.GOV Hon. Peter Defazio 4th Congressional District, Oregon 1233 Longworth House Office Building Washington, DC 20515 PDEFAZIO at HR.HOUSE.GOV Hon. Peter Deutsch 20th Congressional District, Florida Rm. 425 Cannon House Office Building Washington, DC 20515 PDEUTSCH at HR.HOUSE.GOV Hon. Jay Dickey 4th Congressional District, Arkansas Rm. 1338 Longworth House Office Building Washington, DC 20515 JDICKEY at HR.HOUSE.GOV Hon. Vernon Ehlers 3rd Congressional District, Michigan Rm. 1526 Longworth House Office Building Washington, DC 20515 CONGEHLR at HR.HOUSE.GOV Hon. Anna Eshoo 14th Congressional District, California Rm. 1505 Longworth House Office Building Washington, DC 20515 ANNAGRAM at HR.HOUSE.GOV Hon. Elizabeth Furse 1st Congressional District, Oregon Rm. 316 Cannon House Office Building Washington, DC 20515 FURSEOR1 at HR.HOUSE.GOV Hon. Sam Gejdenson 2nd Congressional District, Connecticut Rm. 2416 Rayburn House Office Building Washington, DC 20515 BOZRAH at HR.HOUSE.GOV Hon. Newton Gingrich 6th Congressional District, Georgia Rm. 2428 Rayburn House Office Building Washington, DC 20515 GEORGIA6 at HR.HOUSE.GOV Hon. Bob Goodlatte 6th Congressional District, Virginia Rm. 214 Cannon House Office Building Washington, DC 20515 TALK2BOB at HR.HOUSE.GOV Hon. Rod Grams 6th Congressional District, Minnesota Rm. 1713 Longworth House Office Building Washington, DC 20515 RODGRAMS at HR.HOUSE.GOV Hon. Dan Hamburg 1st Congressional District, California Rm. 114 Cannon House Office Building Washington, DC 20515 HAMBURG at HR.HOUSE.GOV Hon. Dennis Hastert 14th Congressional District, Illinois Rm. 2453 Rayburn House Office Building Washington, DC 20515 DHASTERT at HR.HOUSE.GOV Hon. Martin Hoke 2nd Congressional District, Ohio Rm. 212 Cannon House Office Building Washington, DC 20515 HOKEMAIL at HR.HOUSE.GOV Hon. Ernest J. Istook, Jr. 5th Congressional District, Oklahoma Rm. 1116 Longworth House Office Building Washington, DC 20515 ISTOOK at HR.HOUSE.GOV Hon. Sam Johnson 3rd Congressional District, Texas Rm. 1030 Longworth House Office Building Washington, DC 20515 SAMTX03 at HR.HOUSE.GOV Hon. Mike Kreidler 9th Congressional District, Washington Rm. 1535 Longworth House Office Building Washington, DC 20515 KREIDLER at HR.HOUSE.GOV Hon. Tom Lantos 12th Congressional District, California Rm. 2182 Rayburn House Office Building Washington, DC 20515 TALK2TOM at HR.HOUSE.GOV Hon. Thomas Manton 7th Congressional District, New York Rm. 203 Cannon House Office Building Washington, DC 20515 TMANTON at HR.HOUSE.GOV Hon. George Miller 7th Congressional District, California Rm. 2205 Rayburn House Office Building Washington, DC 20515 GEORGEM at HR.HOUSE.GOV Hon. Ed Pastor 2nd Congressional District, Arizona Rm. 408 Cannon House Office Building Washington, DC 20515 EDPASTOR at HR.HOUSE.GOV Hon. Bill Paxon 27th Congressional District, New York Rm. 1314 Longworth House Office Building Washington, DC 20515 BPAXON at HR.HOUSE.GOV Hon. Owen Pickett 2nd Congressional District, Virginia Rm. 2430 Rayburn House Office Building Washington, DC 20515 OPICKETT at HR.HOUSE.GOV Hon. Earl Pomeroy North Dakota, At Large Rm. 318 Cannon House Office Building Washington, DC 20515 EPOMEROY at HR.HOUSE.GOV Hon. David Price 4th Congressional District, North Carolina Rm. 2458 Rayburn House Office Building Washington, DC 20515 PRICE at HR.HOUSE.GOV Hon. Jim Ramstad 3rd Congressional District, Minnesota Rm. 322 Cannon House Office Building Washington, DC 20515 MN03 at HR.HOUSE.GOV Hon. Pat Roberts 1st Congressional District, Kansas Rm. 1126 Longworth House Office Building Washington, DC 20515 EMAILPAT at HR.HOUSE.GOV Hon. Charlie Rose 7th Congressional District, North Carolina Rm. 2230 Rayburn House Office Building Washington, DC 20515 CROSE at HR.HOUSE.GOV Hon. Christopher Shays 4th Congressional District, Connecticut Room 1034, Longworth House Office Building Washington, DC 20515 CSHAYS at HR.HOUSE.GOV Hon. Karen Shepherd 2nd Congressional District, Utah Rm. 414 Cannon House Office Building Washington, DC 20515 SHEPHERD at HR.HOUSE.GOV Hon. David Skaggs 2nd Congressional District, Colorado Rm. 1124 Longworth House Office Building Washington, DC 20515 SKAGGS at HR.HOUSE.GOV Hon. 'Pete' Stark 13th Congressional District, California Rm. 239 Cannon House Office Building Washington, DC 20515 PETEMAIL at HR.HOUSE.GOV Hon. Cliff Stearns 6th Congressional District, Florida Rm. 332 Cannon House Office Building Washington, DC 20515 CSTEARNS at HR.HOUSE.GOV Hon. Charles Taylor 11th Congressional District, North Carolina Rm. 516 Cannon House Office Building Washington, DC 20515 CHTAYLOR at HR.HOUSE.GOV Hon. Robert Walker 16th Congressional District, Pennsylvania Rm. 2369 Rayburn House Office Building Washington, DC 20515 PA16 at HR.HOUSE.GOV Hon. Mel Watt 12th Congressional District, North Carolina Rm. 1232 Longworth House Office Building Washington, DC 20515 MELMAIL at HR.HOUSE.GOV Hon. Dick Zimmer 12th Congressional District, New Jersey Rm. 228 Cannon House Office Building Washington, DC 20515 DZIMMER at HR.HOUSE.GOV INSTRUCTIONS FOR CONSTITUENTS The list above includes the electronic mail addresses of members who are participating in the program. However, if your Representative is taking part in the project, we request that you send a letter or postcard by U.S. Mail to that Representative at the address listed above with your name and internet address, followed by your postal (geographical) address. The primary goal of this program is to allow Members to better serve their CONSTITUENTS, and this postal contact is the only sure method currently available of verifying that a user is a resident of a particular congressional district. In addition, constituents who communicate with their Representative by electronic mail should be aware that Members will sometimes respond to their messages by way of the U.S. Postal Service. This method of reply will help to ensure confidentiality, a concern that is of upmost importance to the House of Representatives. COMMITTEES OF THE U.S. HOUSE OF REPRESENTATIVES PARTICIPATING IN THE ELECTRONIC MAIL SYSTEM. Subcommittee on Labor-Management Relations Committee on Education and Labor Rm. 320 Cannon House Office Building Washington, DC 20515 SLABMGNT at HR.HOUSE.GOV Committee on Natural Resources 1324 Longworth House Office Building Washington, DC 20515 NATRES at HR.HOUSE.GOV Committee on Science, Space, and Technology 2320 Rayburn House Office Building Washington, DC 20515 HOUSESST at HR.HOUSE.GOV COMMENTS AND SUGGESTIONS You can send comments about our service to the Constituent Electronic Mail System Comment mailbox, at COMMENTS at HR.HOUSE.GOV We will make every effort to integrate suggestions into forthcoming updates of our system. Please note, that the intended purpose of this mailbox is to support public inquiry about the House Constituent Electronic Mail System. Messages intended for Members of Congress should be sent directly to the appropriate Member of Congress at their electronic mail or postal address. UPDATES AND ADDITIONAL INFORMATION From time to time, you may want to send another e-mail message to CONGRESS at HR.HOUSE.GOV to see the most recent version of the list of Members and Committees using Constituent Electronic Mail. The information is also available on the U.S. House of Representatives' Gopher server at GOPHER.HOUSE.GOV in the folder Congressional Information. To learn more about information available electronically from the House, send an e-mail message to HOUSEHLP at HR.HOUSE.GOV Thank you again for contacting the House of Representatives' Constituent Electronic Mail System. We are excited about the possibilities that e-mail has to offer, and will be working hard to bring more Members on-line and to expand our services. This message will be updated as necessary. Honorable Charlie Rose (D-NC) Chairman Committee on House Administration From ravage at bga.com Thu Sep 15 21:56:45 1994 From: ravage at bga.com (Jim choate) Date: Thu, 15 Sep 94 21:56:45 PDT Subject: privacy in Unix environment In-Reply-To: <199409160307.UAA29221@netcom6.netcom.com> Message-ID: <199409160456.XAA21394@zoom.bga.com> > > Hello everyone, here is a question well suited for the c'punks. > I'm looking for some kind of utility that will allow script files > to be run, to spawn off processes, but will wipe out environment > and "ps" info from being read. i.e. imagine that the commands > being called must shield their arguments and environment from > the "ps" command run on a system. the ideal program would let > me run csh scripts but make all the unix commands called > (sort, grep, whatever) invisible to other users on my local > system. > Hi, There is a program for Linux which sorta does this that was written by a friend of mine. It basicly 'hides' a process such that neither it or any of its children will show up using 'ps'. If you would like more info then contact: ifch151 at ccwf.cc.utexas.edu Take care. From 0x7CF5048D at nowhere Thu Sep 15 22:35:31 1994 From: 0x7CF5048D at nowhere (0x7CF5048D at nowhere) Date: Thu, 15 Sep 94 22:35:31 PDT Subject: pgp 2.6.1 circumventing legal kludge Message-ID: <199409160406.AA12302@xtropia> -----BEGIN PGP SIGNED MESSAGE----- I have examined the source to the latest modification to pgp2.6 pgp2.6.1. It appears that the +legal_kludge command parameter remains as also does the bug that prevents this code from working! (Value is used instead of Flag.) One would have thought that the bug would have been fixed or the legal kludge code would have been removed in pgp2.61. The existence of this bug was widely publicized. Perhaps the authors wish there to continue to be a way to circumvent the kludge, but can not be seen taking explicit action to fix the bug. The bottom line is that to encrypt a message to be sent to someone with an earlier version of pgp such as pgp 2.3a, one should disable the legal kludge by using the following command line: pgp +cert_depth=0 +legal_kludge=off +cert_depth=4 -eat file them My program in noklg.zip is a way to use the above feature to cause pgp to be compatible with earlier versions of pgp without the extra typing. (It supports MSDOS and OS/2). You can set up the program so that pgp shells and other programs work as originally designed, but encrypting files compatible with earlier versions of pgp. I wish that someone would store this program in at a public ftp site. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLninbg2Gnhl89QSNAQEB7QP+L2iA+ha2KCfH31O2OoG6syIWWNc7f76e rx5lQ3HpufkVIqhvw+Ff1FWR5aWIPZ2ZKfYAAHjpDiTRMJIMOs2dalx30Hjn/Jyw X6cEIGzywRpRx8oX+kX5BhxM93IblP1mHAe1e17jiwgBXfbX1yj4/loxL8aHv/cB LYB0F2go2C0= =qN3q -----END PGP SIGNATURE----- From hobbit at asylum.sf.ca.us Thu Sep 15 23:43:19 1994 From: hobbit at asylum.sf.ca.us (*Hobbit*) Date: Thu, 15 Sep 94 23:43:19 PDT Subject: yet another use for MD5 Message-ID: <199409160643.CAA14366@asylum.sf.ca.us> After examining Tripwire and deciding that it was *way* overkill for my own purposes, I decided to cobble together my own minimalist solution to the unix file integrity problem. I call it "L5", for a variety of reasons, and have decided to present it to the community as a Useful Hack. For all I know it may have already been done elsewhere, but I haven't yet seen such a thing mentioned, despite the simple underlying concept. L5 can be FTPed from asylum.sf.ca.us:/pub/hobbit/L5.tar.Z. L5 simply walks down Unix or DOS filesystems, sort of like "ls -R" or "find" would, generating listings of anything it finds there. It tells you everything it can about a file's status, and adds on an MD5 hash of it. Its output is rather "numeric", but it is a very simple format and is designed to be post-treated by scripts that call L5. Here are some of its other features: Filenames come first, making sorting easier. Filenames are delimited in a non-[unix]-spoofable way; ending in "//". The single character after "//" indicates the file type. Scanning stops at device boundaries, so L5 doesn't go slogging through random NFS trees or "tmpfs"es unless you tell it to. You can tell it not to walk any directories lower than the one[s] you handed it as arguments. [It always walks one level of its given arguments.] You can tell it to only print the filenames. If a file looks like a script of some kind, it is shown as type "K" instead of "F". Useful for finding those setuid shell scripts... MD5 hashing can be output in hex, Tripwire's radix64 format, or not at all, as you specify. The hex hash for a given file is the same as that of the CERT "md5check". You can feed it a list of files or directories to check as its standard input. You can have it do its hash *on* standard input. This feature is useful for doing things like "l5 /critical/files | l5" to get a small but secure summary hash. It is small and reasonably fast. Some of it is based on code from Tripwire, but it doesn't use a DBM database and only offers one hash option. The MD5 code, in particular, is the endian-independent version from Tripwire, which builds almost anywhere. Selection of files to ignore certain changes in is undoubtedly less versatile, but you can always filter the output through further scripts before, for example, diffing your "old" system snapshot against your "new" system snapshot. [The rest of this file is in the README that comes with L5.] _H* From rparratt at london.micrognosis.com Fri Sep 16 02:00:55 1994 From: rparratt at london.micrognosis.com (Richard Parratt) Date: Fri, 16 Sep 94 02:00:55 PDT Subject: RC4 Legal Issues Message-ID: <9409160858.AA15977@pero> Phil Karn wrote: > This was my understanding *before* the recent jury decision in the > Microsoft vs Stac Electronics countersuit. When Stac sued Microsoft > for infringing their patents on disk compression, Microsoft > countersued Stac for trade secret infringement for having > reverse-engineered some hidden system calls in MS-DOS. Not only did > the jury uphold Stac's bogus software patent, but they also found in > favor of Microsoft on their ridiculous trade secret accusation! > > Needless to say, this creates a very troubling precedent. Now you can > now apparently infringe a trade secret merely by examining fully > public information (e.g., commercially available object code.) Do juries get to decide on points of law and create precedents in the US legal system? No wonder you have such odd laws. In the UK, legal argument is taken by the judge in the absence of the jury, (and in most civil cases there is no jury anyway -- I think that we only have juries in criminal cases and libel, but someone more knowledgable may be able to correct this). Anyway, the role of the jury is to decide on the facts e.g: A says X, B says Y, who do we believe? Also, the ability of judges in lower courts to create precedents is restricted. A case like Microsoft v Stac would end up going right up through the appeal process. -- Richard Parratt. From paul at hawksbill.sprintmrn.com Fri Sep 16 04:27:23 1994 From: paul at hawksbill.sprintmrn.com (Paul Ferguson) Date: Fri, 16 Sep 94 04:27:23 PDT Subject: C'Punks web server? Message-ID: <9409161230.AA07849@hawksbill.sprintmrn.com> This may sound like a stoopid question, but didn't someone mention a c'punk web server (or something similar) a while back? If something like this exists, where's the home page located? Thanks, - paul From a.brown at nexor.co.uk Fri Sep 16 05:14:12 1994 From: a.brown at nexor.co.uk (Andrew Brown) Date: Fri, 16 Sep 94 05:14:12 PDT Subject: C'Punks web server? In-Reply-To: <9409161230.AA07849@hawksbill.sprintmrn.com> Message-ID: On Fri, 16 Sep 1994, Paul Ferguson wrote: > This may sound like a stoopid question, but didn't someone mention > a c'punk web server (or something similar) a while back? I've just started archiving this list and will most likely make the results available in monthly digests via the WWW. I'll post more when something of substance is ready. - Andy +-------------------------------------------------------------------------+ | Andrew Brown Internet Telephone +44 115 952 0585 | | PGP 2.6ui fingerprint: EC 80 9C 96 54 63 CC 97 FF 7D C5 69 0B 55 23 63 | +-------------------------------------------------------------------------+ From paul at hawksbill.sprintmrn.com Fri Sep 16 05:19:08 1994 From: paul at hawksbill.sprintmrn.com (Paul Ferguson) Date: Fri, 16 Sep 94 05:19:08 PDT Subject: C'Punks web server (again) Message-ID: <9409161322.AA08149@hawksbill.sprintmrn.com> I found it, for anyone interested, by a reference on the EFF Web Server: http://soda.berekeley.edu/pub/cypherpunks/Home.html - paul From m5 at vail.tivoli.com Fri Sep 16 05:29:27 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Fri, 16 Sep 94 05:29:27 PDT Subject: privacy in Unix environment In-Reply-To: <199409160307.UAA29221@netcom6.netcom.com> Message-ID: <9409161229.AA02554@vail.tivoli.com> Vladimir Z. Nuri writes: > (sort, grep, whatever) invisible to other users on my local > system. > > can it be done? Not unless you write your own suite of utilities (or get linux and modify all the ones there). Even if you do, the kernel will always keep around the command name (ps -c on BSDish machines). Of course, if you've got your own suite of utilities you can scramble the names. Juest remind me never to log in to your account... | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From danisch at ira.uka.de Fri Sep 16 05:48:07 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Fri, 16 Sep 94 05:48:07 PDT Subject: C'Punks web server Message-ID: Try these:

  • Cypherpunks Berkeley
  • Cypherpunks Washington
  • Cypherpunks Maricopa
  • Cypherpunks WAIS Index
  • Vince Cate's Cypherpunk Page
  • Ein Cypherpunks-Archiv
  • Nectar
  • Magic Money Hadmut From perry at imsi.com Fri Sep 16 06:18:41 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 16 Sep 94 06:18:41 PDT Subject: if this is RC4 In-Reply-To: <9409161122.ZM2097@wiley.sydney.sgi.com> Message-ID: <9409161318.AA06070@snark.imsi.com> "Ian Farquhar" says: > If it is, then the person who did it has gone to a lot of trouble to > make the source layout and coding style very similar to the publicly > available MD[245] sources. Compare them and you'll see what I mean. > One of the original reasons I thought that this was a fake was the > similarity (adds credibility), but when it was verified I began to > think that this is, in fact, the real source from RSADSI. I don't > think that this is a reverse engineering job, because I can't see > any motive for anyone to put the work into making the code look so > similar. One possibility is that the author may have simply decompiled the original code... Perry From rishab at dxm.ernet.in Fri Sep 16 07:11:09 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 16 Sep 94 07:11:09 PDT Subject: FREE patent searches Message-ID: I haven't seen this here, so I'm forwarding it all: Date: Fri, 9 Sep 1994 09:32:15 -0400 From: srctran at world.std.com (Gregory Aharonian) Message-Id: <199409091332.AA16709 at world.std.com> To: patents at world.std.com Subject: PATENT SEARCHING EMAIL SERVER is now open for business APS PATENT SEARCHING ARRIVES ON THE INTERNET!!!!!!!!!!!!!!!! (well only in a real limited way for the time being :-) A few weeks ago, I announced plans to provide limited patent searching over the Internet, where you can get a list of patents by specifying the class/subclass. I have decided to do this in two stages. To test out the email-server software I am writing, I first plan to allow email requests to retreive parts of the PTO classification manuals (see below). Once things are running smoothly, I will then add the capability to retrieve patent titles by class/subclass. So feel free to start sending in requests to the address listed below: search at world.std.com wish me luck, and start thinking philanthropic. By the way, if someone has a machine readable version of the WIPO international classification system, please send it to me so I can add it to the server. At some point when I have lots of equipment, I will sort US patents by their international classification. Greg Aharonian Internet Patent News Service ==================== Internet Patent News Service September 1994 PATENT TITLES EMAIL SERVER search at world.std.com The Internet Patent News Service is pleased to announced the availability of the Patent Titles email server, where people can retrieve lists of patent titles dating back to 1970 for any USPTO class/subclass, and patent numbers for additional patents dating back to the 1800's. The Patent Titles email server is the first step in our efforts to make the entire USPTO APS patent text database system accessible over the Internet. Approximately one gigabyte of data has been prepared and attached to the Internet. As all of the equipment and network access is borrowed, I am limiting access to an email server until I get a better feel for demand for the data, and until I can raise funding to set up a proper Internet server. Unless the bandwidth and processing load overwhelms the equipment I am borrowing, the service will be free. To use the email server, send requests to the Internet address: search at world.std.com using any of the following commands sent as text in the body of the email message: SENDTO account-name at internet.site.adr This command is mandatory of all requests and is where you specify the email address you want the information sent to. Occasionally From: lines in email addresses do not provide a correct return address (at least in my experience doing the Internet Patent News Service). SEND INTRO SEND HELP Either of these commands will return this message. SEND UCLASSES This command will return an index to the approximately 400 patent classes that are currently being used, for example: Class: 69 Leather Manufacturers SEND UCLASS XXX This command will return that section of the USPTO's Manual of Classification covering patent class XXX. For example, the command "SEND CLASS 69" would return a list of all of the subclasses in Class 69 by number and title. These files range in size from 5K to 120K. What follows is a section of Class 69: Subclass Subclass Number Title 1 MACHINES 1.5 .Belt-stretching 3 .Horse collar shaping 4 .Horse collar stuffing SEND UCLASS COMPUTING This command will return those sections of the USPTO's Manual of Classification covering patent classes 395 and 364, the two main classes dealing with hardware and software. SEND IPNSINFO This command will return an introductory message to my Internet Patent News Service. SEND CONSULT This command will return an introductory message to my patent searching consulting services I offer. SAVE COMMENT This command lets me know your request is actually a comment about the email server operation, or any inaccuracies you detect in the patent information being sent out. As I am parasiting the equipment to run the server (which basically means that I operate the server at nite and on weekends), please send your requests in at the end of the workday or on weekends. Within a day or so, you will receive back ny email whatever you requested. SECURITY A very important concern for anyone using this email server is secrecy, that what they are searching for is not revealed to others. As a potential inventor, I appreciate this as much as anyone else. While I plan to save the email addresses of people who use the server (but not their search request), no other information will be retained. The email address information will be saved to study who, and how often, people are using the server. I would appreciate any suggestions on how to ensure security beyond this. Please excuse any mishaps that occur as I get this service off the ground. This email server is a classic hack that will get better in time as people use it. In turn, the experience gathered in running the server will be invaluable in demonstrating the feasibility of making massive amounts of patent data available over the Internet. Also, get ready for that voluntary registration fee I mention in my intro piece to the Internet Patent News Service. If the Patent Titles email server is successful, and you all like it, this fall I plan to coordinate an effort to put all of the patent abstract information since 1970 onto the Internet, making it available through email servers, Gopher, WAIS and Mosaic. But first things first, getting the Patent Titles email server working. Greg Aharonian Internet Patent News Service From jamesd at netcom.com Fri Sep 16 07:55:18 1994 From: jamesd at netcom.com (James A. Donald) Date: Fri, 16 Sep 94 07:55:18 PDT Subject: if this is RC4 In-Reply-To: <9409161318.AA06070@snark.imsi.com> Message-ID: <199409161454.HAA25139@netcom10.netcom.com> "Ian Farquhar" says: > > If it is, then the person who did it has gone to a lot of trouble to > > make the source layout and coding style very similar to the publicly > > available MD[245] sources. Many people use this style. Suspicious, but no fingerprint. Perry E. Metzger writes > One possibility is that the author may have simply decompiled the > original code... Decompilation would not preserve the original style. Is "decompilation" actually the word you had in mind? -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From perry at imsi.com Fri Sep 16 07:57:20 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 16 Sep 94 07:57:20 PDT Subject: if this is RC4 In-Reply-To: <199409161454.HAA25139@netcom10.netcom.com> Message-ID: <9409161457.AA06229@snark.imsi.com> James A. Donald says: > Perry E. Metzger writes > > One possibility is that the author may have simply decompiled the > > original code... > > Decompilation would not preserve the original style. Of course it would. If a symbol table was present, you'd even end up with the same variable names. > Is "decompilation" actually the word you had in mind? Yes. .pm From rishab at dxm.ernet.in Fri Sep 16 08:01:56 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 16 Sep 94 08:01:56 PDT Subject: The mother of all FAQs Message-ID: Tim May says: > I've decided to give my FAQ a name, to prevent confusion. "THE > CYPHERNOMICON" is what I call it. (If the reference is obscure, I can > explain.) > > The main file is 1.3 MB. It takes about 12-15 minutes to transfer This is really the "Mother of all FAQs" - the largest I've seen so far are less than 500k! Actually, I've spotted a trend in recent FAQs - they're no longer a list of Frequently Asked (or Answered ;-) Questions, but a sort of encyclopaedic guide to the group/topic. Well, if newbies _read_ this one, the SNR on this list should soar exponentially! ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rishab at dxm.ernet.in Fri Sep 16 08:04:25 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 16 Sep 94 08:04:25 PDT Subject: Virtual assasins and lethal remailers Message-ID: doug at OpenMind.com: > an openly conducted business. For example, an anonymous news post > announces a public key which is to be used to encode a contract kill order, > along with a digital cash payment. The person placing the contract need > only anonymously place the encrypted message in alt.test. Perhaps it is And then the evil assasin, using the Cypherpunk Assasination Remailer (tm) sends an encrypted e-mail to the victim's life-support system and alas! he dies. No? You mean the assasin will actually have to use a {gun/knife/CIA anti-beard poison} and be _physically_ near the victim? Ah well, then the police just got to find the fingerprints and all the usual things, right? What's cyberspace got to do with it? I believe that if you try to criminalize conspiracy, than you risk mass invasions of privacy. Conspiring is just exercising freedom of opinion and expression - the crime, as always even in the days of Caesar, is in the act, not the preparation. And the act is always quite physical, well out of the bounds of cyberspace and the Thought Police. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From jya at pipeline.com Fri Sep 16 08:33:03 1994 From: jya at pipeline.com (John Young) Date: Fri, 16 Sep 94 08:33:03 PDT Subject: Radio Them Back to the Stone Age Message-ID: <199409161532.LAA09740@pipe1.pipeline.com> Forwarding List FOP mail by: u2re9toh at crrel41.crrel.usace.army.mil (Tim Horrigan) on Fri, 16 Sep 8:22 AM ------------------- At 22:52 9/15/94 -0400, Judith Frederika Rodenbeck wrote: >The medium we >are using can be like radio, like the psyop single-frequency cheapies we >dropped across Vietnam, which a person could only retune by opening up and >diddling with solder. They dropped such radios on Haiti last night as well. Most of them were picked up immediately by the cops and carted away somewhere, according to an NPR reporter. The NPR reporter found this out by listening to the police-band transmissions on his scanner (which seems ironic somehow.) *** TIM HORRIGAN, Climate Data Lab, USACRREL, Hanover, NH 03755 internet: horrigan at hanover-crrel.army.mil horrigan at crrel41.crrel.usace.army.mil [or whatever weird crap turns up as my return address UNLESS it implies that I'm at "@crrel41.BITNET", which is a nonexistent Bitnet domain!!!!] alt internet: Timothy.Horrigan at bbsmail.magpie.com ph: (603) 646-4432 (603) 646-4100 *** From talon57 at well.sf.ca.us Fri Sep 16 08:38:41 1994 From: talon57 at well.sf.ca.us (Brian D Williams) Date: Fri, 16 Sep 94 08:38:41 PDT Subject: privacy in Unix enviroment Message-ID: <199409161538.IAA26496@well.sf.ca.us> -----BEGIN PGP SIGNED MESSAGE----- " Vladimir Z. Nuri" a.k.a. Larry Detweiler asks: >Subject: privacy in Unix environment >Date: Thu, 15 Sep 94 20:07:03 -0700 >From: "Vladimir Z. Nuri" >Sender: owner-cypherpunks at toad.com >Precedence: bulk >Hello everyone, here is a question well suited for the c'punks. >I'm looking for some kind of utility that will allow script files >to be run, to spawn off processes, but will wipe out environment >and "ps" info from being read. i.e. imagine that the commands >being called must shield their arguments and environment from >the "ps" command run on a system. the ideal program would let >me run csh scripts but make all the unix commands called >(sort, grep, whatever) invisible to other users on my local >system. >can it be done? >note: I am aware of the trick of using symbolic links to hide >command names. >tx. >bye So, what'cha up to now Detweiler? Brian Williams Extropian Cypherpatriot "Cryptocosmology: Sufficently advanced communication is indistinguishable from noise." --Steve Witham "Have you ever had your phones tapped by the government? YOU WILL and the company that'll bring it to you.... AT&T" --James Speth -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLnm5UVmp8FjpRfTVAQGcNAP/UXevPpl6kpsZIESGMskR5au8fzmfgm0p pVVKgZURxmPHMqyShWRA4fBkbAkY55duR05VdKt4NiehW3T7vhG2rIUwKELSQ3Al CNdZo4WqafGapNzeeEVQeaDWwkp6BX0hi1QnHG93JiZWgMwtG03kvz7C0CDJ0HZy TexwcHzAzvk= =9QNG -----END PGP SIGNATURE----- From m5 at vail.tivoli.com Fri Sep 16 09:02:34 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Fri, 16 Sep 94 09:02:34 PDT Subject: privacy in Unix enviroment In-Reply-To: <199409161538.IAA26496@well.sf.ca.us> Message-ID: <9409161602.AA04110@vail.tivoli.com> Brian D. Williams writes: > " Vladimir Z. Nuri" a.k.a. Larry Detweiler asks: ?? Hmm... Could this be? There's no overt evidence of, umm, unusual behavior in the note; except, that is, for the possibly telling: > >...run csh scripts... Clearly a bad sign... | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From doug at OpenMind.com Fri Sep 16 09:23:26 1994 From: doug at OpenMind.com (Doug Cutrell) Date: Fri, 16 Sep 94 09:23:26 PDT Subject: Virtual assasins and lethal remailers Message-ID: Rishab Aiyer Ghosh writes: >You mean the assasin will actually have to use a {gun/knife/CIA anti-beard >poison} and be _physically_ near the victim? > >Ah well, then the police just got to find the fingerprints and all the usual >things, right? What's cyberspace got to do with it? The point, of course, is that there is no risk to the person *placing* the contract. The assassin, as you say, has all the usual risks. >I believe that if you try to criminalize conspiracy, than you risk mass >invasions of privacy. Conspiring is just exercising freedom of opinion and >expression - the crime, as always even in the days of Caesar, is in the act, >not the preparation. And the act is always quite physical, well out of the >bounds of cyberspace and the Thought Police. This is oversimplistic. Paying someone else to commit a crime for you is a crime. It is in fact possible to pay someone to commit a crime for you in a completely "non-physical" sense, using anonymous remailers, public key encryption, public bulletin boards, and untraceable digital cash. In the past, it has always been a principle of social dynamics that actions can be eventually traced back to some kind of "source", or responsible parties. Throughout history, the people committing "crimes" have tried to make this connection harder and harder to trace, so that they cannot be tied to the physical agents they use to commit those "crimes". They have been successful to varying degrees, but the assumption of law enforcement and the mechanisms of social justice have been that ultimately these connections are traceable. The responsible parties can be located. This is at the heart of the notion of "criminal investigation". Strong crypto *fundamentally* changes this. If all the tools of crypto anarchy are in place, the causal link between person instigating a social action, and the agent completing the social action, becomes *absolutely* untraceable. The notion of criminal investigation cannot apply in any sense. The "arms and legs" that perform specific physical actions can of course still be located, but the critical component which organizes and directs such actions can in fact be completely secure. Thus strong crypto introduces the potential for a new kind of "social organism". The arms and legs, or physical processes of this organism are visible to society and can be targeted for social or interpersonal reprisal. However, the central control for these physical processes can be absolutely anonymous and untraceable, inviolable -- while the physical processes associated with this central control can come and go with complete fluidity. By the way, let me emphasize once again that I am NOT advocating that we criminalize any of the tools of strong crypto. I AM advocating that people carefully consider the social dynamics of the use of strong crypto. I believe that a society with access to strong crypto may fall into any one of a number of various long-term stable patterns. It is not a matter of simply discussing and developing the tools themselves... we should consider how to achieve desirable long-term stable social dynamics in the presence of strong crypto. This requires carefully considering sequences of introduction of various strong crypto tools into society, and predicting the reactions of society as these tools are introduced. Doug ___________________________________________________________________ Doug Cutrell General Partner doug at OpenMind.com Open Mind, Santa Cruz =================================================================== From merriman at metronet.com Fri Sep 16 10:08:59 1994 From: merriman at metronet.com (David K. Merriman) Date: Fri, 16 Sep 94 10:08:59 PDT Subject: PRIVACY REGULATIONS (A Matter of Form) Message-ID: <199409161706.AA21787@metronet.com> >I think you're right. That's the first call one ought to make, when >thrown in jail - to their lawyer, to come up with their expensive >advice on how to deal with it, since ordinary language just wouldn't do >for that special occasion. > You mean "Get me the F**K outta here!!!" isn't sufficient?! >Otherwise, you're considered to be in "contempt" and totally gauche in >a court of law.) It's loathing, mistrust, and suspicion, and thus not contempt. QED. :-) ObQuestion: Whyizzit that President Billary keeps saying "The People", and talking about our "Social Responsibilities" to each other? Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From adam at bwh.harvard.edu Fri Sep 16 10:28:09 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Fri, 16 Sep 94 10:28:09 PDT Subject: Virtual assasins and lethal remailers In-Reply-To: Message-ID: <199409161729.NAA15167@hermes.bwh.harvard.edu> Doug Cutrell wrote: | >Ah well, then the police just got to find the fingerprints and all the usual | >things, right? What's cyberspace got to do with it? | | The point, of course, is that there is no risk to the person *placing* the | contract. The assassin, as you say, has all the usual risks. That is not really correct. The risk is reduced, not minimalized. Further, I will argue that the reduction is not even very significant. The usual suspects will be dragged out; family members, insurance beneficiaries, business partners. The tracing of the money from payer to assassin might be difficult, but there will probably be a large, unaccounted for withdrawal from some back account. The police will be able to find a killer with a motive; very few people would pay to have someone killed with whom they have only a minimal connection. The anonymous nature of the funds & contract negotiation will make finding this person more difficult, not impossible. Adam From tcmay at netcom.com Fri Sep 16 10:46:23 1994 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 16 Sep 94 10:46:23 PDT Subject: The mother of all FAQs In-Reply-To: Message-ID: <199409161745.KAA10137@netcom10.netcom.com> Rishab Aiyer Ghosh writes: > This is really the "Mother of all FAQs" - the largest I've seen so far are > less than 500k! Actually, I've spotted a trend in recent FAQs - they're no > longer a list of Frequently Asked (or Answered ;-) Questions, but a sort of > encyclopaedic guide to the group/topic. > > Well, if newbies _read_ this one, the SNR on this list should soar > exponentially! Yes, "FAQ" is a misnomer (a miscyphernomer?). And as long as it is, it won't answer questions that get asked here, such as: "I've looked for a FAQ on versions of RC4 that run on the Amiga, and I can't find anything." (Well, I'm kidding about this one, but similarly obscure questions do come up. Rishab is right that most "FAQs" are becoming much more than that. It seems to me we need a new term.) I don't expect many people will try to read all 1.3 MB. Actually, the text part is about 1 MB, with another 200-300KB added when I saved the file so as to preserve the outline format. (I had to use MORE saved as a Microsoft Word doc, then "Save Text with Layout," a little-used (and buggy!) filter option that inserts spaces so as to preserve some semblance of the original outline structure.) I expect that people will pursue what interests them and ignore the rest. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From ravage at bga.com Fri Sep 16 10:52:28 1994 From: ravage at bga.com (Jim choate) Date: Fri, 16 Sep 94 10:52:28 PDT Subject: Copyright Changes Info ... Message-ID: <199409161752.MAA17336@zoom.bga.com> Hi all, If anyone is interested in staying up with the current changes as discussed in committee for new legislation regarding copyright law then the contact is: US Commerce Dept. Ruth Ford 703-305-8600 Take care. From chen at intuit.com Fri Sep 16 11:20:01 1994 From: chen at intuit.com (Mark Chen) Date: Fri, 16 Sep 94 11:20:01 PDT Subject: privacy in Unix environment In-Reply-To: <199409160307.UAA29221@netcom6.netcom.com> Message-ID: <9409161819.AA16497@doom.intuit.com> > Hello everyone, here is a question well suited for the c'punks. > I'm looking for some kind of utility that will allow script files > to be run, to spawn off processes, but will wipe out environment > and "ps" info from being read. i.e. imagine that the commands > being called must shield their arguments and environment from > the "ps" command run on a system. the ideal program would let > me run csh scripts but make all the unix commands called > (sort, grep, whatever) invisible to other users on my local > system. > > can it be done? > > note: I am aware of the trick of using symbolic links to hide > command names. This can't be done with scripting (though, as some other folks have pointed out, you can sometimes overwrite argv from a C program). Perl might be a good alternative. You get to perform fairly high-level functions without spawning additional shells. - Mark - -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From tcmay at netcom.com Fri Sep 16 12:07:05 1994 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 16 Sep 94 12:07:05 PDT Subject: RC4 discsussion also belongs on sci.crypt Message-ID: <199409161905.MAA02622@netcom8.netcom.com> It's something of a tribute to the success of the Cypherpunks list that so much of the discussion about RC4 is happening here, rather than on sci.crypt. However, if we want the source code to get published, the discussion probably needs to to at least be echoed in sci.crypt and similar public fora/forums^H^H^H^H^H places. A journalist I know has expressed frustration that more of the RC4 discussion is not going on a more public place. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From jazz at hal.com Fri Sep 16 12:17:57 1994 From: jazz at hal.com (Jason Zions) Date: Fri, 16 Sep 94 12:17:57 PDT Subject: if this is RC4 Message-ID: <9409161917.AA28174@jazz.hal.com> >> Decompilation would not preserve the original style. > >Of course it would. If a symbol table was present, you'd even end up >with the same variable names. Decompilation would not preserve stylistic things like indentation and brace usage. With optimized compilers, it's getting pretty hard for a decompiler to actually figure out the original input source statement. The result of a decompile, when again compiled, may indeed produce the same object; but the original and decompiled source code may look radically different. The RC4 source code contains at least one example of a coding idiom that would almost certainly decompile differently. In a couple instances, the posted alleged-RC4 source takes modulo-256 of a particular value. A compiler would in almost all cases emit code which did a simple logical-AND with 0xff; when decompiled, the C code would reflect that logical-AND rather than a mod-256 operation. It looked like real source to me, rather than decompiled. Jason From jim at rand.org Fri Sep 16 12:24:04 1994 From: jim at rand.org (Jim Gillogly) Date: Fri, 16 Sep 94 12:24:04 PDT Subject: thoughts on RC4 In-Reply-To: <9409151452.AA03618@webster.imsi.com> Message-ID: <9409161923.AA06121@mycroft.rand.org> > perry at imsi.com (Perry E. Metzger) writes: > Can anyone see any reason why one could not change RC4 to > being a word oriented stream cipher, call it "ERC4"? > The reason I ask is because this would speed things up by a factor of > four on 32 bit machines, which would mean modest hardware could > possibly break 100mbps speeds. The 64 bit extension on 64 bit RISC > processors could go far, far, faster still. Is mbps megabits per second? If so, I'm within a factor of 3 of confirming your numbers. If it's megabytes, I'm more than an order of magnitude away from understanding what "modest hardware" means. The original code plods along on my 50 Mhz '486 laptop (Borland C++ Pro) at a paltry 1.43mbits/s. Turning the inner loop into obfuscated C picks up a little to 3.84mbits/s, and doing it with 8086-compatible assembler yields only 8.40mbits/s. The compiler could certainly be a lot smarter, but the assembler probably couldn't be improved by a factor of 2 without modifying the algorithm as you suggested -- the current incarnation is at 15 instructions per encrypted byte. Anybody else have timing numbers? Jim Gillogly 25 Halimath S.R. 1994, 19:18 From perry at imsi.com Fri Sep 16 12:31:39 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 16 Sep 94 12:31:39 PDT Subject: thoughts on RC4 In-Reply-To: <9409161923.AA06121@mycroft.rand.org> Message-ID: <9409161931.AA06647@snark.imsi.com> Jim Gillogly says: > Is mbps megabits per second? Yes. John Ioannidis has gotten the code up to 24mbit/sec on SparcStation IIs. > The original code plods along on my 50 Mhz '486 laptop (Borland C++ Pro) > at a paltry 1.43mbits/s. Turning the inner loop into obfuscated C picks up > a little to 3.84mbits/s, and doing it with 8086-compatible assembler > yields only 8.40mbits/s. A 50 Mhz '486 shouldn't be that far off a SparcStation if you are operating in the right mode... You don't have to get very obfuscated, but moving the swap in line, doing a bit of unrolling and playing some games with word operations can get you pretty far... Perry From merriman at metronet.com Fri Sep 16 12:58:32 1994 From: merriman at metronet.com (David K. Merriman) Date: Fri, 16 Sep 94 12:58:32 PDT Subject: The mother of all FAQs Message-ID: <199409161956.AA14369@metronet.com> >Rishab Aiyer Ghosh writes: > >Yes, "FAQ" is a misnomer (a miscyphernomer?). And as long as it is, it >won't answer questions that get asked here, such as: > >"I've looked for a FAQ on versions of RC4 that run on the Amiga, and I >can't find anything." > >(Well, I'm kidding about this one, but similarly obscure questions do >come up. Rishab is right that most "FAQs" are becoming much more than >that. It seems to me we need a new term.) > Knowledgebase? Reference? Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From sandfort at crl.com Fri Sep 16 14:32:38 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Fri, 16 Sep 94 14:32:38 PDT Subject: THE I-WAY Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . THE FIVE HUNDRED CHANNEL, MULTI-MEDIA, MOVIE-ON-DEMAND, INFORMATION SUPERHIGHWAY (AS THE GOVERNMENT SEES IT) "There is nothing wrong with your television set. Do not attempt to adjust the picture. We are controlling transmission. If we wish to make it louder, we will bring up the volume. If we wish to make it softer, we will tune it to a whisper. We will control the hori- zontal. We will control the vertical.... Sit quietly and we will control all that you see and hear. You are about to participate in a great adventure; you are about to experience the awe and mystery which reaches from the inner mind to the Al Gore Limits." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From sameer at c2.org Fri Sep 16 15:28:18 1994 From: sameer at c2.org (sameer) Date: Fri, 16 Sep 94 15:28:18 PDT Subject: C'Punks web server (again) In-Reply-To: <9409161322.AA08149@hawksbill.sprintmrn.com> Message-ID: <199409162225.PAA14240@infinity.c2.org> that should be ftp.csua, not soda. > > > I found it, for anyone interested, by a reference on the EFF Web Server: > > http://soda.berekeley.edu/pub/cypherpunks/Home.html > > - paul > > -- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From jim at RSA.COM Fri Sep 16 16:08:34 1994 From: jim at RSA.COM (Jim Bidzos) Date: Fri, 16 Sep 94 16:08:34 PDT Subject: Thank you Bob Anderson (fwd) Message-ID: <2517c343bf7b3132a70cd7e101de4717@NO-ID-FOUND.mhonarc.org> FYI... I'd appreciate if you posted this wherever you saw RC4... WARNING NOTICE It has come to RSA Data Security's attention that certain RSA trade secrets, in the form of confidential and proprietary source code, have been misappropriated and disclosed. Please be advised that these acts, as well as any retransmission or use of this misappropriated source code is a violation of the Uniform Trade Secrets Act and various other state and federal laws. Any person or entity that acquires, discloses or uses this information is subject to criminal and civil penalties including an injunction, compensatory damages, punitive damages and payment of RSA's attorneys fees. RSA considers this misappropriation to be most serious. Not only is this act a violation of law, but its publication is a gross abuse of the Internet. RSA has begun an investigation and will proceed with legal action against anyone found to have violated its intellectual property rights.  From hfinney at shell.portal.com Fri Sep 16 20:49:46 1994 From: hfinney at shell.portal.com (Hal) Date: Fri, 16 Sep 94 20:49:46 PDT Subject: RSADSI vs Remailers? Message-ID: <199409170349.UAA09576@jobe.shell.portal.com> > Newsgroups: alt.security.pgp,sci.crypt,comp.org.eff.talk,comp.org.cpsr.talk,alt.security.ripem > From: strnlght at netcom.com (David Sternlight) > Subject: RSADSI Warning > Date: Fri, 16 Sep 1994 23:27:18 GMT > > The notice below is being posted by request of Jim Bidzos, President of > RSADSI and PKP. I have no business connection with RSADSI except as a > licensee of RSAREF. > > WARNING NOTICE > > It has come to RSA Data Security's attention that certain RSA > trade secrets, in the form of confidential and proprietary source > code, have been misappropriated and disclosed. Please be advised that > these acts, as well as any retransmission or use of this > misappropriated source code is a violation of the Uniform Trade > Secrets Act and various other state and federal laws. Any person or > entity that acquires, discloses or uses this information is subject to > criminal and civil penalties including an injunction, compensatory > damages, punitive damages and payment of RSA's attorneys fees. > > RSA considers this misappropriation to be most serious. Not only > is this act a violation of law, but its publication is a gross abuse > of the Internet. RSA has begun an investigation and will proceed with > legal action against anyone found to have violated its intellectual > property rights. Note the original post header. It came via the jpunix remailer. > From inbox/cpx Fri Sep 9 20:41:47 1994 > From owner-cypherpunks at toad.com Fri Sep 9 20:17:32 1994 > Date: Fri, 9 Sep 1994 22:11:49 -0500 > Message-Id: <199409100311.WAA12423 at jpunix.com> > To: cypherpunks at toad.com > From: nobody at jpunix.com > Subject: Thank you Bob Anderson > Remailed-By: remailer at jpunix.com > Complaints-To: postmaster at jpunix.com > Sender: owner-cypherpunks at toad.com > Precedence: bulk I wonder if there is any connection to this: > From owner-remailer-operators at c2.org > From: "John A. Perry" > Subject: getting in trouble.. > Date: Fri, 16 Sep 1994 14:56:51 -0459 (CDT) > Sender: owner-remailer-operators at c2.org > > > Well it's happened, > > Someone out in net land felt it was necessary to call my place of > employment and complain that the remailer was being used to send > copy-written software as well as encrypted software out of the country. > Needless to say, my employers didn't take kindly to this. The remailer at > jpunix is temporarily shutdown for a few days until this blows over and I > can find out exactly what the legal implications are. I'll keep everyone > updated. > > John From schneier at chinet.chinet.com Fri Sep 16 20:49:46 1994 From: schneier at chinet.chinet.com (Bruce Schneier) Date: Fri, 16 Sep 94 20:49:46 PDT Subject: RC4 - A response from RSA Data Security, Inc. Message-ID: From bal at martigny.ai.mit.edu Fri Sep 16 21:22:13 1994 From: bal at martigny.ai.mit.edu (Brian A. LaMacchia) Date: Fri, 16 Sep 94 21:22:13 PDT Subject: NYT/Markoff article on RC4 Message-ID: <9409170422.AA11092@toad.com> An article by John Markoff on the release of RC4 source code just came over the NYT wire. It's coded "financial;" I expect it to appear in Saturday editions. Doesn't say much we don't already know (quotes the RSADSI statement that "...its publication is a gross abuse of the Internet."). The article does mention this list, which is called, "a specialized computer network mailing list of computer researchers who oppose the Government's stringent controls on data encryption technology." There's a bug in the article: it says the code was first circulated on Tuesday, Sep 13, and was posted via an anonymous remailer in the Netherlands. I assume Markoff is talking about the message: Message-Id: <199409132036.AA24724 at xs1.xs4all.nl> Subject: RC4 ? To: cypherpunks at toad.com From: nobody at vox.xs4all.nl (An0nYm0Us UsEr) The "Thank you Bob Anderson" message (which was the first posting of the RC4 code that I saw) was posted last Friday, Sep 9, via the anonymous remailer at jpunix.com. --bal From jim at acm.org Fri Sep 16 21:25:46 1994 From: jim at acm.org (Jim Gillogly) Date: Fri, 16 Sep 94 21:25:46 PDT Subject: RC4 - A response from RSA Data Security, Inc. Message-ID: <9409170425.AA07472@mycroft.rand.org> > From: jim at RSA.COM (Jim Bidzos) > Any person or > entity that acquires, discloses or uses this information is subject to > criminal and civil penalties including an injunction, compensatory > damages, punitive damages and payment of RSA's attorneys fees. Let's count the entities that have acquired this information. What're the most recent valid Usenet survey numbers from Brian Reid about the distribution of sci.crypt? Collecting a dollar from each of these entities would pay the salaries at RSA for a while... Jim Gillogly 26 Halimath S.R. 1994, 04:24 From mab at research.att.com Fri Sep 16 21:56:19 1994 From: mab at research.att.com (Matt Blaze) Date: Fri, 16 Sep 94 21:56:19 PDT Subject: RC4 article in Saturday (Sept 17) New York Times Message-ID: <9409170456.AA16046@merckx.UUCP> John Markoff has a piece on the RC4 betrayal in the Business section of the Saturday NY Times (page 37), "A secret computer code is out -- Key to data security appears on internet". Not much that hasn't already been said here or on sci.crypt, but there was an interesting quote from Jim Bidzos that suggested that one of the conditions RSADSI agreed to in order to get approval of 40 bit RC4 for export in shrink-wrap software included keeping the algorithm confidential. Bidzos speculated that the NSA could revoke RC4's export status as a result of the disclosure. Also, the piece reports that "The RC4 formula was first circulated on Tuesday to a specialized computer network mailing list of computer researchers who oppose the Government's stringent controls on data encryption technology. The mailing list, which has thousands of computer users around the world, is known as Cypherpunks, and the mailings usually consist of highly technical discussions of data encryption technology." I guess Markoff gets Eric Blossom's moderated version of the list :-) -matt From harmon at tenet.edu Fri Sep 16 22:23:09 1994 From: harmon at tenet.edu (Dan Harmon) Date: Fri, 16 Sep 94 22:23:09 PDT Subject: Thank You Bob Anderson In-Reply-To: <199409170511.AAA20626@chaos.bsu.edu> Message-ID: Who is John Galt? Boy did we hit the big time!!!! On Sat, 17 Sep 1994, Anonymous wrote: > > Who is Bob Anderson? > From 73211.3713 at compuserve.com Fri Sep 16 20:16:23 1994 From: 73211.3713 at compuserve.com (Loren Fleckenstein) Date: 16 Sep 94 23:16:23 EDT Subject: phil phone Message-ID: <940917031623_73211.3713_DHI28-1@CompuServe.COM> Can anyone send me an update on how far the CPs are from releasing Phil Zimmermann's voice encryptor? From khijol!erc at apple.com Sat Sep 17 00:10:37 1994 From: khijol!erc at apple.com (Ed Carp [Sysadmin]) Date: Sat, 17 Sep 94 00:10:37 PDT Subject: PKZIP encryption broken Message-ID: -----BEGIN PGP SIGNED MESSAGE----- - From a recent comp.risks post: Newsgroups: comp.risks Subject: RISKS DIGEST 16.39 Message-ID: Date: 7 Sep 94 01:33:14 GMT Sender: usenet Reply-To: risks at csl.sri.com Distribution: world Organization: The Internet Gateway Service Approved: risks at csl.sri.com Lines: 624 RISKS-LIST: RISKS-FORUM Digest Tuesday 6 September 1994 Volume 16 : Issue 39 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator ***** See last item for information on RISKS (comp.risks) ***** Contents: PKZIP encryption broken (known plaintext attack) (Paul Carl Kocher) - ---------------------------------------------------------------------- Date: Sun, 4 Sep 1994 17:31:28 -0700 From: Paul Carl Kocher Subject: PKZIP encryption broken (known plaintext attack) I finally found time to take a closer look at the encryption algorithm by Roger Schlafly that is used in PKZIP and have developed a practical known plaintext attack that can find the entire 96-bit internal state. The basic encryption algorithm has four steps, two of which are based on linear shift registers, one is like a linear congruential, and the final converts the contents of an internal state register into an 8-bit value to XOR onto a plaintext byte. A complete description of the algorithm is included in the file APPNOTE.TXT, which is included with PKZIP version 1.1 (check Archie for "pkz110.exe"). Although the algorithm is substantially better than the toy ciphers used in many products, I have developed a practical known plaintext attack that finds the 96 bit internal state. Unlike the ZipCrack program I released a couple years ago, this attack finds the internal state registers directly and does not involve a brute-force attack on the password. If adequate known plaintext is available, my attack will find the state, regardless of the password's size or content. My attack is an improvement on a known plaintext attack described in a paper by Biham (unpublished work) that takes 2^38+ operations. My improvements reduce the amount of work required by approximately a factor of 1500 with 200 bytes of plaintext. With less plaintext the attack will take somewhat more time, but just 40 bytes should be enough to be practical. I've written code for all steps of the attack; a version written in C with a few optimizations in inline assembly runs in less than a day on my '486. The attack will work with versions 1.1 or 2.xx of PKZIP and other programs using the same algorithm. A more in-depth description of the attack will be made available soon, but I wanted to let people using PKZIP (and any other programs that use the same algorithm) know immediately about the weakness. Paul C. Kocher kocherp at leland.stanford.edu Independent data security consultant/contractor. 415-323-7634 [Disclaimers removed. PGN] - -- Ed Carp, N7EKG Ed.Carp at linux.org, ecarp at netcom.com Finger ecarp at netcom.com for PGP 2.5 public key an88744 at anon.penet.fi ** PGP encrypted email preferred! ** "What's the use of distant travel if only to discover - you're homeless in your heart." --Basia, "Yearning" -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLnqUyiS9AwzY9LDxAQECcQP/cYtGpd8882KPmdPN0N1MZf4sjo4Mu8SY V9zEcRnU7VXU1WgqJiGSgyOQbYAaRxDSudtYKH5DHY+qvqLE397nkRuv1qjf5d9b PZ5Pw4YOEhAxVeq4DDSLYO5Lf2T4qs7IjVMETZjibV0feodbridG9XliEFdhrPWK vVhX3ZMWXH8= =oH6T -----END PGP SIGNATURE----- From remailer-admin at chaos.bsu.edu Fri Sep 16 22:11:39 1994 From: remailer-admin at chaos.bsu.edu (Anonymous) Date: Sat, 17 Sep 1994 00:11:39 -0500 Subject: No subject Message-ID: <199409170511.AAA20626@chaos.bsu.edu> From jya at pipeline.com Sat Sep 17 05:54:52 1994 From: jya at pipeline.com (John Young) Date: Sat, 17 Sep 94 05:54:52 PDT Subject: RC4 article in Saturday (Sept 17) New York Times Message-ID: <199409171254.IAA02911@pipe1.pipeline.com> Responding to msg by mab at research.att.com (Matt Blaze) on Sat, 17 Sep 0:56 AM Standard offer of e-mail copies. Legal Note: NYT is electronically stalking posters of copyrighted material, according to NYT reporter Peter Lewis on list Cyberia-L. John From rarachel at prism.poly.edu Sat Sep 17 06:19:43 1994 From: rarachel at prism.poly.edu (Arsen Ray Arachelian) Date: Sat, 17 Sep 94 06:19:43 PDT Subject: FREE patent searches In-Reply-To: Message-ID: <9409171306.AA24342@prism.poly.edu> I would suggest that we take this opportunity to do some organized searches for whatever patents aren't already on Soda regarding crypto. From rarachel at prism.poly.edu Sat Sep 17 06:25:13 1994 From: rarachel at prism.poly.edu (Arsen Ray Arachelian) Date: Sat, 17 Sep 94 06:25:13 PDT Subject: if this is RC4 In-Reply-To: <9409161318.AA06070@snark.imsi.com> Message-ID: <9409171312.AA24429@prism.poly.edu> > One possibility is that the author may have simply decompiled the > original code... This might explain the char % 255's in the code. Normally such a construct is dangerous if the machine/compiler you use uses 2 byte "chars" and there's the slightest posibility of having your "char" hold more than 255. I would normally use char & 255, however it may surprise some of us that some machines can do a MOD faster than an AND and the compiler used might have exploited that feature. However, reconstructing C code out of binaries is a pain and I doubt that you'd see a header file as well as a main .c file... Anyone have experience with decompilers? From m5 at vail.tivoli.com Sat Sep 17 06:28:34 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Sat, 17 Sep 94 06:28:34 PDT Subject: RC4 - A response from RSA Data Security, Inc. In-Reply-To: Message-ID: <9409171328.AA08204@vail.tivoli.com> Something told me once by a legal person was that it's not illegal to warn someone that they're doing something illegal when they're not. In other words, RSADSI's vow to maim and mutilate anyone found near a machine with "rc4.c" on a disk may or may not carry actual weight. (This particular legal person was somewhat inebriated at the time, so even I don't necessarily believe him. It does make sense, however...) | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From doug at OpenMind.com Sat Sep 17 07:34:35 1994 From: doug at OpenMind.com (Doug Cutrell) Date: Sat, 17 Sep 94 07:34:35 PDT Subject: Virtual assasins and lethal remailers Message-ID: Adam Shostack writes: > The anonymous nature of the funds & contract negotiation will >make finding this person more difficult, not impossible. A number of people have raised this idea in one form or another when confronted with these notions. However, the point I think needs to be stressed is that: To the extent that evidence can be found, the goals of crypto anarchy have failed. It is certainly true that police can search for a motive, can point at the usual suspects, etc. Adam claims: >The tracing of >the money from payer to assassin might be difficult, but there will >probably be a large, unaccounted for withdrawal from some back >account. To the extent that this is true, then it is also true that people are not able to keep their financial status and records completely secret, and the state can continue to enforce the collection of taxes. Strong crypto has the potential to completely remove these things... what if no one knows what secret bank accounts the suspect uses? The status of the suspect's funds and all cash transactions can be completely private, with no way to find them (even with all the court orders in the world). There are, indeed, many weaknesses to such a scheme in the real world *today*, but it is the aim of crypto anarchy to remove all such weaknesses. Doug ___________________________________________________________________ Doug Cutrell General Partner doug at OpenMind.com Open Mind, Santa Cruz =================================================================== From nobody at c2.org Sat Sep 17 07:41:15 1994 From: nobody at c2.org (Anonymous User) Date: Sat, 17 Sep 94 07:41:15 PDT Subject: Possible [Best?] Scenario Message-ID: <199409171439.HAA13237@zero.c2.org> Let's say I have a digital cellular phone. I also have Anonymous Remailers, PGP, and over 100 BBS numbers (structured for which day and which hour each would be used) so that I can contact and talk to my "Friend." Please tell me how the LEA's can find me and understand the transactions between us? If I have several encryption programs, can I 'layer' each document [I PGP the file, the I DES the PGP file, then IDEA for the final layer. Does the NSA have to crack it one layer at a time, or can they bombard it, crack the layers in whatever order the supercomputer finds? If I am missing something, please let me know what I have missed. From doug at OpenMind.com Sat Sep 17 08:15:29 1994 From: doug at OpenMind.com (Doug Cutrell) Date: Sat, 17 Sep 94 08:15:29 PDT Subject: RSADSI vs. Remailers (Meta Strong Crypto) Message-ID: [Hal forwards articles mentioning that the jpunix remailer is down after complaints were made regarding the remailing of "copy-written" material. The jpunix remailer is the visible remailer used to post the RC4 source code to cypherpunks.] (Meta Strong Crypto) This points at one of the weakest links in the crypto anarchist's toolset. To the extent that the sheep^H^H^H^H^Hpublic becomes concerned with the "implications" of the tools of crypto anarchy, there will probably be attempts to outlaw or otherwise control these tools. Take the recently much discussed notion of the risk-free placement of "contracts to kill". This relies upon almost all of the major tools in the crypto anarchist's toolkit. I count four in this case: the existence of strong public key cryptography; the existence of widely read and used public bulletin boards (such as alt.test); the existence of untraceable digital cash; and the existence of secure anonymous remailers. Of these four, strong public key cryptography is here today and would be very difficult to regulate legislatively at this point. Likewise, widely visible public bulletin boards are rock solid. Untraceable digital cash is of course not really here today, and it is possible that attempts to outlaw it could be made. However, Swiss banks have specialized in anonymous accounts and similar services for a long time, and there could be significant financial gains to be made from issuing untraceable digital cash. It seems likely that there will be banks in Switzerland or elsewhere that will be more than happy to do this. Then the only impediment can be at the level of outlawing the *use* of digital cash. However, the combination of secure public key encryption and anonymous remailing would make the use of digital cash impossible to detect. This leaves anonymous remailers as the one vulnerable link in the chain. Imagine that a country (say the USA) decides to outlaw the operation of, or use of, any anonymous remailer. I don't see how any of the other tools of strong crypto could be used to circumvent such laws. The last link in an anonymous remailer chain is always visible. The operator can be prosecuted for operating an anonymous remailer, if inside the borders of the country (or even outside, given recent USA claims to be able to kidnap foreign citizens on foreign soils for prosecution within the USA). It still might be possible to have anonymous remailers operating safely outside the borders of the country -- but it would be possible to monitor for traffic *destined* for these remailers, leaving the country. Since no anonymous remailers exist within the country, the origin of this traffic can be determined, and the sources can be prosecuted for use of an anonymous remailer. (Going Out On A Limb) One possible way around this societal control of anonymous remailers might be the existence of very large DC-nets (or related technologies). The idea here would be to effectively spread the social responsibility for the operation of an anonymous remailer out over such a large segment of the population that societal (legal) pressures could not be effectively brought to bear to suppress it. This would in effect be a type of political movement... the participating members of these vast "DC-nets" would effectively be members of a kind of political group. This membership would be intrinsically visible, since it will be used to *construct* the possibility of anonymity, and cannot rely on it. In order to be immune from suppression by the rest of society, the membership rosters would have to be comparable to that of a major political party... probably on the order of millions of members (at least hundreds of thousands). Getting there would be the tricky part... during the initial formation stage, when the membership rosters are low, the group is susceptible to be legislated out of existence. Doug From jim at acm.org Sat Sep 17 09:44:38 1994 From: jim at acm.org (Jim Gillogly) Date: Sat, 17 Sep 94 09:44:38 PDT Subject: if this is RC4 In-Reply-To: <9409171312.AA24429@prism.poly.edu> Message-ID: <9409171644.AA08193@mycroft.rand.org> > rarachel at prism.poly.edu (Arsen Ray Arachelian) writes: > > One possibility is that the author may have simply decompiled the > > original code... > This might explain the char % 255's in the code. Normally such a ... > may surprise some of us that some machines can do a MOD faster than > an AND and the compiler used might have exploited that feature. It wouldn't explain the construct Hal pointed out, though: > xorIndex = state[x] + (state[y]) % 256; Here it's either a bug or a no-op, so a decompiler wouldn't have produced it. Jim Gillogly 26 Halimath S.R. 1994, 16:43 From pjm at gasco.com Sat Sep 17 10:02:29 1994 From: pjm at gasco.com (Patrick J. May) Date: Sat, 17 Sep 94 10:02:29 PDT Subject: RC4 article in Saturday (Sept 17) New York Times In-Reply-To: <9409170456.AA16046@merckx.UUCP> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Matt Blaze writes: > the Saturday NY Times (page 37), "A secret computer code is out -- Key > to data security appears on internet". [ . . . ] > Bidzos speculated that > the NSA could revoke RC4's export status as a result of the > disclosure. "Since this algorithm has been released world-wide, we will not allow you to export it." Man, these guys make my head hurt. - ------------------------------------------------------------------------ A contract programmer is always intense. Patrick May pjm at gasco.com (public key available from servers) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLnsgvxByYwhWPvz1AQHU4gQAmNOC57vCG5zz4hMn9+04DyyySB7VTxH2 dlLZteCgfQibmldDTvUBL/WXbkTIQASRzJfDbg8JosmqD1omVmaVUO0v/pBjhQR8 RCTOTakQF6BiE0rh4SdUsPgxcF6RG+fgLbtF3QJE+0ogqkzb4dJtUy0e792yoZqN GDzMjfENu4c= =1Qbo -----END PGP SIGNATURE----- From tcmay at netcom.com Sat Sep 17 10:47:00 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 17 Sep 94 10:47:00 PDT Subject: (fwd) "Will You Be a Terrorist?" Message-ID: <199409171745.KAA03257@netcom8.netcom.com> Cypherpunks, Not all of you like posts that mention "guns" in any form, so if this the case for you, hit "D" now. I think the recently-passed Crime Act has implications for what some are calling "terrorist speech" and that Cypherpunks remailers may be construed as "PROVIDING MATERIAL SUPPORT TO TERRORISTS" in the context of being "communications equipment." Consider this "food for thought." An excerpt, and commentary by the original anonymous poster, is included below. I know that our favorite optimists, Duncan Frissell and Sandy Sandfort, are fond of saying that it's already over, that we've already won, that the state is powerless, etc., but when I read the text of the Crime Bill (available from ftp.nra.org in pub/legislation), I just can't buy that. I see a growing police force, I see U.N. blue helmets, I see many more prosecutions for a growing list of crimes, I see my gun rights being taken away, and on and on. In the section below, read carefully the sections about providing support for "terrorists." Note that belonging to a pro- or anti-abortion group in which _one_ of the members uses violence (a fistfight, a jostling of a cop, or a shooting...) makes the group a "terrorist" group, under the new language of the Crime Act. I will not be surprised to hear that the Cypherpunks group is classified as a terrorist group, for a variety of reasons (not the least of which was the "liberation" of the RC4 code, the Mykotronx-government deal info, the debates about undermining the government, the talk of assasination markets, etc.). Sorry, but I just can't "Don't worry, be happy." --Tim May Newsgroups: talk.politics.guns From: anonymous at extropia.wimsey.com Subject: "Will You Be a Terrorist?" Message-ID: <199409120907.AA15385 at xtropia> Date: Mon, 12 Sep 1994 02:07:16 -0700 X-Mailer: mail-news 2.0.3 Remailed-By: remail at extropia.wimsey.com Comments: This message was anonymously remailed. Do not reply to the address in [Check it out - Cross-posted from Fidonet:] The "Crime Bill" passed by Congress recently (truename: Violent Crime Control and Law Enforcement Act of 1994) has a frightening provision that hides a boogeyman under its superficially appealing surface: *----------* *----------* *----------* SEC. 120005. PROVIDING MATERIAL SUPPORT TO TERRORISTS. (a) Offense.--Chapter 113A of title 18, United States Code, is amended by adding the following new section: ``Sec. 2339A. Providing material support to terrorists ``(a) Definition.--In this section, `material support or resources' means currency or other financial securities, financial services, lodging, training, safehouses, false documentation or identification, communications equipment, facilities, weapons, lethal substances, explosives, personnel, transportation, and other physical assets, but does not include humanitarian assistance to persons not directly involved in such violations. ``(b) Offense.--A person who, within the United States, provides material support or resources or conceals or disguises the nature, location, source, or ownership of material support or resources, knowing or intending that they are to be used in preparation for, or in carrying out, a violation of section 32, 36, 351, 844 (f) or (i), 1114, 1116, 1203, 1361, 1363, 1751, 2280, 2281, 2331, or 2339 of this title or section 46502 of title 49, or in preparation for or carrying out the concealment of an escape from the commission of any such violation, shall be fined under this title, imprisoned not more than 10 years, or both. ``(c) Investigations.-- ``(1) In general.--Within the United States, an investigation may be initiated or continued under this section only when facts reasonably indicate that-- ``(A) in the case of an individual, the individual knowingly or intentionally engages, has engaged, or is about to engage in the violation of this or any other Federal criminal law; and ``(B) in the case of a group of individuals, the group knowingly or intentionally engages, has engaged, or is about to engage in the violation of this or any other Federal criminal law. ``(2) Activities protected by the first amendment.--An investigation may not be initiated or continued under this section based on activities protected by the First Amendment to the Constitution, including expressions of support or the provision of financial support for the nonviolent political, religious, philosophical, or ideological goals or beliefs of any person or group.''. (b) Technical Amendment.--The chapter analysis for chapter 113A of title 18, United States Code, is amended by adding the following new item: ``2339A. Providing material support to terrorists.''. *----------* *----------* *----------* In the U.S. Title 18 Code, terrorism is defined as "engaging in any act or conspiring to engage in any act intended to intimidate or coerce the civilian population or the government" or close words to that effect. What does this mean? Suppose you organize a militia and some little jot or tittle is just that much off -- and the thugs at the BATF or FBI or NatPol decide that your militia is an "armed group"? They can now seize your house, your car, your bank account and anything else even remotely connected with the maintenance or support of the militia, and make *you* prove your innocence before the Federal thugs will grudgingly return your life to you. Suppose you participate in a demonstration against abortion and just one member of the peaceful demonstration gets into a fistfight with an escort. You had given a ride to this demonstrator -- is the fistfight "terrorism" and you a collaborator in this "terrorism" to be arrested and thrown in jail and your car seized until you can prove that you did not know that the other demonstrator did intend to fight with an escort? Suppose you demonstrate against national health care and you yell that Clinton should be thrown out of office and make a threatening gesture -- will the thugs treat this as an "attempt to intimidate the government" and take your car and perhaps your home if you used it to prepare materials for the demonstration? Suppose you quote Thomas Jefferson's words about a revolution being due every twenty years -- will you be thrown into jail for that? Note that the above section does not allow anything but "NON-violent" goals. This is another direct attack upon the First Amendment and deeply disturbing in its implications when considered as part of a set of other federal statutes scattered across Title 18 criminal law. ***end of quoted section*** -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From MAILER-DAEMON at cs.arizona.edu Sat Sep 17 11:30:27 1994 From: MAILER-DAEMON at cs.arizona.edu (Mail Delivery Subsystem) Date: Sat, 17 Sep 94 11:30:27 PDT Subject: Returned mail: Host unknown Message-ID: <199409171826.AA23324@optima.CS.Arizona.EDU> ----- Transcript of session follows ----- 550 3toad.com (tcp)... 550 Host unknown 554 ... 550 Host unknown (Authoritative answer from name server) ----- Unsent message follows ----- Received: from hummingbird.CS.Arizona.EDU by optima.CS.Arizona.EDU (5.65c/15) via SMTP id AA23319; Sat, 17 Sep 1994 11:26:06 MST Date: Sat, 17 Sep 1994 11:26:04 MST From: "Patrick G. Bridges" Message-Id: <199409171826.AA03054 at hummingbird.cs.arizona.edu> Received: by hummingbird.cs.arizona.edu; Sat, 17 Sep 1994 11:26:04 MST To: cypherpunks at 3toad.com Subject: RC4 -----BEGIN PGP SIGNED MESSAGE----- >>>>> "ritter" == ritter writes: ritter> In ritter> schneier at chinet.chinet.com (Bruce Schneier) writes: >> I think the smartest thing RSA Data Security, Inc could do at >> this point is to patent RC4. ritter> Sorry, but they don't have that option. ritter> When a product containing an invention is sold ritter> commercially, a one- year count-down starts on the patent ritter> application. ritter> --- Terry Ritter ritter at io.com So, to summarize what I've heard so far: So, unless RSADSI had already filed for a patent, they're essentially screwed. The algorithm is revealed, but they can't patent it. The source posted may or may not be copyrighted, but anyone can roll their own version which would not be copyrighted and use it freely, unless Trade Secret law say otherwise, which I've heard several people say it doesn't... What has been done may or may not be criminal... If the posted code IS RSADSI source, this is clearly a breach of copyright law...If it is a reverse engineering job, then it's illegal if the reverse engineer had a no-RE agreement w/ RSADSI, which may not be the case if she just worked back from Lotus Notes, for instance... I can't say I'm upset by the fact the algorithm itself has been made public, since IMHO a new, fast algorithm will help the state of academic research in cryptography, and I think most would agree that peer review is the best way to evaluate encryption algorithms. Still, I wonder about the effects this release will have on the net as a whole... This release could make good scare tactic ammunition for the pro-clipper/DigTel folks to use w/ corporations... It may also fuel worrisome cries for regulation of the networks... - -- *** Patrick G. Bridges bridges at cs.arizona.edu *** *** PGP 2.6 key available via finger * Key Fingerprint: *** *** D6 09 C7 1F 4C 18 D5 18 7E 02 50 E6 B1 AB A5 2C *** *** #include *** -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLns0j0oL7Aaetl5pAQFDkwP+M2cO95+jjj7cZp/6FBmplfYM7WhndGhn AcR+NsS6UNvjU+e/q7ekRXPDAHzh4idTldrGndoUAsvVhdXJpYDOvyGyBG1e0W/c HPLQbiNcURRDkDeTIVLLAtX1ECjmfEeBPC/2iiTq1GaivbEGCL1kq+2AS1dSu31m EZOOOWJQe68= =JdAM -----END PGP SIGNATURE----- From jgostin at eternal.pha.pa.us Sat Sep 17 11:50:23 1994 From: jgostin at eternal.pha.pa.us (Jeff Gostin) Date: Sat, 17 Sep 94 11:50:23 PDT Subject: NYT/Markoff article on RC4 Message-ID: <940917125231H4kjgostin@eternal.pha.pa.us> "Brian A. LaMacchia" writes: > The article does mention this list, which is called, "a specialized > computer network mailing list of computer researchers who oppose > the Government's stringent controls on data encryption technology." A tad succinct, but perhaps not too far offbase. Is it fair to say that we support the free flow of information, and place the responsibility for maintaining the privacy of that information on the party said information concerns? Now, I know that saying "we" has certain implications, mainly that of a list consensus. However, it seems that a great many people here seem to post to that regard. Am I correct in my observation? --Jeff -- ====== ====== +----------------jgostin at eternal.pha.pa.us----------------+ == == | The new, improved, environmentally safe, bigger, better,| == == -= | faster, hypo-allergenic, AND politically correct .sig. | ==== ====== | Now with a new fresh lemon scent! | PGP Key Available +---------------------------------------------------------+ From cactus at bb.com Sat Sep 17 12:15:35 1994 From: cactus at bb.com (L. Todd Masco) Date: Sat, 17 Sep 94 12:15:35 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <199409171745.KAA03257@netcom8.netcom.com> Message-ID: <35ffhf$jot@bb.com> In article <199409171745.KAA03257 at netcom8.netcom.com>, Timothy C. May wrote: >I think the recently-passed Crime Act has implications for what some >are calling "terrorist speech" and that Cypherpunks remailers may be >construed as "PROVIDING MATERIAL SUPPORT TO TERRORISTS" in the >context of being "communications equipment." I don't see why anonymous remailers are singled out: as written, it seems that *any* electronic service could be singled out for this (for example, netcom doesn't require proof-of-identity credentials). (Shudder) "Envision burning police cars." In any case, perhaps a way around this can be found: what we may need is "stealth remailers," software that will behave as a remailer through non-obvious "security holes" with correct cooperation from software the original user runs. For example, hack sendmail so that it never wants to reverse-lookup DNS and given a particular set of commands (saying "EHDR" for 'enhanced headers') will operate as an anonymous remailer. Such sendmail-hackage could be distributed with other changes that give enhanced security (for example, that turn off EXPN and VRFY) so that people could claim that they had no idea that they were operating an anonymous remailer. To add encryption to this model, perhaps changes to sendmail could be fashioned that incorporate encryption in such a way that it appears to be purely intended for protection of mail going to the machine, but a side affect could be that every so hacked sendmail becomes a remailer. This has one problem, though: so far, you can't chain with this model. You could fashion a way to cross information from message content to envelope: but that's not a change to sendmail that can be lightly made -- you'll get random lossage from people whose messages unwittingly almost fit your protocol. So, what's further needed is a comment field in the message envelope that can be chained. This would be fairly trivial to add to the RFC822 protocol, and "extra stealth code" could take care of Advantage? A lot of people, I think, would like to add encryption to the MTA layer of mail if it could be done seamlessly. If these changes allowed the hacked sendmail to negotiate with the destination sendmail to determine whether or not it is also hacked, falling back to standard operation if the other one is not, then it's seamless. This is a good feature to have generally available: a fair number of people would install it just on these merits. Of course, the existence of these "stealth features" would be an open secret: however this would lend, to take a phrase from the crytofascists, "plausible deniability." 'Sorry, I just heard about a more secure sendmail and ftp'd it. Didn't say anything anywhere about this in the README files....' Everybody still with me? Anybody? Sound like work people are willing to do/think is worth doing? I'd certainly be willing to do some work on this -- might even be able to justify it as part of my real job, which does involve designing and implementing encrypted protocols. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From rishab at dxm.ernet.in Sat Sep 17 12:47:03 1994 From: rishab at dxm.ernet.in (Rishab Aiyer Ghosh) Date: Sat, 17 Sep 94 12:47:03 PDT Subject: FREE patent searches In-Reply-To: <9409171306.AA24342@prism.poly.edu> Message-ID: <7mcyTc10w165w@dxm.ernet.in> rarachel at prism.poly.edu (Arsen Ray Arachelian) writes: > I would suggest that we take this opportunity to do some organized > searches for whatever patents aren't already on Soda regarding > crypto. That's a Good Idea. To begin with, the patents referred to in Schneier's bibliography where they are easy to spot. I'm not going to do it. It's _your_ Good Idea ;-) ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From tcmay at netcom.com Sat Sep 17 12:54:18 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 17 Sep 94 12:54:18 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <35ffhf$jot@bb.com> Message-ID: <199409171951.MAA13788@netcom13.netcom.com> > In article <199409171745.KAA03257 at netcom8.netcom.com>, > Timothy C. May wrote: > >I think the recently-passed Crime Act has implications for what some > >are calling "terrorist speech" and that Cypherpunks remailers may be > >construed as "PROVIDING MATERIAL SUPPORT TO TERRORISTS" in the > >context of being "communications equipment." > > I don't see why anonymous remailers are singled out: as written, > it seems that *any* electronic service could be singled out for > this (for example, netcom doesn't require proof-of-identity > credentials). I didn't they *are* singled out, just that the Crime Act has some implications for remailers, should the authorities seek to apply the law. And as for Netcom and similar services not requiring proofs of identity, I expect this to change over the next few years (a combination of the Crime Act, the upcoming immigration legislation, and fears that the Net is too unregulated). > In any case, perhaps a way around this can be found: what we may > need is "stealth remailers," software that will behave as a remailer > through non-obvious "security holes" with correct cooperation from > software the original user runs. Any port 25 in a storm? Exploitation of holes is a classic case of "security through obscurity," useful only for short periods of time, and never very certain. > Of course, the existence of these "stealth features" would be an open > secret: however this would lend, to take a phrase from the crytofascists, > "plausible deniability." 'Sorry, I just heard about a more secure > sendmail and ftp'd it. Didn't say anything anywhere about this in > the README files....' > > Everybody still with me? Anybody? Sound like work people are willing > to do/think is worth doing? I'd certainly be willing to do some work > on this -- might even be able to justify it as part of my real job, > which does involve designing and implementing encrypted protocols. Stealth remailers is a good thing to work on, I agree. I'd first settle for having more offshore remailers. There are all sorts of other schemes, too. Under the Crime Act and RICO statutes, we may be committing consiracy merely by talking amongst ourselves. (Maybe this is an exaggeration, as I'm not a lawyer and have no desire to become one.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From cactus at bb.com Sat Sep 17 13:15:36 1994 From: cactus at bb.com (L. Todd Masco) Date: Sat, 17 Sep 94 13:15:36 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <199409171951.MAA13788@netcom13.netcom.com> Message-ID: <199409172020.QAA20917@bb.com> Timothy C. May writes: > I didn't they *are* singled out, just that the Crime Act has some > implications for remailers, should the authorities seek to apply the > law. Didn't mean to imply you were: I was just thinking that this is the first legal manifestation of using the threat of a Horseman against anonymity on the net, of any sort. > > In any case, perhaps a way around this can be found: what we may > > need is "stealth remailers," software that will behave as a remailer > > through non-obvious "security holes" with correct cooperation from > > software the original user runs. > > Any port 25 in a storm? Exploitation of holes is a classic case of > "security through obscurity," useful only for short periods of time, > and never very certain. Well, "security holes" is a bit loose of a term; I was thinking out loud, as it were. The concept, as evolved later, is to distribute a set of features to be added to the RFC-822 protocol that will allow security, including remailer support (though not stated as such). This isn't really an STO: it's more the providing a suite of features: including features that we want along with features that will help spread the whole set. > Stealth remailers is a good thing to work on, I agree. I'd first > settle for having more offshore remailers. Sure. But that doesn't help the channel between inside the US and outside -- IE, the channels that the NSA is chartered to eavesdrop on (yes, as Eric likes to say: the NSA and the FBI are different. But imagine that at some point in the future the NSA, hard pressed to justify its existence, starts passing data to other agencies). Right now, there aren't that many IP channels to outside the country, so they're pretty easy to tap. > Under the Crime Act and RICO statutes, we may be committing consiracy > merely by talking amongst ourselves. (Maybe this is an exaggeration, > as I'm not a lawyer and have no desire to become one.) That thought crossed my mind, too, but since we aren't talking about any illegal activities, merely protocols that might facilitate the same while also facilitating privacy, I think we're fine. Of course, given the stretches made by Law Enforcement for civil forfeitures, the E911 Neidorf thing, and others, perhaps it's time to start seriously looking at hacking list software to create mailing lists that are fully anonymous and encrypted. Has anybody started on such a project? -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From khijol!erc at apple.com Sat Sep 17 13:22:37 1994 From: khijol!erc at apple.com (Ed Carp [Sysadmin]) Date: Sat, 17 Sep 94 13:22:37 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <199409171951.MAA13788@netcom13.netcom.com> Message-ID: > Under the Crime Act and RICO statutes, we may be committing consiracy > merely by talking amongst ourselves. (Maybe this is an exaggeration, > as I'm not a lawyer and have no desire to become one.) Just talking about it doesn't constitute conspiracy - you have to take one active step towards the goal. -- Ed Carp, N7EKG Ed.Carp at linux.org, ecarp at netcom.com Finger ecarp at netcom.com for PGP 2.5 public key an88744 at anon.penet.fi ** PGP encrypted email preferred! ** "What's the use of distant travel if only to discover - you're homeless in your heart." --Basia, "Yearning" From cactus at bb.com Sat Sep 17 13:24:06 1994 From: cactus at bb.com (L. Todd Masco) Date: Sat, 17 Sep 94 13:24:06 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <199409171951.MAA13788@netcom13.netcom.com> Message-ID: <199409172029.QAA21020@bb.com> Something that just occurred to me is that chaining is a justifiable standard feature for hosts that hold other hosts' MX records. I think I'll start hacking on a protocol proposal (Request For Cypherpunks?); The more I think about it, the more easy this should be to implement and distribute as a security suite. (How's this towards furthering the "everybody a remailer" idea?) -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From tcmay at netcom.com Sat Sep 17 13:56:41 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sat, 17 Sep 94 13:56:41 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: Message-ID: <199409172053.NAA25055@netcom8.netcom.com> > > Under the Crime Act and RICO statutes, we may be committing consiracy > > merely by talking amongst ourselves. (Maybe this is an exaggeration, > > as I'm not a lawyer and have no desire to become one.) > > Just talking about it doesn't constitute conspiracy - you have to take one > active step towards the goal. > -- > Ed Carp, N7EKG Ed.Carp at linux.org, ecarp at netcom.com I probably wasn't clear. I didn't mean just talking, with no actions, but talking about new remailer features designed to thwart law enforcement, and then implementing the features. (In this interpretation, the remailers that many of us have talked about, designed, written software, run on our systems, etc., could be considered to be part of a conspiracy, should Bidzos, Mykotronx, ClariNet, the Feds, etc., choose to focus on remailers as "a continuing criminal enterprise.") We've done more than just talk, you'll have to agree. --Tim may -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From sandfort at crl.com Sat Sep 17 14:12:07 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Sat, 17 Sep 94 14:12:07 PDT Subject: H.E.A.T. SEEKING Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Bummer! WWOR, here in the New York area, pulled a fast one on me. They rescheduled Acapulco H.E.A.T. from 18:00 to 15:00 without so much as a "by-your-leave." But as Mr. May will tell you, I'm one of the list's perennial optimist. There are no problems, only opportunities. If you saw the show in question, my loss may be your gain. That's right, I asking you to post a "guest review" of this week's episode of Acapulco H.E.A.T. to the list. If we're lucky, we may end up with "dueling reviews." What was the bikini count? How many gun battles? What was blown up? How many computer/privacy/crypto plot devices were used? And most importantly, Fabio or no Fabio?; that is the question. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From perry at imsi.com Sat Sep 17 14:24:17 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sat, 17 Sep 94 14:24:17 PDT Subject: RC4 - A response from RSA Data Security, Inc. In-Reply-To: <9409171328.AA08204@vail.tivoli.com> Message-ID: <9409172123.AA07576@snark.imsi.com> Mike McNally says: > > Something told me once by a legal person was that it's not illegal to > warn someone that they're doing something illegal when they're not. > In other words, RSADSI's vow to maim and mutilate anyone found near a > machine with "rc4.c" on a disk may or may not carry actual weight. The phrase "illegal" is wrong here. Potentially, RSADSI has a civil action that it can bring against some people, but nothing criminal has been claimed thus far. I know there are certain states with statutes making trade secret violations a crime, but thats not what is being alleged thus far. I will also note that all good attorneys regularly draft letters on behalf of their clients claiming that you will be stripped of all your assets and get a bad case of leprosy if you don't do what we want. Such letters tend to "stretch" the law a bit. Its not clear that Bidzos does or does not have any course of action to take against third parties that have or do work with the RC4 code. He might have potential mechanisms available to him, and he might just be threatening to spread Fear, Uncertainty and Doubt. I'm not sufficiently familiar with all the details of trade secret law. Perry From merriman at metronet.com Sat Sep 17 15:11:43 1994 From: merriman at metronet.com (David K. Merriman) Date: Sat, 17 Sep 94 15:11:43 PDT Subject: H.E.A.T. SEEKING Message-ID: <199409172210.AA21263@metronet.com> >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > SANDY SANDFORT > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . > >C'punks, > >Bummer! WWOR, here in the New York area, pulled a fast one on >me. They rescheduled Acapulco H.E.A.T. from 18:00 to 15:00 >without so much as a "by-your-leave." > >But as Mr. May will tell you, I'm one of the list's perennial >optimist. There are no problems, only opportunities. If you saw >the show in question, my loss may be your gain. That's right, I >asking you to post a "guest review" of this week's episode of >Acapulco H.E.A.T. to the list. If we're lucky, we may end up >with "dueling reviews." > Wheeeeeep! Wheeeeeeeep! HEAT ALERT! HEAT ALERT! Wheeeeeep! Wheeeeeeeep! :-) Happily, the local affiliate has left it at it's "regular" time (midnight!), so I'll be glad to help fill in the slack. I'll send the stuff to you, if you like/don't mind, so you can merge it with any others (or edit to taste :-). Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From dfloyd at runner.utsa.edu Sat Sep 17 15:41:34 1994 From: dfloyd at runner.utsa.edu (Douglas R. Floyd) Date: Sat, 17 Sep 94 15:41:34 PDT Subject: Data Havens Message-ID: <9409172243.AA17059@runner.utsa.edu> -----BEGIN PGP SIGNED MESSAGE----- I know this may be getting off track on this list, but it may be worthwhile. I was exploring the concept of a "data haven" which, to my knowledge, a place whose location is unknown to its users, but via anonymous remailers, files can be stored and retrived from it. I am going to look into writing a script or program that will allow people to store items using a passphrase or their PGP key, and retrive and delete the files on demand. Here are my problems though: 1: I am clueless about Perl, and not that great with C. 2: One must have to "hide" behind a VERY TRUSTABLE remailer, one that does not go down all the time, and one that accepts PGP encoded mail. 3: Would hiding behind one remailer or two be secure enough? There is a problem, unlike simple remailer chaining that people need to be able to E-mail the script. 4: A need for verifing that the mail got to the DH successfully since data errors do occur, and sometimes networks truncate mail packets. (Compuserve is notorius about this, so is Fidonet). 5: A way of making verifing that the user is who (s)he claims to be. (PGP, IDEA, or a passphrase) 6: Multiple security levels, so files cannot be retrived even if one's PGP key is compromised (user settable) 7: How will files be stored? Will folders and directories actually be made, or will they be all stored in one place with wierd names (to prevent name collisions) and one file be the index? Will there be user names or UID's? 8: There will need to be a way to tell if the DH is up or not. 9: How will PGP keys be stored and indexed? One would not want their files mailed in the clear. (How would I mail files if the user cannot use PGP? have a user settable password, and use crypt?) 10: How would people be able to trust a DH? Data Havens, by definition must be _very_ reliable, yet in a secure location to prevent unauthorized access of the files. What bothers me is DH's starting up and either croaking unexpectably or being places for Bad Guys (TM) to be able to snarf unsuspecting people's files. Perhaps a reputation based system? 11: How would a DH turn away files because the disk is full? 12: Would integrating DigiDollars with a DH be a good idea? (For secure storage of your files, we charge $1 DD per month per meg, and .01 DD per transaction.) What would the DH do with the files if they are not paid, or double-spending occurs? I will be working on a command set that one can use for sending and retriving files to and from the DH, as well as an authication system that can support PGP, DES (SunOS style), or crypt (yes, laughable security, but some people cannot use PGP at work). I think I will use perl for eventually writing this, but I know nothing about perl, so will have to print out a manual or two and do some work on my linux box... As per my previous posts, I am very clueless, but If I can get a decent data haven script working, it will be worth all the flames :-). Once the script is written, all one has to do is install the script, and ping a Penet type remailer, then post the anon remailer address, and Voila' a DH now exists. I apologize for the length of this post, but there are a lot of questions and problems in making a stable, usable data haven. - --- Finger dfloyd at lonestar.utsa.edu for PGP key, and please use it when mailing me. -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLntxFXDkimqwdwa5AQEE0gP+P+8sjma3rDkrxhZOBRam7/0v6lsUG0e9 fvtUsLHKAYaB8f6cCUUxwtpwhrI/9TPeh7QoQnEcHlhDO1kV46X9kA1n04hhJpXb Rx+BWSNaLHB3tynaXkN0lTIR/r6CGs+zKvc8BOJpLHSL7ajowmXs1C9Z8Lf4IW+G 8IwG9TR/iec= =9Vg8 -----END PGP SIGNATURE----- From hughes at ah.com Sat Sep 17 16:15:28 1994 From: hughes at ah.com (Eric Hughes) Date: Sat, 17 Sep 94 16:15:28 PDT Subject: On the crime bill and remailers Message-ID: <9409172236.AA12780@ah.com> Even the crime bill doesn't apply _ex post facto_, meaning anything newly illegal under the crime bill wasn't illegal before it. In particular, any discussion about remailers, discussion which has already happened and which might be construed as conspiracy for a newly illegal action, cannot now be subject to the terms of a new bill. Even more in particular, any discussion of remailers that has already happened is perfectly safe. And as for me, I don't plan on shutting up now. Eric From hughes at ah.com Sat Sep 17 16:58:22 1994 From: hughes at ah.com (Eric Hughes) Date: Sat, 17 Sep 94 16:58:22 PDT Subject: Data Havens In-Reply-To: <9409172243.AA17059@runner.utsa.edu> Message-ID: <9409172319.AA12820@ah.com> I was exploring the concept of a "data haven" which, to my knowledge, a place whose location is unknown to its users, but via anonymous remailers, files can be stored and retrived from it. This is certainly on-topic. As stated, however, the outline suffers badly froma confusion of purpose. It is not necessary to solve every problem that can be thought of, merely to solve the most important problem in such a way that allows it to be combined with other known solutions. Specifically, the proposal worries far too much about communications security and routing issues, which best go elsewhere in the abstraction. The main service proposed is data storage, not anonymous remailing. Remailing can be done with other segments. Secondly, such storage need not be tied to identity. There's no need for passwords or passphrases or even public keys. The main idea here is storage. You want the property that arbitrary people can't scan the storage facility for content, but identity, while it would work, is _more_ than is necessary. (Can anybody anticipate the solution? See below.) 2: One must have to "hide" behind a VERY TRUSTABLE remailer, [...] This is a concern about communications, and is not necessary to the main idea of remote archiving. 4: A need for verifing that the mail got to the DH successfully since data errors do occur, and sometimes networks truncate mail packets. Again, this communication issue should be dealt with in a separate layer that is concerned about the reliability of communications. 5: A way of making verifing that the user is who (s)he claims to be. Identity-based retrieval is possible, but it's not necessary. Since the service is single purpose (storage) and won't be dealt with directly by humans, i.e. no command prompt, but rather will act as a back end for some retrieval process, the persistence of identity isn't required at the back end. Some persistence will certainly be useful, but it can occur at the user's end. 6: Multiple security levels, so files cannot be retrived even if one's PGP key is compromised (user settable) This is really overkill. Every bit of complication makes the code harder to design, harder to write, harder to debug, and harder to deploy. A simple solution with the basic function can later be elaborated upon. 8: There will need to be a way to tell if the DH is up or not. If you make a request, and nothing comes back, it's not up. I don't see the value in extra functionality. 9: How will PGP keys be stored and indexed? Again, this issue can be finessed. At least part of the issue is a communications one as well, which is best dealt with elsewhere. 10: How would people be able to trust a DH? If you store only encrypted data--and only the stupid would not--the only bit of trust is in continued uptime. Replication and redundancy can be handled at the user's end. At some point _every_ replication bottoms out to the unreplicated storage of some bit of data. This is the primitive, and this deserves to get implemented first. 11: How would a DH turn away files because the disk is full? Silent failure should work just fine. Disk space limitations are just as difficult to deal with as communication failures. 12: Would integrating DigiDollars with a DH be a good idea? At some point when they exist, yes. Right now, without such mechanisms, requiring this will prevent any deployment. I apologize for the length of this post, but there are a lot of questions and problems in making a stable, usable data haven. Looking to implement the final goal as a first project is doomed to failure. Implementing a simple primitive as an attainable project is a much better idea. Now for some specifics. There is a package called Almanac which is a file-by-mail server. Leveraging off this code is a good place to start. Lots of the basic issues are already solved. Now, about authentication. The basic service is storage. It's not even providing name access to the storage. The data itself is what is desired, and a cryptographic one-way hash function suffices as a name. Knowledge of the hashcode provides all the authentication that is needed. If you don't know the hashcode, you can't get the file. If you do know the hashcode, you can. No one else can guess the hashcode, and since no one else knows these hashcodes, the hashcodes suffice as a replacement for the presistence of identity. Furthermore, the many files stored by a particular individual are not linked together in any way on the remote site. The storage site need not have this data; in fact even having this data introduces another security risk. The software on the user end can keep track of any mapping desired. Some sort of tracking software on the user end will be needed in any case to keep track of what is stored where; it may as well keep track of a remote name mapping. So the primitives to implement are very simple; there are two: "store text T" and "retrieve the text with hashcode N". Perhaps a third is also desired: "is text with hashcode N present?". This kind of system is very simple. For implementation of the back end, the files can be stored with filenames which are hexadecimal representations of their hashcodes. This representation allows one to leverage the existing index structure of the file system, avoiding the need to code one inside the application. For the front end, a log file will suffice for a trial version of name mapping. The retrieval method is "grep by hand". Something more advanced can be implemented later, perhaps something that looks like a file system or an ftp site. Eric From hughes at ah.com Sat Sep 17 17:02:07 1994 From: hughes at ah.com (Eric Hughes) Date: Sat, 17 Sep 94 17:02:07 PDT Subject: Data Havens In-Reply-To: <9409172243.AA17059@runner.utsa.edu> Message-ID: <9409172323.AA12831@ah.com> P.S. Thanks to Bill Stewart for raising this issue last week at the physical meeting. He had a similar idea, with similar complications. There's no shame in not having complete clarity on a first proposal. The basic idea of hashcode-naming arose during Bill's presentation. Eric From hughes at ah.com Sat Sep 17 17:09:55 1994 From: hughes at ah.com (Eric Hughes) Date: Sat, 17 Sep 94 17:09:55 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <199409172020.QAA20917@bb.com> Message-ID: <9409172331.AA12848@ah.com> [...] perhaps it's time to start seriously looking at hacking list software to create mailing lists that are fully anonymous and encrypted. Has anybody started on such a project? I'd suggest that a much more productive avenue of approach would be to improve the aliasing facilities of a remailer provider to allow a pseudonym to look like a fully normal name. Ownership of root is not necessary for this. I know that Matt Ghio's mail delivery set up allows this. At his site there's this 'name+extra' syntax which delivers mail to 'name', but because of a special sendmail version 8 macro in the Received: field both the 'name' and the 'extra' can be recovered. The 'extra' is then an input into a remailer as a pseudonym. The aliasing has to happen somewhere. It can happen at the mailing list exploder or at the remailer. Since the mapping at the remailer is of much more general use, and since it allows one to leverage _all_ forms of mail communication and not just mailing list, it seems like a much better place for that mapping to exist. Implementation inside a remailer is a duplication of function--almost always a bad thing. Eric From hughes at ah.com Sat Sep 17 17:17:39 1994 From: hughes at ah.com (Eric Hughes) Date: Sat, 17 Sep 94 17:17:39 PDT Subject: RC4 - A response from RSA Data Security, Inc. In-Reply-To: Message-ID: <9409172338.AA12862@ah.com> Weasel words if I ever saw it. From: jim at RSA.COM (Jim Bidzos) FYI... I'd appreciate if you posted this wherever you saw RC4... WARNING NOTICE It has come to RSA Data Security's attention that certain RSA trade secrets, in the form of confidential and proprietary source code, have been misappropriated and disclosed. [...] Let it be officially observed that nowhere in this 'warning' is there any claim that the alleged RC4 code posted is related in any way to "certain RSA trade secrets". The innuendo to Bruce is certainly that, but there's no official statement to that effect. All this statement says is that certain things happened, but does not claim that the specific code posted is what is being referred to. And I suspect that's because a statement to that effect would be a lie, or at the least counterfactual. If the code posted were copyrighted, it would be much stronger to make the claim that in fact, the posted code was RSA code. That's not actually claimed, and the statement published stops just short of it, just short of making a false public statement which would restrain trade. In other words, it's _all_ hot air, not just most of it. Eric From hughes at ah.com Sat Sep 17 17:19:54 1994 From: hughes at ah.com (Eric Hughes) Date: Sat, 17 Sep 94 17:19:54 PDT Subject: RC4 Legal Issues In-Reply-To: <9409151814.AA05183@snark.imsi.com> Message-ID: <9409172341.AA12873@ah.com> Ah, but that does make some sense. You see, Stac bought MS-DOS from Microsoft, and had to adhere to Microsoft's shrink wrap agreement. Whether or not a shrink wrap agreement is valid is a further issue here as well. Taking something apart that lots of people have is, or at least should be, a fair use. Eric From hughes at ah.com Sat Sep 17 17:21:11 1994 From: hughes at ah.com (Eric Hughes) Date: Sat, 17 Sep 94 17:21:11 PDT Subject: The Importance of Filtering In-Reply-To: <199409152120.OAA27178@jobe.shell.portal.com> Message-ID: <9409172342.AA12884@ah.com> Still, if one of thse could be made accessible to anon ftp it might be worthwhile (if toad allows anon ftp). Toad.com does not run an ftp daemon, and I can't install one myself. Eric From CCGARY at MIZZOU1.missouri.edu Sat Sep 17 17:39:48 1994 From: CCGARY at MIZZOU1.missouri.edu (Gary Jeffers) Date: Sat, 17 Sep 94 17:39:48 PDT Subject: terrorist FORTRESS SLEUTH remailers & FORTRESS lists Message-ID: <9409180039.AA08411@toad.com> THE FOLLOWING TEXT IS FOR INFORMATION ONLY & DOES NOT ADVOCATE BREAKING ANY LAWS. TERRORIST FORTRESS SLEUTH REMAILERS & FORTRESS LISTS Todd Masco makes a good point about sleuth remailers. For the last two issues of the CEB in chapter 7. Current problems in crypt, I have pointed out the need for them. I invented the name FORTRESS REMAILERS to describe them. I also invented the term FORTRESS MAILING LIST as well. We are in a time window now. In a few years at most, remailers & lists like Cypherpunks & newsgroups like Sci.crypt may be outlawed. We may then have two of our most important communications tools taken away from us in our development of electronic communications privacy tools. Some will infer from this that if they want secure Internet communications, then they had better start writing in a hurry. The State has not consolidated its power enough yet to take away these "privileges". When they do, these will seem like the good old careless days of privacy building & possibly even seem like an historic anomaly. Privacy Freedom Fighters of the future may feel very grateful to today's Cypherpunks for writing FORTRESS remailers, lists, & newsgroups so that may continue their work. ON THE MATTER OF SECURITY THRU OBSCURITY I think that the idea of security thru obscurity is much like having a strong crypt system that is handicapped by allowing only one password. The method is limited from becoming popular due to the fact that popularity would likely disclose the key & then make the system s dangerous & useless. Possibly, disastrous to all using it. Due to that reason, FORTRESS REMAILERS & FORTRESS LISTS & NEWSGROUPS would have to avoid security thru obscurity. It is hard to figure out how to do a FORTRESS remailer or list. Possibly, a WAN using radio communications as a starting point? SPECULATIVELY Yours, Gary Jeffers From blancw at pylon.com Sat Sep 17 17:40:52 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Sat, 17 Sep 94 17:40:52 PDT Subject: (fwd) \"Will You Be a Terrorist?\" ( Moi? ) Message-ID: <199409180041.RAA01461@deepthought.pylon.com> Other tidbits for thought: . Optimism It is easier to be optimistic about impending events & the gathering dark clouds on the horizon, when one is mentally prepared & is accoutered for dealing with a threatening circumstance. Things don't look nearly so overwhelming the greater your confidence that you know how to respond; when you are prepared to meet the challenge because you have the means to do so (or can get them) and the knowledge of how to apply these to advantage. . Violation It is so telling, that legal documents on crime will always state that violations are of "section 351, 844 (f) or (i), 1114, 1116, 1203, 1361, 1363, 1751, 2280, 2281, 2331, or 2339", or a violation of "this or any other Federal criminal law". They don't say that an act is an attempted violation of "reality" or "of the sanctity of the individual" or of "the principles of privacy" or "the values for which this Nation stands". The words and meanings are arranged to place the sanctity and inviolability of the State as beyond the right of the individual to contemplate. It places the prerogative for State functions as existing outside an individual's category of the thought: there is no way that one could imagine the requirements of independent existence as sovereign to the functions of the State, as there is no allowance for, there are no "provisions"made for, any power to act beyond what is outlined by "the Law". That wouldn't be so bad, if The Law was a reflection of the real world and True Intelligence. (Barring that, it's back to the trenches. Now the trenches of cyberspace.) Blanc From werewolf at io.org Sat Sep 17 17:56:10 1994 From: werewolf at io.org (Mark Terka) Date: Sat, 17 Sep 94 17:56:10 PDT Subject: RC4 article in Saturday (Sept 17) New York Times In-Reply-To: <199409171254.IAA02911@pipe1.pipeline.com> Message-ID: In article <199409171254.IAA02911 at pipe1.pipeline.com>, John Young wrote: > > Responding to msg by mab at research.att.com (Matt Blaze) on Sat, > 17 Sep 0:56 AM > > > Standard offer of e-mail copies. I'd like one if you could manage. > > Legal Note: NYT is electronically stalking posters of > copyrighted material, according to NYT reporter Peter Lewis on > list Cyberia-L. Bet they haven't heard of the anon remailer system! :> From minow at apple.com Sat Sep 17 18:05:40 1994 From: minow at apple.com (Martin Minow) Date: Sat, 17 Sep 94 18:05:40 PDT Subject: if this is RC4 Message-ID: <9409180105.AA06084@apple.com> The strange line in the posted RC4 (assuming that's what it is): > xorIndex = state[x] + (state[y]) % 256; might be an intentional do-nothing statement that could be used to show that the original was stolen source code, rather than a decompilation of an executable or object module. An expert could point out that the statement cannot be derived from any distribution of RC4, but was in the source licensed to Company X, and therefore an employee of Company X violated the source code agreement. Just speculating. Martin Minow minow at apple.com The above does not represent the position of Apple Computer Inc. From hfinney at shell.portal.com Sat Sep 17 18:25:20 1994 From: hfinney at shell.portal.com (Hal) Date: Sat, 17 Sep 94 18:25:20 PDT Subject: Stealth remailers Message-ID: <199409180125.SAA22260@jobe.shell.portal.com> One "quick and dirty" way to get the effect of a stealth remailer is to have all messages leave the remailer net via one or more politically strong hosts. For a long time now I have been having my remailer on alumni.caltech.edu, which I judge to be politically weak, forward mail to shell.portal.com, which seems stronger. When people see some anonymous mail they don't like, they look at where it comes from. They seldom think to blame other remailers in the chain (partially because they can't easily find out who they are). It is the final remailer which takes the heat. If that remailer were in a jurisdiction and/or political position that would allow it to withstand the various threats we anticipate, it would provide cover for the other remailers. And by using other remailers in a chain before going through this final remailer, users don't have to trust the final remailer with any significant secrets. Some time back I proposed a variation of this idea: "second tier" remailers, which always forward their outgoing messages through one or more "first tier" remailers, which work like the current ones and take the political heat as a result. Second tier remailers would be very safe to run and it would be rare that a sysop or supervisor would get a complaint about the remailer's activity. Hal From hughes at ah.com Sat Sep 17 18:36:07 1994 From: hughes at ah.com (Eric Hughes) Date: Sat, 17 Sep 94 18:36:07 PDT Subject: terrorist FORTRESS SLEUTH remailers & FORTRESS lists In-Reply-To: <9409180039.AA08411@toad.com> Message-ID: <9409180057.AA13016@ah.com> We are in a time window now. In a few years at most, remailers & lists like Cypherpunks & newsgroups like Sci.crypt may be outlawed. Outlawed where? In every jurisdiction in the world? I would prefer to deal with this situation when it appears likely to happen and concentrate on achievable results now. Focusing on the harder problems of greater repression will prevent useful progress from being made. Eric From sameer at c2.org Sat Sep 17 18:45:47 1994 From: sameer at c2.org (sameer) Date: Sat, 17 Sep 94 18:45:47 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <9409172331.AA12848@ah.com> Message-ID: <199409180143.SAA16949@infinity.c2.org> > > I'd suggest that a much more productive avenue of approach would be to > improve the aliasing facilities of a remailer provider to allow a > pseudonym to look like a fully normal name. it's done. omega.c2.org http://www.c2.org/services/blindserver.html http://www.c2.org/services/blindclient.html > > Ownership of root is not necessary for this. I know that Matt Ghio's > mail delivery set up allows this. At his site there's this > 'name+extra' syntax which delivers mail to 'name', but because of a > special sendmail version 8 macro in the Received: field both the > 'name' and the 'extra' can be recovered. The 'extra' is then an input > into a remailer as a pseudonym. > > The aliasing has to happen somewhere. It can happen at the mailing > list exploder or at the remailer. Since the mapping at the remailer > is of much more general use, and since it allows one to leverage _all_ > forms of mail communication and not just mailing list, it seems like a > much better place for that mapping to exist. Implementation inside a > remailer is a duplication of function--almost always a bad thing. > > Eric > -- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From ghio at chaos.bsu.edu Sat Sep 17 20:51:45 1994 From: ghio at chaos.bsu.edu (Matthew Ghio) Date: Sat, 17 Sep 94 20:51:45 PDT Subject: Stealth remailers Message-ID: <199409180357.WAA21905@chaos.bsu.edu> Hal wrote: > Some time back I proposed a variation of this idea: "second tier" > remailers, which always forward their outgoing messages through > one or more "first tier" remailers, which work like the current ones > and take the political heat as a result. Second tier remailers would > be very safe to run and it would be rare that a sysop or supervisor > would get a complaint about the remailer's activity. ftp cs.cmu.edu cd /afs/andrew.cmu.edu/usr12/mg5n/public/remailer get ghio.cp-remailer.tar.gz gunzip & untar Change the following line in the readheaders.c, in the block_addr function: if (match==1) address[0]=0; to if (match!=1) address[0]=0; Your blocked.addresses file is now a pass-addresses file. Put the email addresses of other remailers in the file. You now have a stealth remailer. Now, EVERYONE should go do this RIGHT NOW! No more excuses for not running remailers... :) From jef at ee.lbl.gov Sat Sep 17 20:59:31 1994 From: jef at ee.lbl.gov (Jef Poskanzer) Date: Sat, 17 Sep 94 20:59:31 PDT Subject: "FREE MONEY" spam via remailer Message-ID: <199409180359.UAA04089@hot.ee.lbl.gov> Is this the first spam to go via an anonymous remailer? I bet penet is swamped right now, trying to process the tens of thousands of flames. Seems like Julf might want to implement a spam detector inside the remailer, preventing the stuff from getting posted from there in the first place. --- Jef From cactus at bb.com Sat Sep 17 22:57:25 1994 From: cactus at bb.com (L. Todd Masco) Date: Sat, 17 Sep 94 22:57:25 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <9409172331.AA12848@ah.com> Message-ID: <35gl4b$qtn@bb.com> In article <9409172331.AA12848 at ah.com>, Eric Hughes wrote: > [...] perhaps it's time to start seriously > looking at hacking list software to create mailing lists that are fully > anonymous and encrypted. Has anybody started on such a project? > >I'd suggest that a much more productive avenue of approach would be to >improve the aliasing facilities of a remailer provider to allow a >pseudonym to look like a fully normal name. I'm not sure that's a good solution. When the Bad Guys go to the site that originated the message and say "we want Alfred E. Neuman at your site" (for publication of plans of some sort of machine), the remailer operator could get busted for aiding & abetting. Sure, Alf's real life human will be safe, but it'd be nice to protect the remailer operator, too. True, the "identity stripping" can be done by a remailer as well; However, it's trivial enough to do at the mailing list software level (simply not including information) that it seems like it's not a bad thing to do. Now, this won't give protection from traffic analysis; In was suggestion, I was really blurring two seperate lines of thought (I'm interested in PGPified mailing list software for content-hiding reasons; I'm trying to set up a "distributed business" that I'd like to keep secure). Also, though, I'm not sure I want to count on anonymous remailers being available. If people want to effectively "chain" them, that's fine. >Ownership of root is not necessary for this. I know that Matt Ghio's >mail delivery set up allows this. At his site there's this >'name+extra' syntax which delivers mail to 'name', but because of a >special sendmail version 8 macro in the Received: field both the >'name' and the 'extra' can be recovered. The 'extra' is then an input >into a remailer as a pseudonym. Sure. I'm familiar with AMS (in fact, one of my business partners is one of the current news/postmasters at CMU, and is helping design and produce IMAP, its replacement). Another, better I think, possibility is to add headers and let the MUA sort it out: you don't have to depend upon non RFC-822 features in the MTA. Nonstandardness is not a game you want to get into for things like e-mail unless you have the sort of clout that CMU/Andrew does. >The aliasing has to happen somewhere. It can happen at the mailing >list exploder or at the remailer. Since the mapping at the remailer >is of much more general use, and since it allows one to leverage _all_ >forms of mail communication and not just mailing list, it seems like a >much better place for that mapping to exist. Implementation inside a >remailer is a duplication of function--almost always a bad thing. I'm not sure I buy that duplication of function is a bad thing in this case: throwing information away more than once can't be worse than only throwing it away once, can it? ----- I do have a couple questions that aren't terribly related: - Are there any known PK message formats that commute? It seems clear to me that PGP and RIPEM do not, since that makes no sense for private key ciphers like DES/3DES and IDEA. - What I want (for other purposes) is a mailing list that has its own public key; Material is encrypted to it, it decrypts it, and then the material is encrypted with each recipient's public key (I'm assuming a PGP base here). Probably simply to do, but has anybody done it? No pretense of protection from traffic analysis here: just to keep prying 3rd parties' eyes off it. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From jonathan at memex.com Sun Sep 18 00:09:43 1994 From: jonathan at memex.com (Jonathan Adams) Date: Sun, 18 Sep 94 00:09:43 PDT Subject: (fwd) "Will You Be a Terrorist?" Message-ID: <9409180700.AA09412@memexis.memex.com> In a post to , cactus at bb.com (L. Todd Masco) wrote: > Now, this won't give protection from traffic analysis; In was > suggestion, I was really blurring two seperate lines of thought > (I'm interested in PGPified mailing list software for content-hiding > reasons; I'm trying to set up a "distributed business" that I'd > like to keep secure). Also, though, I'm not sure I want to count > on anonymous remailers being available. If people want to > effectively "chain" them, that's fine. I don't see how using PGPified mailing lists help at all (with the assumtion that anyone can subscribe). I mean, anyone can simply subscribe to the list and then read all of the traffic. What's the point? Anyways... I *can*, however, see the use of using PGP encryption for mailing list submissions, expecially combined with an aliasing feature. (i.e. the mailing list has a key pair, and people send mail to it). Possibly even accepting something like the cypherpunk remailer format (i.e.: :: anon-post-from: bob etc... ). This, however, *might* be going to far for some people's comfort, because it would allow *COMPLETELY* untraceable posts (depending on the security of the site, but that's another issue). You can do other remailer-type traffic analysis defeaters like sending out the posts in random order at fixed intervals, etc. > - What I want (for other purposes) is a mailing list that has > its own public key; Material is encrypted to it, it decrypts it, > and then the material is encrypted with each recipient's public > key (I'm assuming a PGP base here). Probably simply to do, > but has anybody done it? No pretense of protection from > traffic analysis here: just to keep prying 3rd parties' eyes > off it. See above. Also, a couple problems with encrypting it to each person on the list is that it takes: #1 Space for all of the keys #2 Time to encrypt EACH message to each person Both of which quickly become a problem on high-volume lists such as cypherpunks. Also, it requires that EVERYONE use PGP if they want to read the list. This, I believe, is an unacceptable requirement. --- jonathan at memex.com PGP 2.6 key available. Fingerprint: (Jonathan Adams) 40 27 43 E0 5C 20 66 0E EE 8C 10 9F EC 40 78 6A (revoked!) A5 77 E9 28 88 DD B7 D4 9C 8C F9 D5 D8 3F 45 BE (new! 1024 bit) From tcmay at netcom.com Sun Sep 18 01:45:49 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 18 Sep 94 01:45:49 PDT Subject: More about Cypherpunks in *Expanded* Markoff Article! Message-ID: <199409180844.BAA15898@netcom11.netcom.com> [I've been gone all day and just got home. I didn't see anybody else writing about the extra mentions of Cypherpunks, compared to the "NYT" article mentioned earlier, so here it is.] Yes, folks, there's more on Cypherpunks in the Markoff article than what the "New York Times" printed. "All the news that fits, we print" applies as well to their column inches quota, apparently. I discovered that my local paper, the "San Jose Mercury News," carried several more paragraphs that Markoff wrote. No joke, no satire here from Klaus! The extra paragraphs are below: "...Such software permits computer users to send messages so that they are routed anonymously [this is where NYT ended the piece] "leaving little or no evidence for tracing the message back to the original sender." [included in SJMN piece] "Although motives for the disclosure of the formula remain unclear, there has been a bitter controversy between computer users on the Cypherpunks mailing list and executives at RSA Data Security..... "Members of the Cypherpunks groups have contended that the RSA Data Security patents constitute a monopoly that is hindering the widespread use of data encryption software. "Some members of the Cypherpunks have said they plan to take apart the RC4 formula to create their own version, which would not be controlled by RSA Data Security." [this is where the SJMN ended it....I'm not sure if the Vallejo Valley Times-Picayune carried more] Quite a bit more on the Cypherpunks role, I'd say. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From jgostin at eternal.pha.pa.us Sun Sep 18 01:50:15 1994 From: jgostin at eternal.pha.pa.us (Jeff Gostin) Date: Sun, 18 Sep 94 01:50:15 PDT Subject: Data Havens Message-ID: <940918022220i9bjgostin@eternal.pha.pa.us> dfloyd at runner.utsa.edu (Douglas R. Floyd) writes: > I know this may be getting off track on this list, but it may be worthwhile. Nah, Data Havens are well within the "charter". :-) > 1: I am clueless about Perl, and not that great with C. This is your first, and foremost, problem. I'm not terribly familiar with Perl, however, if it's half as anal-retentive as C is, make damn sure you know your stuff, or at least have a trusted opinion on the subject (Hi RS!! You know who you are!). > 2: One must have to "hide" behind a VERY TRUSTABLE remailer, one that > does not go down all the time, and one that accepts PGP encoded > mail. Agreed. > 3: Would hiding behind one remailer or two be secure enough? There > is a problem, unlike simple remailer chaining that people need to > be able to E-mail the script. Define your attacker. Who is this suppose to be "secure enough" against? If it's Joe Avg. CompuGeek, yes, one should be "enough". If, OTOH, the NSA is your intended foe, find 12. Then find 3 more. Then, perhaps another 43. Then, MAYBE, you'll be "secure enough". You see, the problem with "secure enough" is that a good security system, while not foolproof, makes the cost of attack substantially higher than the cost of the information so gained. So, ask yourself: how much "money" (IE: resources, time, and man-hours) is "too much" for the value of the data and obscurity your DH will offer. Once you've determined this, then, and ONLY THEN, have you determined how much security is "secure enough" for your purposes. > 4: A need for verifing that the mail got to the DH successfully since > data errors do occur, and sometimes networks truncate mail packets. > (Compuserve is notorius about this, so is Fidonet). You'll pardon me for saying, but the hell with CI$, and to hell, even quicker, with Fido. Anyone who's serious enough will find their way onto Internet. Call me a purist, or a jackass, but the aforementioned are more of a handicap than a help. I say drop 'em. > 5: A way of making verifing that the user is who (s)he claims to be. > (PGP, IDEA, or a passphrase) Well, the only real way to do this SECURELY is for human intervention to decide which keys are accurate and which aren't. Barring that, try taking advantage of the keyservers. When a packet comes in, snag a copy of ALL the keys this person has (and, perhaps, a few that haven't, just for a confounding factor), and use them one-by-one until a match is generated. Then, discard all keys. If no match, trash the packet. > 6: Multiple security levels, so files cannot be retrived even if > one's PGP key is compromised (user settable) Fair enough... multiple keys? How else? > 7: How will files be stored? Will folders and directories actually > be made, or will they be all stored in one place with wierd names > (to prevent name collisions) and one file be the index? Will there > be user names or UID's? How about just saving the files under sequencial names (0000000001, 0000000002, base 62 (A-Z, a-z, 0-9))? Then, use a PGP-encrypted 1024-bit key to encrypt the index file. > 8: There will need to be a way to tell if the DH is up or not. Pinging? > 9: How will PGP keys be stored and indexed? One would not want > their files mailed in the clear. (How would I mail files > if the user cannot use PGP? have a user settable password, > and use crypt?) See above. . . > 10: How would people be able to trust a DH?. . . Perhaps a reputation > based system? To borrow a phrase from X-Files: "Trust no one." (X-Files, btw, is a very cool show. New season started yesterday. Friday, 9pm, FOX). The problem is a chicken-egg paradox: If no one uses your DH, what kind of reputation can it have, but, in order to get a reputation, one has to use it. . . I dunno how to handle this. > 11: How would a DH turn away files because the disk is full? Don't accept files when less than 5% of the drive is full. Send back a confirmation code different from that of a successful transfer. Either that, or trash the packet, adding a rather cryptic bounce message. The exact wording and protocol will have to be established first, and only known to people who use the DH. > 12: Would integrating DigiDollars with a DH be a good idea? (For Positively not. > I apologize for the length of this post, but there are a lot of questions > and problems in making a stable, usable data haven. Glad you asked. I'm not hardly a guru, but there's my $.02. --Jeff -- ====== ====== +----------------jgostin at eternal.pha.pa.us----------------+ == == | The new, improved, environmentally safe, bigger, better,| == == -= | faster, hypo-allergenic, AND politically correct .sig. | ==== ====== | Now with a new fresh lemon scent! | PGP Key Available +---------------------------------------------------------+ From cactus at bb.com Sun Sep 18 03:29:19 1994 From: cactus at bb.com (L. Todd Masco) Date: Sun, 18 Sep 94 03:29:19 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <9409180700.AA09412@memexis.memex.com> Message-ID: <35h51u$aa@bb.com> In article <9409180700.AA09412 at memexis.memex.com>, Jonathan Adams wrote: >In a post to , cactus at bb.com (L. Todd Masco) wrote: >> (I'm interested in PGPified mailing list software for content-hiding >> reasons; I'm trying to set up a "distributed business" that I'd >> like to keep secure). Also, though, I'm not sure I want to count > > I don't see how using PGPified mailing lists help at all >(with the assumtion that anyone can subscribe). I mean, anyone >can simply subscribe to the list and then read all of the traffic. >What's the point? Anyways... Wrong assumption: I'm interested in this for private lists, to which a small, stable number of people are subscribed. Hope that helps elucidate a bit more... -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From usura at vox.xs4all.nl Sun Sep 18 03:31:50 1994 From: usura at vox.xs4all.nl (Alex de Joode) Date: Sun, 18 Sep 94 03:31:50 PDT Subject: Chaing Remailers (instructions) [long] Message-ID: Note-1: [RRT- stands for Request-Remailing-To:, most remailers also accept Anon-To: ] Note-2: [You is in this doc me at mysite.home, substitute that adress for your own if you want to receive the test message yourself] First you should test only one remailer: you > remailer 1 >> RRT- you ************************************************* This is what you send: --> > From: me at mysite.home > To: hal at alumni.caltech.edu > > :: > Request-Remailing-To: me at mysite.home > > Test of remailer at alumni.caltech.edu ************************************************* This is what you receive from alumni.caltech.edu: --> > From: nobody at alumni.caltech.edu > To: me at mysite.home > > Test of remailer at alumni.caltech.edu ************************************************* If this is succesful you add another remailer: you > remailer 1 >> RRT- remailer 2 >>> RRT- you This is what you send: --> > From: me at mysite.home > To: hal at alumni.caltech.edu > > :: > Request-Remailing-To: usura at xs4all.nl > > :: > Request-Remailing-To: me at mysite.home > > Test of remailer at alumni.caltech.edu and RRT xs4all.nl ************************************************* Remailer usura at xs4all.nl will receive this message from hal at alumni.caltech.edu --> > From: nobody at alumni.caltech.edu > To: usura at xs4all.nl > > :: > Request-Remailing-To: me at mysite.home > > Test of remailer at alumni.caltech.edu and RRT xs4all.nl ************************************************* Because the message has the header pasting tokens [::] the remailer at xs4all.nl knows where to send it to. You will receive this message from xs4all.nl --> > From: nobody at vox.xs4all.nl > To: me at mysite.org > > Test of remailer at alumni.caltech.edu and RRT xs4all.nl ************************************************* You can keep adding remailers this way, everytime you receive a test message back you add another remailer: if you stop receiving test messages, the last remailer added is most likely "down". You can check that by using that remailer directly. ************************************************* The above is simple unencrypted remailing. If you want to have an encrypted chained remailing, you first have to "design" the chain. 0] from your PC send to alumni.caltech.edu 1] at alumni.caltech.edu RRT jpunix.com 2] at jpunix.com RRT vox.hacktic.nl 3] at vox.hacktic.nl RRT me at mysite.home {Stage 3:} This is actually the first message you make. --> > :: > Request-Remailing-To: me at mysite.home > > Test of PGP'ed remailing trough caltech, jpunix and vox. ************************************************* The above is encrypted with the PGPpubKEY of vox.hacktic.nl and will result in this: > -----BEGIN PGP MESSAGE----- > Version: 2.6 for VoX Labz. > > hIwCWd90FI1WkT0BA/9I6ILVhl5ZpsgKgHye+ng9CokwzdW1pMgcd0ecigppAODe > 53LlyVw/hl1ERYIzWW9W4vnuh7sLgu9XjxB515FtT5VSyZLZrhKIF7XtACga2On+ > 1NmsecLTrgXYcc4k0Y+l66Hs06z92yhFvjXruDBS2Pame0VDtgZo+4aPntioDaYA > AABJsVIWRaJkCib+uek9Pr6GqFP7lwaMqq8XFnFxY42h3Wn3c5DikrzmwKGK5xVs > hmiZnEhJgXvR7jS2cNNOk/geG4SnUqvMTzpq6w== > =b0bT > -----END PGP MESSAGE----- ************************************************* Then you than proceed to the 2nd stage the message wich has to leave jpunix.com, so remail at vox.hacktic.nl knows what to do [decrypt it] is: --> > :: > Encrypted: PGP > > -----BEGIN PGP MESSAGE----- > Version: 2.6 for VoX Labz. > > hIwCWd90FI1WkT0BA/9I6ILVhl5ZpsgKgHye+ng9CokwzdW1pMgcd0ecigppAODe > 53LlyVw/hl1ERYIzWW9W4vnuh7sLgu9XjxB515FtT5VSyZLZrhKIF7XtACga2On+ > 1NmsecLTrgXYcc4k0Y+l66Hs06z92yhFvjXruDBS2Pame0VDtgZo+4aPntioDaYA > AABJsVIWRaJkCib+uek9Pr6GqFP7lwaMqq8XFnFxY42h3Wn3c5DikrzmwKGK5xVs > hmiZnEhJgXvR7jS2cNNOk/geG4SnUqvMTzpq6w== > =b0bT > -----END PGP MESSAGE----- ************************************************* {Stage 2:} But jpunix.com has to know where to send it to, so the 2nd stage msg is: --> > :: > Request-Remailing-To: remail at vox.hacktic.nl > > :: > Encrypted: PGP > > -----BEGIN PGP MESSAGE----- > Version: 2.6 for VoX Labz. > > hIwCWd90FI1WkT0BA/9I6ILVhl5ZpsgKgHye+ng9CokwzdW1pMgcd0ecigppAODe > 53LlyVw/hl1ERYIzWW9W4vnuh7sLgu9XjxB515FtT5VSyZLZrhKIF7XtACga2On+ > 1NmsecLTrgXYcc4k0Y+l66Hs06z92yhFvjXruDBS2Pame0VDtgZo+4aPntioDaYA > AABJsVIWRaJkCib+uek9Pr6GqFP7lwaMqq8XFnFxY42h3Wn3c5DikrzmwKGK5xVs > hmiZnEhJgXvR7jS2cNNOk/geG4SnUqvMTzpq6w== > =b0bT > -----END PGP MESSAGE----- ************************************************* The above is then encrypted with the PGPpubKEY of jpunix.com ************************************************* {Stage 1:} This new encrypted message gets the headers for caltech to remail: --> > :: > Request-Remailing-To: remail at jpunix.com > > :: > Encrypted: PGP > > -----BEGIN PGP MESSAGE----- > > and the PGP encrypted message from {stage 2} > > -----END PGP MESSAGE----- ************************************************* {Stage 0:} the message you send to alumni.caltech.edu is the encrypted message [with the PGPpubKEY of alumni.caltech.edu] of stage 1 plus a Encrypted: PGP header. --> > To: hal at alumni.caltech.edu > > :: > Encrypted: PGP > > -----BEGIN PGP MESSAGE----- > > and the PGP encrypted message from {stage 1} > > -----END PGP MESSAGE----- ********************************************************************* This you send from your PC to hal at alumni.caltech.edu : -> > :: > Encrypted: PGP > > -----BEGIN PGP MESSAGE----- [with alumni.caltech.edu's PUBkey] > Version: 2.6.1 > :: > Request-Remailing-To: remail at jpunix.com > > :: > Encrypted: PGP > > -----BEGIN PGP MESSAGE----- [with jpunix.com's PUBkey] > Version: 2.6.1 > :: > Request-Remailing-To: remail at vox.hacktic.nl > > :: > Encrypted: PGP > > -----BEGIN PGP MESSAGE----- [with vox.hacktic.nl's PUBkey] > Version: 2.6.1 > :: > Request-Remailing-To: me at mysite.home > > Hi mom I'm home. > --------------------------------- > -----END PGP MESSAGE----- > -----END PGP MESSAGE----- > -----END PGP MESSAGE----- <- ^ ^ ^ | | | | | -> the inner envelope: you close this first | | | -> the second envelope: you close this second | -> the outer envelope: this one you close last -- If you finger remailer.help.all at chaos.bsu.edu you will receive a list of active remailers and their peculiarities. If you finger remailer-list at chaos.bsu.edu and/or remailer-list at kiwi.cs.berkeley.edu you will receive a list of uptime statistics. Hope this helps. Happy Remailing ... -- Exit! Stage Left. Alex de Joode From cactus at bb.com Sun Sep 18 04:12:25 1994 From: cactus at bb.com (L. Todd Masco) Date: Sun, 18 Sep 94 04:12:25 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <9409172331.AA12848@ah.com> Message-ID: <35h7j7$ns@bb.com> In article <35gl4b$qtn at bb.com>, I blathered: >I do have a couple questions that aren't terribly related: > > - Are there any known PK message formats that commute? It seems > clear to me that PGP and RIPEM do not, since that makes no > sense for private key ciphers like DES/3DES and IDEA. I have no idea why I phrased so badly: clearly, commuting makes sense with DES and IDEA. What I meant was "since it doesn't make sense for compound message formats where the private keys are encrypted in public key ciphers, as IDEA is in PGP and DES/3DES are in RIPEM. Serves me right for posting after being awake for so long. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From warrior at infinet.com Sun Sep 18 07:36:15 1994 From: warrior at infinet.com (David M. Harvey I) Date: Sun, 18 Sep 94 07:36:15 PDT Subject: terrorist FORTRESS SLEUTH remailers & FORTRESS lists In-Reply-To: <9409180039.AA08411@toad.com> Message-ID: On Sat, 17 Sep 1994, Gary Jeffers wrote: > THE FOLLOWING TEXT IS FOR INFORMATION ONLY & DOES NOT ADVOCATE BREAKING > ANY LAWS. > > > TERRORIST FORTRESS SLEUTH REMAILERS & FORTRESS LISTS > > Todd Masco makes a good point about sleuth remailers. For the last > two issues of the CEB in chapter 7. Current problems in crypt, I have > pointed out the need for them. I invented the name FORTRESS REMAILERS > to describe them. I also invented the term FORTRESS MAILING LIST as > well. > > We are in a time window now. In a few years at most, remailers & > lists like Cypherpunks & newsgroups like Sci.crypt may be outlawed. > We may then have two of our most important communications tools taken > away from us in our development of electronic communications privacy > tools. Some will infer from this that if they want secure Internet > communications, then they had better start writing in a hurry. The > State has not consolidated its power enough yet to take away these > "privileges". When they do, these will seem like the good old > careless days of privacy building & possibly even seem like an historic > anomaly. Privacy Freedom Fighters of the future may feel very grateful > to today's Cypherpunks for writing FORTRESS remailers, lists, & > newsgroups so that may continue their work. > > ON THE MATTER OF SECURITY THRU OBSCURITY > I think that the idea of security thru obscurity is much like having > a strong crypt system that is handicapped by allowing only one password. > The method is limited from becoming popular due to the fact that > popularity would likely disclose the key & then make the system s > dangerous & useless. Possibly, disastrous to all using it. Due to that > reason, FORTRESS REMAILERS & FORTRESS LISTS & NEWSGROUPS would have to > avoid security thru obscurity. > > It is hard to figure out how to do a FORTRESS remailer or list. > Possibly, a WAN using radio communications as a starting point? > SPECULATIVELY Yours, > Gary Jeffers > I am a novice, but in discussing some of the issues, i.e.; wiretap bill with my dad, Col (ret) from the Green Berets, he said we would have to return to short wave, if this happens. Imangine pgp shortwave! Of course, they would have to be mobile to evade trangulation or satellite pin pointing of transmission, which isn't yet available, will be some day. Some advice from a guerilla warfare fighter... Dave ___ **************************************************************************** |No Guts, No Glory, No Honor, No Victory, Pillage, Plunder, and Take Heads!| **************************************************************************** | Dave M. Harvey PGP 2.61 Public Key available. | | PO Box 151311 Finger warrior at infinet.com.us | | Columbus, OH 43215-8311 dharvey at freenet.columbus.oh.us | =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-== From jschultz at bigcat.missouri.edu Sun Sep 18 07:45:53 1994 From: jschultz at bigcat.missouri.edu (John Schultz) Date: Sun, 18 Sep 94 07:45:53 PDT Subject: RC4 article in Saturday (Sept 17) New York Times In-Reply-To: Message-ID: On Sat, 17 Sep 1994, Mark Terka wrote: > John Young wrote: > > Legal Note: NYT is electronically stalking posters of > > copyrighted material, according to NYT reporter Peter Lewis on > > list Cyberia-L. > > Bet they haven't heard of the anon remailer system! :> Actually, yes they have. Markoff talked about them in the last paragrpah of his RC4 story in the Saturday NYT. I think that's the first mention of remailers that I've seen in major media, but I could be wrong. From perry at imsi.com Sun Sep 18 08:02:05 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sun, 18 Sep 94 08:02:05 PDT Subject: "FREE MONEY" spam via remailer In-Reply-To: <199409180359.UAA04089@hot.ee.lbl.gov> Message-ID: <9409181501.AA08184@snark.imsi.com> Jef Poskanzer says: > Is this the first spam to go via an anonymous remailer? I bet > penet is swamped right now, trying to process the tens of thousands > of flames. Seems like Julf might want to implement a spam > detector inside the remailer, preventing the stuff from getting > posted from there in the first place. I wonder if Canter and Segal (sp?) will be mentioning anonymous remailers in their book on how to spam the net that they've convinced Harper Collins to publish. .pm From perry at imsi.com Sun Sep 18 08:05:26 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sun, 18 Sep 94 08:05:26 PDT Subject: More about Cypherpunks in *Expanded* Markoff Article! In-Reply-To: <199409180844.BAA15898@netcom11.netcom.com> Message-ID: <9409181504.AA08192@snark.imsi.com> Tim, and others: Those paragraphs might not have been in the NYT National Edition, which is compacted down in order to make it cheaper to print, but they most certainly did appear in the Late City Edition, which I read. Perry Timothy C. May says: > > [I've been gone all day and just got home. I didn't see anybody else > writing about the extra mentions of Cypherpunks, compared to the "NYT" > article mentioned earlier, so here it is.] > > Yes, folks, there's more on Cypherpunks in the Markoff article than > what the "New York Times" printed. > > "All the news that fits, we print" applies as well to their column > inches quota, apparently. > > I discovered that my local paper, the "San Jose Mercury News," carried > several more paragraphs that Markoff wrote. No joke, no satire here > from Klaus! The extra paragraphs are below: > > "...Such software permits computer users to send messages so that they > are routed anonymously [this is where NYT ended the piece] > > "leaving little or no evidence for tracing the message back to the > original sender." [included in SJMN piece] > > "Although motives for the disclosure of the formula remain unclear, > there has been a bitter controversy between computer users on the > Cypherpunks mailing list and executives at RSA Data Security..... > > "Members of the Cypherpunks groups have contended that the RSA Data > Security patents constitute a monopoly that is hindering the > widespread use of data encryption software. > > "Some members of the Cypherpunks have said they plan to take apart the > RC4 formula to create their own version, which would not be controlled > by RSA Data Security." > > [this is where the SJMN ended it....I'm not sure if the Vallejo Valley > Times-Picayune carried more] > > Quite a bit more on the Cypherpunks role, I'd say. > > --Tim May > > -- > .......................................................................... > Timothy C. May | Crypto Anarchy: encryption, digital money, > tcmay at netcom.com | anonymous networks, digital pseudonyms, zero > 408-688-5409 | knowledge, reputations, information markets, > W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. > Higher Power: 2^859433 | Public Key: PGP and MailSafe available. > Cypherpunks list: majordomo at toad.com with body message of only: > subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay > > From werewolf at io.org Sun Sep 18 10:48:51 1994 From: werewolf at io.org (Mark Terka) Date: Sun, 18 Sep 94 10:48:51 PDT Subject: Chaining Remailers In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- A good article but I thought most us were using the CHAIN.EXE program, available via ftp from the cypherpunk archives at berkeley. It automates chaining, making it a snap to chain (with pgp) through as many remailers as you like. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCzAgUBLnvGZqACeR4xBXv5AQEbBgTuLq7K/AxuN8kr5AYDOWh6r5RngXzuZx/e 7knzCiv0xxbd24Xugs7S4tGRhI3vxbNcIKK5xu4Dj7e7f0pJporFQmpS8J7b3qoo YRiFWEz5dXo8s83r87rnjVjIl7KrfisePgwKwrc1KhAI8vr+L7Gtj+FcotMR5HAE Og8YhvpLl6kdVKplLzXEfrmGW+DzIJCE/TvRa9fconqYboFu9Q4= =LXXa -----END PGP SIGNATURE----- From jgostin at eternal.pha.pa.us Sun Sep 18 11:50:14 1994 From: jgostin at eternal.pha.pa.us (Jeff Gostin) Date: Sun, 18 Sep 94 11:50:14 PDT Subject: Data Havens Message-ID: <940918134126U0Njgostin@eternal.pha.pa.us> A few corrections I didn't catch when I posted this.... > Well, the only real way to do this SECURELY is for human intervention > to decide which keys are accurate and which aren't. Barring that, try > taking advantage of the keyservers. When a packet comes in, snag a copy of > ALL the keys this person has (and, perhaps, a few that haven't, just for a > confounding factor), and use them one-by-one until a match is generated. > Then, discard all keys. If no match, trash the packet. HAVEN'T should be AREN'T, two lines up. > Don't accept files when less than 5% of the drive is full. Send back > a confirmation code different from that of a successful transfer. Either > that, or trash the packet, adding a rather cryptic bounce message. The > exact wording and protocol will have to be established first, and only > known to people who use the DH. The first line should read "less than 5% of the drive is empty." --Jeff PS: Yes, I know I copied alot from the original message. I wanted to maintain the clarity while posting the "bug fixes". -- ====== ====== +----------------jgostin at eternal.pha.pa.us----------------+ == == | The new, improved, environmentally safe, bigger, better,| == == -= | faster, hypo-allergenic, AND politically correct .sig. | ==== ====== | Now with a new fresh lemon scent! | PGP Key Available +---------------------------------------------------------+ From nobody at c2.org Sun Sep 18 11:52:18 1994 From: nobody at c2.org (Anonymous User) Date: Sun, 18 Sep 94 11:52:18 PDT Subject: Need help with this scenario Message-ID: <199409181850.LAA17669@zero.c2.org> How can the following be thwarted? If I was a bad guy, this seems to be the perfect way of communication. Even if I was not a bad guy, I just wanted complete and total privacy.... Let's say I have a digital cellular phone. I also have Anonymous Remailers, PGP, and over 100 BBS numbers (structured for which day and which hour each would be used) so that I can contact and talk to my "Friend." Please tell me how the LEA's can find me and understand the transactions between us? If I have several encryption programs, can I 'layer' each document [I PGP the file, the I DES the PGP file, then IDEA for the final layer. Does the NSA have to crack it one layer at a time, or can they bombard it, crack the layers in whatever order the supercomputer finds? If I am missing something, please let me know what I have missed. From pfarrell at netcom.com Sun Sep 18 12:34:08 1994 From: pfarrell at netcom.com (Pat Farrell) Date: Sun, 18 Sep 94 12:34:08 PDT Subject: (fwd) \"Will You Be a Terrorist?\" ( Moi? ) Message-ID: <55807.pfarrell@netcom.com> In message Sat, 17 Sep 1994 17:41:26 -0700, blancw@{pylon|microsoft}.com writes: > . Violation > It is so telling, that legal documents on crime will always > state that violations are of "section 351, 844 (f) or (i), > 1114, 1116, 1203, 1361, 1363, 1751, 2280, 2281, 2331, or > 2339", or a violation of "this or any other Federal criminal > law". This is the usual obfuscation that your congresscritters prefer. It is interesting to compare that with the approach used when the Feds are serious. I just received a DoD clearance after filling in my life's history, fingerprints, financial report, etc., waiting for the folks to check out if I lied, etc. Before it became active, I was handed a stack of papers with all the applicable codes and sections, and told to read them. They had the usual things that you'd expect, the penalty for treason is death or life in jail, $30,000 fine for this or that minor crime, warnings about disclosing "codebooks and ciphers", etc. Then they hand you another form that says you read the stack. There is no way that I can claim that I didn't know exposing classified information is bad. The crime bill that you and Tim quote looks to me to be just another place for selective enforcement. Pat ob crypto: none, or little, even if the phrases "codebook or cipher" was scattered throughout the stack of chapters and verses. Pat Farrell Grad Student pfarrell at cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From nobody at kaiwan.com Sun Sep 18 13:23:05 1994 From: nobody at kaiwan.com (Anonymous) Date: Sun, 18 Sep 94 13:23:05 PDT Subject: On the crime bill and remailers Message-ID: <199409182022.NAA21902@kaiwan.kaiwan.com> -----BEGIN PGP SIGNED MESSAGE----- Current drafts of the crime bill include a scienter requirement. You are liable only if you know or intend for your remailer to be used by a terrorist. This is SOLONg's first post to this list. For those that care about such things, SOLONg's PGP public key appears below. This message is also signed with SOLONg's private key. SOLONg will not be signing messages a regular basis (indeed, SOLONg may not even post very often). The purpose of this exercise is to establish a public baseline in case of nym conflict. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCNAi5gsecAAAEEAMKMCjYNeyxm3rNp5hDJufGFuo+6AOR1SVNtOvaU9CxwRPaS BTV7qBqPSVPzJCn5PL2LAMPzsaQpeuhMqAo4ejgHE9i/Gq9cAxyRaLBeDj4jO+I4 ctb1UXg3OnNk4J/pxT8N20CEKVpTAVXfDS4mLWhx23s3NIN/uOVcgYGXVbQZAAUR tAg8U09MT05nPg== =XN3L - -----END PGP PUBLIC KEY BLOCK----- SOLONg -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLnyfieVcgYGXVbQZAQGBegP9H+pX4EQeTaOsphTER9vgAjGD8V6OnNGU F2wMg4p3Jns7fUbzGo8VOifwPQ/eg1vf/M2+bW6XhPI2rV0u881MEPB2Sc+p1/pV tZjcQ8ZM8xvac8Rsy751whj2ujOzidmFfIMERAWJ9C5J6RqMp2YkrLLNOHIcUuMe dGupgLzgNvk= =tTZF -----END PGP SIGNATURE----- From fhalper at pilot.njin.net Sun Sep 18 14:54:01 1994 From: fhalper at pilot.njin.net (Frederic Halper) Date: Sun, 18 Sep 94 14:54:01 PDT Subject: Chaining Remailers Message-ID: <9409182153.AA04120@pilot.njin.net> Does anyone know of a Mac program similar to CHAIN.EXE? Reuben Halper From unicorn at access.digex.net Sun Sep 18 16:35:49 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Sun, 18 Sep 94 16:35:49 PDT Subject: THE I-WAY In-Reply-To: Message-ID: <199409182334.AA29827@access1.digex.net> Mr. Vice President: Below please find your release along with changes suggested by our FOIA department. I think you will find the modifications make for a much less threatening release. - Tipper Begin copy: Sandy Sandfort scripsit > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > SANDY SANDFORT > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . > > THE FIVE HUNDRED CHANNEL, > MULTI-MEDIA, > MOVIE-ON-DEMAND, > INFORMATION SUPERHIGHWAY > (AS THE XXXXXXXXXX SEES IT) > > "There is nothing wrong with your television set. Do > not attempt to adjust the picture. XX XXX XXXXXXXXXXX > transmission. If XX XXXX to make it louder, XX XXXX > bring up the volume. If XX XXXX to make it softer, XX > XXXX tune it to a whisper. XX XXXX control the hori- > zontal. XX XXXX XXXXXXX the vertical.... Sit quietly > and XX XXXX XXXXXXX all that you see and hear. You are > about to participate in a great adventure; you are about > to experience the awe and mystery which reaches from the > inner mind to the XX XXXX Limits." > -uni- -- 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Sun Sep 18 16:46:38 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Sun, 18 Sep 94 16:46:38 PDT Subject: Possible [Best?] Scenario In-Reply-To: <199409171439.HAA13237@zero.c2.org> Message-ID: <199409182345.AA00288@access1.digex.net> Anonymous User scripsit > > Let's say I have a digital cellular phone. I also have Anonymous Remailers, > PGP, and over 100 BBS numbers (structured for which day and which hour each > would be used) so that I can contact and talk to my "Friend." > Please tell me how the LEA's can find me and understand the transactions > between us? You don't give us enough information. Are your attackers looking for known parties? How secure is your cellular? Do you operate from a known or a guessable location? Is your "Friend" known? Suspected? His location, guessable? Known? If your location were known it would be a simple matter to monitor the area, say put a van just outside your site and wait for cellular activity of a strength that suggests your presence. How likely would it be that someone else is using a cellular phone in your presence? Given this, it is probably not difficult to obtain the billing/ESN number for your phone, and then obtain detailed traffic information about your transmissions. Given that it is a simple matter to conduct a lower tech attack, say tempest, and pick up the conversation as you compose it, end running the encryption so to speak. You think in too shallow a fashion. Security is about more than communications security. Even if yours is perfect, how about your friends. A tempest attack on his site while he is using Word for Windows is just as effective as one on you. Modify this tactic to use a phone which uses several different ESN's at random or move your location often and at random. > > If I have several encryption programs, can I 'layer' each document [I PGP the > file, the I DES the PGP file, then IDEA for the final layer. Worthless given the above attack. > Does the NSA have to crack it one layer at a time, or can they bombard it, > crack the layers in whatever order the supercomputer finds? Again, unimportant given the cheaper low tech solution. > If I am missing something, please let me know what I have missed. Been there, did that. -uni- (Dark) -- 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From rah at shipwright.com Sun Sep 18 16:49:22 1994 From: rah at shipwright.com (Robert Hettinga) Date: Sun, 18 Sep 94 16:49:22 PDT Subject: On the crime bill and remailers Message-ID: <199409182348.TAA20311@zork.tiac.net> At 1:22 PM 9/18/94 -0700, Anonymous wrote: >Current drafts of the crime bill include a scienter requirement. >You are liable only if you know or intend for your remailer to be >used by a terrorist. > >This is SOLONg's first post to this list. Hey. I get it. Solon. Lawyer. Nym. Cool. Bob Hettinga ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From rah at shipwright.com Sun Sep 18 16:49:28 1994 From: rah at shipwright.com (Robert Hettinga) Date: Sun, 18 Sep 94 16:49:28 PDT Subject: terrorist FORTRESS SLEUTH remailers & FORTRESS lists Message-ID: <199409182348.TAA20306@zork.tiac.net> At 5:57 PM 9/17/94 -0700, Eric Hughes wrote: >I would prefer to deal with this situation when it appears likely to >happen and concentrate on achievable results now. Focusing on the >harder problems of greater repression will prevent useful progress >from being made. I agree with Eric. I was raised by a chronic societal pessimist, one of the last words of whom that I remember was "I have seen the Golden Age of America and it's over". It annoys me just a little when, looking backwards, people trip over a paradigm shift. It's even worse when they don't know they've tripped. It's like yelling "theatre" in a crowded fire. Or something. Bob Hettinga ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From blancw at pylon.com Sun Sep 18 20:01:44 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Sun, 18 Sep 94 20:01:44 PDT Subject: Virtual assasins and lethal remailers Message-ID: <199409190302.UAA13804@deepthought.pylon.com> Some comments & thoughts on the following statements from Doug Cutrell: ". . . . . It is not a matter of simply discussing and developing the tools themselves... we should consider how to achieve desirable long-term stable social dynamics in the presence of strong crypto." . "Achieving" social dynamics has the same sound&sense as social engineering: consciously planning to arrive at a certain kind of social dynamic - whether a positive kind or a negative one. . Assessment/recognition of who has the greater influence over the flavor of this social dynamic: the tool or the maker, the designer or the user, the user or the circumstance within which a need arises: Liability for the consequences: - responsibility of the designer, for acting as an agent of change, for introducing a new element to the storehouse of tools already available to the social body - responsibility of the user for having taken up the means at hand and applying it to suit their own purposes Or liability for one's presumptions: - how much influence a person would like to assume over the minds & psychologies of others - how much influence an individual or group*should* plan on exercising upon the social body or its dynamics: is it moral to plan on determining the type&kind and the measure of the interactions of the individuals comprising it "This requires carefully considering sequences of introduction of various strong crypto tools into society, and predicting the reactions of society as these tools are introduced." . This is useful to calculate if you own an enterprise and are computing the profit which the company might bring in, depending upon the success of the product in the marketplace for cool tools. . This is also useful to calculate if you are planning on taking over the social dynamic and determining its quality in the way that one could preside over the development of children. . Is it possible to predict & to control precisely enough what adjustments to make: how well would someone think that they could know the psychology of all the users in the society and their reactions to new ways of hiding. I say "all the users", because if any of them are left out of consideration, then those not included would constitute elements of surprise which could upset the certainty of the predictions. With such a potential for failure, the controls implemented would need to be complete - total - with no allowance for "free radicals". . How much can one group really plan on achieving for another group: - how much, historically (in the long course of time), have such attempts at managing a society's acceptance of new elements ever succeeded and been maintained as a constant, steady continuum; - how much success should one morally aim for in such an endeavor, when success would mean displacing the self-control which the members of that society should be developing over their own decision-making abilities. . Otherwise, what actions could be recommended, depending on whether the responses were positive, negative, or just neutral? . The responses from the social body would depend upon: - the kind of people that each of them are; - the circumstances of their life; - the occasions for which they might feel the need to use encryption; - i.e., which & how many, of those who were moved to use crypto, would be the kind who could create a devastating impact upon the coordinated processes of that society. - how well prepared "the system" or any of its members would be to dealing with breaks in the processes; to disturbances in their atmosphere . Given the above, if all things went well and social circumstances improved, who would receive the credit; . but, if anything went wrong, who would be blamed: the ones who used the fire, or the ones who brought it to them in the first place. I know: there would be grass-roots campaigns against fire. Blanc From lcottrell at popmail.ucsd.edu Sun Sep 18 20:21:14 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Sun, 18 Sep 94 20:21:14 PDT Subject: Chaing Remailers (instructions) [long] Message-ID: <199409190320.UAA23923@ucsd.edu> I have written a script which automates all this. Send me mail if you are interested. I will be putting it on my WWW site as soon as it is presentable. -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From ianf at wiley.sydney.sgi.com Sun Sep 18 21:17:23 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Sun, 18 Sep 94 21:17:23 PDT Subject: [CyberCash Media hype] In-Reply-To: Message-ID: <9409191413.ZM8723@wiley.sydney.sgi.com> On Sep 15, 3:20pm, Jamie Lawrence wrote: > Also, I do disagree with your statement "security through > obscurity is no security at all." A rather high degree of > security can be had through obscurity, but it is often entirely > unpredictable whether or not a particlar 'obscurity method' > will be secure or not (any 15 year old hiding cigarettes under > the bed can attest to that). This is absolutely correct. Keeping your secret key a secret _is_ security by obscurity, although in a much wider context than most people would use the term. In addition, it is also particularly effect if what is being obscured is sufficiently secure already, as it just adds another layer of protection. For example, if I decided to superencrypt using some publicly known and reasonably trusted ciphers (let's say DES, LOKI and IDEA), and decided to keep the algorithms I had used and the order I had used them a secret, I have _not_ decreased my security. The obscurity does not deduct from the security of these already moderately trusted ciphers, and the work which would have to be added to figure out what I have done increases it (although by an amount which is probably arguable). I am sure that this is a point almost everyone here understands this concept, but it's amazing how many times the argument "it's a secret, therefore it's insecure" comes out. It's only really insecure if the thing you're keeping a secret is, and even then you have not decreased it's effective security by obscuring it. The TLA's understand this concept well, which is one of the reasons they classify almost everything they do. One non-obvious fact is that in the environment most governments use crypto (eg. widely distributed sites with key distribution channels which are more easily compromised than the crypto hardware), that the design of the cipher may be easier to keep secret than the key itself. As such, the use of security by obscurity in the design of the cipher itself is a lot more effective than most people would give it credit for. Ian. From pierre at shell.portal.com Sun Sep 18 21:45:29 1994 From: pierre at shell.portal.com (Pierre Uszynski) Date: Sun, 18 Sep 94 21:45:29 PDT Subject: privacy in Unix environment Message-ID: <199409190445.VAA19813@jobe.shell.portal.com> > From: chen at intuit.com (Mark Chen) > > > I'm looking for some kind of utility that will allow script files > > to be run, to spawn off processes, but will wipe out environment > > and "ps" info from being read. i.e. imagine that the commands > > being called must shield their arguments and environment from [ps]. > > Perl might be a good alternative. You get to perform fairly > high-level functions without spawning additional shells. Perl lets you manipulate files and directories, and perform functions like 'sort' and all the pattern matching you would expect (and more) without leaving the language. It also provides the hooks to change the apparent command name when you run an external command (ps will see that name). But Perl does not let you mask the arguments of such a command, at least not that I know of. I'd say, for whatever you get to write, don't pass arguments on the command line, but in files or through pipes, and for what you can't control, work with meaningless temporary file names: arg1, arg2, arg3... Before, and after you are done, change the file names to the real thing using Perl scripts. As for command line switches... I have no idea. Pierre. pierre at shell.portal.com From ianf at wiley.sydney.sgi.com Sun Sep 18 22:04:52 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Sun, 18 Sep 94 22:04:52 PDT Subject: if this is RC4 In-Reply-To: <199409161454.HAA25139@netcom10.netcom.com> Message-ID: <9409191501.ZM8872@wiley.sydney.sgi.com> On Sep 16, 7:54am, James A. Donald wrote: > > > If it is, then the person who did it has gone to a lot of trouble to > > > make the source layout and coding style very similar to the publicly > > > available MD[245] sources. > Many people use this style. That same general style, yes, but not to the extent this code is similar. Indeed, I would hazard a guess and say that the RC4 code and the RFC MD[245] code were both written by the same author, based on their layout, variable name choice and general coding style. Do a side-by-side comparison and you will see what I mean. Ian. From ianf at wiley.sydney.sgi.com Sun Sep 18 22:37:55 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Sun, 18 Sep 94 22:37:55 PDT Subject: thoughts on RC4 In-Reply-To: <199409151705.NAA00703@orchard.medford.ma.us> Message-ID: <9409191534.ZM8952@wiley.sydney.sgi.com> On Sep 15, 1:05pm, Bill Sommerfeld wrote: > Actually, I'm not sure that it's that impractical, but I don't know a > heck of a lot about VLSI or hardware design. A fully pipelined chip > would require significantly more more chip area than the DES cracker, > but you probably don't need that. One of the issues I looked at over the weekend was the parallelization of the key scheduler, which is definitely a non-trivial problem. One thought that did occur to me was that there might be a massively parallel solution to this which has a practical implementation up to 48 bits, but not over this. I'll post more about this when I get some time, but I've got to disagree with Bill here that a simple RC4 implementation (without a parallel key schedule setup) would take more die area than a DES cracker. Ultimately, it is a VERY simple cipher, and the VLSI implementation would reflect this. Even so, the release of the algorithm confirms the RSADSI position that an exhaustive keysearch would be a slow operation, given the setup time required for the key schedule setup. BTW, just an idle question: why is RC4 a stream cipher, as opposed to an 8-bit block cipher? Based on the implementation, it would seem to be the later to me. Ian. From merriman at metronet.com Sun Sep 18 23:30:42 1994 From: merriman at metronet.com (David K. Merriman) Date: Sun, 18 Sep 94 23:30:42 PDT Subject: Acapulco H.E.A.T. Auxilliary Review Message-ID: <199409190629.AA24697@metronet.com> Well, here we go, sports fans - an alternative review of Acapulco H.E.A.T. In this weeks' episode, the plot was that an Iranian freighter had gone down in the waters off Acapulco - with stolen Russian U-235 aboard (enough to make Iran a Nuclear Power). The heavy (with an atrocious generic Slavic accent) was trying to recover said uranium for sale to Iran ($50M price tag - keep it in mind). Our Fearless Team was assisted by a world-famous salvage diver. Since nearly all the "action" took place underwater (duh!) at 17 fathoms (102 feet to you non-Navy/sailing types :-) the bikini count was inordinately low. Ditto on gun battles. Ditto on explosions. Ditto on crypto/computer/privacy - the closest we got was a database search of typhoon patterns. No Fabio. There *was* a brief flurry of goodguy/badguy underwater WWF action, but considering that their alleged bottom time for the dives was 25 minutes (any diver confirmation out there?), it not only didn't last long, but wasn't terribly productive. Toward the end, the H.E.A.T. team succeeded in recovering the stolen uranium; interestingly, it appeared to be contained in a single box, approximately 2' x 18" x 18" - what with shielding, etc, I don't know that there was $50M worth inside. Something to look forward to: next week, the team goes to Panama to deal with an Evil Drug Lord. From the preview clips, it looks to have a fairly high bikini count - and they appeared to be some very nice bikinis, indeed :-) Dave Merriman ----------------------------- Disclaimer: I'm not a reviewer, but I play one on the Internet. - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From lile at art.net Mon Sep 19 00:12:45 1994 From: lile at art.net (Lile Elam) Date: Mon, 19 Sep 94 00:12:45 PDT Subject: art encryption... Message-ID: <199409190711.AAA15172@art.net> Well, it looks like I have to delve into this subject as I should really know what's available for signing art. Some poeple are concerned that art via the net is going to be ripped off, abused, and any other sort of horra you can think of *if* people share digital images of their works via the Internet (WWW, ftp, newsgroups, et all). So, I have been thinking that a way an artist can insure a viewer that the art they are viewing is really that of the artist, the artist can *sign* their art with their private key and others can check it with their public key. Now, the art would be factered into the key generated that others would check with the public key. So, a image file (gif, jpeg, tiff whatever) would be run through a encryption coding that would generate a signage based on the artist's image and their private key. The image would remain unchanged. Then viewers could run the same encyription coding on the image and apply the artist's public key to see if it really *is* their work.... I don't know if this is the best way to do something like this and I sure am not much of a programmer... :) But it would be interesting to find if you think this is possible. Any other ideas on work authenticy would be appreciated. The main goal here is to let people view the work and if they *really* want to make sure the artist posted it, they could check it with PGP... or the like. Hopefully, people could catch art abuse and let the artist know about it. I myself have my art on the net as "share art" and people can do what they like with the images as long as they don't use them commercially without contacting me first. Also if they really alter an image, to say it's been manipulated and the orig can be found at say art.net. I realize that some folks may abuse these images of paintings I have done but I feel that what I gain by sharing makes up for it all. Unfortunately, this isn't the case with other artists and alot of them are not ready for this concept of sharing and letting go. They become terrified that their works might be open to the terrors I have mentioned. I want to give these artists a method that will make them feel more comfortable about sharing digital images.... Such a method will also help shoot down the marketeering, blood sucking, types of slippery jerks I run into who try and scare artists from sharing on the net. One fellow had the nerve to scare two artists away from art.net with copywrite arguments and abuse issues and then in some crazy way, he convenced them to pay him $ to provide the same service with no security messures ither. Blows my mind that they went for it... sigh..... This type of undermining will not help artists and I want to fight back. This jerk also is probably scared of art.net because we are offering to help teach artists how to put their stuff up with html, are offering a free space for them to create and share in, and are asking them to teach others the same. We are wanting to help other sites come up on the net and do the same. We're totally non-profit. This jerk couldn't understand why I would barter a painting for a years worth of Internet connection for art.net. He asked, "What do you get out of it?". I just shook my head... Sigh... thanks for your help in advance and check out "Art on the Net" if you get the chance... (http://www.art.net) -lile Lile Elam founder and one of the webmasters of "Art on the Net" lile at art.net From cactus at bb.com Mon Sep 19 00:50:25 1994 From: cactus at bb.com (L. Todd Masco) Date: Mon, 19 Sep 94 00:50:25 PDT Subject: Acapulco H.E.A.T. Auxilliary Review In-Reply-To: <199409190629.AA24697@metronet.com> Message-ID: <35jg46$nm@bb.com> In article <199409190629.AA24697 at metronet.com>, David K. Merriman wrote: >There *was* a brief flurry of goodguy/badguy >underwater WWF action, but considering that their alleged bottom time for >the dives was 25 minutes (any diver confirmation out there?), At 102 feet? ... it's just from a long-ago PADI training and a couple of shallow dives following, but from what I remember: - the rule of thumb is that 30 feet of water get you an atmosphere. So you're at 102 you're at just under 4.5, so you're using air at the rate of 4.5 times the rate you do on the surface. - My dives were usually 30-60 feet (say, half the pressure the H.E.A.T. team dealt with), and I was able to stay down for over an hour, with one tank. That means that with two tanks they should have had at least a similar limit, say an hour. On the other hand, I wasn't wrestling... Exertion can pull you way down. If they were giving a definite, solid time limit, it's definitely bogus ("Let's see, five minutes at 10 times air consumption while you fight...") for air limitations. - However, I also remember that at 102 feet you're beginning to push the envelope on what you can do with normal 80% Nitrogen mix; Nitrogen narcosis starts to become a real possibility. So, it's vaguely plausible if they didn't have any warning and couldn't get any special gas mixes for their air. Otherwise, I don't buy it. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From a.brown at nexor.co.uk Mon Sep 19 01:41:26 1994 From: a.brown at nexor.co.uk (Andrew Brown) Date: Mon, 19 Sep 94 01:41:26 PDT Subject: RSADSI vs. Remailers (Meta Strong Crypto) In-Reply-To: Message-ID: On Sat, 17 Sep 1994, Doug Cutrell wrote: > [...] > It still might > be possible to have anonymous remailers operating safely outside the > borders of the country -- but it would be possible to monitor for traffic > *destined* for these remailers, leaving the country. Since no anonymous > remailers exist within the country, the origin of this traffic can be > determined, and the sources can be prosecuted for use of an anonymous > remailer. Perhaps not. The US user could send an encrypted message to a foreign machine that offers, say, 100 different services, including a remailing service. You could not prove that the sender had requested a remailing and thus he could not be prosecuted. You could even randomly invoke one of the other services whenever a remail is requested. Other services might include ftpmail, archie searches etc... - Andy +-------------------------------------------------------------------------+ | Andrew Brown Internet Telephone +44 115 952 0585 | | PGP 2.6ui fingerprint: EC 80 9C 96 54 63 CC 97 FF 7D C5 69 0B 55 23 63 | +-------------------------------------------------------------------------+ From rishab at dxm.ernet.in Mon Sep 19 02:17:57 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Mon, 19 Sep 94 02:17:57 PDT Subject: DC-Nets and sheep Message-ID: doug at OpenMind.com (Doug Cutrell) > One possible way around this societal control of anonymous remailers might > be the existence of very large DC-nets (or related technologies). The idea I've been arguing that DC-Nets are among the crypto protocols that we've not exploited much so far. I was working on an implementation, till I got stuck with the 'net' part of it. The basic protocol is very simple, with hooks to the bit-flipping crypto routines. The problem is integrating the DC into an existing net protocol in a manner that makes it transparent and practical to use. Ideally a layer over IP or Ethernet, as DC-Nets share many of the basic problems of net protocols - conflict resolution, random wait-before-resend etc. Ideas? (Read section 13.4.8 of Tim's Cyphernomicon for an explanation of DC-Nets) Note that the major problems lie in the _practical_ implementation, which is not necessarily the speed - despite conflict resolution and anti-collusion techniques, the basic operation in a DC-Net, assuming the presence of a stream of random numbers, is the fast XOR. DC-Net implementation problems are more severe than those in secure-IP (swIPe etc) as they have to handle lots of things at a lower level in the network protocol. Doug goes on to suggest that to be immune from the "sheep^H^H^H^H^Hpeople" DC-Nets will have to have millions of members. But if anon remailers were used by millions, than they'd be immune too. All crypto is vulnerable to mob action until it's widespread. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From rparratt at london.micrognosis.com Mon Sep 19 02:40:49 1994 From: rparratt at london.micrognosis.com (Richard Parratt) Date: Mon, 19 Sep 94 02:40:49 PDT Subject: (fwd) "Will You Be a Terrorist?" Message-ID: <9409190939.AA17364@pero> cactus at bb.com wrote: > In any case, perhaps a way around this can be found: what we may > need is "stealth remailers," software that will behave as a remailer > through non-obvious "security holes" with correct cooperation from > software the original user runs. > > For example, hack sendmail so that it never wants to reverse-lookup DNS > and given a particular set of commands (saying "EHDR" for 'enhanced > headers') will operate as an anonymous remailer. Such sendmail-hackage > could be distributed with other changes that give enhanced security > (for example, that turn off EXPN and VRFY) so that people could claim > that they had no idea that they were operating an anonymous remailer. When Sendmail gets a mail to an unknown user (e.g. nobody at grunt.com), it will reject the mail. The relaying mailer is then supposed to bounce the mail back to the author. So if we forge the From: line, the mail should bounce back to the bogus target. If I forge a mail as follows: From: cypherpunks at toad.com To: nobody_at_all at bb.com ------blah blah blah----- It should bounce and thus appear on the cypherpunks list, without a sender. Of course, it will have paths, etc, which give the game away. What is needed to give 'Stealth' remailing is a mailer that when seeing a header such as 'X-Bounce-Strip: 1' removes headers and sends body text only back. This is a useful feature to reduce network bandwidth when bouncing mail, and should be included in all sendmails (grin). -- Richard Parratt From hart at chaos.bsu.edu Mon Sep 19 04:01:23 1994 From: hart at chaos.bsu.edu (Jim Hart) Date: Mon, 19 Sep 94 04:01:23 PDT Subject: Virtual assasins and lethal remailers In-Reply-To: <199409190302.UAA13804@deepthought.pylon.com> Message-ID: <199409191107.GAA05155@chaos.bsu.edu> Blanc Weber: > Liability for the consequences: > - responsibility of the designer, for acting as an agent of > change, for introducing a new element to the storehouse of > tools already available to the social body What about liability of non designers for failing to make changes? What about liability of people who use fallacious moralistic arguments and use coercion to stop changes? Sue 'em for breathing, Jim Hart hart at chaos.bsu.edu From frissell at panix.com Mon Sep 19 04:42:38 1994 From: frissell at panix.com (Duncan Frissell) Date: Mon, 19 Sep 94 04:42:38 PDT Subject: RC4 - A response from RSA Data Security, Inc. Message-ID: <199409191142.AA27556@panix.com> > WARNING NOTICE > > It has come to RSA Data Security's attention that certain RSA >trade secrets, in the form of confidential and proprietary source >code, have been misappropriated and disclosed. Please be advised that >these acts, as well as any retransmission or use of this >misappropriated source code is a violation of the Uniform Trade >Secrets Act and various other state and federal laws. Any person or Just in case you all were worried... It's not possible to violate the Uniform Trade Secrets Act because it is not an "Act" but rather a sample law for individual states to enact. DCF From rah at shipwright.com Mon Sep 19 04:59:43 1994 From: rah at shipwright.com (Robert Hettinga) Date: Mon, 19 Sep 94 04:59:43 PDT Subject: On the crime bill and remailers Message-ID: <199409191159.HAA27375@zork.tiac.net> Someone out there asked: >On Sun, 18 Sep 1994, Robert Hettinga wrote: >> Hey. I get it. Solon. Lawyer. Nym. >I think it is too late in the day for me. When you have a minute, >please let me in on it so I too can "get it". Sorry. Operating with sparse data in "terse" mode again... Here's the verbose, shaky memory version. I think Solon (called after he died "the lawgiver") was a, well, tyrant, of Athens. Tyrants in ancient Greece tended to be dictatorial in the modern sense. They weren't born to the job. They stole it fair and square, so the job was theirs. (BTW, the job "Dictator" comes from Rome, where it was an ad hoc, special purpose office granted by the senate with unlimited power for a finite term, usually 2 years. The finite term was supposed to be a check against abuse. Ceasar liked the job so much he wanted to keep it for life, so they snuffed him. Didn't do them any good.) Anyway. According to legend, Solon wrote, by himself for the most part, the laws Athens operated under during the Periclean, "golden" age of its history. Can't remember whether he stepped down after he did it, but the laws he wrote, including most of the ones we call "democratic", stayed in place after he died. So. SOLONg has several puns in "his" name. One, Solon "the lawgiver", like "I speak law". Two, So Long, Solon, like, "so long laws". Since "his" first post was a legal one, he (I'll take the quotes off because the original Solon was male) must be a lawyer or a law student, or someone who is neither who wants to sound like they are. Basing the nym on Solon the lawgiver is a little pretentious, but, hey, what you expect for what turn out to be free legal counsel on cypherpunk issues, a focus-group-tested nym? In the meantime, we have someone at least claiming legal credentials willing to put an oar in here every once in a while. With our friend Vinny "The Pro" Bono, (rumored relation to an ex-mayor), that makes two anonymous lawyers on the list that I know of. That is good thing, I think. Time will tell of course, whether that really is the case... Cheers, Bob Hettinga ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From nobody at kaiwan.com Mon Sep 19 05:18:53 1994 From: nobody at kaiwan.com (Anonymous) Date: Mon, 19 Sep 94 05:18:53 PDT Subject: RC4 spaces... Message-ID: <199409191218.FAA27754@kaiwan.kaiwan.com> Yoo Hoo, Did anyone notice the spaces at the end of most RC4 source code lines. Could they be .... 1 - Someone used a strange editor on the code. 2 - Someone deleted comments that were after the spaces. 3 - It is realy some crude Stego ID. Cheers, From mimir at io.com Mon Sep 19 05:50:02 1994 From: mimir at io.com (Al Billings) Date: Mon, 19 Sep 94 05:50:02 PDT Subject: news (fwd) Message-ID: This was forwarded by a friend of mine and a "witchhunt" list he is on at MIT. It seemed relevant given the government's current tactics. ---------- Forwarded message ---------- From: Sherrill Mulhern Subject: SRA CONFERENCE To: witchhunt at MIT.EDU Just thought that someone might be interested in checking out this conference. Last year it, at its first conference it advertized a number of big name MPD/SRA speakers including Roland Summit, Bennett Braun, Colin Ross, etc. Summit pulled out, however, I believe Braun and Ross attended and were joined by Catherine Gould (who wrote the check list of clinical indicators of satanic ritual abuse). "For Immediate Release:" Contact: Randy Skinner, Director National Criminal Justice Task Force (714) 262-7592/Fx(714) 252-0846 Cyber-porn Cover up-- Conference Unmasks Washington D.C. Computer Ring's Link to High Officials IRVINE, Calif -- Tasked with informing the nation about the prevalence of sexual crimes against children. The National Criminal Justice Task Force, a national multi-disciplinary group of judges, prosecutors, medical doctors and psychotherapists, is hosting the second national conference on Crimes Against Children, September 22-25 at Washington D.C.'s Ramada Renaissance Hotel. Slated for discussion is the first alleged cyber-porn ring -- the "Finders", a shadowy techno-cult allegedly specializing in electronic networks, disseminating child pornography and possibly smuggling children. According to Detective Sergeant Larry Lawson, of Florida, the mysterious group was discovered in Tallahassee in 1987 (? illegible) when police stopped a van driven by two adults, allegedly en-route to Mexico, carrying a cargo of six children, ages 3 to 6 years. Raiding a D.C. warehouse, D.C. Metro officers uncovered computers, detailed kindapping {sic} plans, child/animal blood-ritual photographs, and overseas orders for children. When a U.S. Customs/Washington Metro Police investigation was launched, the FBI's Counter-Intelligence Unit shut it down. Only under pressure from members of Congress-who just received information from associates of the National Criminal Justice Task Force - did the Justice Department renew the investigation. Uncovered recently is information that links corrupt federal officials to child-trafficking, as well as the use of influence to cover up their involvement with the Finders. For more information and press kit, contact Randy Skinner, director National Criminal Justice Task Force, (714) 262-7592/Fx (714) 252-0846 From jonathan at memex.com Mon Sep 19 05:57:26 1994 From: jonathan at memex.com (Jonathan Adams) Date: Mon, 19 Sep 94 05:57:26 PDT Subject: Acapulco H.E.A.T. Auxilliary Review Message-ID: <9409191048.AA11766@memexis.memex.com> In a post to cypherpunks, L. Todd Masco wrote: > In article <199409190629.AA24697 at metronet.com>, David K. Merriman > wrote: > >There *was* a brief flurry of goodguy/badguy underwater WWF > action, but considering that their alleged bottom time for > the dives was 25 minutes (any diver confirmation out there?), > > At 102 feet? ... it's just from a long-ago PADI training and a > couple of shallow dives following, but from what I remember: > > - the rule of thumb is that 30 feet of water get you an > atmosphere. So you're at 102 you're at just > under 4.5, so you're using air at the rate of > 4.5 times the rate you do on the surface. It's 1 atmosphere for every 33 feet, but either way, I don't see how you managed to get 4.5 * the rate. At around 3 atmospheres, you're using air at about 4 times the 1 atmosphere rate. > - My dives were usually 30-60 feet (say, half the pressure > the H.E.A.T. team dealt with), and I was able to stay > down for over an hour, with one tank. That means > that with two tanks they should have had at least > a similar limit, say an hour. On the other hand, > I wasn't wrestling... Exertion can pull you way > down. If they were giving a definite, solid time > limit, it's definitely bogus ("Let's see, five > minutes at 10 times air consumption while you > fight...") for air limitations. Hmmm. I believe that the diving depth-to-time tables (which I don't have in front of me. I'll get them out and double check later) give a time of around 25 minutes. It has nothing to do with how much air you have. The tables are used to avoid the bends and nitrogen narcosis. From raph at CS.Berkeley.EDU Mon Sep 19 06:49:34 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Mon, 19 Sep 94 06:49:34 PDT Subject: List of reliable remailers Message-ID: <199409191350.GAA12240@kiwi.CS.Berkeley.EDU> I have written and installed a remailer pinging script which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, at: http://www.cs.berkeley.edu/~raph/remailer-list.html Please let me know about any other remailers which I missed. I've only included remailers which can mail to arbitrary addresses, so I already know chop and twwells are missing. This information is used by premail, a remailer chaining and PGP encrypting client for outgoing mail, which is available at: ftp://kiwi.cs.berkeley.edu/pub/raph/premail-0.22.tar.gz For the PGP public keys of the remailers, as well as some help on how to use them, finger remailer.help.all at chaos.bsu.edu This is the current info: REMAILER LIST This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the 10-day history, and average latency and uptime for each remailer. You can also get this list by fingering remailer-list at kiwi.cs.berkeley.edu. $remailer{"chaos"} = " cpunk hash ksub"; $remailer{"vox"} = " cpunk oldpgp. post"; $remailer{"avox"} = " cpunk oldpgp post"; $remailer{"extropia"} = " cpunk pgp special"; $remailer{"portal"} = " cpunk pgp hash"; $remailer{"alumni"} = " cpunk pgp hash"; $remailer{"bsu-cs"} = " cpunk hash ksub"; $remailer{"rebma"} = " cpunk pgp hash"; $remailer{"jpunix"} = " cpunk pgp hash latent cut post"; $remailer{"wien"} = " cpunk pgp hash nsub"; $remailer{"c2"} = " eric pgp hash"; $remailer{"soda"} = " eric pgp. post"; $remailer{"penet"} = " penet post"; $remailer{"ideath"} = " cpunk hash ksub"; $remailer{"usura"} = " cpunk pgp. hash latent cut post"; $remailer{"leri"} = " cpunk pgp hash"; $remailer{"desert"} = " cpunk pgp."; $remailer{"underdog"} = " cpunk hash latent cut post"; catalyst at netcom.com is _not_ a remailer. Last ping: Mon 19 Sep 94 6:00:01 PDT remailer email address history latency uptime ----------------------------------------------------------------------- wien remailer at ds1.wu-wien.ac.at ***-+**++*** 9:04 99.99% bsu-cs nowhere at bsu-cs.bsu.edu ***++*****+* 6:05 99.99% c2 remail at c2.org +****-**+*-* 1:02:35 99.99% ideath remailer at ideath.goldenbear.com +****++*-.+* 2:32:19 99.99% chaos remailer at chaos.bsu.edu *******#**#* 1:48 99.99% leri remail at leri.edu *****-**+*-* 56:05 99.99% alumni hal at alumni.caltech.edu -*********** 13:07 99.91% soda remailer at csua.berkeley.edu +++++++... 5:41:04 99.97% portal hfinney at shell.portal.com -*********** 13:01 99.87% extropia remail at extropia.wimsey.com ++-- -++++++ 1:22:57 99.73% underdog lmccarth at ducie.cs.umass.edu ***** 3:43 99.59% vox remail at vox.xs4all.nl ---.. --.- 11:04:20 99.50% rebma remailer at rebma.mn.org --*-----+- 6:19:39 99.77% penet anon at anon.penet.fi ************ 2:02:48 98.91% jpunix remailer at jpunix.com *** *-** #** 7:34 98.87% desert remail at desert.xs4all.nl ..--.- ---- 25:55:50 81.03% usura usura at xs4all.nl ***** **+* 8:54 79.30% Suggested path: c2;bsu-cs;wien For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html Options and features cpunk A major class of remailers. Supports Request-Remailing-To: field. eric A variant of the cpunk style. Uses Anon-Send-To: instead. penet The third class of remailers (at least for right now). Uses X-Anon-To: in the header. pgp Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID. oldpgp Remailer does not like messages encoded with MIT PGP 2.6. Other versions of PGP, including 2.3a and 2.6ui, work fine. hash Supports ## pasting, so anything can be put into the headers of outgoing messages. ksub Remailer always kills subject header, even in non-pgp mode. nsub Remailer always preserves subject header, even in pgp mode. latent Supports Matt Ghio's Latent-Time: option. cut Supports Matt Ghio's Cutmarks: option. special Accepts only pgp encrypted messages. History key * # response in less than 5 minutes. * * response in less than 1 hour. * + response in less than 4 hours. * - response in less than 24 hours. * . response in more than 1 day. * _ response came back too late (more than 2 days). If you've got a Web page, please feel free to include a link to this page. If you think your Web page is relevant to the subject of remailers, let me know and I'll link it in. Comments and suggestions welcome! Note to remailer operators: this script generates hourly ping messages. If you don't want that, let me know and I will take your mailer off the list, or increase the interval between pings. Raph Levien From sandfort at crl.com Mon Sep 19 07:59:16 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 19 Sep 94 07:59:16 PDT Subject: FOUR TIMES AROUND THE WHEEL Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Today is my birthday. I've circled the Chinese zodiac four times--from Year of the Dog 1946, to Year of the Dog 1992. This has not been a good year. Write something nice to me. I need all the encouragement I can get. S a n d y "The Old Dog" S a n d f o r t ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From jya at pipeline.com Mon Sep 19 08:21:30 1994 From: jya at pipeline.com (John Young) Date: Mon, 19 Sep 94 08:21:30 PDT Subject: art encryption... Message-ID: <199409191520.LAA07898@pipe1.pipeline.com> Responding to msg by lile at art.net (Lile Elam) on Mon, 19 Sep 0:11 AM >So, I have been thinking that a way an artist can >insure a viewer that the art they are viewing is really >that of the artist, the artist can *sign* their art >with their private key and others can check it with >their public key. Now, the art would be factered into >the key generated that others would check with the >public key. > >So, a image file (gif, jpeg, tiff whatever) would be >run through a encryption coding that would generate a >signage based on the artist's image and their private >key. The image would remain unchanged. Then viewers >could run the same encyription coding on the image and >apply the artist's public key to see if it really *is* >their work.... As a parallel to your inquiry I offer: Thanks to help from this list my firm uses PGP to encrypt, sign and verify CAD architectural documents exchanged with consultants and clients. We also conceal ID in the documents by a simple steganographic method using combined PGP and CAD posted here a few weeks back, which is not revealed to the recipients, as a check on authorized use and distribution. Any suggested improvements would be welcome. John From paul at poboy.b17c.ingr.com Mon Sep 19 08:38:49 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Mon, 19 Sep 94 08:38:49 PDT Subject: FOUR TIMES AROUND THE WHEEL In-Reply-To: Message-ID: <199409191539.AA13323@poboy.b17c.ingr.com> -----BEGIN PGP SIGNED MESSAGE----- Sandy said: > This has not been a good year. Write something nice to me. > I need all the encouragement I can get. I suggest we all kick in $10 or so and hire Alison Armitage to jump out of a cake or something. Seems like the least we could do. - -Paul - -- Paul Robichaux, KD4JZG | Demand that your elected reps support the perobich at ingr.com | Constitution, the whole Constitution, and Not speaking for Intergraph. | nothing but the Constitution. ### http://www.intergraph.com ### -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLn2woKfb4pLe9tolAQHZLQP/f2blh62x8BEnumRPCb1l6UXagdv6aujU wTS2WpQb6SSm3KuLgp0zddIvrBlmh8IvERmgxxJxgHDYOsYqlPpGeVLHVWhGczbh uF/uZmFNwVe9Yb/3k+7IRgS8RMTPSY2sSJvktcnF2zyJR65oJzHnleDnJ0HaJQGF u9b9tYjl0rc= =qyIm -----END PGP SIGNATURE----- From doug at OpenMind.com Mon Sep 19 08:40:07 1994 From: doug at OpenMind.com (Doug Cutrell) Date: Mon, 19 Sep 94 08:40:07 PDT Subject: DC-Nets and sheep Message-ID: Rishab Aiyer Ghosh writes: >Doug goes on to suggest that to be immune from the "sheep^H^H^H^H^Hpeople" >DC-Nets will have to have millions of members. But if anon remailers were used >by millions, than they'd be immune too. All crypto is vulnerable to mob action >until it's widespread. I think that there is an important difference between the case of anonymous remailers and DC-Nets. Even if millions of people were using anonymous remailers, it would still be the case that the remailer itself would provide a single, isolatable target for control. Although it might not be politically popular to force the remailer out of operation, the actual mechanics of doing so could be relatively simple. The strength of DC-Nets lies in their distributed nature. There is no single target for control which can be isolated from the rest. Even without millions of members, a DC-Net gains strength through cooperation... to effectively target it, all of the members of the net must be targeted in some sense. Whether the actual technology used is a DC-Net or something fairly different, the basic principle of replacing single targets with large cooperating groups seems to hold promise. Doug From nobody at c2.org Mon Sep 19 09:07:00 1994 From: nobody at c2.org (Anonymous User) Date: Mon, 19 Sep 94 09:07:00 PDT Subject: A Scenario Message-ID: <199409191605.JAA02415@zero.c2.org> Anonymous User scripsit >> >> Let's say I have a digital cellular phone. I also have Anonymous Remailers, >> PGP, and over 100 BBS numbers (structured for which day and which hour each >> would be used) so that I can contact and talk to my "Friend." >> Please tell me how the LEA's can find me and understand the transactions >> between us? >You don't give us enough information. >Are your attackers looking for known parties? >How secure is your cellular? Do you operate from a known or a guessable >location? Is your "Friend" known? Suspected? His location, guessable? >Known? >If your location were known it would be a simple matter to monitor >the area, say put a van just outside your site and wait for cellular >activity of a strength that suggests your presence. How likely would it >be that someone else is using a cellular phone in your presence? Given >this, it is probably not difficult to obtain the billing/ESN number for >your phone, and then obtain detailed traffic information about your >transmissions. Given that it is a simple matter to conduct a lower tech >attack, say tempest, and pick up the conversation as you compose it, end >running the encryption so to speak. You think in too shallow a fashion. >Security is about more than communications security. >Even if yours is perfect, how about your friends. A tempest attack on >his site while he is using Word for Windows is just as effective as one >on you. >Modify this tactic to use a phone which uses several different ESN's at >random or move your location often and at random. >> >> If I have several encryption programs, can I 'layer' each document [I PGP the >> file, the I DES the PGP file, then IDEA for the final layer. >Worthless given the above attack. >> Does the NSA have to crack it one layer at a time, or can they bombard it, >> crack the layers in whatever order the supercomputer finds? >Again, unimportant given the cheaper low tech solution. >> If I am missing something, please let me know what I have missed. >Been there, did that. >-uni- (Dark) In the above scenario, I would never use my voice over the digital cellular [and I would be always moving {nothing done at home}]...strictly PGP/E-Mail. Even IF the parties are known, can they make their case? [How can they prove X sent Y if using PGP and anonymous remailers?] Of course, if one of them cooperates, that's different. Can Tempest be used as I'm driving/on a city bus? How expensive is it to maintain a Tempest surveillance in this fashion? This is a positive of portable computers and portable communications..no one can pinpoint [even remotely] where I'll compose/collect my pgp/e-mail. I am assuming that I'm covering my tracks smartly, and the only thing they have is what they can grab over the air, which is PGP, and that gets sent to some BBS [which they don't know] for my friend to pick up. The ESNs and the Keep Moving are really helpful, thanks. From jya at pipeline.com Mon Sep 19 09:21:56 1994 From: jya at pipeline.com (John Young) Date: Mon, 19 Sep 94 09:21:56 PDT Subject: art encryption... Message-ID: <199409191621.MAA16603@pipe1.pipeline.com> My recent post on use of PGP in architectural documents is limited to those produced by an all-volunteer group that provides free services. This work is often controversial and needs privacy protection. My commercial work does not yet deserve such elegant dressing. If and when it does I will relish paying for PRZ's hard work through his market channels. John From rishab at dxm.ernet.in Mon Sep 19 10:11:44 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Mon, 19 Sep 94 10:11:44 PDT Subject: Unfinished FAQ? Message-ID: Tim, I was going through the FAQ and was puzzled by what appear to be cryptic notes to yourself, such as "quote from Wired, Whole Earth Review" in the definition of cpunk in the MFAQ, along with a number of questions without answers - "Who are Alice and Bob" in the MFAQ for example. Do I have an unfinished version (0.666!) or what? ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From mech at eff.org Mon Sep 19 10:13:45 1994 From: mech at eff.org (Stanton McCandlish) Date: Mon, 19 Sep 94 10:13:45 PDT Subject: Profiling (fwd) Message-ID: <199409191712.NAA12423@eff.org> At Lee's request, I'm forwarding this note to several relevant forums. - mech at eff.org Forwarded message: Date: Thu, 15 Sep 1994 06:15:37 -0600 From: ap524 at Freenet.HSC.Colorado.EDU (Lee Knoper) Subject: Profiling Reply-To: 6564559 at MCIMail.COM [...] Here's a situation in which "profiling" by a government agency is already causing a problem. Recall that recently on Message-ID: <9409191640.AA15258@ah.com> I've been arguing that DC-Nets are among the crypto protocols that we've not exploited much so far. I was working on an implementation, till I got stuck with the 'net' part of it. Speaking of long-term integration on the internet, might it not be a good idea to get some IP address range assigned for dc-net use? To integrate with the rest of the Internet, there should be some IP address that this message appears to originate from. These are the addresses that need reservation. Class A,B,C addresses are the standard unicast addresses for network interfaces. Class D addresses are multicast addresses. Class E addresses are reserved; there are 27 bits of address space available. If we could reserve some 11 bit prefix of this address space, that would leave us with 16 bits of address for dc-net addresses. This will certainly suffice until the new IP is fully deployed. As far as social mechanisms go, how does one go about reserving some prefix of the Class E address space? Could our resident IETF gurus comment, please? Very Simple Review: To send one message, (1) a group of people make a bunch of bilateral communications. (2) Each person publishes the sum of all the messages the receive. (3) The sum of all the broadcasts in item (2) is the message. There are a bunch of integration issues to deal with as well. For communication internal to the dc-net, i.e. from one member to another, a Class D multicast address will suffice. All the dc-net members would be members of the multicast group, and any of them could reconstruct a message. Communication from the dc-net to the rest of the internet is the problem. How does someone send a message into the dc-net? How does the dc-net send a message outside itself? How do you properly do name service? For sending a message into the dc-net, a message directly posted from the outside to the internal multicast address for the dc-net would suffice. But most systems can't route to a Class D address yet. Sending a message from the dc-net should appear, in an ideal world, to originate from the Class E address for the dc-net, but the same routing problem is even worse here. Unicast proxy addresses for the net solve both of these. By using multiple loopback interfaces, you can given a machine on the Internet more IP addresses than it has physical interfaces. That is, if a single machine has only an ethernet connection, adding two loopback interfaces could give that machine three IP addresses. These extra IP addresses can be used as proxy addresses. These proxy sites would have to be trusted at least against denial of service. If one assumes higher level authentication and integrity checking, alterations in the message stream by the proxy can be detected. Failure recovery could then include choice of a new proxy or reconfiguration of the dc-net. I can't really comment now on how might a proper long term solution might work. One would at least keep the proxy addresses for backward compatibility, since it's unlikely for many years to have direct support for dc-nets shipped as standard kernel features, although that _is_ the eventual goal. It's likely that the protocols for discovering and joining multicast groups, as one example of an aggregate addressed entity, will apply here. Eric From blancw at microsoft.com Mon Sep 19 10:34:41 1994 From: blancw at microsoft.com (Blanc Weber) Date: Mon, 19 Sep 94 10:34:41 PDT Subject: HAPPY BIRTHDAY (H.E.A.T.) TO YOUUUUUUUUUUUUUUUUUU Message-ID: <9409191735.AA07540@netmail2.microsoft.com> ~ ~ ~ ~ ! ~ ~ .!. ~ ~ . ! . ~ ~ / / \ \ ~ ~ | | | | ~ ~ \ \ / / ~ ~ :: ~ ~ | ~ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | %~~~~~~~~% [------------------] [------------------] [-----------------------------------------] [-----------------------------------------] [-----------------------------------------] May your light burn bright, and long. May you have many chocolate cakes & gourmet cookies. May you have many double tall mocha nutmeg lattes. May you find love & happiness. May your spirit & your finances both soar into the stratosphere. May you make many friends who write in parced sentences. May the Bluebird of Paradise visit your apartment. May you achieve total anarchy and maximum privacy. May this email totally embarrass you. X X X ~ Blanc From tcmay at netcom.com Mon Sep 19 10:50:00 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 19 Sep 94 10:50:00 PDT Subject: Unfinished FAQ? In-Reply-To: Message-ID: <199409191718.KAA21025@netcom6.netcom.com> [Rishab addressed this to the list as well, so I'll respond in public.] > Tim, > > I was going through the FAQ and was puzzled by what appear to be cryptic notes > to yourself, such as "quote from Wired, Whole Earth Review" in the definition > of cpunk in the MFAQ, along with a number of questions without answers - > "Who are Alice and Bob" in the MFAQ for example. > > Do I have an unfinished version (0.666!) or what? First, it will never be "finished." Second, the less-than-1.00 numbering is, as usual, indicative that the version is less-than-complete. Third, I explained this in the Release Notes. I suggest people read this first. To repeat, I felt it was important to get out what I had. Many people had been bugging^H^H^H^H asking me about it for the past few months, so I decided to issue what I had in time for the 2nd Anniversary meeting. I missed that deadline by less than 20 hours. Yes, there's a mix of styles, partly prose essays, partly enumerated lists of points. And even incomplete sections. Such is life. Like I said in the Release Notes, anybody is welcome to get their money back. Meanwhile, more than a megabyte of text exists. Ought to be enough for now. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From jim at acm.org Mon Sep 19 10:55:05 1994 From: jim at acm.org (Jim Gillogly) Date: Mon, 19 Sep 94 10:55:05 PDT Subject: RC4 article in Saturday (Sept 17) New York Times In-Reply-To: <9409170456.AA16046@merckx.UUCP> Message-ID: <9409191754.AA13063@mycroft.rand.org> > Matt Blaze writes: > John Markoff has a piece on the RC4 betrayal in the Business section of... > ... Bidzos speculated that > the NSA could revoke RC4's export status as a result of the > disclosure. Bidzos may not need to worry about this or ask damages for loss of export status, if Michael Ernst spoke to the right people for the attached msg. Jim Gillogly Hevensday, 28 Halimath S.R. 1994, 17:50 _________________________________________________________________________ From: mernst at theory.lcs.mit.edu (Michael Ernst) Newsgroups: sci.crypt Subject: Re: opinions of RC2 alogrithm Message-Id: Date: 1 Apr 93 20:51:47 GMT References: <1p7g2m$57g at bilbo.suite.com> <16BA010AC1.C445585 at mizzou1.missouri.edu> Sender: news at mintaka.lcs.mit.edu Organization: MIT Lab for Computer Science Lines: 15 In-Reply-To: C445585 at mizzou1.missouri.edu's message of 30 Mar 93 00:58:03 GMT > The RC2 algorithm is unpublished. Perhaps you could ask a representative > of RSA whether its remaining unpublished is one of the conditions of its > fast-track approval for export. (My impression was that this *is* one of > the conditions of its pre-approval for export, but I am not certain.) The RC4 algorithm is also unpublished and also exportable at 40-bit key strength. A couple of weeks ago I asked NSA whether just RSADSI, or both NSA and RSADSI, want to keep the algorithm secret. NSA told me that they would be delighted to see the algorithm published, but that RSADSI wanted to keep it a trade secret, presumably to protect their intellectual property. Given the parties involved, extra disclaimers must apply. -Michael Ernst mernst at theory.lcs.mit.edu _________________________________________________________________________ From hughes at ah.com Mon Sep 19 11:20:47 1994 From: hughes at ah.com (Eric Hughes) Date: Mon, 19 Sep 94 11:20:47 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <35gl4b$qtn@bb.com> Message-ID: <9409191742.AA15343@ah.com> >I'd suggest that a much more productive avenue of approach would be to >improve the aliasing facilities of a remailer provider to allow a >pseudonym to look like a fully normal name. I'm not sure that's a good solution. Todd, Todd, Todd. You can run a remailer and the mailing list on the _same_ machine and do the aliasing in the remailer. You can even restrict operation of the remailer to work only with the mailing list, if that's what you want. The issue here is clean separation of abstraction. >At his site [that's CMU--EH] there's this >'name+extra' syntax which delivers mail to 'name', but because of a >special sendmail version 8 macro in the Received: field both the >'name' and the 'extra' can be recovered. The 'extra' is then an input >into a remailer as a pseudonym. Sure. I'm familiar with AMS [...] This doesn't require AMS. I've done the same hack myself in ruleset 0 of sendmail. Then you tweak the HReceived line to add the $u macro, which under sendmail v8 includes the whole address which caused delivery. Another, better I think, possibility is to add headers and let the MUA sort it out: you don't have to depend upon non RFC-822 features in the MTA. That's exactly how it works now. The Received field is rfc822 compliant, and the remailer, which is a part of the MUA, is where it gets parsed. Eric From frissell at panix.com Mon Sep 19 12:21:17 1994 From: frissell at panix.com (Duncan Frissell) Date: Mon, 19 Sep 94 12:21:17 PDT Subject: Profiling Message-ID: <199409191918.AA25552@panix.com> > In other words, your AZ tax can be based on your profile, irrespective > of your income or expenses. But the AZ D of R can't use a profile to actually *find* your money or, indeed, to determine that you are a resident of Arizona. > It's also a bit of an eye-opener to note that it is expected to > replace ID used for -other- than official business as well, like club > cards and health care access cards. If it's not in your profile or if > the money is not in your account, you can't do_it/have_it. Moreover, > you'll probably get automatically reported for followup investigation > to determine willfulness and intent. I *love* it when the government decides to use automation to cut people off from permissions/benefits if they don't "toe the line." Since I would like them to cut *everyone* off from permissions/benefits, every step closer to that situation is an improvement. Apparently, "Seaquest, DSV" had a little automated punishment example on yesterday's show. A guy on a motorbike was speeding and his plates were scanned on the fly and he was notified, while still driving, that his "Social Security Account" had been docked for some $700 in fines. Note that all they accomplish by such things is to convert people into "outlaws." If government benefits and permissions are withdrawn from you then the incentive for you to play their game is reduced. Automated punishment also weakens the hold of the government even on those who obey the law because they knwo that they can lose their government "benefits" at any time and so they value them less. In a strictly practical sense, such punishments encourage those punished to learn how to live outside the government's reward/punishment system. Note the non-compliance rates in New York City for driver's license, insurance, and registration rules. The DMV computers automatically suspend someone's license (even if he's never had one) and he keeps driving anyway. People accumulate hundreds of suspensions. DCF ************************************************************************* ATMs, Contracting Out, Digital Switching, Downsizing, EDI, Fax, Fedex, Home Workers, Internet, Just In Time, Leasing, Mail Receiving, Phone Cards, Quants, Securitization, Temping, Voice Mail. From sandfort at crl.com Mon Sep 19 13:31:37 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 19 Sep 94 13:31:37 PDT Subject: EMBARRASSED, I? Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks (did I ever tell you, it's pronounced "spunks"?), Blanc Webber made me feel like JFK being sung to by Norma Jean. The part I didn't understand, though, was when she wrote: May this email totally embarrass you. Hell, Blanc, why should it embarrass me? You're the one with the dirty picture. It's a candle? Sorry, my mistake. (But it looks just like my... oh, never mind.) Thanks Blanc, S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ rom owner-cypherpunks Mon Sep 19 13:30:56 1994 Return-Path: Received: by toad.com id AA02563; Mon, 19 Sep 94 13:30:56 PDT Received: from mail.crl.com by toad.com id AA02557; Mon, 19 Sep 94 13:30:50 PDT Received: from crl2.crl.com by mail.crl.com with SMTP id AA23474 (5.65c/IDA-1.5 for ); Mon, 19 Sep 1994 13:29:20 -0700 Received: by crl2.crl.com id AA12797 (5.65c/IDA-1.5 for Cypherpunks ); Mon, 19 Sep 1994 13:29:19 -0700 Date: Mon, 19 Sep 1994 13:29:01 -0700 (PDT) From: Sandy Sandfort Subject: THE BEST MINDS IN CYBERSPACE To: Cypherpunks Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cypherpunks at toad.com Precedence: bulk ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, I'm always telling people how smart the Cypherpunks are. Now I have proof. Paul Robichaux wrote: I suggest we all kick in $10 or so and hire Alison Armitage to jump out of a cake or something. Seems like the least we could do. It's like he read my mind--especially the "or something" part. Thanks Paul. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cactus at bb.com Mon Sep 19 13:33:54 1994 From: cactus at bb.com (L. Todd Masco) Date: Mon, 19 Sep 94 13:33:54 PDT Subject: Acapulco H.E.A.T. Auxilliary Review In-Reply-To: <9409191048.AA11766@memexis.memex.com> Message-ID: <35ksmv$2ah@bb.com> In article <9409191048.AA11766 at memexis.memex.com>, Jonathan Adams wrote: >> - the rule of thumb is that 30 feet of water get you an >> atmosphere. So you're at 102 you're at just >> under 4.5, so you're using air at the rate of >> 4.5 times the rate you do on the surface. > >It's 1 atmosphere for every 33 feet, but either way, I don't see how >you managed to get 4.5 * the rate. At around 3 atmospheres, you're >using air at about 4 times the 1 atmosphere rate. That's because you didn't add the 1 atmosphere you've already got above the water to your pressure count, while I did. We clearly meant the same thing, since we both got ~4 times the rate. >Hmmm. I believe that the diving depth-to-time tables (which I don't have >in front of me. I'll get them out and double check later) give a >time of around 25 minutes. It has nothing to do with how much air you >have. The tables are used to avoid the bends and nitrogen narcosis. I've been assuming that it wouldn't be a problem for the H.E.A.T. folks to ascend slowly. Wouldn't this avoid decompression sickness? Again, it's been a really long time -- moving from Florida to Pittsburgh and then NYC will do that. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From klbarrus at owlnet.rice.edu Mon Sep 19 14:18:02 1994 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Mon, 19 Sep 94 14:18:02 PDT Subject: art encryption... In-Reply-To: <199409190711.AAA15172@art.net> Message-ID: <9409192117.AA13098@snowy.owlnet.rice.edu> Lile Elam wrote: > So, I have been thinking that a way an artist can insure a viewer that > the art they are viewing is really that of the artist, the artist can > *sign* their art with their private key and others can check it with > their public key. Now, the art would be factered into the key > generated that others would check with the public key. ... > But it would be interesting to find if you think this is possible. Maybe I'm missing something, but why can't you just use the detached signature option of pgp? "pgp -sb file" will created a signature file that is seperate from the document (named file.asc by default, I'm pretty sure); later, the file and your public key can be used to verify the signature! -- Karl L. Barrus: klbarrus at owlnet.rice.edu 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 "One man's mnemonic is another man's cryptography" - K. Cooper From unicorn at access.digex.net Mon Sep 19 14:36:47 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Mon, 19 Sep 94 14:36:47 PDT Subject: [CyberCash Media hype] In-Reply-To: <9409191413.ZM8723@wiley.sydney.sgi.com> Message-ID: <199409192135.AA14970@access1.digex.net> Ian Farquhar scripsit > > On Sep 15, 3:20pm, Jamie Lawrence wrote: > > Also, I do disagree with your statement "security through > > obscurity is no security at all." A rather high degree of > > security can be had through obscurity, but it is often entirely > > unpredictable whether or not a particlar 'obscurity method' > > will be secure or not (any 15 year old hiding cigarettes under > > the bed can attest to that). I prefer: "security through obscurity ALONE is no security at all." > In addition, it is also particularly effect if what > is being obscured is sufficiently secure already, as it just adds another > layer of protection. Guess I'm not the only one. > > The TLA's understand this concept well, which is one of the reasons they > classify almost everything they do. One non-obvious fact is that in the > environment most governments use crypto (eg. widely distributed sites with > key distribution channels which are more easily compromised than the > crypto hardware), that the design of the cipher may be easier to keep > secret than the key itself. As such, the use of security by obscurity > in the design of the cipher itself is a lot more effective than most > people would give it credit for. > While this may seem to be a joke comment, it is not. They also classify just about if not exactly everything because it never will be looked at seriously by the policy makers if it's not marked at least "secret." The major hurtle in intelligence is often not collection or analysis, but persuasion. > Ian. -uni- (Dark) -- 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Mon Sep 19 14:40:03 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Mon, 19 Sep 94 14:40:03 PDT Subject: On the crime bill and remailers In-Reply-To: <199409182348.TAA20311@zork.tiac.net> Message-ID: <199409192138.AA15096@access1.digex.net> Robert Hettinga scripsit > > At 1:22 PM 9/18/94 -0700, Anonymous wrote: > > >Current drafts of the crime bill include a scienter requirement. > >You are liable only if you know or intend for your remailer to be > >used by a terrorist. > > > >This is SOLONg's first post to this list. > > Hey. I get it. Solon. Lawyer. Nym. Some lawyer, can't do stat. intrepretation to save his/her life. As I pointed out before, the requirement for INVESTIGATION is reasonably appearing to have intent. The statuatory offense itself includes NO REFERENCE to intent. The scienter requirement here is "gloss on the surface" of the kind intended to win votes from on the fencers. > > Cool. > Until you get his bill, and lose in court too boot. > Bob Hettinga > > ----------------- > Robert Hettinga (rah at shipwright.com) "There is no difference between someone > Shipwright Development Corporation who eats too little and sees Heaven and > 44 Farquhar Street someone who drinks too much and sees > Boston, MA 02331 USA snakes." -- Bertrand Russell > (617) 323-7923 -uni- (Dark) -- 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From blancw at microsoft.com Mon Sep 19 14:44:18 1994 From: blancw at microsoft.com (Blanc Weber) Date: Mon, 19 Sep 94 14:44:18 PDT Subject: That Steamy Aura Message-ID: <9409192145.AA22624@netmail2.microsoft.com> That's not funny, Sandy. (but I'll keep it in mind, whenever I think about you) ~ Blanc From unicorn at access.digex.net Mon Sep 19 15:03:56 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Mon, 19 Sep 94 15:03:56 PDT Subject: A Scenario In-Reply-To: <199409191605.JAA02415@zero.c2.org> Message-ID: <199409192201.AA16117@access1.digex.net> Anonymous User scripsit > > Anonymous User scripsit > >> > >> Let's say I have a digital cellular phone. I also have Anonymous > Remailers, > >> PGP, and over 100 BBS numbers (structured for which day and which hour > each > >> would be used) so that I can contact and talk to my "Friend." > >> Please tell me how the LEA's can find me and understand the transactions > >> between us? > > >You don't give us enough information. > > >Are your attackers looking for known parties? > >How secure is your cellular? Do you operate from a known or a guessable > >location? Is your "Friend" known? Suspected? His location, guessable? > >Known? > [Location stuff] [Your friend could be an idiot stuff] [You should move around more and vary the ESN] > > In the above scenario, I would never use my voice over the digital cellular I assumed only data. > [and I would be always moving {nothing done at home}]...strictly PGP/E-Mail. So you would compose your messages on a laptop while moving about? This would be my suggestion. I don't know how well Tempest works on the move, I assume it's more difficult, but not impossible. The LCD screen (some have theorized) will make interception more difficult. The real problem is when you compose the message, or when it is actually converted to plaintext and read. These are the cheapest interceptions via tempest, or even a video camera over the shoulder. Remember, once your ESN or ESN's are estlablished, it is a simple matter to obtain your transactional information remotely (see Digital Telephony bill for the whole argument). > Even IF the parties are known, can they make their case? [How can they prove > X sent Y if using PGP and anonymous remailers?] Of course, if one of them > cooperates, that's different. If I were trying to make the case I would do it so: At 5:10 pm, subject A departed in a taxi for the airport with his laptop. Monitoring the subjects known phone information (obtained by local close proximity interception) we measured a 26 second call to a local unix service provider. Subject A's account (which was being observed) showed mail traffic sent to a known remailer at 5:12pm. Subject B's account recieved a encrypted message [If by PGP it would be obvious that subject a and subject b were using the same software] at 6:30pm. (or perhaps 12:01am if the remailer is trying to foil traffic). After receiving the encryped message from a (the same?) remailer, subject B left his home and was found near the site of the terrorist bombing. At the very least this provides a WIDE OPEN door to take a closer look at Subject A. I hope you have never met subject B in person, or have anything in your house incriminating. If yes, you better be ready to purjure yourself. > Can Tempest be used as I'm driving/on a city bus? How expensive is it to > maintain a Tempest surveillance in this fashion? Dunno, Dunno. Probably difficult, doubt that it's impossible. This is a positive of > portable computers and portable communications..no one can pinpoint [even > remotely] where I'll compose/collect my pgp/e-mail. Wrong. It's pretty easy given your phones billing information. The cell site you are working off of at any given moment is currently easy to estlablish. That gives your position within some miles (I assume this varies from area to area) In fact, a cellular phone is probably the WORST thing to use if your interested in hiding your location and your phone number/ESN is known. Given the location of the cell your working off of, it's probably an easy matter to just track the phone to cell signal down with a direction/strength meter or by triangulation. I am assuming that I'm > covering my tracks smartly, and the only thing they have is what they can > grab over the air, which is PGP, and that gets sent to some BBS [which they > don't know] for my friend to pick up. If your friend is monitored, the BBS firewall is useless. He calls, his call setup information is recorded. Given a pattern it's obvious after a while which 30 BBS's your using. > The ESNs and the Keep Moving are really helpful, thanks. > > Remember, strong crypto is only a tenth the game. -uni- (Dark) -- 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Mon Sep 19 15:04:30 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Mon, 19 Sep 94 15:04:30 PDT Subject: A Scenario In-Reply-To: <199409191605.JAA02415@zero.c2.org> Message-ID: <199409192202.AA16142@access1.digex.net> Copy that to the list will you? -uni- (Dark) -- 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From rah at shipwright.com Mon Sep 19 15:08:14 1994 From: rah at shipwright.com (Robert Hettinga) Date: Mon, 19 Sep 94 15:08:14 PDT Subject: On the crime bill and remailers Message-ID: <199409192207.SAA13314@zork.tiac.net> At 5:38 PM 9/19/94 -0400, Black Unicorn wrote: >Some lawyer, can't do stat. intrepretation to save his/her life. > >As I pointed out before, the requirement for INVESTIGATION is reasonably >appearing to have intent. The statuatory offense itself includes NO >REFERENCE to intent. > >The scienter requirement here is "gloss on the surface" of the kind >intended to win votes from on the fencers. Ah. I see. Then this stuff on my face is egg, no? Cheers, Bob Hettinga ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From sdw at lig.net Mon Sep 19 15:40:50 1994 From: sdw at lig.net (Stephen D. Williams) Date: Mon, 19 Sep 94 15:40:50 PDT Subject: Copyright enforcement through crypto Message-ID: I'd like to explore the technical problems of enforcing copyright restrictions through encryption and custom viewing software. What I have in mind is a viewer, say a spin off of Mosaic, that has a general purpose decryption engine that could be programmed with an algorythm as part of the document download process. The goal I have in mind is to make possible one time, or limited time viewing of a downloaded document The document would be encrypted with the selected method and keyed with a timestamp. The client would need access to a timeserver and a session key, etc. to decrypt as close as possible to the display hardware. This could be prototyped as a user process, but securely implemented as an extension to X, MS-Windows, etc. I haven't worked out all the problems, but see quite a few already. Obviously, the goal would be to get really good copyright material on the net, like first run movies, when we have the bandwidth. Just wondering what minimum collection of hardware, software, and infrastructure would be needed. Of course, this is related to the pay-per-use software paradigm (vs. current unlimited license). sdw -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 510 503-9227APager LIG dev./sales Internet: sdw at lig.net In Bay Area Aug94-Feb95!!! OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Internet Consulting ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Newbie Notice: I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru. From sdw at lig.net Mon Sep 19 15:47:03 1994 From: sdw at lig.net (Stephen D. Williams) Date: Mon, 19 Sep 94 15:47:03 PDT Subject: Public key/3DES datastream software over WAN Bastions Message-ID: Has anyone produced software (preferably Unix based) that provides a public key authenticated, DES/3DES encrypted datastream over WAN firewalls/bastions? A typical use would be to connect transaction feeds between two data centers in a secure, automated way over Internet. I can't see anything conceptually difficult with it, and it seems the PGP library could be used to create simple Unix daemons. sdw -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 510 503-9227APager LIG dev./sales Internet: sdw at lig.net In Bay Area Aug94-Feb95!!! OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Internet Consulting ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Newbie Notice: I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru. From mech at eff.org Mon Sep 19 15:49:21 1994 From: mech at eff.org (Stanton McCandlish) Date: Mon, 19 Sep 94 15:49:21 PDT Subject: _American_Survival_ mag article Message-ID: <199409192249.SAA24516@eff.org> Oct. issue of _American_Survival_ has an article called "Clipper Inside". Dunno anything else about it, might be good, might suck rocks. -- Stanton McCandlish
    mech at eff.org

    Electronic Frontier Fndtn.

    Online Activist From jim at acm.org Mon Sep 19 16:07:19 1994 From: jim at acm.org (Jim Gillogly) Date: Mon, 19 Sep 94 16:07:19 PDT Subject: Copyright enforcement through crypto In-Reply-To: Message-ID: <9409192306.AA14497@mycroft.rand.org> > sdw at lig.net (Stephen D. Williams) writes: > I'd like to explore the technical problems of enforcing copyright > restrictions through encryption and custom viewing software. > What I have in mind is a viewer... goal ... is ... one time... viewing of a > downloaded document... If it displays on my current screen and PC, I can capture it with some other software. William Gibson's book "Agrippa" was tried this way (sort of) and it didn't take long for it to get captured and posted. If it uses some special-purpose hardware, it'll need to compete with existing services: cable, rental laserdisks, and so on, and then I'll decide whether to trade in my current computer and buy it. I don't see the niche so far. From sandfort at crl.com Mon Sep 19 16:20:05 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Mon, 19 Sep 94 16:20:05 PDT Subject: I ONLY SHOOT BLANCS Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, In response to my candle comment, Blanc wrote: That's not funny, Sandy. (but I'll keep it in mind, whenever I think about you) Well, I still think it was funny, but now I *AM* embarrassed. (Blanc, wipe that smug expression off your face, this instant!) S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From cactus at bb.com Mon Sep 19 16:34:44 1994 From: cactus at bb.com (L. Todd Masco) Date: Mon, 19 Sep 94 16:34:44 PDT Subject: Copyright enforcement through crypto In-Reply-To: Message-ID: <35l7ej$670@bb.com> In article , Stephen D. Williams wrote: >I'd like to explore the technical problems of enforcing copyright >restrictions through encryption and custom viewing software. > >What I have in mind is a viewer, say a spin off of Mosaic, that has >a general purpose decryption engine that could be programmed with an >algorythm as part of the document download process. The goal I have >in mind is to make possible one time, or limited time viewing of a >downloaded document The document would be encrypted with the selected >method and keyed with a timestamp. The client would need access to a >timeserver and a session key, etc. to decrypt as close as possible to >the display hardware. [Disclaimer: this is what I gather, from looking at a competitor's setup.] A subset of what you want exists: the Internet Bookstore (I believe it's called) has a viewer/dongle combination for customers that they ship to customers for (I think) $30. I have no idea whether they've sold any, but I'd bet not (given the low level of sales Bibliobytes has seen without requiring $30 up front). Their design presumably puts the user's key in the dongle; each book shipped is encrypted with it, so the books are (I think) tied to the dongle. However, AFAIK there's no time-binding invovled, and I'm skeptical as to how easy that would be: once you've displayed information once, it's out. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From cactus at bb.com Mon Sep 19 16:59:06 1994 From: cactus at bb.com (L. Todd Masco) Date: Mon, 19 Sep 94 16:59:06 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <9409191742.AA15343@ah.com> Message-ID: <35l8lv$6g9@bb.com> In article <9409191742.AA15343 at ah.com>, Eric Hughes wrote: > >I'd suggest that a much more productive avenue of approach would be to > >improve the aliasing facilities of a remailer provider to allow a > >pseudonym to look like a fully normal name. > > I'm not sure that's a good solution. > >Todd, Todd, Todd. You can run a remailer and the mailing list on the >_same_ machine and do the aliasing in the remailer. You can even >restrict operation of the remailer to work only with the mailing list, >if that's what you want. > >The issue here is clean separation of abstraction. Well *excuse me* for being clinically thick... I shouldn't post after more than 20 hours w/out sleep. You're right, of course. Though the remailer and the mailing list software would probably require some hacking to make the coupling tighter, in the process giving both limited-use remailers (probably undesirable in the generic case, but I can think of special uses) and access-controlled mailing list software (definitely uses for this, as some exist). >This doesn't require AMS. I've done the same hack myself in ruleset 0 >of sendmail. Then you tweak the HReceived line to add the $u macro, >which under sendmail v8 includes the whole address which caused >delivery. Could you send me what you've done on this? I think it's a desirable feature to have, though requiring that people hack their sendmail.cfs is not a big boost to the "popularity of package" indicator. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From hughes at ah.com Mon Sep 19 17:14:37 1994 From: hughes at ah.com (Eric Hughes) Date: Mon, 19 Sep 94 17:14:37 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <35l8lv$6g9@bb.com> Message-ID: <9409192336.AA15969@ah.com> [...] giving both limited-use remailers Limited use remailers are exactly what a subscription service does. Could you send me what you've done on this? I think it's a desirable feature to have, though requiring that people hack their sendmail.cfs is not a big boost to the "popularity of package" indicator. Admittedly, sendmail.cf hacking is not for the light of heart. I've appended a little tutorial I wrote a few months ago on how to do this. The only correction I have on rereading is that version 8 sendmail doesn't use frozen configuration files. Eric ----------------------------------------------------------------------------- How to add + to your email syntax --------------------------------- Ever wanted one of those cool addresses? So you can use and get a filter to easily move the list out from your regular mail? Now you can. This tutorial works if you're running a fairly standard version of sendmail. It requires some hacking to sendmail.cf, so you need the permission to do that; that's usually root. The modifications are fairly straightforward. I. Add + to the list of operator symbols. The sendmail 'o' macro determines how to break up strings in sendmail.cf rules into tokens. In order to be able to recognize + specially, you'll have to add to the operator symbols to make it separately recognizable. So, first do a % grep -n ^Do sendmail.cf 116:Do.:%@!^=/[] Now, go in and edit line 116 and add a + sign at the end: Do.:%@!^=/[]+ That's all. Now sendmail will not include + inside of its tokens. II. Duplicate local delivery rules to accept + syntax. Sendmail is a delivery multiplexer. You want to change the syntax for local deilvery, so all you need to change is the local mail specifications. First, make sure your local mailer is called 'local'. You can search for the mailer definition as follows: % grep ^Mlocal sendmail.cf Mlocal, P=/usr/libexec/mail.local, F=lsDFMmn, [...] I've elided the tail end of the line, because all you really need to ascertain is that the local mailer has the right name. Now you want to search for all the delivery rules that deliver mail to the local mailer: % grep -n '#local' sendmail.cf 563:R$-<@$w> $#local$:$1 585:R$-<@$D> $#local$:$1 user at ah.com 614:R$+ $#local$:$1 everything else I have three rules for local delivery. (The second one is custom, and allows for delivery to a domain address for which no IP address exists.) All you do now is to add a rule for '+' delivery for each kind of existing local delivery. After I changed mine, it said: % grep -n '#local' sendmail.cf 563:R$-<@$w> $#local$:$1 564:R$-+$*<@$w> $#local$:$1 586:R$-<@$D> $#local$:$1 user at ah.com 587:R$-+$*<@$D> $#local$:$1 user at ah.com 616:R$-+$* $#local$:$1 everything else 617:R$+ $#local$:$1 everything else Rules that matched "$-", a single token, I changed to match "$-+$*", a single token followed by "+" followed by zero or more tokens. Rules that matched "$+", one or more tokens, I changed to match "$-+$*", same as above. I added the changed rule _before_ the original rule because otherwise the $+ would swallow up everything. The $1 in the second column refers to the first macro to match in the pattern in column one. That's the username the mail gets to delivered to. If you have more complicated usernames, you're likely already a seasoned sendmail trooper. III. Install and Test You should probably increment the version number when you make the change. It's in the 'Z' macro, do % grep -n ^DZ sendmail.cf 104:DZ2.06 Freeze the sendmail configuration with sendmail -bz otherwise your changes won't take effect. Now send yourself some test mail and make sure it works. Eric Hughes hughes at ah.com 17 February 1994 From blancw at microsoft.com Mon Sep 19 17:16:48 1994 From: blancw at microsoft.com (Blanc Weber) Date: Mon, 19 Sep 94 17:16:48 PDT Subject: Such a Sweetie Pie Message-ID: <9409200017.AA29815@netmail2.microsoft.com> Sandy: It was nothing. [What a Nice Guy (tm)] @ @ @ @ @ @ @ ~ ~ @ . * * . . \/ . . . . . . . . . . . . . . . . Blanc (please, no more!) From adam at bwh.harvard.edu Mon Sep 19 17:53:37 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Mon, 19 Sep 94 17:53:37 PDT Subject: Sendmail hacking (was (fwd) "Will You Be a Terrorist?") In-Reply-To: <9409192336.AA15969@ah.com> Message-ID: <199409200053.UAA03564@bwh.harvard.edu> | Admittedly, sendmail.cf hacking is not for the light of heart. I've | appended a little tutorial I wrote a few months ago on how to do this. | The only correction I have on rereading is that version 8 sendmail | doesn't use frozen configuration files. While Eric's way of doing things works, I reccomend asking your systems manager to look at installing procmail as the Mlocal agent. Its easy to do, and provides everyone with procmail support without needing a .forward. (Procmail is a mail processing agent that allows you to sort your mail based on criterion of your choice.) Adam From merriman at metronet.com Mon Sep 19 17:56:28 1994 From: merriman at metronet.com (David K. Merriman) Date: Mon, 19 Sep 94 17:56:28 PDT Subject: Such a Sweetie Pie Message-ID: <199409200055.AA29129@metronet.com> >Sandy: > > It was nothing. > [What a Nice Guy (tm)] > > @ @ @ @ > @ @ > @ ~ ~ @ > . * * . > . \/ . > . . . . > . . . . . . > . . > . . . >Blanc >(please, no more!) > > Will you two cool it? You're getting my monitor fogged up :-) (or at least take it off the C'punks list - you're scaring my cats :-) Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From pierre at shell.portal.com Mon Sep 19 18:32:40 1994 From: pierre at shell.portal.com (Pierre Uszynski) Date: Mon, 19 Sep 94 18:32:40 PDT Subject: art encryption... Message-ID: <199409200132.SAA19126@jobe.shell.portal.com> > From: Lile Elam > > [...] a way an artist can insure a viewer that the art > they are viewing is really that of the artist, the artist can *sign* their > art with their private key and others can check it with their public key. The problem is that's pretty much all that can be done so far: The viewer can *verfify* that the copy is a full un-molested copy of what the artist released, or for physical works, maybe that the object being scanned *is* the original object (maybe). But for pictures released in bitmap form, and then lossily compressed, cropped, scaled, dithered, and whatnot, the (ahem) authenticity of the copy can't be checked anymore. At least not if the signature was, for example, a signed message digest as has been mentioned. Message digests, in the form we now know them, do not resist lossy compression and such injury. That's what they are designed for. So, in particular, a magazine can still take a signed copy of a picture, creatively modify it slightly, and print it claiming this is original work by somebody else. In this case, the printing process itself is most likely enough to dispell any hope of recomputing the same message digest. Handling this case relies back on conventional evidence and juries. Other formats such as CAD drawings, text, and pictures in primitive forms (such as Postscript), and source and binary code, are susceptible to more: It is possible to hide some identifying info in them. But they also are susceptible to mechanical modification (lossless in terms of the "artwork", but lossy in terms of the steganography.) For example, by rewriting "for the same functionality" mechanically or manually. For a mechanical translation, the plaintiff may now have to identify which mechanical process was used before, maybe, having a case again (in addition of conventional legal wranglings). What would be ideal in all these cases is a steganographic process that would map to the whole as much as to the parts. Fractal steganography. In the case of architectural drawings, a signature of the original architects would be embedded in small sets of dimensions, in small sets of proportions, in ways the CAD language is used, in the background details of artwork, in the text included in drawings as well as in CAD files comments and variable names... etc... In summary in sufficiently numerous and different places that mechanical modification, or even extensive manual rework could still forget some instances of the signature. The signature still has to be specific enough to identify certainly the author, as opposed to being attributable to random luck (as in DNA matching). This means this signature requires a rather large number of bits (fewer if the signatures are registered precisely and provably before the works are released), but still enough bits that it is not so easy to hide many of them (depending on the medium: rather hard in text, rather easy in complex pictures.) The signature becomes part of the picture, it is not an afterthought anymore. Fractal message digests, whose verifiability would degrade gracefully as the original is more and more mutilated, would serve the same purpose for verification (you could check that a decompressed, cropped part of a picture is really from the artist who fractally signed the whole.) Conceivably it would be the same if the part was printed in weird colors or something: "some" of it still "is" from the same artist. But, for legal issues, how would that be different from copyright registration? Doesn't copyright registration rely on the same principle: a set of jurors will determine what the chance is that this is the same work or not. This just provides tools to fortify a court case. Enough ramblings :-) I'll stop now, Pierre pierre at shell.portal.com From cactus at bb.com Mon Sep 19 18:46:11 1994 From: cactus at bb.com (L. Todd Masco) Date: Mon, 19 Sep 94 18:46:11 PDT Subject: Nice little privacy threat... Message-ID: <199409200151.VAA13741@bb.com> Just a little tidbit for the privacy-paranoid among us. I live in NYC, while my father, H. L. Masco, MD, lives in Florida. My dad's never lived in NYC, and I've never forwarded mail from his address to mine... in fact, I haven't forwarded anything from his address since before I left Pittsburgh. I just got a mailing from Harry & David that included a pre-printed list of folks from "my" last year's orders so I could repeat order this year. They were my father's orders from last year. Masco isn't that common a surname, so I have to wonder how often this is going to happen to people with more common surnames. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From jya at pipeline.com Mon Sep 19 19:45:24 1994 From: jya at pipeline.com (John Young) Date: Mon, 19 Sep 94 19:45:24 PDT Subject: art encryption... Message-ID: <199409200244.WAA17957@pipe1.pipeline.com> Responding to msg by pierre at shell.portal.com (Pierre Uszynski) on Mon, 19 Sep 6:32 PM > >What would be ideal in all these cases is a >steganographic process that would map to the whole as >much as to the parts. Fractal steganography. In the >case of architectural drawings, a signature of the >original architects would be embedded in small sets of >dimensions, in small sets of proportions, in ways the >CAD language is used, in the background details of >artwork, in the text included in drawings as well as in >CAD files comments and variable names... etc... In >summary in sufficiently numerous and different places >that mechanical modification, or even extensive manual >rework could still forget some instances of the >signature. [Snip] >But, for legal issues, how would that be different from >copyright registration? Doesn't copyright registration >rely on the same principle: a set of jurors will >determine what the chance is that >this is the same work or not. This just provides tools >to fortify a court case. Pierre, The fractal steganography sounds promising. Is this yours or has it been done? The need for authentic sigs on architectural and engineering drawings is not merely aesthetic. Right now municipal agencies will not accept digital documents because of the lack of verifiable authorship to establish responsibility, and liability, for the health and safety of the design and construction. Hard copy with original seal is required to prevent unauthorized manipulation. Beyond copyright protection, architectural and engineering documents are means to guide actual construction, rather than end products like paintings and drawings in the art world. If there could be a way for buildings themselves to convey authenticity, say, that they are healthy and safe, by a kind decryption by the public that could help prevent concealment of shoddy construction. It's not the drawings that assure safety but field verification of the end result that construction work was done right. What a great help if a building could convey its own message of authenticity about its fitness and safety for habitation and use. That might keep us architects more honest. Probably a long shot that your fractal idea could be stretched this far, but it is certainly needed in the flim flam world of New York City real estate where deception about building safety and health is all too common. Any other thoughts? John From klbarrus at owlnet.rice.edu Mon Sep 19 19:53:14 1994 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Mon, 19 Sep 94 19:53:14 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <35l8lv$6g9@bb.com> Message-ID: <9409200251.AA17232@snowy.owlnet.rice.edu> L. Todd Masco wrote: >Could you send me what you've done on this? I think it's a desirable >feature to have, though requiring that people hack their sendmail.cfs >is not a big boost to the "popularity of package" indicator. You can find this file at the gopher site (chaos.bsu.edu) in the Misc directory, as "Sendmail and + in addressing". Or something like that, the Misc directory will be reorganized soon, and the file name may change. Also, I split Tim's large FAQ into 20 chapters and placed it in FAQs/Cypherpunks/Cyphernomicon, if that makes it easier for some people to digest ;) -- Karl L. Barrus: klbarrus at owlnet.rice.edu 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 "One man's mnemonic is another man's cryptography" - K. Cooper From karn at qualcomm.com Mon Sep 19 20:05:16 1994 From: karn at qualcomm.com (Phil Karn) Date: Mon, 19 Sep 94 20:05:16 PDT Subject: [CyberCash Media hype] In-Reply-To: <9409191413.ZM8723@wiley.sydney.sgi.com> Message-ID: <199409200305.UAA00155@servo.qualcomm.com> Perhaps the saying "security through obscurity doesn't work" should be amended to say "security that depends on the secrecy of anything that cannot be easily changed doesn't work". In most cases, cryptographic keys are far more easily changed than cryptographic algorithms. That's why it's bad to rely on the secrecy of an algorithm, but okay to rely on the secrecy of a key. Phil From nobody at kaiwan.com Mon Sep 19 20:29:34 1994 From: nobody at kaiwan.com (Anonymous) Date: Mon, 19 Sep 94 20:29:34 PDT Subject: On the crime bill and remailersRe: On the crime bill and remailers Message-ID: <199409200329.UAA07612@kaiwan.kaiwan.com> Mr. Unicorn is rude and uninformed. He will go far. 1) The act does not make it a per se offense to have a remailer. 2) The act makes it an offense to aid a terrorist. 3) Query: is there a scienter requirement in (2)? [for the sake of simplicity, we will ignore the fact that there are scienter requirements in a related part of the bill already, and use Mr. Unicorn's hypothetical of no explicit requirement of scienter] 3a) There must be a scienter requirement to avoid turning the proscription in (2) into either (i) a per se offense, excluded by (1), or (ii) a violation of due process. 3b) Query: why would it be a violation of due process to have a ban on unknowingly aiding terrorists in the manner Mr. Unicorn wishes to read the satute? An analogy will make the point. Suppose the act concerned restaurant regulation, and made it an offence to "feed" a terrorist. Carlos walks into your joint in disguise, orders and duly consumes ham on rye. What verdict? Courts will do what it takes to say not guilty, whether via due process, the rule of leniency, or statutory construction. N.B. these problems could be cured, and due process observed, by finding a duty to make enquiry or imputing a negligence standard of some sort, but we do not see any hint of this in the statute. 4) Aha! you say, but terrorism is different from nice law abiding restaurants, and we brave c'punkers that we are, are on the Edge, not like the honest sandwitchman. The courts will not give us any breaks. Alas, there is the case of Ratzlaf v. United States, 114 S.Ct. 655 (1994) [summary quoted below], in which the Supreme Court imputed a scienter requirement into a money laundering statute which on its face required no such scienter at all. 5) QED. (As for others who are as quick to damn as to praise...watch your cholestorol!) //QUOTING-- SYLLABUS: As here relevant, federal law requires a domestic bank involved in a cash transaction exceeding $ 10,000 to file a report with the Secretary of the Treasury, 31 U.S.C.  5313(a), 31 CFR  103.22(a); makes it illegal to "structure" a transaction -- i.e., to break up a single transaction above the reporting threshold into two or more separate transactions -- "for the purpose of evading the reporting requirement," 31 U.S.C.  5324(3); and sets out criminal penalties for "[a] person willfully violating" the antistructuring provision,  5322(a). After the judge at petitioner Waldemar Ratzlaf's trial on charges of violating  5322(a) and 5324(3) instructed the jury that the Government had to prove both that the defendant knew of the  5313(a) reporting obligation and that he attempted to evade that obligation, but did not have to prove that he knew the structuring in which he engaged was unlawful, Ratzlaf was convicted, fined, and sentenced to prison. In affirming, the Court of Appeals upheld the trial court's construction of the legislation. Held: To give effect to  5322(a)'s "willfulness" requirement, the Government must prove that the defendant acted with knowledge that the structuring he or she undertook was unlawful, not simply that the defendant's purpose was to circumvent a bank's reporting obligation. Section 5324 itself forbids structuring with a "purpose of evading the [ 5313(a)] reporting requirements," and the lower courts erred in treating the "willfulness" requirement essentially as words of no consequence. Viewing  5322(a) and 5324(3) in light of the complex of provisions in which they are embedded, it is significant that the omnibus "willfulness" requirement, when applied to other provisions in the same statutory subchapter, consistently has been read by the Courts of Appeals to require both knowledge of the reporting requirement and a specific intent to commit the crime or to disobey the law. The "willfulness" requirement must be construed the same way each time it is called into play. Because currency structuring is not inevitably nefarious, this Court is unpersuaded by the United States' argument that structuring is so obviously "evil" or inherently "bad" that the "willfulness" requirement is satisfied irrespective of the defendant's knowledge of the illegality of structuring. The interpretation adopted in this case does not dishonor the venerable principle that ignorance of the law generally is no defense to a criminal charge, for Congress may decree otherwise in particular contexts, and has done so in the present instance. Pp. 5-15. 976 F.2d 1280, reversed and remanded. JUDGES: GINSBURG, J., delivered the opinion of the Court, in which STEVENS, SCALIA, KENNEDY, and SOUTER, JJ., joined. BLACKMUN, J., filed a dissenting opinion, in which REHNQUIST, C. J., and O'CONNOR and THOMAS, JJ., joined. //END QUOTE----------- SOLONg From klbarrus at owlnet.rice.edu Mon Sep 19 20:38:11 1994 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Mon, 19 Sep 94 20:38:11 PDT Subject: REMAIL: scripts Message-ID: <9409200337.AA23633@snowy.owlnet.rice.edu> Recently, somebody mentioned writing scripts to assist in using the remailers (I deleted the message and can't remember who it was). I used to keep a remailer list, and generated simple unix Bourne shell scripts and DOS batch files to do exactly this; however, I'm cleaning up my account and now defer to superior products: (Matt Ghio's and Raph Levien's remailer lists are better, and Hal Finney's chain program is more functional than the scripts). But, if they may be of some use to somebody, I just made available the various PERL scripts, makefiles, etc. I once used to generate the above mentioned scripts. It is available via anonymous ftp at chaos.bsu.edu in pub/cypherpunks/incoming as klb.scripts.tar.gz. The remailer data file included is fairly old and will need updating if somebody wants to toy with the scripts, etc. -- Karl L. Barrus: klbarrus at owlnet.rice.edu 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 "One man's mnemonic is another man's cryptography" - K. Cooper From hughes at ah.com Mon Sep 19 21:15:20 1994 From: hughes at ah.com (Eric Hughes) Date: Mon, 19 Sep 94 21:15:20 PDT Subject: Sendmail hacking (was (fwd) "Will You Be a Terrorist?") In-Reply-To: <199409200053.UAA03564@bwh.harvard.edu> Message-ID: <9409200337.AA16269@ah.com> While Eric's way of doing things works, I reccomend asking your systems manager to look at installing procmail as the Mlocal agent. This is good advice, for different reasons. I do realize that the stated reasons in the little tutorial were for mail sorting, but I really worked it out for remailer addressing. Installing procmail for local delivery does make filtering easier. The idea is that I could, for example, take an address, for example hughes+SOLONg at ah.com, which is really addressed to someone else, and map it in my own mail filter, at the user level, to the real recipient. This address is a real first class address, not just a comment in an address field, and is guaranteed to work wherever email is supported. Now as far as politics go, I wrote that tutorial in such a way that you could give it to your sysadmin and have them do the work. The "explanation" at the beginning is a prepackaged excuse for why you want it. ;-> Eric From JOHNKC at ids.net Mon Sep 19 21:55:58 1994 From: JOHNKC at ids.net (JOHNKC) Date: Mon, 19 Sep 94 21:55:58 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <9409200251.AA17232@snowy.owlnet.rice.edu> Message-ID: WHAT IS THE FTP ADDRESS??????????????? On Mon, 19 Sep 1994, Karl Lui Barrus wrote: > L. Todd Masco wrote: > >Could you send me what you've done on this? I think it's a desirable > >feature to have, though requiring that people hack their sendmail.cfs > >is not a big boost to the "popularity of package" indicator. > > You can find this file at the gopher site (chaos.bsu.edu) in the Misc > directory, as "Sendmail and + in addressing". Or something like that, > the Misc directory will be reorganized soon, and the file name may > change. > > Also, I split Tim's large FAQ into 20 chapters and placed it in > FAQs/Cypherpunks/Cyphernomicon, if that makes it easier for some > people to digest ;) > > -- > Karl L. Barrus: klbarrus at owlnet.rice.edu > 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 > 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 > "One man's mnemonic is another man's cryptography" - K. Cooper > From tcmay at netcom.com Mon Sep 19 22:29:16 1994 From: tcmay at netcom.com (Timothy C. May) Date: Mon, 19 Sep 94 22:29:16 PDT Subject: Location of FAQ at Karl's Site In-Reply-To: Message-ID: <199409200527.WAA28208@netcom4.netcom.com> JOHNKC wrote: > > WHAT IS THE FTP ADDRESS??????????????? > > > You can find this file at the gopher site (chaos.bsu.edu) in the Misc > > directory, as "Sendmail and + in addressing". Or something like that, > > the Misc directory will be reorganized soon, and the file name may > > change. > > > > Also, I split Tim's large FAQ into 20 chapters and placed it in > > FAQs/Cypherpunks/Cyphernomicon, if that makes it easier for some > > people to digest ;) I first want to thank Karl Barrus for making my Cyphernomicon FAQ available in separate chapters. And to answer question raised above by JOHNKC, either of the following will get you to Karl's files (I found them by gopher, but anonymous ftp showed various files, but nothing obvious to me as the files that gopher showed...but I didn't look too hard): gopher chaos.bsu.edu ftp chaos.bsu.edu --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From karn at qualcomm.com Mon Sep 19 22:45:12 1994 From: karn at qualcomm.com (Phil Karn) Date: Mon, 19 Sep 94 22:45:12 PDT Subject: Copyright enforcement through crypto In-Reply-To: Message-ID: <199409200545.WAA00256@servo.qualcomm.com> >I'd like to explore the technical problems of enforcing copyright >restrictions through encryption and custom viewing software. This job is pretty much unsolvable in the long run, because you have to give all your secrets (algorithms and keys) to your "enemy". You can slow him down a bit, but eventually he'll reverse engineer the system -- especially if it runs on general purpose computer hardware. It may be difficult, but it only needs to be done once because the results can be quickly and widely disseminated in the underground. Even without breaking the system per se, legitimate users will figure out ways to copy its decrypted output and give it to their friends. >Obviously, the goal would be to get really good copyright material on >the net, like first run movies, when we have the bandwidth. Why is this necessary? Many cable TV systems already carry considerable amounts of copyright material despite having very weak scrambling systems. Even a strong system such as Videocipher II+, which is based on the physical security of custom hardware, can still have its output recorded and duplicated. Many cable companies openly welcome VCR users -- they know it increases the appeal of the service. What the photocopy machine started and the VCR moved into high gear, the computer and the network will probably finish. As John Perry Barlow puts it, "Copyright is dead". It's not a matter of whether copyright is morally right or wrong. It is simply going to become utterly unenforceable -- like it or not. Instead of trying to patch it we should find workable alternatives to replace its role in compensating authors for their efforts. Phil From blancw at pylon.com Mon Sep 19 23:27:21 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Mon, 19 Sep 94 23:27:21 PDT Subject: Virtual Liability and Lethal Arguments Message-ID: <199409200626.XAA27603@deepthought.pylon.com> Responding to msg by Jim Hart: >What about liability of non designers for failing to >make changes? What about liability of people who use >fallacious moralistic arguments and use coercion to >stop changes? ................................................................. .......... You don't really have a problem with that, do you? :>) There are no expectations placed on non-designers to come up with anything of any practical use to society, therefore they have no responsibility or liability, as no one takes them very seriously. People who put up blocks to progress and improvement (not merely 'changes' per se) are suffering from a sense of loss of control over their existence, and should be sent to a hospital to recuperate from their psychic wounds. (Actually, I think that this wouldn't become such a big problem if, for one thing, everyone had a clear understanding & appreciation of the concept of "property", what that constitutes, and what that means in terms of the liberty to affect things in the world around us.) Blanc From pierre at shell.portal.com Tue Sep 20 00:53:06 1994 From: pierre at shell.portal.com (Pierre Uszynski) Date: Tue, 20 Sep 94 00:53:06 PDT Subject: art encryption... Message-ID: <199409200752.AAA24218@jobe.shell.portal.com> > From: John Young > > Responding to msg by pierre at shell.portal.com (Pierre Uszynski) > on Mon, 19 Sep 6:32 PM > > >What would be ideal in all these cases is a > >steganographic process that would map to the whole as > >much as to the parts. Fractal steganography. > > The fractal steganography sounds promising. Is this yours or > has it been done? Let me reassure you: I have never heard the idea seriously explored before, and I'm not certain it leads anywhere really useful (as in satisfying from a security point of view.) Mostly, though, the interest in crypto has been so far toward standard message digests made to detect *any* tampering with the message. On the other hand, there has been work on ad-hoc steganographic marks with the purpose of tracking leaks and dumb or hurried copyright violators, and in that case it is useful to keep in mind: no point in protecting only the whole, or only some parts. Still, nothing close to what I described that I know of (I have no read yet about the work at one of the bell labs :-) on marks in text for leak tracking.) Again, as I pointed out, there must be serious tradeoffs in implementations of the idea, to the point where I don't know if it is realizable, or useful. And so far, art signature ideas have been fairly limited and not really explored to their conclusion. Besides, I'm in the "copyright is dead" camp, and for artwork I would tend to put value in physical objects (whether single original, or editions intrinsically limited because of the process). An electronic copy is an electronic copy is an electronic copy. There is value in timeliness too, and that's the main incentive for new ideas and work. Especially nowadays, being there first has value in itself, we don't need legislation to prop that up. I am however interested in such robust message digest ideas in an information retrieval context: How do you index documents without deciding in advance what the retrieval will be based on: words, parts of speech, lines, sentences, paragraphs, digest, exact, approximate, phonetic, relevance feedback... The whole or the part. See also the recent announcement about an NSA product to match similar texts without prior knowledge of topic or even language (as claimed). > The need for authentic sigs on architectural and engineering > drawings is not merely aesthetic. Right now municipal agencies > will not accept digital documents because of the lack of > verifiable authorship to establish responsibility, and > liability, for the health and safety of the design and > construction. Hard copy with original seal is required to > prevent unauthorized manipulation. In this case, a signed message digest would do just fine. If the agency really wants paper, they can have a seal on a form with a printed public key. They can verify that the signature and digest match when the drawing is first delivered, and that's it. No unauthorized manipulation can happen and not be detected (if the drawing digest is checked before the drawing is used.) And the author need not be allowed to repudiate a signature on old drawings. If he destroys the private key after having used it on a project, no new drawings can be filed that fit the same published public key either. So that should do it. Date-stamping is relatively well understood too. > Beyond copyright protection, architectural and engineering > documents are means to guide actual construction, rather than > end products like paintings and drawings in the art world. Actually, they only wish the painting was the end product. Instead it can get ripped off, copied, changed, printed, appropriated in many ways. > If there could be a way for buildings themselves to convey > authenticity, say, that they are healthy and safe, by a kind > decryption by the public that could help prevent concealment of > shoddy construction. It's not the drawings that assure safety > but field verification of the end result that construction work > was done right. > > What a great help if a building could convey its own message of > authenticity about its fitness and safety for habitation and > use. > [...] > Any other thoughts? Yes, we are nowhere close to that, but it's fun to think about it. However, "healthy and safe" is not an authenticity problem. Whether a building is an original or a copy is, so, maybe, is whether the building is according to drawing or not. "Healthy and safe" is very subjective, especially in an over-regulated society where "meeting the code" is essentially impossible. So "healthy and safe" is a certificate granted by an agency that can be duped and/or is lazy and/or has other agenda^H^H^H^H^H^H priorities. (:-) what's the plural for agenda ?) A building according to drawing need not be "healthy and safe". Finally (and then I'll stop, promised) verifying a message digest relies on the verifier having access to at least all that needs to be verified. And only what is available can be verified, of course. So shoddy construction is unlikely to become verifiable because it is hidden from whoever would have done something about it. Transparent finances and more efficient use of reputation may help you more. Pierre. pierre at shell.portal.com From frissell at panix.com Tue Sep 20 03:55:06 1994 From: frissell at panix.com (Duncan Frissell) Date: Tue, 20 Sep 94 03:55:06 PDT Subject: (fwd) "Will You Be a Terrorist?" Message-ID: <199409201054.AA01140@panix.com> At 01:53 PM 9/17/94 -0700, Timothy C. May wrote: >(In this interpretation, the remailers that many of us have talked >about, designed, written software, run on our systems, etc., could be >considered to be part of a conspiracy, should Bidzos, Mykotronx, >ClariNet, the Feds, etc., choose to focus on remailers as "a >continuing criminal enterprise.") But we designed and deployed the remailers not as part of a criminal enterprise but in an attempt to *generally* protect privacy. We may also have wanted to weaken some of the control measures inherent in the TCP/IP protocols. The TCP/IP protocols are *not* a government. It is legal to weaken them. Additionally, federal courts have explicitly held that anonymous communications (and anonymous associations) are protected by the First Amendment. No US Attorney is going to be interested in the sort of messy political case that would be involved in remailer prosecutions. What we are doing in any case is more like sedition than a normal criminal conspiracy. The Feds have only brought two sedition cases in this century (WWII isolationists and white supremicists in the 1980s) and didn't do too well. Sedition cases are real hard to win because in order to prove intent to overthrow the government you have to prove some realistic capabilities. Like Professor Crampton said when he saw my "Fuck the State" button in 1971 -- "That would be a rather large job, wouldn't it?" DCF From usura at xs4all.nl Tue Sep 20 04:43:18 1994 From: usura at xs4all.nl (Alex de Joode) Date: Tue, 20 Sep 94 04:43:18 PDT Subject: (fwd) "Will You Be a Terrorist?" Message-ID: <199409201143.AA00236@xs1.xs4all.nl> In article <199409201054.AA01140 at panix.com> DFC did write: : >(In this interpretation, the remailers that many of us have talked : >about, designed, written software, run on our systems, etc., could be : >considered to be part of a conspiracy, should Bidzos, Mykotronx, : >ClariNet, the Feds, etc., choose to focus on remailers as "a : >continuing criminal enterprise.") : But we designed and deployed the remailers not as part of a criminal : enterprise but in an attempt to *generally* protect privacy. We may also : have wanted to weaken some of the control measures inherent in the TCP/IP : protocols. : No US Attorney is going to be interested in the sort of messy political case : that would be involved in remailer prosecutions. Please keep in mind that the US jurisdiction doen't cover the whole earth. (There is life outside the US) -- ____ Alex de Joode \ /__ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- \/ / "It's dangerous to be right when the government is wrong." \/ --Voltaire --finger usura at xs4all.nl for PGPpublicKEY-- From rah at shipwright.com Tue Sep 20 05:16:15 1994 From: rah at shipwright.com (Robert Hettinga) Date: Tue, 20 Sep 94 05:16:15 PDT Subject: On the crime bill and remailers Message-ID: <199409201215.IAA26391@zork.tiac.net> At 8:29 PM 9/19/94 -0700, Anonymous wrote: >(As for others who are as quick to damn as to praise...watch your >cholestorol!) Ah. Yes. Well. I seem to have been fried, now. I'd better stand back a bit. This looks like it's going to be interesting. I may even learn something... >SOLONg Cheers, Bob Hettinga ----------------- Robert Hettinga (rah at shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923 From frissell at panix.com Tue Sep 20 05:52:30 1994 From: frissell at panix.com (Duncan Frissell) Date: Tue, 20 Sep 94 05:52:30 PDT Subject: (fwd) "Will You Be a Terrorist?" Message-ID: <199409201252.AA15697@panix.com> At 01:43 PM 9/20/94 +0200, Alex de Joode wrote: >Please keep in mind that the US jurisdiction doen't cover the whole earth. > >(There is life outside the US) I am well aware of that and, in fact, intend to expat myself. I was merely responding to Tim and others who were writing about the legal risks remailers face in the US under RICO, The Crime Bill, etc. I know foreign laws differ. It would be interesting for those in other jurisdictions to comment about how *their* rulers might view anonymous communications and strong crypto. DCF ************************************************************************* ATMs, Contracting Out, Digital Switching, Downsizing, EDI, Fax, Fedex, Home Workers, Internet, Just In Time, Leasing, Mail Receiving, Phone Cards, Quants, Securitization, Temping, Voice Mail. From jeffb at sware.com Tue Sep 20 06:10:31 1994 From: jeffb at sware.com (Jeff Barber) Date: Tue, 20 Sep 94 06:10:31 PDT Subject: Unicorn?? Message-ID: <9409201306.AA15776@wombat.sware.com> Black Unicorn writes: [ spelling errors, usage errors, grammatical errors, ill-reasoned arguments... ] This is not the same Black Unicorn we knew last spring. Has someone hijacked his account? Regardless of whether you agreed with his points, Unicorn always "spoke" eloquently and carefully, and with a distinctive style that has not been present in the posts emanating from this account in the last week or two. Uni's reputation is being rapidly squandered. Could this be Detweiler's revenge? -- Jeff From cpsr at access.digex.net Tue Sep 20 06:31:04 1994 From: cpsr at access.digex.net (David Banisar) Date: Tue, 20 Sep 94 06:31:04 PDT Subject: Patient Privacy at Risk (FWD) Message-ID: <9409200930.AA07362@Hacker2.cpsr.digex.net> Fwd from the Coalition for Patient Rights (CPRMA at aol.com) Alert Patient Privacy at Risk Contact the ACLU The ACLU appears on a list of endorsers of the Wofford/Dodd amendment which amends one of the Senate health care reform bills. Major portions of W/D would have a severely adverse impact on the confidentiality of medical records. Although W/D has been rendered partly obsolete as newer health care reform bills are advanced under new names and new coalitions, many of its principal features remain intact in the new bills. It has become a reference point. It is for this reason that the signature of the ACLU on a list of endorsers of W/D (on a document entitled "Wofford/Dodd Fact Sheet") is so troubling and so damaging. The amendment creates federal standards for the disclosure of personally identifiable health care information and establishes a framework for a national health care data network. On the surface, the goals seem good. Who wouldn't be for establishing strict federal guidelines to ensure privacy where none existed before? For that matter, why not support a data network that would allow a treating physician to have immediate access to all pertinent medical information? Clearly we have to look beyond the advertisement and into the details of the bills for the answers to these questions. For example, in Sec. 508(a) of Mitchell 3 (the bill offered by the Senate majority leader), the "health information network service" is made the agent of the provider. This means that once a third party bureaucratic agency receives the information electronically, it is deemed the same as the health care provider in making decisions about the release of the information. Sensitive medical information, including intimate psychological information, would be available electronically to an increasing number of people legally--not to mention the well-documented risks of illegal access. Among those with enhanced access would be law enforcement officials and government agencies. Even researchers could access personally identifiable health information, if an institutional review board holds that the project is "of sufficient importance to outweigh the intrusion into the privacy of the person who is the subject of the information." The patient has no right to refuse such disclosure even though it includes his or her name. There are many examples of person-identified medical information, including sensitive personal information, that have been shared with health care providers with the expectation of privacy that would now be legally accessible to many third parties. The argument is made that this kind of access already exists, so why not codify it. The logic is faulty. It is true we already have serious problems protecting the privacy of medical records in this country. Legally sanctioning medical access to an ever enlarging list of third parties is not the solution. It will only compound an already serious problem. A compelling argument has been made that the establishment of a national health care data network that requires all providers to disclose information about every patient contact would violate the Fourth Amendment's prohibition of "unreasonable searches and seizures" of the person. Many organizations have raised serious concerns about Wofford/Dodd, including the American Psychiatric Association, the American Psychoanalytic Association, Coalition for Patient Rights, National Organization of Women, and the AIDS Action Council. We hope that the ACLU joins us in support of genuine privacy legislation. We hope that there was an error when it appeared on a short list of supporters of Wofford/Dodd (June 10, 1994) Call your state chapter of the ACLU. It is listed as Civil Liberties Union of (your state) in the white pages. Let them know of your concern.If possible, also fax Laura Murphy Lee at the ACLU in Washington (202-546-0738) and let her know your concern regarding the position of the ACLU in supporting W/D. This alert is provided by the Coalition for Patient Rights, Massachusetts (617, 433-0114). From perry at imsi.com Tue Sep 20 07:06:14 1994 From: perry at imsi.com (Perry E. Metzger) Date: Tue, 20 Sep 94 07:06:14 PDT Subject: Public key/3DES datastream software over WAN Bastions In-Reply-To: Message-ID: <9409201405.AA10436@snark.imsi.com> The IETF's IPSEC working group is specifying a security protocol for use at the IP layer called IPSP that should provide the encrypted link portion of what you want. A implementation of an earlier experimental standard called swIPe is widely available. The idea behind these things is to encrypt all your IP packets so the higher layers can assume security to some extent... .pm Stephen D. Williams says: > Has anyone produced software (preferably Unix based) that provides > a public key authenticated, DES/3DES encrypted datastream over WAN > firewalls/bastions? > > A typical use would be to connect transaction feeds between two data > centers in a secure, automated way over Internet. > > I can't see anything conceptually difficult with it, and it seems the > PGP library could be used to create simple Unix daemons. > > sdw > -- > Stephen D. Williams Local Internet Gateway Co.; SDW Systems 510 503-9227APag er > LIG dev./sales Internet: sdw at lig.net In Bay Area Aug94-Feb95!!! > OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 > Internet Consulting ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W wor k > Newbie Notice: > I speak for LIGCo., CCI, myself, and no one else, regardless of > where it is convenient to post from or thru. From unicorn at access.digex.net Tue Sep 20 07:08:52 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Tue, 20 Sep 94 07:08:52 PDT Subject: Unicorn?? In-Reply-To: <9409201306.AA15776@wombat.sware.com> Message-ID: <199409201408.AA16923@access1.digex.net> Jeff Barber scripsit > > Black Unicorn writes: > > [ spelling errors, usage errors, grammatical errors, ill-reasoned > arguments... ] > > This is not the same Black Unicorn we knew last spring. Has someone > hijacked his account? Regardless of whether you agreed with his > points, Unicorn always "spoke" eloquently and carefully, and with a > distinctive style that has not been present in the posts emanating > from this account in the last week or two. Uni's reputation is being > rapidly squandered. Could this be Detweiler's revenge? > No it was the long stay in the Baltics that did it to me. > > -- Jeff > -- 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From jgostin at eternal.pha.pa.us Tue Sep 20 07:23:06 1994 From: jgostin at eternal.pha.pa.us (Jeff Gostin) Date: Tue, 20 Sep 94 07:23:06 PDT Subject: FOUR TIMES AROUND THE WHEEL Message-ID: <940919230724I0jjgostin@eternal.pha.pa.us> Sandy Sandfort writes: > Today is my birthday. I've circled the Chinese zodiac four > times--from Year of the Dog 1946, to Year of the Dog 1992. Happy Birthday to ya!! Here's wishing for many more!! :-) --jeff PS: How'd that PRZ get-together work out? -- ====== ====== +----------------jgostin at eternal.pha.pa.us----------------+ == == | The new, improved, environmentally safe, bigger, better,| == == -= | faster, hypo-allergenic, AND politically correct .sig. | ==== ====== | Now with a new fresh lemon scent! | PGP Key Available +---------------------------------------------------------+ From unicorn at access.digex.net Tue Sep 20 07:39:04 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Tue, 20 Sep 94 07:39:04 PDT Subject: On the crime bill and remailers In-Reply-To: <199409200329.UAA07612@kaiwan.kaiwan.com> Message-ID: <199409201438.AA18252@access1.digex.net> Anonymous scripsit > > Mr. Unicorn is rude and uninformed. He will go far. Anonymous must be a Baker & Botts associate. > > 1) The act does not make it a per se offense to have a remailer. > > 2) The act makes it an offense to aid a terrorist. > > 3) Query: is there a scienter requirement in (2)? 4) Query: and if so how will it be diluted by the investigation requirements in the act? > > [for the sake of simplicity, we will ignore the fact that there are > scienter requirements in a related part of the bill already, and use Mr. > Unicorn's hypothetical of no explicit requirement of scienter] 1> Please point these out. 2> Please show the connection between related parts of the bill and the offense definition. (I was at a loss to make such a connection, have I missed something?) > 3a) There must be a scienter requirement to avoid turning the > proscription in (2) into either (i) a per se offense, excluded by > (1), or (ii) a violation of due process. By refering back to (1) here you are assuming that which is to be proven: It is not a per se offense to run a remailer because that would violate your premise that is it not a per se offense to run a remailer. Or is your premise based on some other reference? Instead you might ask how the statute will be read in the context of the differing language between the investigation threshold requirement and the definition of offense. Why would one mention intent so explicitly and the other ignore it? Did congress anticipate the difficulty of showing intent in this type of prosecution and structure the act accordingly? This would be my argument as a prosecuter. > 3b) Query: why would it be a violation of due process to > have a ban on unknowingly aiding terrorists in the manner Mr. Unicorn > wishes to read the satute? Ah, but the counter to this arguement (obviously structured well into the statute) is that there will never be any investigation into the offense without resonable facts to suggest intent. (This is the killjoy to the due process arguement.) > An analogy will make the point. Suppose the act concerned restaurant > regulation, and made it an offence to "feed" a terrorist. Carlos walks > into your joint in disguise, orders and duly consumes ham on rye. What > verdict? Courts will do what it takes to say not guilty, whether via due > process, the rule of leniency, or statutory construction. You rely on the construction tending to constitutionality here, but it is equally valid to construct the statute as meeting the due process requirement via the investagatory intent requirement. This was my entire point. Given the difference in the requirements between allowing investigation and definition of offense, there is a basic imbalance in the act. Why? Accident, poor drafting? Intent? > N.B. these problems could be cured, and due process observed, by finding a > duty to make enquiry or imputing a negligence standard of some sort, but > we do not see any hint of this in the statute. Exactly. So why are they not? Why is this never mentioned. I can only believe that the structure of the statute is intended to provide this arguement as a loophole. I'm not paranoid enough to want to claim that this is to peg remailer operators specifically, (duh) but what are the implications for a very soft offense definition in a federal crime bill? > 4) Aha! you say, but terrorism is different from nice law abiding > restaurants, and we brave c'punkers that we are, are on the Edge, > not like the honest sandwitchman. The courts will not give us > any breaks. Alas, there is the case of Ratzlaf v. United States, > 114 S.Ct. 655 (1994) [summary quoted below], in which the Supreme > Court imputed a scienter requirement into a money laundering > statute which on its face required no such scienter at all. I have not had time to look at 31 USC 5324(3) in detail with reference to this problem. Nor have I looked at the case. At first glance it looks promising, but I remain a skeptic. It is too tempting to use the language in the investigatory intent requirement to dismiss the arguements you make. I must admit to being impressed at this reference however. I may be eating crow soon. > 5) QED. > (As for others who are as quick to damn as to praise...watch your > cholestorol!) I eat Sausage McMuffins with egg every morning. > //QUOTING-- > SYLLABUS: > time it is called into play. Because currency structuring is not > inevitably nefarious, this Court is unpersuaded by the United > States' argument that structuring is so obviously "evil" or > inherently "bad" that the "willfulness" requirement is satisfied > irrespective of the defendant's knowledge of the illegality of > structuring. In any event, this is the real key here. What do you think a judge will find encrypted remailing rates on the "nefarious" scale? In context I think it will be quite harsh. Especially given the very nature of the act, (to avoid detection of one thing or another). I believe anonymous remailers have some use. But they are so targeted to prevent GOVERNMENT observation and intercepts, that they just plain look bad. This would be the key distinction in such a case from Raztlaf. All a judge has to do to throw out this entire argument is find that encrypted, traffic analysis foiling, anonymous remailers are more nefarious than currency structuring. Given the (lack of) public exposure to the technology, what do YOU think this ruling will turn out to be, especially if the only real legitimate argument for why remailers are legitimate rests on more libertarian grounds. > > SOLONg > Impressed with your research skills, not quite convinced with your argument. -uni- (Dark) -- 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From talon57 at well.sf.ca.us Tue Sep 20 08:29:40 1994 From: talon57 at well.sf.ca.us (Brian D Williams) Date: Tue, 20 Sep 94 08:29:40 PDT Subject: American Survival Guide Message-ID: <199409201529.IAA20567@well.sf.ca.us> -----BEGIN PGP SIGNED MESSAGE----- Stanton McCandlish writes: >Oct. issue of _American_Survival_ has an article called "Clipper >Inside". >Dunno anything else about it, might be good, might suck rocks. CLIPPER INSIDE "CLinton's Orwellian plan to bug every compute,telephone,and fax... * Does a fair job on clipper. * mentions Matt Blaze's paper but gets it wrong. * does a side blurb on the EFF. * does another side blurb on PGP. * mentions Digital Telephony but doesn't mention EFF/FBI collaboration. * essentially very Anti-clipper * picture on page 46 alone worth the price of admission hehe... Typical issue, even better is the article "Liberalism as a form of codependency." Even better was last month's article "Make mine a Shotgun!" Brian Williams Extropian Cypherpatriot "Cryptocosmology: Sufficently advanced communication is indistinguishable from noise." --Steve Witham "Have you ever had your phones tapped by the government? YOU WILL and the company that'll bring it to you.... AT&T" --James Speth -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLn79rlmp8FjpRfTVAQFgEAP+JMxaoOGcn9/nbCDwFCuSHuEmYf0ljI8I /HCkLmOOTOooVi0mLgQrSfFUA7DvwV/N9IwqkY6Th4l2Q1jw8MmOThShzL/RpRND sl/VJTbbhV/z0rdbHB2yc/DU10bBvrpQZyI0fVS5g/uouKsYEXoj0TB3ytXwo/aI dedfaVwGQOc= =+8W5 -----END PGP SIGNATURE----- From hfinney at shell.portal.com Tue Sep 20 08:31:41 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 20 Sep 94 08:31:41 PDT Subject: On the crime bill and remailers In-Reply-To: <199409200329.UAA07612@kaiwan.kaiwan.com> Message-ID: <199409201531.IAA03350@jobe.shell.portal.com> SOLONg discusses the "scienter" requirement in various laws. I believe this refers to the legal requirement that you know you are breaking the law in order to be breaking the law (so to speak). The export restrictions we discuss so much here also have this requirement. If you drive across the border with your pickup truck full of ammunition, the government has to prove that you knew it was illegal to do so in order to convict you. Presumably this implies that if you mail RIPEM to your buddy in England you would only be breaking the law if you knew about the legal restrictions. It would be interesting to see how the government goes about proving this knowledge if they ever bring an ITAR case. Does this also suggest that our discussions about the legalities of crypto export are harmful because they could take away a possible defense of ignorance on the part of some list reader who is the victim of an ITAR prosecution? Perhaps this is really a case where "ignorance is bliss." Hal From hfinney at shell.portal.com Tue Sep 20 08:45:20 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 20 Sep 94 08:45:20 PDT Subject: On the crime bill and remailers In-Reply-To: <199409201438.AA18252@access1.digex.net> Message-ID: <199409201544.IAA04102@jobe.shell.portal.com> Black Unicorn writes: >I believe anonymous >remailers have some use. But they are so targeted to prevent GOVERNMENT >observation and intercepts, that they just plain look bad. I strongly disagree with this. Anonymous remailers as presently constructed will be almost completely ineffective against any significant government attempts to surveil email traffic. The government does have the resources today to defeat most uses of remailers. Since present-day remailers lack padding features, the correspondence between incoming and outgoing messages, even with encryption, is relatively easy to establish. This is made worse by the lack of general support for reordering, which renders the task almost trivial. Instead, anonymous remailers are clearly targetted against non-government traffic analysis, generally local associates, system operators, employers, supervisors, and so on. They allow people to communicate without repercussions and retribution at work or at school. They let people exchange email in an insecure environment while hiding both the message address and its contents. They allow whistle blowers to expose malfeasance without being punished. These are the kinds of things the remailers are good for. Claims here that remailers are designed to support sedition or to prevent government surveillance are both wrong and harmful. This kind of material could show up at some future prosecution of a remailer operator. It is important that we understand clearly what the capabilities and limitations of current remailers are. Hal From hughes at ah.com Tue Sep 20 09:34:28 1994 From: hughes at ah.com (Eric Hughes) Date: Tue, 20 Sep 94 09:34:28 PDT Subject: On the crime bill and remailers In-Reply-To: <199409201544.IAA04102@jobe.shell.portal.com> Message-ID: <9409201556.AA17067@ah.com> Black Unicorn writes: >But they are so targeted to prevent GOVERNMENT >observation and intercepts, that they just plain look bad. I strongly disagree with this. Anonymous remailers as presently constructed will be almost completely ineffective against any significant government attempts to surveil email traffic. Is this the national security part of government, or the law enforcement part of government? Certainly the national security apparatus has the technical means to defeat the current remailers, but does the FBI or (even more unlikely) the local cops? True, the FBI could ask for a data tap on the connections to a remailer, but they would have to know how to do it, first, and in any case it would be very expensive. Compatible remailers spanning the globe could be argued evidence of an attempt to thwart law enforcement access by internationalization. Certainly remailers hinder law enforcement, if not actually prevent it. And in the end, it's a court that decides, not a military tribunal. Uni's argument is worth examining and does not fall down on its face. Eric From mmarkley at microsoft.com Tue Sep 20 10:20:23 1994 From: mmarkley at microsoft.com (Mike Markley) Date: Tue, 20 Sep 94 10:20:23 PDT Subject: On the crime bill and remailers Message-ID: <9409201721.AA18820@netmail2.microsoft.com> Hal writes: | | Black Unicorn writes: | >I believe anonymous | >remailers have some use. But they are so targeted to prevent GOVERNMENT | >observation and intercepts, that they just plain look bad. | | I strongly disagree with this. Anonymous remailers as presently constructed | will be almost completely ineffective against any significant government | attempts to surveil email traffic. The government does have the resources | today to defeat most uses of remailers. Since present-day remailers lack | padding features, the correspondence between incoming and outgoing messages, | even with encryption, is relatively easy to establish. This is made worse | by the lack of general support for reordering, which renders the task | almost trivial. | | Instead, anonymous remailers are clearly targetted against non-government | traffic analysis, generally local associates, system operators, employers, | supervisors, and so on. They allow people to communicate without | repercussions and retribution at work or at school. They let people exchange | email in an insecure environment while hiding both the message address and | its contents. They allow whistle blowers to expose malfeasance without | being punished. These are the kinds of things the remailers are good for. | | Claims here that remailers are designed to support sedition or to | prevent government surveillance are both wrong and harmful. This kind | of material could show up at some future prosecution of a remailer | operator. It is important that we understand clearly what the capabilities | and limitations of current remailers are. | | Hal | Why not make distributed remailers then? You could set up a chain using either mail or ftp or ? that would take all messages and fragment them into nice 1K blocks and then either mail or otherwise transport the blocks to other physical machines, these machines would then follow the imbedded instructions on how to reassemble the blocks into a coherent message and mail it out. Admittedly there is no sure fire method to prevent someone from monitoring all of the traffic generated but it should be possible to generate so much traffic that just wading through the volume would take more time than is practical. Also by encrypting all packets going between remailers and making the packets uniform sizes should help make monitoring more difficult. I'm not sure that I'm worried about the government monitoring my communications as much as I'm worried about individuals with bad intentions monitoring my communications. Mike. ===================================================== Mike Markley I'm not a Microsoft spokesperson. All opinions expressed here are mine. ===================================================== From tcmay at netcom.com Tue Sep 20 10:28:06 1994 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 20 Sep 94 10:28:06 PDT Subject: Laws Outside the U.S. In-Reply-To: <199409201252.AA15697@panix.com> Message-ID: <199409201721.KAA03135@netcom10.netcom.com> > At 01:43 PM 9/20/94 +0200, Alex de Joode wrote: > > >Please keep in mind that the US jurisdiction doen't cover the whole earth. > > > >(There is life outside the US) > > I am well aware of that and, in fact, intend to expat myself. I was merely > responding to Tim and others who were writing about the legal risks > remailers face in the US under RICO, The Crime Bill, etc. I know foreign > laws differ. > > It would be interesting for those in other jurisdictions to comment about > how *their* rulers might view anonymous communications and strong crypto. I heartily agree with Duncan here! There has been very little said by the good residents of France, Germany, Sweden, Holland, Italy, etc. about just what the crypto-related laws of their countries are. Lots of clucking about U.S. policy, followed by "And the U.S. is not the whole world" comments, but very little about, for example, the Dutch Binnenlandse Veiligheids Dienst (BVD) is targetting crypto users, or how, for example, the German Bundesnachrichtendienst (BND) is pushing for constitutional limits on speech in Germany. I for one would like to hear the discussion about what _other_ countries are doing. Rishab Ghosh has written some about what India is doing, but not too much. My hunch is that most of the Western nations are looking for policy guidance to Washington, and that whatever laws the U.S. adopts as part of Clipper-Key Escrow-Digital Telephony-Antiterrorism-Tracking will be adopted in a similar form by the EC and other countries. (The recent or upcoming conference on international issues in key escrow, whose agenda was posted a while back, is indicative of this.) So, I appreciate that some of our European readers may be tired of hearing about U.S. policy or proposed laws, but the proper solution is _competing speech_. That is, give us something new to talk about. Tell us about what *your* country is doing. Tell us about any laws limiting what kind of modems can be hooked up to your PTTs, as a concrete example. Tell us about the raids on BBSs in Italy. Tell us about the rumor that the Netherlands plans to ban unapproved crypto. Tell us about Chobetsu, the Japanese NSA. We and the NSA are all ears. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From TOMJEFFERSON at delphi.com Tue Sep 20 10:34:56 1994 From: TOMJEFFERSON at delphi.com (TOMJEFFERSON at delphi.com) Date: Tue, 20 Sep 94 10:34:56 PDT Subject: Scienter and all that stuff Message-ID: <01HHC569OIIA8X5D5V@delphi.com> Re. "Scienter" and all that stuff. Not being handicapped by a legal education, let me tell you how I believe it really is: The facts and the law only matter when the government doesn't have a hard on for you. If the government wants to get you [and, perhaps, if you're not a millionaire "sports figure"] it will get you. The crime bill just makes the task a bit easier. Example 1: Branch Davidians were sentenced to long prison terms for possessing weapons during commission of a crime, even though they were acquitted of the crime they were accused of committing while being in possession of the weapons. Example 2: The jury brought in the "wrong" verdict for the L.A. cops who beat Rodney King, so the feds just stepped in and tried 'em again. The constitutional prohibition against trying people twice for the same crime didn't bother the feds a bit. I know, I know, they were convicted of "violating the civil rights of". What's the difference? Pardon me for my lack of respect for the system. It went out the window when a bunch of drug cops broke into my 71 year old father's apartment by mistake and beat him unconscious for objecting. Outside of F. Lee Bailey's circle, cops and courts can basically do what they want, ignore your protests, and *get away with it*. The only difference between a "crip" and a cop is the color of the uniform.  From tcmay at netcom.com Tue Sep 20 10:44:26 1994 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 20 Sep 94 10:44:26 PDT Subject: On the crime bill and remailers In-Reply-To: <199409201544.IAA04102@jobe.shell.portal.com> Message-ID: <199409201740.KAA05008@netcom10.netcom.com> I agree with Hal Finney's point that current remailers are far from the "ideal mix" described by Chaum and are basically not very good at what they are supposed to do. > I strongly disagree with this. Anonymous remailers as presently constructed > will be almost completely ineffective against any significant government > attempts to surveil email traffic. The government does have the resources > today to defeat most uses of remailers. Since present-day remailers lack > padding features, the correspondence between incoming and outgoing messages, > even with encryption, is relatively easy to establish. This is made worse > by the lack of general support for reordering, which renders the task > almost trivial. Most remailers would not hold up to even fairly simple input-output analysis, let alone surveillance of the whole set of remailers. (I often think that in cryptanalysis of remailers we are roughly at the 1930s level of ciphermaking, where "Gee, it looks pretty complicated to me....I can't see any way to break it, so it must be secure" reasoning substituted for detailed mathematical or information-theoretic analysis.) > Instead, anonymous remailers are clearly targetted against non-government > traffic analysis, generally local associates, system operators, employers, > supervisors, and so on. They allow people to communicate without > repercussions and retribution at work or at school. They let people exchange > email in an insecure environment while hiding both the message address and > its contents. They allow whistle blowers to expose malfeasance without > being punished. These are the kinds of things the remailers are good for. These are what Julf- or Cypherpunks-style remailers are presently good for, but the goals of getting hundreds of remailers out there with much-improved mix characteristics is certainly intended to provide security against a more formidable adversary than the local sysop. > Claims here that remailers are designed to support sedition or to > prevent government surveillance are both wrong and harmful. This kind > of material could show up at some future prosecution of a remailer > operator. It is important that we understand clearly what the capabilities > and limitations of current remailers are. Well, Hal is certainly entitled to his view. I strongly support ideal mixes as a tool for obtaining increased freedom from coercive governments (whether in Burma/Myanmar or in the U.S.), and hence view government surveillors as the chief adversary, not the local sysop. Is this "wrong and harmful"? Maybe. This is why I brought up the "supporting terrorists" language of the Crime Act. Free speech ain't what it used to be. But maybe it will be again, with our help. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From doug at OpenMind.com Tue Sep 20 10:55:49 1994 From: doug at OpenMind.com (Doug Cutrell) Date: Tue, 20 Sep 94 10:55:49 PDT Subject: Social dynamics and remailers Message-ID: Blanc Weber makes many excellent comments and raises good questions in the post titled "Re: Virtual assasins and lethal remailers" dated 9/18/94. I would summarize the gist of that post as questioning the value or even possibility of attempting to predict social dynamics. Today, Hal Finney writes: >Anonymous remailers as presently constructed >will be almost completely ineffective against any significant government >attempts to surveil email traffic.... >...Instead, anonymous remailers are clearly targetted against non-government >traffic analysis, generally local associates, system operators, employers, >supervisors, and so on. I think that here is an excellent example of how a consideration of social dynamics can lead to suggestions for action today. Even if we cannot really hope to control or predict the reactions of society, this shouldn't excuse us from doing what we can. In this particular case, Hal points out that it is really the relative insecurity of remailers today which makes them unthreatening to the government and society at large. If cypherpunks successfully deployed a network of remailers which used message padding, message reordering, etc. so that they were secure against even government level monitoring, then we could expect to see the government/society to become quite alarmed by them and attempt to regulate and control them... probably successfully. Anonymous remailers certainly are useful and valuable even in their current form. I perceive that many cypherpunks would not question the assumption that making them even more secure would obviously be a desirable thing. Yet it might be precisely this course of action which would most quickly lead to the rapid imposition of controls on their use. Doug ___________________________________________________________________ Doug Cutrell General Partner doug at OpenMind.com Open Mind, Santa Cruz =================================================================== From roy at viewgraphics.com Tue Sep 20 11:10:36 1994 From: roy at viewgraphics.com (Roy Franz) Date: Tue, 20 Sep 94 11:10:36 PDT Subject: art encryption... Message-ID: <9409201800.AA12283@viewgraphics.com> While I was at the NAB (National Association of Broadcasters) show last year, I came across a company in the radio hall that had developed a way to mark audio so that if it was copied, it could be traced back to its original source. Sampling has made this a significant problem in the recording information. The person that I talked to did not say or seem to know much about the actual process used, but claimed that the signature could withstand sampling and manipulation. I don't remember the name of the company, but I think the name started with cyrpto Roy From matsb at sos.sll.se Tue Sep 20 11:45:12 1994 From: matsb at sos.sll.se (Mats Bergstrom) Date: Tue, 20 Sep 94 11:45:12 PDT Subject: Other jurisdictions In-Reply-To: <199409201252.AA15697@panix.com> Message-ID: Duncan Frissell wrote: > It would be interesting for those in other jurisdictions to comment about > how *their* rulers might view anonymous communications and strong crypto. In Sweden there has been no public discussion at all. Well, there was a TV news item a month ago about GSM (not how this, compared to older in-the-clear protocols, could strengthen privacy - of course - but how GSM could be used by Terrorists and Drug Dealers). A representative of a leading Swedish GSM provider was interviewed; he said that there was no tapping abilities built into their system but that it would cost a mere $1.000.000 in software development to fix it (and obviously, if legislation a la DTB would be forthcoming, he would happily implement it - if someone else paid the bill). My general impression is that a semi-secret committee is following the situation in the US very closely. If GAK comes true over at your side of the Atlantic we would probably follow in a year or so. Then there is the tragedy of the European Community. Sweden might very well join next year, depending on the outcome of a referendum due in two months. And the leading politruks will not take a no for a no but pull some tricks and offer new referendums until they get what they want - more personal power and fat-paying seats in Brussels - like they did in Denmark - and the propaganda, paid for by the government, in favor of joining the United States of Europe is so strong that we might vote yes in the first place (a stable majority against joining seems to be declining rapidly). The rectification of Europe is against everything a crypto anarchist stands for: French-style bureaucracy, German-style standardization, a huge increase in the number of laws and regulations (down to the shapes of cucumbers and %meat in sausages) - and loss of opportunities for the politically uncorrect to hide in other juris- dictions. If Sweden falls, so does Finland for sure, and possibly Norway. So in a few years the legitimacy of anon.penet.fi might very well be decided by the huge cancer-bureaucracy in Brussels. As for the present legal situation in Sweden - nobody seems to know. The only net.lawyer I ever heard of here is working for the SPA. The few computer related trials have dealt with software piracy. Oh, years ago a Fido BBS user (message-writer) was fined for degrading remarks on some minority - we have laws against group-libel. The most obvious change regarding privacy if we join the EC will be the status of 'public' information. In Sweden every citizen has a right to know all information, about anybody, stored in most national and other public registers. This is not so in EC. Some say that the EC way gives more privacy. I say (I think...) that as long as the stored information is public the politruks dare not make the registered information too detailed or otherwise offensive. Mats From chen at intuit.com Tue Sep 20 12:01:01 1994 From: chen at intuit.com (Mark Chen) Date: Tue, 20 Sep 94 12:01:01 PDT Subject: Scienter and all that stuff In-Reply-To: <01HHC569OIIA8X5D5V@delphi.com> Message-ID: <9409201859.AA00254@doom.intuit.com> > The facts and the law only matter when the government doesn't have > a hard on for you. If the government wants to get you [and, perhaps, > if you're not a millionaire "sports figure"] it will get you. The > crime bill just makes the task a bit easier. This is quite accurate. Howard Zinn makes the same point in _Declarations of Independence_. He describes an incident during the '60s when a group of black civil rights demonstrators approached him and asked if they would be within their legal rights conducting a demonstration on a public street. Zinn responded that they would be, but that their legal rights were irrelevant; the police would arrest them anyway. After citing a number of such examples, he concludes that law is made not by legislators and judges, but by the policman's club. - Mark - -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From sdw at lig.net Tue Sep 20 12:07:54 1994 From: sdw at lig.net (Stephen D. Williams) Date: Tue, 20 Sep 94 12:07:54 PDT Subject: Copyright enforcement through crypto In-Reply-To: <199409200545.WAA00256@servo.qualcomm.com> Message-ID: Yesyes, you're preaching to the choir. I want information to be free too, etc. It just occurred to me that by tying the decryption to a time server and sending both the timebased key and a complete algorithm to a general purpose engine that you might get something somewhat effective. To give an example: 12 years ago I worked in a computer store that sold Atari computers. I learned to program on my Atari 400, cassete, Basic, assembly, etc. I used to have fun 'breaking' the copy protection on game floppies. There were some sophisticated methods that a number of companies used, but I could eventually disassemble and follow the code and patch it. (Blue Max was the hardest I cracked: 5 stage load, several multi-sector-with-same-number-same-track protections, and executing code merged from two such sectors). The one disk that I couldn't crack (and I still have it) was the ABC Basic compiler. The compiler was compiled with itself. Since the assembly was just a general purpose engine, I had to follow the p-code/tokenized Basic all over the place. I could never keep track of it long enough to solve it. If an algorithm is only good for a perticular copy of a document and only for a short time, the theoretical possibility of cracking it becomes harder. I want to explore what aspects can be solved and what can't. Obviously you can always take a picture of the screen, possibly capture data in the window/operating system, etc. But, with a modifed X, unmodified OS, etc., how close can you get. > > >I'd like to explore the technical problems of enforcing copyright > >restrictions through encryption and custom viewing software. > > This job is pretty much unsolvable in the long run, because you have > to give all your secrets (algorithms and keys) to your "enemy". You > can slow him down a bit, but eventually he'll reverse engineer the > system -- especially if it runs on general purpose computer hardware. Unless each document uses it's own key and randomly selected algorithm(s) and needs online access. > It may be difficult, but it only needs to be done once because the > results can be quickly and widely disseminated in the underground. > Even without breaking the system per se, legitimate users will figure > out ways to copy its decrypted output and give it to their friends. Of course, that's always a problem, unless things are priced per use so that it's more attractive to pay. > > >Obviously, the goal would be to get really good copyright material on > >the net, like first run movies, when we have the bandwidth. > > Why is this necessary? Many cable TV systems already carry > considerable amounts of copyright material despite having very weak > scrambling systems. Even a strong system such as Videocipher II+, Of course, I didn't say it was necessary... Just musing how effective it would be. > What the photocopy machine started and the VCR moved into high gear, > the computer and the network will probably finish. As John Perry > Barlow puts it, "Copyright is dead". It's not a matter of whether > copyright is morally right or wrong. It is simply going to become > utterly unenforceable -- like it or not. Instead of trying to patch it > we should find workable alternatives to replace its role in > compensating authors for their efforts. I agree. > Phil Come on guys, I don't post that much, but you need to crank up your Devil's Advocate detectors. Geesh, doesn't anyone like a good argument anymore? :-() sdw -- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 510 503-9227APager LIG dev./sales Internet: sdw at lig.net In Bay Area Aug94-Feb95!!! OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Internet Consulting ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Newbie Notice: I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru. From nobody at kaiwan.com Tue Sep 20 13:24:21 1994 From: nobody at kaiwan.com (Anonymous) Date: Tue, 20 Sep 94 13:24:21 PDT Subject: On the crime bill and remailers Message-ID: <199409202022.NAA12284@kaiwan.kaiwan.com> >From: Black Unicorn >Subject: Re: On the crime bill and remailers > >Anonymous must be a Baker & Botts associate. Now that's funny. >> 1) The act does not make it a per se offense to have a remailer. Below it is asked whether this is assertion or assumption. Neither. It is obvious. If the act wished to make running a remailer a per se offense it would simply say so. It doesn't say anything like that. [...much deleted. Time preses and this is unpaid...e$ anyone?...] > >Instead you might ask how the statute will be read in the context of the >differing language between the investigation threshold requirement and >the definition of offense. Why would one mention intent so explicitly >and the other ignore it? Did congress anticipate the difficulty of >showing intent in this type of prosecution and structure the act >accordingly? This would be my argument as a prosecuter. This argument is not frivolous. But I doubt it would work, particularly since the counterweight is constitutional due process. > >> 3b) Query: why would it be a violation of due process to >> have a ban on unknowingly aiding terrorists in the manner Mr. Unicorn >> wishes to read the satute? > >Ah, but the counter to this arguement (obviously structured well into the >statute) is that there will never be any investigation into the offense >without resonable facts to suggest intent. (This is the killjoy to the >due process arguement.) This won't work either. First, it is not "obviously structured well into the" badly drafted statute. Second, a limit on investigations does not in this world of police and prosecutorial discretion operate as a meaningful, or even mesurable, limit on prosecutions. Suppose the police get information in the course of a separeate investigation? Suppose they are following Carlos and see him go into your resturant? [...] > >You rely on the construction tending to constitutionality here, but it is >equally valid to construct the statute as meeting the due process >requirement via the investagatory intent requirement. This was my entire I disagree completely. See above. >point. Given the difference in the requirements between allowing >investigation and definition of offense, there is a basic imbalance in >the act. Why? Accident, poor drafting? Intent? Neither. A guess, and only that: the investigation limit (which I would argue is uneforceable) is intended as a signal to cops/sop to civil libertarrians that the act should not start witch hunts. > >> N.B. these problems could be cured, and due process observed, by finding a >> duty to make enquiry or imputing a negligence standard of some sort, but >> we do not see any hint of this in the statute. > >Exactly. So why are they not? Why is this never mentioned. I can only stupid drafters is the most likely explanation >believe that the structure of the statute is intended to provide this >arguement as a loophole. I'm not paranoid enough to want to claim that >this is to peg remailer operators specifically, (duh) but what are the >implications for a very soft offense definition in a federal crime bill? Standard operating procedure these days. Hmmm...maybe a literal-minded court is not so bad? [...] >> Ratzlaf v. United States, >> 114 S.Ct. 655 (1994) [summary quoted below], in which the Supreme >> Court imputed a scienter requirement into a money laundering >> statute which on its face required no such scienter at all. > >I have not had time to look at 31 USC 5324(3) in detail with reference to >this problem. Nor have I looked at the case. At first glance it looks >promising, but I remain a skeptic. It is too tempting to use the >language in the investigatory intent requirement to dismiss the >arguements you make. > I disagree. Intent from investigation won't cure the due process problem. Intent -- at a minimum in the sense of knowingly committing the act of aiding a terrorist, not necessarily in the sense of knowing that it is illegal to do so -- must be read into the offence itself. Only a very, very clear statutory command to the contrary would suffice to avoid this reading -- and then we have pretty much created a per se offense of running an open remailer since it is impossible to know who you are dealing with. I might add that I believe it would be a violation of the First Amendment to make running a remailer a per se offense, but that's not required for the argument [...] > >> //QUOTING-- >> SYLLABUS: > >> time it is called into play. Because currency structuring is not >> inevitably nefarious, this Court is unpersuaded by the United >> States' argument that structuring is so obviously "evil" or >> inherently "bad" that the "willfulness" requirement is satisfied >> irrespective of the defendant's knowledge of the illegality of >> structuring. > >In any event, this is the real key here. What do you think a judge will >find encrypted remailing rates on the "nefarious" scale? In context I >think it will be quite harsh. Especially given the very nature of the Given the importance of money laundering to drug deals, and the 1st Amendment aspect of remailing, I rate it at least a tie or better. [...] Since we are now being civil, I should note that the Ratzlaf case has been criticized by almost every commentator as wrongly -- even insanely -- decided, and I tend to agree with the critiques. Nevertheless, the decision is of a piece with other odd, hyper literal, statutory construction cases in the past two years and the odds are it will be followed. SOLONg From cactus at bb.com Tue Sep 20 13:32:42 1994 From: cactus at bb.com (L. Todd Masco) Date: Tue, 20 Sep 94 13:32:42 PDT Subject: Scienter and all that stuff In-Reply-To: <9409201859.AA00254@doom.intuit.com> Message-ID: <35nh2h$37i@bb.com> In article <9409201859.AA00254 at doom.intuit.com>, Mark Chen wrote: >> The facts and the law only matter when the government doesn't have >> a hard on for you. If the government wants to get you [and, perhaps, >> if you're not a millionaire "sports figure"] it will get you. The >> crime bill just makes the task a bit easier. > >This is quite accurate. Howard Zinn makes the same point in >_Declarations of Independence_. Where does Steve Jackson fit into this theory? I don't think it's nearly as black & white as you suggest: Our systems are not monolithic and some consitutional and democratic principles do still have some sway. Noam Chomsky discusses this when he talks about reasons for optimism. Which is not to belittle the orginal point that we have reason to be paranoid: it's just to say that we don't have total justification for despair, either. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From cme at tis.com Tue Sep 20 13:45:34 1994 From: cme at tis.com (Carl Ellison) Date: Tue, 20 Sep 94 13:45:34 PDT Subject: any CP going to the International Cryptography Institute this week? Message-ID: <9409202042.AA08336@tis.com> I have the program in front of me and it looks ominous. - Carl From chen at intuit.com Tue Sep 20 14:28:58 1994 From: chen at intuit.com (Mark Chen) Date: Tue, 20 Sep 94 14:28:58 PDT Subject: Scienter and all that stuff Message-ID: <9409202128.AA01299@doom.intuit.com> > In article <9409201859.AA00254 at doom.intuit.com>, > Mark Chen wrote: > >> The facts and the law only matter when the government doesn't have > >> a hard on for you. If the government wants to get you [and, perhaps, > >> if you're not a millionaire "sports figure"] it will get you. The > >> crime bill just makes the task a bit easier. > > > >This is quite accurate. Howard Zinn makes the same point in > >_Declarations of Independence_. > > Where does Steve Jackson fit into this theory? > > I don't think it's nearly as black & white as you suggest: Our systems > are not monolithic and some consitutional and democratic principles do > still have some sway. Noam Chomsky discusses this when he talks about > reasons for optimism. > > Which is not to belittle the orginal point that we have reason to be > paranoid: it's just to say that we don't have total justification for > despair, either. Yes, it's often easy to identify a single piece of the overall dynamic and use it to account for everything that happens. I'm only saying that legal guarantees are not necessarily the last word about what the government can and can't do to you. Chomsky's optimism (as you know) doesn't stem so much from a faith that our legal system will one day start working properly, as from a faith that people are capable of evolving - an outlook that you and I seem to share, but that many on this list don't. - Mark - -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From jya at pipeline.com Tue Sep 20 14:46:47 1994 From: jya at pipeline.com (John Young) Date: Tue, 20 Sep 94 14:46:47 PDT Subject: On the crime bill and remailers Message-ID: <199409202145.RAA29477@pipe1.pipeline.com> Responding to msg by tcmay at netcom.com (Timothy C. May) on Tue, 20 Sep 10:40 AM >I agree with Hal Finney's point that current remailers >are far from the "ideal mix" described by Chaum and >are basically not very good at what they are supposed >to do. [Snip] >[Hal says] >> Claims here that remailers are designed to support sedition or to >> prevent government surveillance are both wrong and harmful. This kind >> of material could show up at some future prosecution of a remailer >> operator. [Snip] [Tim says] >Maybe. This is why I brought up the "supporting >terrorists" language of the Crime Act. Hal and Tim point to the vulnerability of the person running the remailer to being threatened through the equipment owner (like John Perry's recent experience) or squeezed by government agents into playing along with surveillors. This isolation and elimination (or co-optation) of a target has worked again and again to destroy networks once they become serious threats to law and order. Hal's warning is wisely heeded until all the remailer beneficiaries are bear an equal share of the risks of being charged a "supporting terrorist". John From jim at acm.org Tue Sep 20 14:48:09 1994 From: jim at acm.org (Jim Gillogly) Date: Tue, 20 Sep 94 14:48:09 PDT Subject: any CP going to the International Cryptography Institute this week? In-Reply-To: <9409202042.AA08336@tis.com> Message-ID: <9409202112.AA17883@mycroft.rand.org> > Carl Ellison writes: > I have the program in front of me and it looks ominous. Here's a soft copy. At least you can say it appears to present a consistent point of view. That should be good for the keynote speakers, Mr. Freeh and Mr. Gore. (The soft copy shows Mr. Glickman as the other keynote; a hardcopy in front of me here shows Mr. Gore --I don't know which is more recent.) $595 tuition -- that's more than Crypto '94, eh? Jim Gillogly Mersday, 29 Halimath S.R. 1994, 21:07 ___________________________________________________________________________ From: denning at guvax.acc.georgetown.edu (Dorothy E. Denning) Newsgroups: talk.politics.crypto,sci.crypt,comp.security.misc Subject: International Cryptography Institute Message-Id: <1994Jul28.151412.11542 at guvax> Date: 28 Jul 94 15:14:11 -0500 Distribution: world Organization: Georgetown University Lines: 186 International Cryptography Institute 1994: Global Challenges September 22-23, 1994 Ritz Carlton, Washington, DC Presented by The National Intellectual Property Law Institute The International Cryptography Institute will focus on problems and challenges associated with the use of cryptography within nations and for international communications. The Institute will address such questions as: What are the different national policies and regulations governing cryptography and how might these evolve? What cryptographic technologies are on the market in different countries, what is being used, and what is it being used for? What problems is cryptography causing law enforcement? What are the requirements of businesses and other organizations? What are the new trends in cryptography and what will be their impact on society? What efforts are leading toward an international cryptography framework? The Institute is for government officials, industry leaders, policy makers and analysts, researchers, and users of cryptographic technologies. Program September 22 8:45-9:00 Opening Remarks Dorothy E. Denning, Chair of Program James Chandler, President, National Intellectual Property Law Institute 9:00-9:30 The Challenges of International Crytography Edward J. O'Malley, The OSO Group 9:30-10:00 Cryptography in the European Community Christopher E. Sundt, ICL Secure Systems 10:00-10:30 Cryptography in the German Governmental Area Ansgar Heuser, BSI 10:30-10:45 Break 10:45-11:15 Cryptography in Belgium Els Lemmens, Belgian Office for Scientific, Technical and Cultural Affairs 11:15-11:45 The Use of Cryptography in Singapore Kwok-Yan Lam, National University of Singapore Seow-Hiong Goh, John Yong, National Computer Board 11:45-12:15 An Australian and South-East Asian View of Cryptography William J. Caelli, Queensland University of Technology 12:15-1:45 Lunch with Keynote The Honorable Dan Glickman, U.S. House of Representatives (invited) 1:45-2:15 GSM: Security for World-Wide Mobil Radio Charles B. Brookston, British Telecomm 2:15-2:45 International Exchange of Digital Signatures in a Diversified World Jean-Jacques Quisquater, University of Louvain 2:45-3:15 Creating Global Cryptographic Infrastructures Sead Muftic, Stockholm University 3:15-3:30 Break 3:30-4:00 An International Cryptography Framework Keith S. Klemba and Jim Schindler, Hewlett-Packard Co. 4:00-4:30 Experiments in International Cryptography and Software Key Escrow Stephen T. Walker, Trusted Information Systems, Inc. 4:30-5:00 International Escrowed Encryption Dorothy E. Denning, Georgetown University John Droge, Mykotronx, Inc. 5:00-6:00 Reception September 23 9:00-9:30 U.S. Government Cryptography Policy Michael R. Nelson, Office of Science and Technology Policy 9:30-10:00 Domestic Regulation of the Exportation of Cryptography James Chandler, National Intellectual Property Law Institute 10:00-10:30 Sue E. Eckert, U.S. Department of Commerce 10:30-10:45 Break 10:45-11:30 Rose Biancaniello, U.S. Department of State (invited) 11:30-12:00 World-Wide Availability of Cryptography Products David Balenson, Trusted Information Systems, Inc. 12:00-1:30 Lunch with Keynote Louis J. Freeh, Director, Federal Bureau of Investigation (invited) 1:30-2:45 International Regulation of Cryptography James Chandler, National Intellectual Property Law Institute Mark King, Communications-Electronics Security Group, United Kingdom Alexander Patijn, Ministry of Justice, The Netherlands William Wolfowicz, Fondazione Ugo Bordoni 2:45-3:00 Break 3:00-4:00 Cryptography in the Financial Industry Mr. Mitsuru Iwamura, The Bank of Japan Dr. Victor Panchenko, SignalRox, Russia (invited) others TBA - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Hotel and Registration A limited block of rooms has been reserved at The Ritz Carlton Hotel at a special conference rate of $225 per night. Reservations can be made by calling or writing The Ritz Carlton Hotel, 2100 Massachusetts Ave., N.W., Washington, DC 20008, 202-293-2100. Rooms have also been reserved at the Ramada Plaza Hotel at the special rate of $89. Reservations can be made by calling or writing The Ramada Plaza Hotel, 10 Thomas Circle, N.W., Washington, DC 20005, 202-842-1300. Tuition is $595, $300 for government & academic, and $150 for students. Payment includes all course study materials and attendance at all sessions of the course, two lunches, and a cocktail reception. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Registration Form For International Cryptography Institute Name: Firm: Address: Phone: Payment (check one) __ Check payable to The National Intellectual Property Law Institute __ MasterCard __ VISA Card #: Expiration Date: Signature: Registration by Fax: 800-304-MIND Phone: 300-301-MIND Mail Registration with payment to: The National Intellectual Property Law Institute 1350 Eye Street, N.W., Suite 820, Washington, DC 20005 Phone: 202-962-9494 ___________________________________________________________________________ From usura at vox.xs4all.nl Tue Sep 20 14:48:51 1994 From: usura at vox.xs4all.nl (Alex de Joode) Date: Tue, 20 Sep 94 14:48:51 PDT Subject: Laws Outside the U.S. Message-ID: <0ZZysc1w165w@vox.xs4all.nl> tcmay at netcom.com (Timothy C. May) writes: : > It would be interesting for those in other jurisdictions to comment about : > how *their* rulers might view anonymous communications and strong crypto. : : I heartily agree with Duncan here! There has been very little said by : the good residents of France, Germany, Sweden, Holland, Italy, etc. : about just what the crypto-related laws of their countries are. [..] : So, I appreciate that some of our European readers may be tired of : hearing about U.S. policy or proposed laws, but the proper solution is : _competing speech_. That is, give us something new to talk about. Tell : us about what *your* country is doing. Tell us about any laws limiting : what kind of modems can be hooked up to your PTTs, as a concrete : example. Tell us about the raids on BBSs in Italy. Tell us about the : rumor that the Netherlands plans to ban unapproved crypto. There was a draft for a proposal for a law that would have outlawed crypto in the Netherlands. It would only be legal to use crypto if you had deposited the KEYs and if you had received a license. The use, trade and possesion of crypto was forbidden. It would be illegal (to dutch law) to have cryptosoftware available at some ftp-site (somewhere in the world) that would be accesable from the Netherlands (really!). (laws and enforcement of those laws are two -totally- different things in Holland :)) The draft was revoked, due to the huge amount of protest', the good thing is that we are in the proces of founding the dutch equivelant of the EFF: "de db.nl". -- Some loose thoughts any comments ? -- There are basicly four scenario's that a state can follow to regulate crypto: - outlaw it totally This was the path Holland choose briefly. - key depositing This is what the US is trying to do with Clipper et al. - try to develop a standart This is what the US did with DES and is trying to do now with Clipper. - do nothing The most prosperous scenario. Crypto use will boom, but lawenforcement agencies will be deprived from a useful tool, they can't bug phones any more. That will hinder their investigations but advancements in hardware/software could balance that: it is more easy to localise phonecalls, bugging equipment has become smaller and more powerful. Lawenforcement agencies have computerised databases that can link fingerprints, names etc in near "real-time". Large scale use of crypto could balance out some of the recent advancements in information technology that have given them a clear edge. -- Exit! Stage Left. Alex de Joode From TJHARDIN at delphi.com Tue Sep 20 15:19:28 1994 From: TJHARDIN at delphi.com (TJHARDIN at delphi.com) Date: Tue, 20 Sep 94 15:19:28 PDT Subject: Virtual assasins and lethal rema Message-ID: <01HHCF4EB8TU98F1A7@delphi.com> Adam is absolutely right. A somewhat similar case comes to mind that happened a few years back. Remember the SOF contract cases? Ads for "high risk employment" were placed in SOF by hired killers & employers responded to mail drops. Although not as anonymous as what we are discussing, interception of those communications did not break those cases. It was good old fashioned police work combined with mistakes on the part of employers & employees. Only after the case was pretty well solved was the method of hiring revealed (by suspects talking.) SOF paid a big civil judgement & agreed to stop running personal employment adverts. Even if a killer is so anonymous that she can't be linked to a given crime by the employer who will talk 99.9% of the time any pressure is applied, she must still continue to accept various contracts. The police would then set up one of their stings & "hire" her anonymously for another job & snatch the killer up when she attempts to fullfill this contract. Likewise, the very first offer of employment may well be of this sort. All of this presupposes that there are still some police around, which I kinda hope they aren't. They have rarely been around when I needed them & with all the moraline addicts they have to fix they don't have time for real crimes against person & property anymore. tjh pgp261 available From jamesd at netcom.com Tue Sep 20 15:26:06 1994 From: jamesd at netcom.com (James A. Donald) Date: Tue, 20 Sep 94 15:26:06 PDT Subject: Scienter and all that stuff In-Reply-To: <35nh2h$37i@bb.com> Message-ID: <199409202222.PAA03485@netcom8.netcom.com> L. Todd Masco writes > I don't think it's nearly as black & white as you suggest: Our systems > are not monolithic and some consitutional and democratic principles do > still have some sway. Noam Chomsky discusses this when he talks about > reasons for optimism. Of course Noam Chomsky is optimistic - he favors limitless and absolute state power and the forcible and violent silencing of all those who deviate from political correctness. If I was campaigning to make a the US a totalitarian terrorist state, I would be full of optimism. From doug at OpenMind.com Tue Sep 20 15:52:02 1994 From: doug at OpenMind.com (Doug Cutrell) Date: Tue, 20 Sep 94 15:52:02 PDT Subject: Virtual assasins and lethal rema Message-ID: TJHARDIN at delphi.com writes: >Adam is absolutely right.... Even if a killer is so anonymous that she can't >be linked to a given crime by the employer who will talk 99.9% of the time >any pressure is applied, she must still continue to accept various >contracts. >The police would then set up one of their stings & "hire" her anonymously >for another job & snatch the killer up when she attempts to fullfill this >contract. Likewise, the very first offer of employment may well be of this >sort. Once again (and hopefully for the last time!), I reiterate that it is the person *placing* the contract who is at zero risk (except for the risk of losing their digital cash). Stings can be set up to catch the killer, but providing the person doing the hiring trusts no one but himself, there is no risk to him. To the extent that there is *any* risk to this person, the goals of crypto anarchy have not been met. This pertains to every conceivable security leak that might affect the person placing the contract. Doug ___________________________________________________________________ Doug Cutrell General Partner doug at OpenMind.com Open Mind, Santa Cruz =================================================================== From cactus at bb.com Tue Sep 20 15:58:43 1994 From: cactus at bb.com (L. Todd Masco) Date: Tue, 20 Sep 94 15:58:43 PDT Subject: Scienter and all that stuff In-Reply-To: <199409202222.PAA03485@netcom8.netcom.com> Message-ID: <199409202303.TAA05116@bb.com> James A. Donald writes: > L. Todd Masco writes > > I don't think it's nearly as black & white as you suggest: Our systems > > are not monolithic and some consitutional and democratic principles do > > still have some sway. Noam Chomsky discusses this when he talks about > > reasons for optimism. > > Of course Noam Chomsky is optimistic - he favors limitless and absolute > state power and the forcible and violent silencing of all those who > deviate from political correctness. Yeah, right. Support that statement. That's very much against what I know him to have stated his beliefs are. (Why do we have to classify people as saints or demons? Address arguments on their own merits, not on as hominems against the speaker) -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From ianf at wiley.sydney.sgi.com Tue Sep 20 16:01:14 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Tue, 20 Sep 94 16:01:14 PDT Subject: (fwd) "Will You Be a Terrorist?" In-Reply-To: <199409201143.AA00236@xs1.xs4all.nl> Message-ID: <9409210858.ZM14510@wiley.sydney.sgi.com> On Sep 20, 1:43pm, Alex de Joode wrote: > : No US Attorney is going to be interested in the sort of messy political case > : that would be involved in remailer prosecutions. > Please keep in mind that the US jurisdiction doen't cover the whole earth. But the US government over the past decade have made several moves which tend to indicate that they DO consider their juristiction to pass their borders. If memory serves me correctly, the original US Crime Bill also included sections which made the killing of a US citizen outside the US a crime (punishable by death no less), which is clearly an extension of US laws past US borders. And let's not forget Panama. > (There is life outside the US) A small aside, but a couple of years back I was the system admin on an educational political simulation run over the Internet between Macquarie University, Georgetown University and another University in Texas which will remain unnamed to protect the guilty. During the setup phases, the system admin from Texas informed us that he had setup an alias called "world". Sadly, he could not understand the hilarity at the Georgetown and Macquarie ends when we discovered that "world" consisted of only accounts in Texas. Fortunately, the next time we played the simulation we got a much better system admin who realised that there was physical existance past the Texan border. Ian. From M.Gream at uts.EDU.AU Tue Sep 20 16:10:27 1994 From: M.Gream at uts.EDU.AU (Matthew Gream) Date: Tue, 20 Sep 94 16:10:27 PDT Subject: Laws Outside the U.S. In-Reply-To: <199409201721.KAA03135@netcom10.netcom.com> Message-ID: <9409202313.AA10990@acacia.itd.uts.EDU.AU> "Timothy C. May" wrote: > > I heartily agree with Duncan here! There has been very little said by > the good residents of France, Germany, Sweden, Holland, Italy, etc. > about just what the crypto-related laws of their countries are. > (I've touched on this issue in a few bits and peices, but this is an opportunity for me to summarise some of the critical points) Crypto in Australia: - There are no regulations or laws covering the use of crypto, ie. encryption of communications over common carriers. However, when a Law Enforcement Agency (only our Federal Police and the Australian Security Intelligence Organisation can obtain warrants for telephone intercepts) requires an intercept, the carrier must be able to furnish the information to them. What this means is that if the carrier employs encryption or some other method of altering information between external communication end points, it must unwrap this for AFP/ASIO when they have a warrant for such information. This applies _only_ to "carriers". - There _are_ export laws on crypto, covered under section 13B and 13E of the Customs (Prohibited Exports) Regulations (under the Customs Act 1901). This prohibits certain specified goods of which crypto is one, along with any goods in a list produced by the `Minister of State for Defence' on `Goods with Civil and Military Applications' [ie. what comes from COCOM]. Permits must be obtained in writing from the Minister of State for Defence _or_ someone authorised in writing by him/her. This legislation doesn't seem to have been applied. - There are no laws on crypto import. Of course, importing implies something coming from another jurisdiction, who may see the export issue a different way. It's my belief that the laws are in place to "scare" and "standover" the _exporters_ and place the onus on them to control emissions. In other words, just as if the smoke shop sold to a minor, the shop, not the minor would get it. I did at one stage think that "they" wouldn't mind occasional abuses of the legislation, as it gives them the occasional victim to prosecute and hold up for all to see. I don't think this anymore, because "they" would _not_ win a case unless it's shown that the exporter did so explicitely to construct products for "the bad guys" (a dubious concept at best) -- as opposed to products for personal security and commerce (I suspect this is why Phils case is on ice, prosecuting him isn't ever going to work). - The Defence Signals Directorate (DSD) is our primary SIGINT/COMSEC agency. Much like the NSA (but on a smaller scale, their HQ in Canberra consists of 3 or 4 buildings only, surrounded by razor fencing though and my "driver" swears the radio went dead as I stepped out for a closer look :>) they provide COMSEC advice to the Govt. They are also the ones that deal with authorising crypto products for export under s.13B & 13E as mentioned above. - Some peripheral issues: There is a section in the Telecommunications (Interception) Act that makes it an "offence" to hinder an officer under a warrant. This may apply to the use of crypto, but would do so only after a warrant has already been obtained to look into a criminal offence -- this is mere speculation on my behalf. Our privacy act deals _only_ with information relating to the Tax File Number, and credit agencies. We have a `Data matching Act' that allows social security and the tax department to correlate data base information. Interestingly enough this Act specifically outlines in algorithm steps what is to be compared, how it is to be compared and even time restrictions on the lengths of these steps and looking at the composition of the information, one gets an idea about exactly what is stored in these databases. > Lots of clucking about U.S. policy, followed by "And the U.S. is not > the whole world" comments, but very little about, for example, the > Dutch Binnenlandse Veiligheids Dienst (BVD) is targetting crypto > users, or how, for example, the German Bundesnachrichtendienst (BND) > is pushing for constitutional limits on speech in Germany. So far there don't seem to be any moves here in Australia to change what legislation is already in place. Though, I must admit that I haven't gone into depth on this and am relying only upon what the Department of Transport and Communications and our Attorney General's Department have told me [by letter and telephone]. Ian Farqhar might have some comments on the Law Enforcement Access Committee. I have it on my "to do list" to wander up to the Law Reform Commission and ask them whether they've considered or are considering any of these issues (Justice Kirby once wrote an excellent paper in Computer Networks and ISDN Systems on `Data protection and Law Reform' back in 1979 -- well, I would have been about 7 years old then, I read it at a later stage). > My hunch is that most of the Western nations are looking for policy > guidance to Washington, and that whatever laws the U.S. adopts as part > of Clipper-Key Escrow-Digital Telephony-Antiterrorism-Tracking will be > adopted in a similar form by the EC and other countries. (The recent > or upcoming conference on international issues in key escrow, whose > agenda was posted a while back, is indicative of this.) I'd say this is so. One thing that is particular about Australia is that our Government "loves" International Agreements and likes to be seen adhering to them. This fuels my skeptism about changes in our crypto export laws (which have been unenforced anyways -- for the reasons mentioned wrt. Phil above) because they come from COCOM agreements. We've always had close ties with the US, but these have been wavering, if only slightly, in the last few years. I'd like to know more about COCOM though, can anyone offer ? We beat the Australia card (then suffered the Tax File Number in its place, though not as severe). I'm confident that something as high profile as Clipper or Key Escrow would have a good level of opposition where the public can understand the direct application to telephone conversions, I'm not so confident about general issues of cryptography though. I suspect this is the case in other countries, but anytime we see "bulletin boards" and "the internet" on current affairs shows, it tends to be in the context of underage access to pornography. Matthew. -- Matthew Gream (02) 821-2043 (sw/hw engineer) From ianf at wiley.sydney.sgi.com Tue Sep 20 16:10:30 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Tue, 20 Sep 94 16:10:30 PDT Subject: Laws Outside the U.S. In-Reply-To: <199409201721.KAA03135@netcom10.netcom.com> Message-ID: <9409210907.ZM14566@wiley.sydney.sgi.com> On Sep 20, 10:21am, Timothy C. May wrote: > I heartily agree with Duncan here! There has been very little said by > the good residents of France, Germany, Sweden, Holland, Italy, etc. > about just what the crypto-related laws of their countries are. As I recall, Matthew Gream just posted the results of several months of investigation into Australia's crypto laws, which is probably the most definitive summary available to date. It is a superb piece of work, but the thread died swiftly. I also posted a summary of SENECA in sci.crypt (compiled with the help of DSD), which is the Australian government classified DES replacement, and there were were no followups there either. One can only presume from all this that the interest is not really there. > My hunch is that most of the Western nations are looking for policy > guidance to Washington, and that whatever laws the U.S. adopts as part > of Clipper-Key Escrow-Digital Telephony-Antiterrorism-Tracking will be > adopted in a similar form by the EC and other countries. (The recent > or upcoming conference on international issues in key escrow, whose > agenda was posted a while back, is indicative of this.) I suspect, unfortunately, that you're right. It's like taking cooking tips from Lucretia Borger (sp?). Ian. From chen at intuit.com Tue Sep 20 16:16:48 1994 From: chen at intuit.com (Mark Chen) Date: Tue, 20 Sep 94 16:16:48 PDT Subject: Scienter and all that stuff Message-ID: <9409202315.AA01689@doom.intuit.com> James Donald writes; > L. Todd Masco writes > > I don't think it's nearly as black & white as you suggest: Our systems > > are not monolithic and some consitutional and democratic principles do > > still have some sway. Noam Chomsky discusses this when he talks about > > reasons for optimism. > > Of course Noam Chomsky is optimistic - he favors limitless and absolute > state power and the forcible and violent silencing of all those who > deviate from political correctness. > > If I was campaigning to make a the US a totalitarian terrorist > state, I would be full of optimism. Before this gets out of hand (which it certainly will), I very gently suggest that you read something which Chomsky has written before favoring us all with your opinions. -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From alex at omaha.com Tue Sep 20 16:19:33 1994 From: alex at omaha.com (Alex Strasheim) Date: Tue, 20 Sep 94 16:19:33 PDT Subject: On the crime bill and remailers Message-ID: <199409202320.SAA00228@omaha.omaha.com> -----BEGIN PGP SIGNED MESSAGE----- Hal said: > I strongly disagree with this. Anonymous remailers as presently > constructed will be almost completely ineffective against any significant > government attempts to surveil email traffic. The government does have > the resources today to defeat most uses of remailers. Since present-day > remailers lack padding features, the correspondence between incoming and > outgoing messages, even with encryption, is relatively easy to establish. > This is made worse by the lack of general support for reordering, which > renders the task almost trivial. Although it does seem that the government ought to be able to track remailer traffic, is there any evidence that they are actually doing it in the real world? I've seen posts on usenet which would have presumably provoked a reaction from police, but I can't remember hearing of any cases in which such surveilance occured. == Alex Strasheim alex at omaha.com -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLn9tpREpP7+baaPtAQHrewQAvJW8zUIQb57XwHHsdGC7gJo9UyFfds4o hu1vTUEsZvzyYJL7BIVgDEnHowVZ6vWyKky2QW+CiYli6Ulo8zFN5zoeWS09vLx2 /pANQPxXC+o61C1rypiR85D/esJ7a7ZRJu8OI5sa98+eLmDDad/j/768OMmFwR8c iI8ZnV2PCbQ= =DwQt -----END PGP SIGNATURE----- From karn at qualcomm.com Tue Sep 20 16:31:38 1994 From: karn at qualcomm.com (Phil Karn) Date: Tue, 20 Sep 94 16:31:38 PDT Subject: Laws Outside the U.S. In-Reply-To: <199409201721.KAA03135@netcom10.netcom.com> Message-ID: <199409202330.QAA11383@servo.qualcomm.com> >I heartily agree with Duncan here! There has been very little said by >the good residents of France, Germany, Sweden, Holland, Italy, etc. >about just what the crypto-related laws of their countries are. Okay, how about the text of the French law regulating cryptography? It's available as http://www.ens.fr/equipes_dmi/grecc/loi.html. It's in French, and unfortunately my 3 years of high school study aren't up to the task. Anybody out there fluent in the language who would care to prepare an English translation? We really ought to know what the French law says, given that the US government keeps citing it as precedent for a western country to regulate cryptography. By the way, the next time a pro-clipper person does this, point out that our very own government has repeatedly accused French intelligence of committing industrial espionage on behalf of its own industries, and that there just might be a connection between these two policies that the US is trying to emulate. At a CPSR/EFF meeting a few years ago I succeeded in getting a real rise out of James Kallstrom of the FBI with this comment. Great fun. But then again, he *is* a rather excitable sort... Phil From jya at pipeline.com Tue Sep 20 16:31:51 1994 From: jya at pipeline.com (John Young) Date: Tue, 20 Sep 94 16:31:51 PDT Subject: Scienter and all that stuff Message-ID: <199409202331.TAA25041@pipe4.pipeline.com> Responding to msg by jamesd at netcom.com (James A. Donald) on Tue, 20 Sep 3:22 PM > >Of course Noam Chomsky is optimistic - he favors >limitless and absolute state power and the forcible >and violent silencing of all those who deviate from >political correctness. > >If I was campaigning to make a the US a totalitarian >terrorist state, I would be full of optimism. I respectfully suggest that that's not what Chomsky advocates. He makes superior detailed analysis and criticism of authoritarian government by brilliantly attacking weak-willed ideologues of all political persuasions which hide under skirts of tyrants. On the contrary, his optimism, it seems to me, derives from his own hard work and original thinking not from parroting any party line. With this he is in the company of original thinkers like Karl Hess, Murrary Bookchin and others who have garnered the courage to grow beyond the simple faith of left-right comforts and conceits. Their writings have a generosity of scope and purpose that exemplify how to assess specific problems and to prescribe remedies, and thereby perhaps help us break free of the mesmerizing, melodramatic defecations of partisan politics. Or so I optimistically muse. John From ianf at wiley.sydney.sgi.com Tue Sep 20 16:43:59 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Tue, 20 Sep 94 16:43:59 PDT Subject: Laws Outside the U.S. In-Reply-To: <9409202313.AA10990@acacia.itd.uts.EDU.AU> Message-ID: <9409210936.ZM14678@wiley.sydney.sgi.com> On Sep 21, 9:13am, Matthew Gream wrote: > - The Defence Signals Directorate (DSD) is our primary SIGINT/COMSEC > agency. Much like the NSA (but on a smaller scale, their HQ in > Canberra consists of 3 or 4 buildings only, surrounded by razor > fencing though and my "driver" swears the radio went dead as I > stepped out for a closer look :>) I don't know about that, but I do know that the building is completely TEMPEST shielded. It was custom built for DSD 2-3 years ago, when they moved to Canberra from Melbourne. > they provide COMSEC advice to the > Govt. They are also the ones that deal with authorising crypto > products for export under s.13B & 13E as mentioned above. DSD provides both COMSEC and COMPUSEC, and is surprisingly open about SIGINT too. I must admit that I have found them to be surprisingly helpful on most occasions, although they do take security VERY seriously. > So far there don't seem to be any moves here in Australia to change > what legislation is already in place. Though, I must admit that I > haven't gone into depth on this and am relying only upon what the > Department of Transport and Communications and our Attorney General's > Department have told me [by letter and telephone]. Ian Farqhar might > have some comments on the Law Enforcement Access Committee. ^^^^^^ Law Enforcement Advisory Committee. That might have been my mistake, as I once did miscall them that. Not much, no. They're heavily secretive, and my understanding is that they consist of representatives of the Attorney General's department, ASIO and the Australian Federal Police. They were mentioned to me in passing as one body which might have a lot of interest in controlling domestic cryptography, and I also understand that they were involved in the deliberations over the A5/1 and A5/2 decision (which, I am told by Austel - Telecommunications watchdog - was quite different to what was reported on the Internet). I must admit to finding myself quite irritated that bodies like the LEAC (which are, after all, advising government on domestic policy) are so secretive. Ian. From tcmay at netcom.com Tue Sep 20 16:52:33 1994 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 20 Sep 94 16:52:33 PDT Subject: Laws Outside the U.S. In-Reply-To: <199409202330.QAA11383@servo.qualcomm.com> Message-ID: <199409202350.QAA14320@netcom5.netcom.com> First, thanks to Mats Bergstrom, Alex de Joode, and Matthew Gream for posting good essays about the situation in their respective countries. (And to those who posted earlier...I did not mean to imply in my posting earlier that nobody had ever described the situations in non-U.S. countries, only that more such discussions are needed.) Phil Karn writes: ... > We really ought to know what the French law says, given that the US > government keeps citing it as precedent for a western country to > regulate cryptography. Indeed. One of the mysteries is why so few French are on our list...I can't recall any, actually. Their country has some of the most draconian laws, it is alleged, and, as Phil notes, an active SDECE industrial espionage unit. (I have no dislike for the French, by the way. I lived outside Nice for more than a year. Don't ask me to translate the documents, though, as that was 30 years ago and I was in an American school and learned very little French.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From greg at ideath.goldenbear.com Tue Sep 20 16:57:00 1994 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Tue, 20 Sep 94 16:57:00 PDT Subject: On the crime bill and remailers In-Reply-To: <199409201531.IAA03350@jobe.shell.portal.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > SOLONg discusses the "scienter" requirement in various laws. I believe > this refers to the legal requirement that you know you are breaking the > law in order to be breaking the law (so to speak). The export restrictions > we discuss so much here also have this requirement. If you drive across the > border with your pickup truck full of ammunition, the government has to > prove that you knew it was illegal to do so in order to convict you. In general, scienter/mens rea requirements mean that you must have intended a particular action (or failure to act) - the question is about your understanding of the facts of a particular situation, not the legal status of a particular situation. Given your example, it's illegal to drive across the border, knowing your pickup contains ammunition - whether or not you believe your actions are legal. It's not illegal to drive across the border with a box full of ammunition if you thought you were carrying a box full of clothes. The old saw "ignorance of the law is no excuse" is basically accurate. Good-faith reliance on legal advice from competent counsel won't even save you. (but it might get you a malpractice judgement/settlement). -----BEGIN PGP SIGNATURE----- Version: 2.5 iQCVAgUBLn9lpH3YhjZY3fMNAQFZdwQAtuuPDIZZ36A8SWUoe7LxM1XPWPgRmtUb 8XaTjqTLqDu9ox1x7E4chnVlGmyrkLEkCHfflEU3cPYvWe+6QjosaY8FJcLy2Ohn Jg0EhJNXv/Xqu/0DLWA5gLJinbv4V3m1CUs9283N8vyDpb8H7ItUVEZN4ToUftA7 LQK9RmgjeTc= =366c -----END PGP SIGNATURE----- From hfinney at shell.portal.com Tue Sep 20 17:04:46 1994 From: hfinney at shell.portal.com (Hal) Date: Tue, 20 Sep 94 17:04:46 PDT Subject: On the crime bill and remailers Message-ID: <199409210004.RAA16538@jobe.shell.portal.com> From: greg at ideath.goldenbear.com (Greg Broiles) > In general, scienter/mens rea requirements mean that you must have intended > a particular action (or failure to act) - the question is about your > understanding of the facts of a particular situation, not the legal status > of a particular situation. Given your example, it's illegal to drive > across the border, knowing your pickup contains ammunition - whether or > not you believe your actions are legal. It's not illegal to drive across > the border with a box full of ammunition if you thought you were carrying > a box full of clothes. > > The old saw "ignorance of the law is no excuse" is basically accurate. > Good-faith reliance on legal advice from competent counsel won't even > save you. (but it might get you a malpractice judgement/settlement). I don't know how true this is in general, but my research into the arms export question indicated otherwise. Here is part of a posting I sent to CP some time last year concerning a case in which the defendant did in fact drive to Mexico with a truck load of ammunition: > In U.S. v Lizarraga-Lizarraga, the appellate court wrote (in 541 F2d 826), > > "At trial and on appeal, the defendant admits that he purchased the > ammunition and that he intended to export it to Mexico. His defense is > bsed on the contention that he had no knowledge that his conduct violated > the law. Hence, the appellant claims that to be found guilty under > 22 U.S.C. 1934 [the predecessor to 22 U.S.C. 2778], the government must > prove that he intended to violate the statute.... We agree, and hold > that he was entitled to a specific intent instruction. Accordingly, we > reverse his conviction and remand for a new trial." > > The court discusses several reasons for concluding that "willfully" > implies a need to show specific intent, among them that the articles on > the Munitions List are not obviously illegal to export, finally concluding: > > "Accordingly, we hold that in order for a defendant to be found guilty of > exporting under 22 U.S.C. 1934, the government must prove that the > defendant voluntarily and intentionally violated a known legal duty not > to export the proscribed articles, and the jury should be so instructed." Perhaps the arms export laws are worded differently than some others and so the more stringent rules apply. Hal From sandfort at crl.com Tue Sep 20 17:17:31 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Tue, 20 Sep 94 17:17:31 PDT Subject: SHAMELESS PLUG Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Mark Chen wrote the follow about the scienter thread: ... Howard Zinn makes the same point in _Declarations of Independence_.... he concludes that law is made not by legislators and judges, but by the policman's club. But less and less every day. As Duncan and I--the official "Pollyannas of Privacy"--have been telling you, technology is on our side. As it advances, technology continues to shift the balance of power from the State to the individual. For my vision of technology in the service of civil liberties, see my upcoming article, "Support Your Digital Police," in the "Idees Fortes" section of December's Wired. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From ianf at wiley.sydney.sgi.com Tue Sep 20 17:38:19 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Tue, 20 Sep 94 17:38:19 PDT Subject: [CyberCash Media hype] In-Reply-To: <199409192135.AA14970@access1.digex.net> Message-ID: <9409211035.ZM14893@wiley.sydney.sgi.com> On Sep 19, 5:35pm, Black Unicorn wrote: > > The TLA's understand this concept well, which is one of the reasons they > > classify almost everything they do. One non-obvious fact is that in the > > environment most governments use crypto (eg. widely distributed sites with > > key distribution channels which are more easily compromised than the > > crypto hardware), that the design of the cipher may be easier to keep > > secret than the key itself. As such, the use of security by obscurity > > in the design of the cipher itself is a lot more effective than most > > people would give it credit for. > While this may seem to be a joke comment, it is not. Remember that what is being secured here is almost certainly a stronger cipher than any of us have access to (representatives of TLA's excepted :), and so the public scrutiny issue does not arise. I agree with Black Unicorn's phrase: security by obscurity alone is no security. If we need a buzzphrase - which itself is questionable - then that's about a close as we'll get. Ian. From chen at intuit.com Tue Sep 20 18:03:24 1994 From: chen at intuit.com (Mark Chen) Date: Tue, 20 Sep 94 18:03:24 PDT Subject: SHAMELESS PLUG Message-ID: <9409210102.AA02097@doom.intuit.com> Sandy Sandfort writes: > Mark Chen wrote the follow about the scienter thread: > > ... Howard Zinn makes the same point in _Declarations of > Independence_.... he concludes that law is made not by > legislators and judges, but by the policman's club. > > But less and less every day. As Duncan and I--the official > "Pollyannas of Privacy"--have been telling you, technology is > on our side. As it advances, technology continues to shift the > balance of power from the State to the individual. Which is why, even with their exceedingly feeble perception of what these technologies portend, authoritarian structures are thrown into fits of nearly hysterical apoplexy when confronted by Things Crypto. > For my vision of technology in the service of civil liberties, > see my upcoming article, "Support Your Digital Police," in the > "Idees Fortes" section of December's Wired. I'm there. - Mark - -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From cactus at bb.com Tue Sep 20 18:46:58 1994 From: cactus at bb.com (L. Todd Masco) Date: Tue, 20 Sep 94 18:46:58 PDT Subject: DB Technology Message-ID: <199409210152.VAA06976@bb.com> For a good example of DB/Expert system technology used for good instead of evil ("A power so great...") check out ringo at media.mit.edu, body of mail "join". You tell it your musical preferences and it suggests albums that others with a similar taste to yours liked. It'll also tell you what to avoid. I intend to honor its advice, to avoid Neil Diamond, Tiffany, and Barry Manilow. -- Todd From sw at tiac.net Tue Sep 20 18:48:43 1994 From: sw at tiac.net (Steve Witham) Date: Tue, 20 Sep 94 18:48:43 PDT Subject: A meme about politics of country X Message-ID: <199409210148.VAA06698@zork.tiac.net> >My hunch is that most of the Western nations are looking for policy >guidance to Washington... Now there is a scary thought. We need a counter-meme. (Mike Godwin has a fun article about how he invented a counter-meme and watched it spread, in the latest *Wired*.) My meme is: "Boy, don't immitate what *Washington* (or insert your country's capital here) is doing, those Americans (or whoever) have let their government go *totally* haywire." This requires a little support. For America it's easy (your mileage may vary): "Americans all think they're outlaws and ignore what's going on in government. They just buy lawyers and accountants and don't think about it. The people in Washington get no feedback from the public so they watch TV for ideas. Bad cop shows, mostly." I think it works best if you only talk about one country this way in any given context. If two people use the same meme about different countries in the same context, they can say, "Is it that way *there*, too? Oh, my." --Steve - - - - - - - - - - Steve Witham's .sig contains four a's, one b, two c's, two d's, twenty six e's, six f's, two g's, three h's, ten i's, one j, one k, two l's, two m's, twenty n's, seventeen o's, one p, one q, five r's, twenty nine s's, twenty-one t's, four u's, six v's, twelve w's, four x's, five y's, and one z. From paul at hawksbill.sprintmrn.com Tue Sep 20 19:01:41 1994 From: paul at hawksbill.sprintmrn.com (Paul Ferguson) Date: Tue, 20 Sep 94 19:01:41 PDT Subject: HTTP authentication efforts Message-ID: <9409210305.AA01028@hawksbill.sprintmrn.com> Howdy guys 'n gals. As much as I'd love to rant about Detweiler getting an account on Colorado Supernet, I must put aside my insidious remarks for the time being. Does anyone know, on the off-chance, who is currently working on HTTP authentication processes for web browsing and Mosiac? Pointers appreciated. _______________________________________________________________________________ Paul Ferguson US Sprint Managed Network Engineering tel: 703.904.2437 Herndon, Virginia USA internet: paul at hawk.sprintmrn.com From M.Gream at uts.EDU.AU Tue Sep 20 19:02:05 1994 From: M.Gream at uts.EDU.AU (Matthew Gream) Date: Tue, 20 Sep 94 19:02:05 PDT Subject: Laws Outside the U.S. In-Reply-To: <9409210936.ZM14678@wiley.sydney.sgi.com> Message-ID: <9409210204.AA05586@acacia.itd.uts.EDU.AU> "Ian Farquhar" wrote: > > - The Defence Signals Directorate (DSD) is our primary SIGINT/COMSEC > > agency. Much like the NSA (but on a smaller scale, their HQ in > > Canberra consists of 3 or 4 buildings only, surrounded by razor > > fencing though and my "driver" swears the radio went dead as I > > stepped out for a closer look :>) > > I don't know about that, but I do know that the building is completely > TEMPEST shielded. It was custom built for DSD 2-3 years ago, when they > moved to Canberra from Melbourne. Actually, I have to admit to having a slight fascination with buildings of this type, some other points about the architecture and location of DSD HQ: [Note: It's an offence to photograph these facilities, it might be bordering on the edge of legality to make the following observations, but these are all a matter of the public record and intended for informational purposes -- if it's me making them at all :-)]: - It's located in Russell Offices along with most of the Deparment of Defence and ASIO's HQ. Just down the road is ASIS, and around the corner is the AFP's HQ. It puts a lot of valuable resources in close physical proximity. - Just above Russell Offices (on Russell Hill in fact) is a lookout, you drive up from ADFA. Standing up here gives you direct line of sight into DSD and all the other Defence buildings, you can watch people walking around. Interestingly, when I drove down and back around the front and looked back up to lookout, a utility had pulled up. In any case, employees have questionable ability to remain "anonymous". - Right along the front of the building is a major road, a couple of feet away stands the razor fencing, then the building is a few more feet inside, on the other side of the road is a carpark. The guardhouse for entry into the "complex" sits just off the road too. - You can drive up around the back of the complex, there is a little road that has the DSD facility on the lower side and bushland on the upper. You can get out and walk up to the fence and stare straight down into a smaller inside carpark and people walking around. - The building immediately adjacent to the road out the front only stands some 20 or so metres high, it has no windows and is quite recent --> the TEMPEST sheilding you mention. The other buildings, more than likely only for administrative purposes have darkened windows. More than likely it extends to a significant distance underground. - There are no obvious antennas on or near it at all. Although the Defence Integrated Secure Communications Network (DISCON) has it's certain switching station at Canberra, this is mainted by another division within the Defence Dept. (DSD is an "outrider" organisation anyway). Desmond Ball's book shows a picture of a sat dish at Watsonia for NSA uplink, used when DSD were in Melbourne -- there is none of this in Canberra. I'm pretty sure Defence maintains a communications facility just out of Canberra (not far from Tidbinbilla (sp?), probably initially processed there and leased line into Russell Offices ?). - DSD uses the Signals Corp, and when a new battalion relocated to Moorebank Army base, as they were building it, someone who drove by daily remarked to me that up went the frame, then went in a room concreted with only one doorway and subsequently wrapped in "insulation". They then bricked the building up as per usual, ie. adding another layer over this "room". When the work in this room (I'm told), the shifts last about 4-6 hrs, they enter and don't leave until their time is up. Standard security procedures I guess, interesting to see it on your proverbial backdoor none the less :-). Not exactly what most people go and see on their holidays, but then I've never been like "most people" :-) [footnote: I take a purely passive and observant role in these affairs]. cheers, Matthew. ps. There's also the Brian Wilshire conjectured "Big Brother Information Processing Centre" at St. Leonards (I could see it out the window of my previous place of employment!), but it's nothing more than Telecom's Data Processing Facility. Brian Wilshire (talkback host on local 2GB, author of "Fine Print") is a loony anyway. -- Matthew Gream (02) 821-2043 (sw/hw engineer) From M.Gream at uts.EDU.AU Tue Sep 20 19:15:55 1994 From: M.Gream at uts.EDU.AU (Matthew Gream) Date: Tue, 20 Sep 94 19:15:55 PDT Subject: Laws Outside the U.S. In-Reply-To: <9409202313.AA10990@acacia.itd.uts.EDU.AU> Message-ID: <9409210218.AA06839@acacia.itd.uts.EDU.AU> Possible misconception (was rushing to beat a system downtime): "Matthew Gream" wrote: > in writing from the Minister of State for Defence _or_ someone > authorised in writing by him/her. This legislation doesn't seem to > have been applied. When I mean "hasn't been applied", I mean as in it doesn't seem that anyone has been prosecuted explicitly for crypto export. The regulations deal with lots of other things as well (export to Iraq, Libya, and export of nuclear and munitions et al) and it's sure to have been enforced on many other points. Matthew. -- Matthew Gream (02) 821-2043 (sw/hw engineer) From tcmay at netcom.com Tue Sep 20 19:54:38 1994 From: tcmay at netcom.com (Timothy C. May) Date: Tue, 20 Sep 94 19:54:38 PDT Subject: Virtual assasins and lethal rema In-Reply-To: Message-ID: <199409210250.TAA05491@netcom5.netcom.com> > Once again (and hopefully for the last time!), I reiterate that it is the > person *placing* the contract who is at zero risk (except for the risk of > losing their digital cash). Stings can be set up to catch the killer, but > providing the person doing the hiring trusts no one but himself, there is > no risk to him. To the extent that there is *any* risk to this person, the > goals of crypto anarchy have not been met. This pertains to every > conceivable security leak that might affect the person placing the > contract. > Doug Cutrell General Partner And the risk of losing the digital cash can be made vanishingly small by use of anonymous escrow services, which act solely as holders of the digital cash. They will arise to fill two market needs: 1. The contract killers will not take the "word" of a contract purchaser, who has nothing to lose by renegging after the deed is done. A "reputatble" third party (obviously untraceable, of course) will be desired. 2. Likewise, the purchaser will not make the payment to the contract killer and then just "hope for the best." She, too, will want protection from renegging, various excuses, etc. Anonymous escrow services are an essential part of the ecology of digital assassinations. The thread we had on this a few weeks ago may be useful to those interested. And my FAQ has some stuff on reputations, anonymous escrow, etc. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From rcromw1 at gl.umbc.edu Tue Sep 20 21:57:18 1994 From: rcromw1 at gl.umbc.edu (Ray Cromwell) Date: Tue, 20 Sep 94 21:57:18 PDT Subject: The Importance of Filtering In-Reply-To: <199409141915.MAA19709@netcom11.netcom.com> Message-ID: <199409210454.AAA03113@umbc9.umbc.edu> > * Extropians-style filtering, now being developed as a commercial > product by Harry Shapiro and Ray Cromwell. (To be clear about things, > Hugh Daniel, Eric Hughes, etc., expressed their willingness to install > the Extropians-style software shortly after it became available, > almost 2 years ago. Various delays ensued, then the offer by the > authors was put in limbo, then the commercialization phase ensued.) Just to clear this up, this freeware code was never put into limbo. I believe Harry talked to Hugh several times in e-mail but Hugh didn't have the time to put up with the installation (hint: it's harder than majordomo to install since they are tons of configuration options. You know, like the list statistics, what filtering agents to use, digest format, incoming filters, accounting database, etc) If anyone is willing to provide a machine, I will gladly give and/or install my mailing list software, and then subscribe it to cypherpunks. (during the development phase, this is exactly how me and Harry tested the list. We subscribed to several mailing lists and had the list software do the filtering) This is more optimal anyway. If the vast majority of people don't want filtering, there is no need to waste cpu cycles by running it as the main cypherpunks list. > And then of course there what the new list software. This allowed > folks to exclude authors, threads, etc., at the _point of > distribution_. > Is this a good idea.? Well, if one excluded 10% of the traffic, then > it would "save" having to receive 5-10 messages a day. Big deal. > I used the ExI software, and found it an interesting experiment, but I > can't say it save me any real effort. The effort of sending the > filtering message to the list site, hassling with the formats, etc., > clearly outweighed the tiny effort it would have taken to manually > press "d" to delete the messages when then appeared. Yes, and this is a recognized problem, and one of the things we are going to eliminate in the commercial version. Basically, the "send a msg to a mail server" form of command processing is too painful to use except infrequently (such as ::resend) The technique of using "in-band" commands within a post was my first attempt to reduce the pain of sending commands (by allowing you to postpone any commands, and then include then in one of your posts later) One of the ways to alleviate "transaction cost" of list commands is to use client side scripts. For instance, for list administration, I wrote Harry a "hot key" perl script which takes over elm's Print function. When Harry needs to do something, he hits 'p', and then chooses an option. (for instance, to add a user, he types 'pa'. I could easily create a similar thing for anyone using elm who wanted to exclude based on a single key-press) > I also found it useful to at least spend the 2-5 seconds to see what > was being talked about before pressing "D." The real use of the Extropians software comes in "exclude all" mode, resend thread, and digest. Most of the people I see using the list filtering (from the logs), do something of the following: 1) exclude all 2) read the 'filterlist' every 12 hours. If something looks interesting, do ::resend thread, and get a digest containing that thread only. 3) include specific threads and authors. The only thing I ever use the filtering system for is to exclude individual users, or annoying threads. (d for everything else, like you) > Your mileage may vary, but I doubt that the Extropians-style software > is going to help much...I used it, and my experiences are what I just > described. I think it is superior to majordomo and listserv for other reasons (remember, the filtering stuff is merely a "plug in" agent which could be replaced with any filtering or reputation system) For instance, the reputation system writers could use it as a platform to write a reputation based filtering system if they wanted to. > Filtering is the wave of the future. Definately. I fear there will be no good solution though until we get atleast some partial natural language understanding. -Ray From TJHARDIN at delphi.com Wed Sep 21 03:18:34 1994 From: TJHARDIN at delphi.com (TJHARDIN at delphi.com) Date: Wed, 21 Sep 94 03:18:34 PDT Subject: Virtual Assassins & lethal remailers Message-ID: <01HHD47DO37W9AZM17@delphi.com> Subject: Re: Virtual assasins and lethal remailers (Doug Cutrell) doug at OpenMind.com writes >>TJHARDIN at delphi.com writes: >>Adam is absolutely right.... Even if a killer is so anonymous that she can't >>be linked to a given crime by the employer who will talk 99.9% of the time >>any pressure is applied, she must still continue to accept various >>contracts. >>The police would then set up one of their stings & "hire" her anonymously >>for another job & snatch the killer up when she attempts to fullfill this >>contract. Likewise, the very first offer of employment may well be of this >>sort. >Once again (and hopefully for the last time!), I reiterate that it is the >person *placing* the contract who is at zero risk (except for the risk of >losing their digital cash). Stings can be set up to catch the killer, but >providing the person doing the hiring trusts no one but himself, there is >no risk to him. To the extent that there is *any* risk to this person, the >goals of crypto anarchy have not been met. This pertains to every >conceivable security leak that might affect the person placing the >contract. >Doug Sorry to have to repost on this, I only meant to make a brief point. To the following --> >the person *placing* the contract... is at zero risk To this entire point I must say Au Contraire!The person at greatest risk *is* the person placing the contract. This is the employer whom I said would fold under pressure 99.9% of the time. If the police are still around,they will use the classic investigatory method of cui bono? Who benefits? Who has motive?This was Adam's point & the one I was emphasizing. Even if the payment is untraceable, the police have often succeeded in bluffing suspects into confessing to crimes for which strong suspicions existed, but evidence proving guilt was entirely lacking. This will not change as human nature will not fundamentally change. As far as the assassin being unable to link the employer to the crime, or know who hired her, this is fine in theory, but it is likely that she two will ask the same question regarding the job, cui bono? & coming to the same conclusion. When arrested later for some other offense, merely providing law enforcement with the time, place, victim, & payment for various jobs will be enough to convict or scare most employers into confessing. After all the impatient heir will no longer be able to claim that Uncle Scrooge was a tragic victim of random violence. Now I know the idea is to reach a state where police forces no longer exist. But let's be realistic. -Publicly Supported- morality or Political Correctness Cheka's such as we know today will hopefully cease to exist, but it is extremely likely that Private Police squads will be hired by individuals & groups for protection & revenge. Such units/individuals have a long history in this country, & I knew (verrry casually- we frequented the same Houston New Wave hangout, Rudyard's in the early 80's) a hired killer named David West who was tripped up by a femme fatale hired by a private dick named Clyde Wilson who was hired by the victims' other daughters to get at the daughter who arranged their parents' murders. The case was solved entirely by these private cops & only turned over to HPD for arrest & prosecution. I am sure that if no HPD or State of Texas existed, the "good" daughters would have paid Clyde Wilson for more than just investigation. Actually, the natural condition of humans in anything more complicated than a small scale subsistence bands seems to be not living under powerful states, but rather private armies, condottieri, vendettas, etc. This was the state of affairs in the Italian Renaisance & which one of us would choose the deadly dull certainties of the Middle Age's dogmatic fideism over the brilliant explosion of that great liberation of the human spirit & potential? No one reads Aquin-ass- anymore or even knows who he was but the Borgias, Machiavelli, & Michelangelo are still remembered, read with profit, & restored...respectively even now. tjh 2.61 available From frissell at panix.com Wed Sep 21 04:12:13 1994 From: frissell at panix.com (Duncan Frissell) Date: Wed, 21 Sep 94 04:12:13 PDT Subject: On the crime bill and remailers Message-ID: <199409211111.AA08391@panix.com> At 05:45 PM 9/20/94 -0400, John Young wrote: >Hal and Tim point to the vulnerability of the person running >the remailer to being threatened through the equipment owner Soon most remailers will be run on equipment owned by the operator. At the last NJ computer show I attended, I could have purchased a 486/66 with a paltry 250 meg HD for $999. Then all we have to worry about are the network connections but in a few years, we'll be able to do high-speed "dial up" connections from our home boxes to other (and different) systems anywhere on the nets. Hard to track. >This isolation and elimination (or co-optation) of a target has >worked again and again to destroy networks once they become >serious threats to law and order. They can afford to intimidate a few remailers but "enforcement doesn't scale well." (Another DCF quote.) Networks, software, and hardware scale much better than enforcement resources. Swamping effect. DCF From danisch at ira.uka.de Wed Sep 21 05:09:37 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Wed, 21 Sep 94 05:09:37 PDT Subject: Laws Outside the U.S. Message-ID: Germany: There is no restriction of import or use of cryptography ( _yet_ ). There are some restrictions about export and transmission of encrypted data: - Encryption soft/hardware can not be exported to communist countries (COCOM) without problems. I don't know exactly, whether it is forbidden, must be licensed, or must be registered in any way. - There are two kinds of amateur radio, the CB (citizen band) and the licensed amateur radio, which requires a personal license. On this licensed radio it is not allowed to send encrypted messages, but as far as I know nobody cares and nobody checks. The sense was to make you use the telephone and pay. - There was a restriction about the telephone net. You are not allowed to transmit anything but voice. I don't know what happened with that restriction since everyone uses fax and modem legally. At the moment they have a lot of problems with such laws. They have to decide whether they are valid or not, because most european countries have joined the European Community. The EC forces their countries to equalize their laws in the sense of "what you can do in one country, you can do everywhere". Sometimes this is very helpfull (e.g. use of modems. Most of them where illegal in Germany, meanwhile nearly all of them have a license), sometimes they have silly ideas (e.g. laws about ingredients of noodles or beer). If France forbids the import of crypto software, but allows to sell it inside of France, then I can sue France, because the french programmer can sell his programs in France and I can't. I'm sure we will get a special crypto law within the next years. Hadmut From hart at chaos.bsu.edu Wed Sep 21 06:12:58 1994 From: hart at chaos.bsu.edu (Jim Hart) Date: Wed, 21 Sep 94 06:12:58 PDT Subject: On the crime bill and remailers In-Reply-To: <199409202320.SAA00228@omaha.omaha.com> Message-ID: <199409211314.IAA25946@chaos.bsu.edu> Hal Finney assumes that cooperating attackers are monitoring each and every remailer site used by a well-constructed message (which I define as two or more jurisdictions, at least one private box, and nested encryption). While ubiquitous wiretap is a good worst-case assumption to make when designing the remailers, the odds that all the remailers in such a chain are being wiretapped is vanishingly small. A post-hoc attack of examing logs, like what the FBI is probably doing now for the RC4 incident, is much more likely. A wiretap attack would only become even remotely likely if there was a repeated pattern, for example regularly leaked trade secrets that appeated to come from the same originator. Despite the possibility that the RC4 leaker used the predictable 'premail', or perhaps didn't even use nested encryption at all, and that the leak was serious enought to make the front page of the Wall Street Journal, I'll lay even odds that the leaker is never found. If the leaker used a well-constructed message, and doesn't try to repeat his coup, I set the odds at 1000:1 that we'll ever find him via remailer tracing. This despite the fact that the current remailer network falls well short of a wiretap-proof digital mix, as Hal correctly notes. Jim Hart hart at chaos.bsu.edu From perry at imsi.com Wed Sep 21 06:22:25 1994 From: perry at imsi.com (Perry E. Metzger) Date: Wed, 21 Sep 94 06:22:25 PDT Subject: On the crime bill and remailers In-Reply-To: <199409210004.RAA16538@jobe.shell.portal.com> Message-ID: <9409211321.AA11566@snark.imsi.com> Hal says: > > The old saw "ignorance of the law is no excuse" is basically accurate. [...] > I don't know how true this is in general, but my research into the > arms export question indicated otherwise. Congress can, in the way it words a law, specifically make it a requirement that you knew an act was illegal. However, 99% of the time, "ignorance is no excuse" holds. Similarly, on some laws, the requirement of intent to commit the act is unnecessary. Mens rea is not needed, for example, to be found guilty of speeding -- you need merely have committed the act regardless of whether you intended to travel at a particular speed. Perry From jeffb at sware.com Wed Sep 21 07:19:48 1994 From: jeffb at sware.com (Jeff Barber) Date: Wed, 21 Sep 94 07:19:48 PDT Subject: Laws Outside the U.S. In-Reply-To: Message-ID: <9409211416.AA18758@wombat.sware.com> Hadmut Danisch writes: > The EC forces their countries to > equalize their laws in the sense of "what you can do in one country, > you can do everywhere". > If France forbids the import of crypto software, but allows to sell it > inside of France, then I can sue France, because the french programmer > can sell his programs in France and I can't. Isn't it inevitable that this will -- for the same reasons of equity among the member countries -- evolve into a single set of laws governing the *use* of crypto throughout the EC? > I'm sure we will get a special crypto law within the next years. Can you provide any predictions as to its content? It seems to me that the EC may be a *huge* force -- for good or ill -- with respect to crypto, depending on which way the rules fall out. In the first place, because of the sheer size of the EC and the combined power and populace of its member countries, but also because any internal crypto advantage the EC is perceived to hold might be an additional spur to liberalization of US crypto export policy. -- Jeff From bugs at ritz.mordor.com Wed Sep 21 07:28:26 1994 From: bugs at ritz.mordor.com (Mark Hittinger) Date: Wed, 21 Sep 94 07:28:26 PDT Subject: HTTP authentication efforts Message-ID: <199409211428.KAA12728@ritz.mordor.com> > From: paul at hawksbill.sprintmrn.com (Paul Ferguson) > Does anyone know, on the off-chance, who is currently working on > HTTP authentication processes for web browsing and Mosiac? Cern probably has this already done and under wraps by now. In the USA the recent NCSA/Spyglass, Inc press release implies that Spyglass will develop an "electronic commerce" capability for Mosaic. Tuesday's Wall Street Journal has an interesting article (Sep 20 C1 bottom) about the mysterious DE Shaw company. For those of you who don't follow every vital scrap of information pryed out of DE Shaw - they are a stock market related firm with very heavy investment in computer hardware and brain power. The article quotes Shaw implying the development of yet another electronic market capability - "commercial use of the Internet". Perhaps Shaw is funding some of Spyglass? Its odd to see program trading gurus get side tracked on this. mark.h From michael.shiplett at umich.edu Wed Sep 21 07:38:45 1994 From: michael.shiplett at umich.edu (michael shiplett) Date: Wed, 21 Sep 94 07:38:45 PDT Subject: HTTP authentication efforts Message-ID: <199409211438.KAA19749@totalrecall.rs.itd.umich.edu> "pf" == Paul Ferguson writes: pf> Does anyone know, on the off-chance, who is currently working on pf> HTTP authentication processes for web browsing and Mosiac? pf> Pointers appreciated. There is a www-security mailing list based at Rutgers (majordomo at nsmx.rutgers.edu; list name of www-security). From the introductory majordomo message: This list is intended for the discussion of World Wide Web security proposals, enhancements and issues. Ben Fried of Columbia posted to www-security some NCSA httpd/xmosaic patches to allow Kerberos 4 authentication. The University of Michigan is using these patches (with some bug fixes fed back to Ben) and a similarly patched lynx browser for authenticated web connections. I haven't looked at the code to know whether the network traffic is encrypted or not. michael From adam at bwh.harvard.edu Wed Sep 21 07:48:10 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Wed, 21 Sep 94 07:48:10 PDT Subject: Security through obscurity In-Reply-To: <9409211035.ZM14893@wiley.sydney.sgi.com> Message-ID: <199409211447.KAA14579@bwh.harvard.edu> Ian Farquhar wrote: | > > crypto hardware), that the design of the cipher may be easier to keep | > > secret than the key itself. As such, the use of security by obscurity | > > in the design of the cipher itself is a lot more effective than most | > > people would give it credit for. | | > While this may seem to be a joke comment, it is not. | | Remember that what is being secured here is almost certainly a stronger | cipher than any of us have access to (representatives of TLA's excepted :), | and so the public scrutiny issue does not arise. | I agree with Black Unicorn's phrase: security by obscurity alone is no | security. If we need a buzzphrase - which itself is questionable - then | that's about a close as we'll get. Obscuring things can be a useful part of a security system for an organization. The phrase "security through obscurity" refers to systems which are all smoke and mirrors. Good security comes from reinforced concrete. If you add smoke and mirrors in front of concrete, you don't decrease your security. Unless, of course, you can't see whats coming becuse of all the smoke. Adam From sandfort at crl.com Wed Sep 21 08:02:34 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Wed, 21 Sep 94 08:02:34 PDT Subject: THOSE DARNED HIT MEN Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Tim May writes with regard to anonymous contract killers: ... And the risk of losing the digital cash can be made vanishingly small by use of anonymous escrow services, which act solely as holders of the digital cash.... I don't buy it. Anonymous digital assassins, murder escrows and all that work fine in an artificial, abstract, game-theory world. I doubt we'll see much--if any--of it in the Real World. Why? Because the market is too richly textured not to come up with its own cultural, ethical and digital fixes. Would you do business with a escrow that was the bag man for contract murders? I wouldn't, you wouldn't and the vast majority of people in the world wouldn't. That wouldn't stop some escrows from performing that service, but it would run up the cost. When the costs rise high enough, profitable opportunities are created for false escrows to enter the business. That's just one problem that can interfere with such an odious endeavor; there are more. I think the best way to illustrate that the anonymous murder business is nothing more than a bugaboo, is to set the best minds on the planet--Cypherpunks--to work on the problem. Let's all put our thinking caps on, and come up with answers to the follow hypothetical situation: Let us assume a world with totally anonymous communications and payments (strong crypto, remailers, digital cash, etc.). 1) How would YOU scam money from the system without actually knocking anyone off? Or in the alternative, 2) How would YOU use technology to address the problem from police/private investigator perspective? I'm betting that with no more than a few moments of thought, Cypherpunks will come up with a ton of hacks. To get the ball rolling, here are two from me: SCENARIO ONE I set up a meat-and-potatoes escrow business. I keep my nose clean. I honor my obligations. I build up a good reputation. At some point, I'll be approached by a murderer and the person who is hiring him or her. I'll accept the payment. When the murder is committed, I won't pay off. The murderer will (a) sue me (I don't think so), (b) damage my reputation (I'll leave this one as an exercise for the student), or (c) murder *me* (ah, but first he has to find me; in the world we posit, that won't be very easy). If this scenario happens very often, it'll take all the profit out of the murder business. Of course, the murderer can get the money face-to-face from the customer, but then we're back to today's square one. SCENARIO TWO I set up a phoney murder-for-hire business. Someone contracts with me to bump-off their rich uncle. The client deposits my payment with a reputable escrow company, "Murder Escrows R Us." I go to the uncle and tell him the whole deal. Using digital technology, bribed coroners, etc., we fake his death. When the news hits the Net, the escrow pays me off. The uncle comes back to life, disinherits whomever he suspects wanted him dead. And I laugh all the way to the digital bank. I create a new pseudonym, place another murder-for-hire ad, and do it all again. Given our Brave New World, nobody can touch me. Okay C'punks, it's your turn. How would you subvert Tim May's vision of anonymous murder-for-hire for fun and profit? (Feel free to take potshots at my two scenarios as well. Cypherpunk cleverness cuts both ways, I'm sure.) S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From huntting at glarp.com Wed Sep 21 08:23:16 1994 From: huntting at glarp.com (Brad Huntting) Date: Wed, 21 Sep 94 08:23:16 PDT Subject: Laws Outside the U.S. In-Reply-To: <199409202330.QAA11383@servo.qualcomm.com> Message-ID: <199409211516.JAA04914@misc.glarp.com> > By the way, the next time a pro-clipper person does this, point out > that our very own government has repeatedly accused French > intelligence of committing industrial espionage on behalf of its own > industries, and that there just might be a connection between these > two policies that the US is trying to emulate. At a CPSR/EFF meeting a > few years ago I succeeded in getting a real rise out of James > Kallstrom of the FBI with this comment. Great fun. But then again, he > *is* a rather excitable sort... But what connection could their be? French crypto regulation arguably does very little to weaken corporate security of foreign firms. brad From ekr at eit.COM Wed Sep 21 08:29:29 1994 From: ekr at eit.COM (Eric Rescorla) Date: Wed, 21 Sep 94 08:29:29 PDT Subject: HTTP authentication efforts Message-ID: <9409211529.AA10878@eitech.eit.com> Paul writes: >Does anyone know, on the off-chance, who is currently working on >HTTP authentication processes for web browsing and Mosiac? >Pointers appreciated. Philip Hallam-Baker at CERN has done some work in this area. The general name for it appears to be Shen. I don't know what the status of it is. There is also the original PEM and PGP work done at NCSA by Rob McCool. I'm given to understand that MCC has done some work with Kerberos integration. (Microcomputer and Electronics Corp, or whatever). In addition, I believe that both Spry and Mosaic Communications Corp have announced that they have their own security solutions but haven't announced any technical details... And.....Shameless plug follows: Allan Schiffman and I here at EIT have developed an extension of HTTP called 'Secure HTTP' which provides for end-to-end security and authentication. (Mainly by recycling a lot of the preexisting work in cryptographic messaging, particularly PEM and PKCS7). The protocol is publicly specified and basically consists of wrapping the entire transaction inside privacy enhanced messages, using a variety of cryptographic message formats. It also includes support for systems in which only one party has a public key pair. [By exchanging an encrypted session key to be used for the return transaction]. Disclaimer: While there will be some free distribution of the software based on this protocol, and the protocol is completely nonproprietary (except, of course, that it uses public key) EIT (and I) have a financial interest in selling products based on this technology. You can get a copy of the current (though slightly outdated) version of the protocol via: WWW: http://www.commerce.net/information/standards/drafts/shttp.txt Email: shttp-info at commerce.net (Automatic response) Anonymous FTP: ftp.commerce.net/pub/standards/drafts/shttp.txt The next rev should support (though the released software probably won't for a while) Diffie-Hellman and Kerberos. -Ekr From talon57 at well.sf.ca.us Wed Sep 21 08:45:40 1994 From: talon57 at well.sf.ca.us (Brian D Williams) Date: Wed, 21 Sep 94 08:45:40 PDT Subject: international escrow and things Message-ID: <199409211545.IAA18739@well.sf.ca.us> >4:30-5:00 >International Escrowed Encryption >Dorothy E. Denning, Georgetown University >John Droge, Mykotronx, Inc. Boy, doesn't this just give you a warm and fuzzy feeling? "Sorry I couldn't attend your conference Dorothy, I was busy doing my cryptography homework." On the subject of remailers, I just had a thought. What about a series of "meta-remailers" known only to the remailer operators? Is this just a case of meta-security through obscurity? Then there's that pesky "web of trust" thing.... Brian Williams Extropian Cypherpatriot "Cryptocosmology: Sufficently advanced communication is indistinguishable from noise." --Steve Witham "Have you ever had your phones tapped by the government? YOU WILL and the company that'll bring it to you.... AT&T" --James Speth From merriman at metronet.com Wed Sep 21 10:02:26 1994 From: merriman at metronet.com (David K. Merriman) Date: Wed, 21 Sep 94 10:02:26 PDT Subject: Linux and PGP Message-ID: <199409211701.AA07065@metronet.com> I'm starting to take Linux for a "test drive", and am looking for a couple pointers on using PGP. Some time ago, I saw a couple of vaguely-related messages regarding PGP; one of them was editing a header file (?) to compile properly under Linux, the other was a patch (command-line switch?) to increase the available number of bits for the second part of the key (increasing it from 5 [!!] bits). Could someone either email me the info, tell me where it's hiding, or (if necessary) tell me I'm full of fertilizer? Thanks.... Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From merriman at metronet.com Wed Sep 21 10:02:27 1994 From: merriman at metronet.com (David K. Merriman) Date: Wed, 21 Sep 94 10:02:27 PDT Subject: THOSE DARNED HIT MEN Message-ID: <199409211701.AA07055@metronet.com> >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > SANDY SANDFORT > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . >Would you do business with a escrow that was the bag man for >contract murders? But if the system is set up for total anonymity, _who would know_ that an escrow agent was the "bag man"? Just like no one would know who the contractee was, or the contractor: ========================================================= Date: 21 Sep 2003 07:59:53 -0700 (PDT) From: nobody at remailer.mafia.org Subject: HIT MAN Needed To: alt.jobs.hitmen Contract killing needed. 5,000 credit bonus if "accidental", additional 5,000 credits is done within 30 days. If interested, post MegaCrypted bid to alt.jobs.hitmen, specifying escrow agency, and using message ID in subject line. MegaCrypt v3.7 key: dijfwoiertqwgsdfjiwqfnwenfgwiegeowqt-384`=3jkig918ur5=`9ur2ihg roih2`-98tu`=0r`\012jri2nf92ur=0`9u3r9goi23`08ru2`=093r2`3ru23 ofn1-90401t9=039t30149t394t13=04t343049u=0349304109fj3=090458g ru2-983r3i3hg143594t=39jfv3jf0`2\203r9349ugpweokwoert213tr9u=0 flkj2-0r9`2=9t130gjf32if2-103r0134ui=109jf30uf=039r=0394jf3409 flk23fr09r092r9jfgiogif30rtu=09ru0jf02ijf029ru20`9u29ti3jfoi3i oiwf-90283r-9283ru2f2ijf20r-28ru89u2h28f2-98ru2-8r298h23ohf298 oifg213-09r12-03r-20rj20jf09rut034toi53ofeg0we9g34wjkego-i309g fi3r230ru2rij39rturt3iof8u1ru30rj3f285u^&*df23rt209342`j232t4j -98tu`=0r`\012jri2nf92ur=0`9u3r9goi23`08ru2`=093r2`3ru23ofn1-9 0401t9=039t30149t394t13=04t343049u=0349304109fj3=090458gru2-98 3r3i3hg143594t=39jfv3jf0`2\203r9349ugpweokwoert213tr9u=0flkj2- 0r9`2=9t130gjf32if2-103r0134ui=1 ================================================== My nickel's worth..... Dave Merriman (hoping I don't hear from the FBI about this :-) - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From jamesd at netcom.com Wed Sep 21 10:24:29 1994 From: jamesd at netcom.com (James A. Donald) Date: Wed, 21 Sep 94 10:24:29 PDT Subject: THOSE DARNED HIT MEN In-Reply-To: Message-ID: <199409211722.KAA25576@netcom8.netcom.com> Tim May writes with regard to anonymous contract killers: > > > > ... And the risk of losing the digital cash can be made > > vanishingly small by use of anonymous escrow services, > > which act solely as holders of the digital cash.... Sandy Sandfort writes > I don't buy it. Anonymous digital assassins, murder escrows and > all that work fine in an artificial, abstract, game-theory world. > I doubt we'll see much--if any--of it in the Real World. Why? > Because the market is too richly textured not to come up with its > own cultural, ethical and digital fixes. This true conclusion is based on a true assumption that Sandy does not explicitly make, indeed implicitly denies. That there is a strong correlation between one wrongful behavior - murder for hire, and other wrongful behavior - dishonoring promises. Murder for hire will work if there are honorable, well respected murder for hire escrow agencies with a long and well established reputation and murder for hire hitmen with a long and well established reputation. Neither seems likely, especially the second. From warlord at MIT.EDU Wed Sep 21 10:25:03 1994 From: warlord at MIT.EDU (Derek Atkins) Date: Wed, 21 Sep 94 10:25:03 PDT Subject: Linux and PGP In-Reply-To: <199409211701.AA07065@metronet.com> Message-ID: <9409211724.AA10715@toxicwaste.media.mit.edu> PGP 2.6.1 should build right out of the box under Linux. I've had no problems with it. No changes should need to be made. Just "make linux" in the PGP src directory (after making RSAREF), and it should be fine. As for your other question, it is in the documentation -derek From cyber1 at io.org Wed Sep 21 10:46:18 1994 From: cyber1 at io.org (Cyber City) Date: Wed, 21 Sep 94 10:46:18 PDT Subject: Laws Outside the U.S. Message-ID: <199409211745.NAA10360@nudge.io.org> Tim May writes: > Indeed. One of the mysteries is why so few French are on our list...I > can't recall any, actually. Their country has some of the most > draconian laws, it is alleged, and, as Phil notes, an active SDECE > industrial espionage unit. I noticed the following in sci.crypt recently. There are some useful crypt- analysis papers in the archive, among other things: > From vaudenay at dmi.ens.fr Wed Sep 14 11:52:18 EDT 1994 > Subject: New WWW-Crypto-server > Organization: Ecole Normale Superieure, Paris, France > > We are happy to annonce the birth of the html pages of our team : > > http://www.ens.fr/equipes_dmi/grecc > > Most of our papers are available. > > --Serge for the GRECC team. The French company BULL makes a nice encrypting laptop computer, called "Sub Rosa", which is used by Canada's Department of national revenue auditors. -- Alex Brock From pjm at gasco.com Wed Sep 21 10:53:00 1994 From: pjm at gasco.com (Patrick J. May) Date: Wed, 21 Sep 94 10:53 PDT Subject: THOSE DARNED HIT MEN Message-ID: <770b5b326c5844665d25a0729ba4967a@NO-ID-FOUND.mhonarc.org> -----BEGIN PGP SIGNED MESSAGE----- Sandy Sandfort writes: > SCENARIO ONE > > I set up a meat-and-potatoes escrow business. I keep my nose > clean. I honor my obligations. I build up a good reputation. > At some point, I'll be approached by a murderer and the person > who is hiring him or her. I'll accept the payment. When the > murder is committed, I won't pay off. The murderer will (a) sue > me (I don't think so), (b) damage my reputation (I'll leave this > one as an exercise for the student), or (c) murder *me* (ah, but > first he has to find me; in the world we posit, that won't be > very easy). If this scenario happens very often, it'll take all > the profit out of the murder business. Of course, the murderer > can get the money face-to-face from the customer, but then we're > back to today's square one. Regarding (b), why wouldn't reputation be as important to "Murder Escrows R Us" as to "Meat-and-Potatoes Escrow"? Certainly the smaller market will result in higher charges for customers of MERU, but I don't see a qualitative difference in operation. Also, there is no reason for MAPE to know that they are paying a killer. The escrow could be set up to pay off or refund when a trusted certification agency instructs MAPE to do so. It might be possible to spread the pieces around such that no one agent is aware that they are participating in a murder for hire. > SCENARIO TWO > > I set up a phoney murder-for-hire business. Someone contracts > with me to bump-off their rich uncle. The client deposits my > payment with a reputable escrow company, "Murder Escrows R Us." I > go to the uncle and tell him the whole deal. Using digital > technology, bribed coroners, etc., we fake his death. When the > news hits the Net, the escrow pays me off. The uncle comes back > to life, disinherits whomever he suspects wanted him dead. And I > laugh all the way to the digital bank. I create a new pseudonym, > place another murder-for-hire ad, and do it all again. Given our > Brave New World, nobody can touch me. This is a risk the customer is taking. I'd make sure to only hire killers certified by the Assassin's Guild, just as I'd only use an escrow agency certified by people I trust. I don't see this as a service that is sufficiently different in _kind_ to require protocols not required by other (pseudo)anonymous businesses. - ------------------------------------------------------------------------ A contract programmer is always intense. Patrick May pjm at gasco.com (public key available from servers) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From crypto at nas.edu Wed Sep 21 11:27:23 1994 From: crypto at nas.edu (CRYPTO) Date: Wed, 21 Sep 94 11:27:23 PDT Subject: The National Research Council study of National... Message-ID: <9408217801.AA780182670@nas.edu> Subject: The National Research Council study of National Cryptography Policy Please redistribute this note to any party that you think might be interested. thanks. A STUDY OF NATIONAL CRYPTOGRAPHY POLICY September 14, 1994 Cryptographic technologies are critical to a wide variety of important military and civilian applications involving sensitive or classified information that must be protected from unauthorized disclosure. In addition, cryptography is a key component of most authentication technologies, i.e., technologies to guarantee the identity of a message's sender. National cryptography policy has important implications for U.S. economic competitiveness, national security, law enforcement interests, and protection of the rights of private U.S. citizens. In an attempt to clarify some of the relevant policy issues, Public Law 103-160 (passed by the U.S. Congress in November 1993) called for a comprehensive study from the National Research Council on cryptographic technologies and national cryptography policy. The study will commence in the first week of October 1994. As this study proceeds, the committee will make all feasible attempts to solicit a wide range of input and commentary from interested parties. Input will be presented to the committee through a mix of briefings, presentations, consultations, invited and contributed papers, and testimony at regional public hearings. In addition, members of the interested public are invited to submit input to the committee as described below. The study plans to address the following issues: * the impact of current and possible future restrictions and standards regarding cryptographic technology on - the availability of such technology to foreign and domestic parties with interests hostile to or competitive with the national security, economic, commercial, and privacy interests of the U.S. government, U.S. industry, and private U.S. citizens; - the competitiveness of U.S. manufacturers of such technology in the international market; - the competitiveness and performance of commercial U.S. users of such technology; - U.S. national security and law enforcement interests; * the strength of various cryptographic technologies known and anticipated that are relevant for commercial and private purposes; * current and anticipated demand for information systems security based on cryptography; * the impact of foreign restrictions on the use of, importation of, and the market for cryptographic technology; * the extent to which current cryptography policy is adequate for protecting U.S. interests in privacy, public safety, national security, and economic competitiveness; * strengths and weaknesses of current key escrow implementation schemes; * how technology now and in the future can affect the feasible policy options for balancing the national security and law enforcement interests of government and the privacy and commercial interests of U.S. industry and private U.S. citizens; * recommendations for the process through which national security, law enforcement, commercial, and privacy interests are balanced in the formulation of national cryptography policy. The study will be conducted by a 17-member committee (listed at the end of this document) that collectively has expertise in computer and communications technology; cryptographic technologies and cryptanalysis; foreign, national security, and intelligence affairs; law enforcement; science policy; trade policy; commercial and business dimensions of computer technology (hardware and software vendors, users of cryptographic technologies); and interests in privacy and civil liberties. A subpanel of the full committee will be cleared at the SI level and have access to all relevant information to ensure that the findings, conclusions, and recommendations of the unclassified report are consistent with what is known in the classified world. The project plan calls for the study to be delivered approximately two years after full processing of all necessary security clearances. However, the NRC will make every attempt to deliver the study sooner, and it currently believes that the core work of the study will be completed about 18 to 20 months after funding for the study has been received. Additional time will be devoted to dissemination of the study report and follow-up activities. The final report of the study committee is subject to NRC review procedures that ensure the objectivity and integrity of all NRC reports. The main text of the report will be unclassified; classified annexes (if any) will be made available only to those with the appropriate security clearances. PROVIDING INPUT TO THE COMMITTEE The questions that the study is expected to examine are provided above. Members of the interested public are invited to submit their views on these questions and any other questions that you believe the committee should be addressing through either of the channels below. If desired, requests for personal presentations to the committee should be submitted through these channels as well; the committee will respond affirmatively to as many such requests as possible, but time and resource constraints will limit the number of such requests that can be honored. Internet: send comments and other correspondence to CRYPTO at NAS.EDU. U.S. Mail: Cryptography Project Computer Science and Telecommunications Board National Research Council Mail Stop HA-560 2101 Constitution Avenue, NW Washington, DC 20418 COMMITTEE TO STUDY NATIONAL CRYPTOGRAPHY POLICY Kenneth Dam, committee chair, was Deputy Secretary of State (1982- 1985) and is currently the Max Pam Professor of American and Foreign Law at the University of Chicago Law School. General W. Y. Smith, retired, committee vice-chair, is president emeritus of the Institute for Defense Analyses, and has also served in a number of military posts including that of deputy commander in chief of the U.S. European Command in Germany. Lee Bollinger, formerly dean of the University of Michigan Law School, is currently provost of Dartmouth College and a constitutional scholar. Ann Caracristi, retired, was Deputy Director of the National Security Agency (1980-1982). Benjamin Civiletti was U.S. Attorney General (1979-1981), and is currently in private practice with the law firm Venable, Baetjer, Howard and Civiletti. Colin Crook is senior technology officer for Citicorp. Samuel Fuller is vice president of corporate research at Digital Equipment Corporation. Leslie Gelb is president of the Council on Foreign Relations. He served as Assistant Secretary of State for Politico-Military Affairs (1977-1980). Ronald Graham is a director of information sciences at AT&T Bell Labs and a professor of mathematics at Rutgers University. Martin Hellman is professor of electrical engineering at Stanford University. Dr. Hellman was one of the inventors of public key encryption. Julius Katz is president of Hills & Company, and was deputy United States trade representative (1989-1993). Peter Neumann is principal scientist in the Computer Science Laboratory at SRI International. He is the chairman of the ACM committee on computers and public policy, and a member of the ACM study group on cryptography policy. Raymond Ozzie is president of Iris Associates, a wholly-owned subsidiary of the Lotus Development Corporation. Iris Associates is the developer of Lotus Notes. Kumar Patel is vice chancellor for research at UCLA. Edward Schmults was Deputy Attorney General of the United States (1981-1984) and is a former senior vice president for external relations and general counsel for the GTE Corporation. Elliot Stone is executive director of the Massachusetts Health Data Consortium, which is responsible for the collection and analysis of the state's large health care databases. Willis Ware, retired, is with the RAND Corporation as senior computer scientist emeritus. He chairs the Computer System Security and Privacy Advisory Board which was established by the Computer Security Act of 1987. STAFF AND ORGANIZATIONS Marjory Blumenthal is director of the Computer Science and Telecommunications Board (CSTB). Herbert Lin is study director and senior staff officer of the CSTB. Inquiries about this study should be directed to him at 202-334-3191 or via Internet at HLIN at NAS.EDU. The National Research Council (NRC) is the operating arm of the Academy complex, which includes the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The NRC provides impartial and independent advice to the federal government and other policy makers, by applying top scientific and technical talent to answer questions of national significance. In addition, the NRC often acts as a neutral party in convening meetings among multiple stakeholders on various controversial issues, thereby facilitating the generation of consensus. Within the NRC, the CSTB considers technical and policy issues pertaining to computer science, telecommunications, and associated technologies as critical resources and sources of national economic strength. A list of CSTB publications is available on request to CSTB at NAS.EDU or by calling 202-334-2605. From klbarrus at owlnet.rice.edu Wed Sep 21 11:27:49 1994 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 21 Sep 94 11:27:49 PDT Subject: META: Tim's FAQ, ftp to chaos In-Reply-To: <199409200527.WAA28208@netcom4.netcom.com> Message-ID: <9409211826.AA28617@arctic.owlnet.rice.edu> Timothy C. May wrote: >I first want to thank Karl Barrus for making my Cyphernomicon FAQ >available in separate chapters. Sure thing, you're welcome! I'll try to keep on top of future versions as well. >gopher chaos.bsu.edu >ftp chaos.bsu.edu About retreiving the gopher files via ftp: I'm not sure it is set up for that yet. Chael has put in quite a bit of work over the summer, including updating gopher daemon, and he did mention he would like to make the heirarchy available via anonymous ftp, or perhaps move the gopher directory (currently a subdirectory of my home) into the anonymous ftp area. However, I'm not sure if this has been done yet, or is doable, etc. If there is sufficient interest though, I could place the chapters of the FAQ into the cypherpunks/incoming directory for the time being. -- Karl L. Barrus: klbarrus at owlnet.rice.edu 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 "One man's mnemonic is another man's cryptography" - K. Cooper From cme at tis.com Wed Sep 21 11:43:33 1994 From: cme at tis.com (Carl Ellison) Date: Wed, 21 Sep 94 11:43:33 PDT Subject: Laws Outside the U.S. In-Reply-To: <199409211733.KAA29959@comsec.com> Message-ID: <9409211841.AA01750@tis.com> >From: usura at vox.xs4all.nl (Alex de Joode) >Date: Tue, 20 Sep 94 22:24:56 +0200 >There are basicly four scenario's that a state can follow to >regulate crypto: > - outlaw it totally > - key depositing > - try to develop a standart > - do nothing >The most prosperous scenario. Crypto use will boom, but >lawenforcement agencies will be deprived from a useful >tool, they can't bug phones any more. I think this is wishful thinking on our parts. Crypto would have to be built-in and automatic (not even a button push required to activate it) before I think you'd see much of a user community. Even then, some people might encounter key exchange problems and beg for a button to *disable* crypto. Until you see a substantial percentage of the population using crypto, I don't think law enforcement will have any problem. They'll worry about drug dealers as a new potential threat, but have them read Kahn about Rum Runners (in a chapter with that in the title). -------------- To me, it's obvious that this isn't a real LE problem. That leaves open the question of why the US and others want to limit crypto. I think part of the answer comes from the USACM report, in the second paragraph of chapter 4. "The development of telecommunications in the 19th century, first via cable and later by radio, presented a challenge to national security so severe as to challenge the very notion of national sovereignty. Nations could still regulate the flow of people and products across their borders, but in a process that continues unabated, news, ideas, and information began to travel in channels far harder to control." This sounds like either a Cypherpunk or Clint Brooks wrote it. I'd guess the latter but I think they'd both be wrong. Since when have nations seen their people as imprisoned? We limit the speech of prisoners, but of citizens? When did nations ever care about limiting the speech of citizens, before the middle of this century (with the advent of OSS/CIA thinking)? Was travel prohibited? Were private conversations with foreigners prohibited? -------------- So -- the argument is bogus. Why advance it? My answer: because the Agency advancing it (with cypherpunks as unwitting accomplices) wants to create the perception of a threat of loss of power in those who have power (Congress, President) so that they'll give state-of-emergency powers to the appropriate Agency to fight back. Net result: no real threat; real increase in power for one Agency. +----------------------------------------------------------------------------+ |Carl M. Ellison Phone: (301) 854-6889 | |Trusted Information Systems, Inc. FAX: (301) 854-5363 | |3060 Washington Road | |Glenwood MD 21738 E-mail: cme at tis.com | | | |RIPEM MD5OfPublicKey: 39 D9 86 06 86 A9 F0 75 A9 A8 3D 49 58 9C 67 7A| |PGP 2.6.1 Key fingerprints: E0 41 4C 79 B5 AF 36 75 02 17 BC 1A 57 38 64 78| | 61 E2 DE 7F CB 9D 79 84 E9 C8 04 8B A6 32 21 A2| +----------------------------------------------------------------------------+ From klbarrus at owlnet.rice.edu Wed Sep 21 11:51:55 1994 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 21 Sep 94 11:51:55 PDT Subject: MAIL: crime and remailers In-Reply-To: <199409211314.IAA25946@chaos.bsu.edu> Message-ID: <9409211850.AA00142@arctic.owlnet.rice.edu> Jim Hart wrote: > A post-hoc attack of examing logs, like what the FBI is probably doing > now for the RC4 incident, is much more likely... I'll lay even odds > that the leaker is never found... if the leaker used a well > constructed message... I set the odds at 1000:1 that we'll ever find > him via remailer tracing. Intellectual property rights, export status and all that aside, as a once (and hopefully future) remailer operator, I am curious and concerned for the remailer operator in this case. I see that RSADSI contacted Mr. Perry's employer (jpunix consultants here in Houston?) and the remailer is "temporarily" shut down. This investigation could go a long ways into answering (maybe unfavorably) several legal matters, such as the seizure of sendmail logs, from multiple machines if chained. Will the FBI get cooperation from a foreign law enforcement if a foriegn remailer was used? If the mail was chained through several remailers, will legal action be taken against each one? Then there's the liability of the remailer operator, the company who owned the machine, etc. Will RSA pursue action against these people? Can they? I'm not advocating illegal remailer usage, but I certainly don't want to see John Perry become the focus of lawsuits as the most visible target. John Perry mentioned he was almost fired, except the CEO of JPUnix is open minded. Thankfully, I can imagine other organizations wouldn't have hesitated in firing him. -- Karl L. Barrus: klbarrus at owlnet.rice.edu 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 "One man's mnemonic is another man's cryptography" - K. Cooper From rishab at dxm.ernet.in Wed Sep 21 11:53:44 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Wed, 21 Sep 94 11:53:44 PDT Subject: Reserved DC-Net IP addresses - NOT! Message-ID: hughes at ah.com (Eric Hughes): > Speaking of long-term integration on the internet, might it not be a > good idea to get some IP address range assigned for dc-net use? I don't agree. Apart from the IP address crunch that already poses a problem for the IETF, I don't see why DC-Nets should be limited to specially allocated addresses. DC-Nets should be implemented a layer over protocols such as IP, or as extensions to them. It should be possible for _anyone_, regardless of IP address (officially allocated DC-Net number) to connect with _any_ others on a DCN, with some software or other interfacing. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From adam at bwh.harvard.edu Wed Sep 21 12:06:18 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Wed, 21 Sep 94 12:06:18 PDT Subject: Laws Outside the U.S. In-Reply-To: <199409211745.NAA10360@nudge.io.org> Message-ID: <199409211905.PAA28277@bwface.bwh.harvard.edu> | The French company BULL makes a nice encrypting laptop computer, called | "Sub Rosa", which is used by Canada's Department of national revenue | auditors. It should be mentioned that when you buy a complete solution from a company, you need to trust them. Bull is not entwined with the government; it is an arm of the government for all intents and purposes. The French intelligence agencies have a long history of economic espionage. I am amazed that the Canadian Dept of Revenue would want the French government to read all its secrets. Adam From nowhere at chaos.bsu.edu Wed Sep 21 12:11:05 1994 From: nowhere at chaos.bsu.edu (Chael Hall) Date: Wed, 21 Sep 94 12:11:05 PDT Subject: META: Tim's FAQ, ftp to chaos Message-ID: <199409211912.OAA11037@chaos.bsu.edu> >About retreiving the gopher files via ftp: I'm not sure it is set up >for that yet. Chael has put in quite a bit of work over the summer, >including updating gopher daemon, and he did mention he would like to >make the heirarchy available via anonymous ftp, or perhaps move the >gopher directory (currently a subdirectory of my home) into the >anonymous ftp area. However, I'm not sure if this has been done yet, >or is doable, etc. > >If there is sufficient interest though, I could place the chapters of the >FAQ into the cypherpunks/incoming directory for the time being. > >-- >Karl L. Barrus: klbarrus at owlnet.rice.edu The Cypherpunks gopher hierarchy that was under Karl's home directory has been officially moved to ~ftp/cypherpunks. Gopher should work as normal and all of the files should be FTPable as well! Chael -- Chael Hall, nowhere at chaos.bsu.edu From perry at imsi.com Wed Sep 21 12:15:16 1994 From: perry at imsi.com (Perry E. Metzger) Date: Wed, 21 Sep 94 12:15:16 PDT Subject: Reserved DC-Net IP addresses - NOT! In-Reply-To: Message-ID: <9409211913.AA12090@snark.imsi.com> rishab at dxm.ernet.in says: > hughes at ah.com (Eric Hughes): > > Speaking of long-term integration on the internet, might it not be a > > good idea to get some IP address range assigned for dc-net use? > > I don't agree. Apart from the IP address crunch that already poses a > problem for the IETF, I don't see why DC-Nets should be limited to > specially allocated addresses. DC-Nets should be implemented a layer > over protocols such as IP, or as extensions to them. It should be > possible for _anyone_, regardless of IP address (officially > allocated DC-Net number) to connect with _any_ others on a DCN, with > some software or other interfacing. 1) Were DC nets to be considered an important service, Rishab's comment would be correct -- one can put things on top of other protocols much more easily. 2) To be interesting, DC nets require physically secure transmission between neighbors. Given that the internet is not physically secure, I'm not sure DC nets are going to run on the bare net any time soon. Presumably one time pads could be used to implement DC nets in order to maintain "unconditional" security or public keys could be used to maintain "good" security. Perry From paul at hawksbill.sprintmrn.com Wed Sep 21 12:17:15 1994 From: paul at hawksbill.sprintmrn.com (Paul Ferguson) Date: Wed, 21 Sep 94 12:17:15 PDT Subject: Reserved DC-Net IP addresses - NOT! In-Reply-To: Message-ID: <9409212020.AA04634@hawksbill.sprintmrn.com> > > I don't agree. Apart from the IP address crunch that already poses a problem > for the IETF, I don't see why DC-Nets should be limited to specially allocated > addresses. DC-Nets should be implemented a layer over protocols such as IP, > or as extensions to them. It should be possible for _anyone_, regardless of > IP address (officially allocated DC-Net number) to connect with _any_ others > on a DCN, with some software or other interfacing. > Ditto. _______________________________________________________________________________ Paul Ferguson US Sprint Managed Network Engineering tel: 703.904.2437 Herndon, Virginia USA internet: paul at hawk.sprintmrn.com From nobody at shell.portal.com Wed Sep 21 12:31:15 1994 From: nobody at shell.portal.com (nobody at shell.portal.com) Date: Wed, 21 Sep 94 12:31:15 PDT Subject: (fwd) "Will You Be a Terrorist?" Message-ID: <199409211930.MAA13198@jobe.shell.portal.com> Usura wrote: > Please keep in mind that the US jurisdiction doen't cover the whole earth. > > (There is life outside the US) Unfortunately, most of the remailers aren't. From nobody at kaiwan.com Wed Sep 21 13:32:46 1994 From: nobody at kaiwan.com (Anonymous) Date: Wed, 21 Sep 94 13:32:46 PDT Subject: Laws Outside the U.S. (fwd)Re: Laws Outside the U.S. Message-ID: <199409212032.NAA00188@kaiwan.kaiwan.com> |Date: Wed, 21 Sep 1994 10:16:35 -0400 (EDT) |From: Jeff Barber |To: Hadmut Danisch |Cc: cypherpunks at toad.com |Subject: Re: Laws Outside the U.S. |Hadmut Danisch writes: |> The EC forces their countries to |> equalize their laws in the sense of "what you can do in one country, > you can do everywhere". |> If France forbids the import of crypto software, but allows to sell it |> inside of France, then I can sue France, because the french programmer |> can sell his programs in France and I can't. |Isn't it inevitable that this will -- for the same reasons of equity |among the member countries -- evolve into a single set of laws governing |the *use* of crypto throughout the EC? Free movement of goods rules in the EC contain exceptions for public order and national security. National rules control in those areas. SOLONg From rishab at dxm.ernet.in Wed Sep 21 13:36:05 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Wed, 21 Sep 94 13:36:05 PDT Subject: Reserved DC-Net IP addresses Message-ID: doug at OpenMind.com (Doug Cutrell): [I haven't seen this on the list yet, but it looks as if it was meant for all] > Subject: Re: Reserved DC-Net IP addresses > I think you miss the point... there is a need to have a specific > "broadcast" IP address that "speaks" for the whole DC-net. This is so that > someone from within the net can send a message anonymously to *outside* the > net. The members within the net could use standard IP addresses, I would > presume. Eric was talking about formally allocating a range of addresses for IP. That's like putting up an RFC for each remailer, to 'notarize' the fact that the remailer is not the real source. Any IP address can be the apparent source for the DC-Net messages. It only has to be acknowledged by all the participants (just as remailer users have to know about the mailer address). You may need to publicize a _disclaimer_ as IP packets don't carry Comment: lines. You don't need to formally allocate the address, though, and certainly shouldn't have to go to the IETF - that's hardly anarchy! One might have DCN IPs bouncing just as remailers do, and use DCNping to see which are up ;-) ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From chen at intuit.com Wed Sep 21 13:47:59 1994 From: chen at intuit.com (Mark Chen) Date: Wed, 21 Sep 94 13:47:59 PDT Subject: Tedious Chomsky arguments, some small remailer relevance. In-Reply-To: <199409211107.EAA24281@netcom17.netcom.com> Message-ID: <9409212046.AA06155@doom.intuit.com> In response to James Donald: The Hayek quote is correct, and an example of what Reinholdt Niebuhr called "manufacturing consent" (where have I heard this?). I am not going to get into your Chomsky argument, except to say that your excerpt explicitly contradicts your conclusions: > "The Chomsky reader" Pantheon books, 1987, p.201, quotes > a paper written by Chomsky in 1975: > > "When the *New York Times* editors and U. N. Ambassador > Moynihan castigate Idi Amin of Uganda as a "racist > murderer," perhaps correctly, there is a surge of public > pride throughout the country; and they are lauded for their > courage and honesty. No one would be so vulgar as to > observe that the editors and the ambassador, in the not > very distant past, have supported racist murder on a scale > that exceeds Amin's wildest fantasies. The general failure > to be appalled by their hypocritical pronouncements > reflects, in the first place, the extremely powerful > ideological controls that prevent us from coming to terms > with our acts and their significance and, in the second > place, the nation's profound commitment to racist > principle." For which you graciously provide a vigorous, trenchant "analysis": > 1. Whatever Idi Amin is, he is morally much better than > Moynihan and the NY Times editors. There is no mention anywhere of moral superiority. There is a statement of the demonstrable fact that "the editors and the ambassador, in the not very distant past, have supported racist murder on a scale that exceeds Amin's wildest fantasies," referring, perhaps, to the (then) recent Indonesian slaughter in East Timor, or to the secret genocide in Cambodia (the one that happened *before* Pol Pot), or to any number of other U.S.-_Times_-backed atrocities. > 2. Only a country steeped in racist principle will fail to be > appalled when hearing Idi Amin called a racist murderer, even > when he is. This is simply nowhere to be found. "The general failure to be appalled by their hypocritical pronouncements" clearly has nothing whatever to do with Idi Amin. I know that it's difficult for you to conceive, James, but life is not always a football game. Hating the Rams doesn't imply loving the Packers. > ** 3. Only powerful ideological controls can prevent the > public from being outraged when someone truthfully calls a > black man a racist murderer. This is the same as your #2, and again, it is neither said nor implied. I would suggest that you read the passage again, but I don't think it will help. You're evidently quite intent on tilting at Chomsky as some sort of symbol of all that is threatening to your special brand of proto-Malthusian machismo. And it's really an extraordinary conceit to suppose that anyone else cares. You say elsewhere: > This coming thread will actually have some very slight > relevance to remailers, (gasp) in that I point out that the > same reasoning that enables Chomsky to define the > government to be the people, and individuals to be the evil > Capitalist Conspiracy, can be used in the same way; to > conclude that the eradication of Remailers and eradication > of the sort of thoughts that remailers are often used to > communicate, and the eradication of the kind of people that > are on the cypherpunks mailing list, represents a triumph > for liberty and civil rights, a triumph that would prove > how far civil liberties have advanced from the bad old > days. Before doing the service of "pointing out" all of these grandiose things to us, perhaps you should work on your reading comprehension. Your original claim was: > Of course Noam Chomsky is optimistic - he favors limitless and > absolute state power and the forcible and violent silencing of all > those who deviate from political correctness. The "analysis" which you present, apart from being factually wrong in every imaginable way, does not move one inch toward supporting this. If the only purpose of your claim was to serve as a platform for launching vapid diatribes, then knock yourself out. Otherwise, we would all appreciate it if you'd stick to the point. This is the last I will say on the subject, unless the thread assumes the shape of something vaguely relevant. -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From nobody at kaiwan.com Wed Sep 21 13:52:28 1994 From: nobody at kaiwan.com (Anonymous) Date: Wed, 21 Sep 94 13:52:28 PDT Subject: The Crime Bill - text re intent requirement Message-ID: <199409212052.NAA03430@kaiwan.kaiwan.com> In case anyone still doubts me... 103 P.L. 322 Sec. 120005. PROVIDING MATERIAL SUPPORT TO TERRORISTS. (a) Offense.--Chapter 113A of title 18, United States Code, is amended by adding the following new section: " Sec. 2339A. Providing material support to terrorists "(a) Definition.--In this section, 'material support or resources' means currency or other financial securities, financial services, lodging, training, safehouses, false documentation or identification, communications equipment, facilities, weapons, lethal substances, explosives, personnel, transportation, and other physical assets, but does not include humanitarian assistance to persons not directly involved in such violations. "(b) Offense.--A person who, within the United States, provides material support or resources or conceals or disguises the nature, location, source, or ownership of material support or resources, knowing or intending that they are ^^^^^^^^^^^^^^^^^^^^ to be used in preparation for, or in carrying out, a violation of section 32, ?6, 351, 844 (f) or (i), 1114, 1116, 1203, 1361, 1363, 1751, 2280, 2281, 2331, or 2339 of this title or section 46502 of title 49, or in preparation for or carrying out the concealment of an escape from the commission of any such violation, shall be fined under this title, imprisoned not more than 10 years, or both. "(c) Investigations.-- "(1) In general.-- Within the United States, an investigation may be initiated or continued under this section only when facts reasonably indicate that-- "(A) in the case of an individual, the individual knowingly or intentionally engages, has engaged, or is about to engage in the violation of this or any other Federal criminal law; and "(B) in the case of a group of individuals, the group knowingly or intentionally engages, has engaged, or is about to engage in the violation of this or any other Federal criminal law. "(2) Activities protected by the first amendment.-- An investigation may not be initiated or continued under this section based on activities protected by the First Amendment to the Constitution, including expressions of support or the provision of financial support for the nonviolent political, religious, philosophical, or ideological goals or beliefs of any person or group.". SOLONg From mg5n+ at andrew.cmu.edu Wed Sep 21 13:53:10 1994 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Wed, 21 Sep 94 13:53:10 PDT Subject: MAIL: crime and remailers In-Reply-To: <9409211850.AA00142@arctic.owlnet.rice.edu> Message-ID: Karl Lui Barrus wrote: > I see that RSADSI contacted Mr. Perry's employer (jpunix consultants > here in Houston?) and the remailer is "temporarily" shut down. The remailer is back up. I don't know if it's really my place to comment here, but I would like to clear up the misconceptions. Someone from RSA (probably Bidzos) contacted Perspective Scientific (persci.com), a company which hired John Perry to install and maintain their network. Since Mr. Perry was not in at the time, they demanded to speak to the CEO. The caller then proceeded to tell him that Persci's computers were being used to distribute proprietary, copyrighted encryption software on the internet. This claim is false, and I assume that the caller knew it was false but made it anyway. Jpunix.com is John Perry's personal computer at his home. The caller could have gotten his home number from the whois record and called him personally; there was absolutely no reason for them to call his employer. RSA called PerSci for no other reason than to harass John Perry and attempt to get him in trouble at work. This is not the first time they have done this type of thing (and based on the various lawsuits against them, it would seem they consider it standard procedure). Fortunately, the CEO of Persci was open-minded enough to realise that RSA's complaint had nothing to do with Perspective Scientific, and dropped the issue there. Failing that, there isn't much else RSA can do to harass Mr. Perry, and they seem to have given up for now... From jya at pipeline.com Wed Sep 21 14:12:27 1994 From: jya at pipeline.com (John Young) Date: Wed, 21 Sep 94 14:12:27 PDT Subject: WSJ on RC4 Message-ID: <199409212111.RAA15542@pipe1.pipeline.com> Thanks to David Sternlight for posting pointer to this. -------------------- The Wall Street Journal September 19, 1994 p. B10 -------------------- RSA Data Security Says Exposed Code Poses No Threat By Ralph T. King Jr. Staff Reporter of The Wall Street Journal The anonymous dissemination over the last several days of a software code used to safeguard the privacy of electronic messages in no way threatens the security of existing computer networks, according to the code's owner and encryption experts. However, the defiant act is expected to trigger a trade-secret dispute between the culprit and RSA Data Security Inc., the Redwood City, Calif., company that developed the code. The act also raises thorny legal questions about how public data networks, collectively known as the Internet, may be used. An unidentified person used the Internet to post RSA's encryption code, called RC4, on electronic bulletin boards. The RC4 code works something like a padlock. But knowing how the lock works isn't enough to open it. The system user has an individualized combination or key that prevents access by other parties to private computer messages. RSA's code product is incorporated in numerous popular software programs, including those of Apple Computer Inc., Lotus Development Corp. and Microsoft Corp. Some reports published over the weekend indicated that the disclosure might jeopardize the integrity of computer systems that are equipped with these programs. "This doesn't compromise systems that are in use," says Jim Bidzos, president of closely-held RSA. "This is a misappropriation of our intellectual property. It's a legal issue and it will be pursued." Mr. Bidzos also said officials at U.S. Customs Service and the Federal Bureau of Investigation are investigating the matter. One analyst noted that disclosure of the formula may benefit RSA because some users have questioned whether its code contains the equivalent of secret trapdoors enabling people familiar with it to eavesdrop on private communications at will. As a result, some computer operators have turned to an alternative code whose formula is publicly available. Now it will be clear to interested parties that no such trapdoors exist, Mr. Bidzos said. In any case, RSA is about to release a new encryption code for use with the latest computer-chip architecture, he said. One possible effect of the disclosure is to shed light on the extent of legal liability that applies to people who make copyrighted or protected material freely available on the Internet. Those who use such material under license typically sign nondisclosure agreements. In this case, someone apparently violated a nondisclosure pact and in effect invalidated the protections of RSA, the formula's owner. -------------------- END From jeffb at sware.com Wed Sep 21 14:19:07 1994 From: jeffb at sware.com (Jeff Barber) Date: Wed, 21 Sep 94 14:19:07 PDT Subject: THOSE DARNED HIT MEN In-Reply-To: Message-ID: <9409212051.AA20186@wombat.sware.com> Good points, Sandy. However... (student dunce cap stapled firmly to my head [ouch]) First of all, it's not clear to me that it is impossible to structure the deal so that your escrow service even knows that it is a murder contract. It might be possible to construct it as "I authorize you to pay the other party if they can produce a certificate that, when decrypted with this key, produces this text." The production of that certificate might only be accomplished through the cooperation of the on-line coroner -- see scenario two below. > SCENARIO ONE > > I set up a meat-and-potatoes escrow business. I keep my nose > clean. I honor my obligations. I build up a good reputation. > At some point, I'll be approached by a murderer and the person > who is hiring him or her. I'll accept the payment. When the > murder is committed, I won't pay off. The murderer will (a) sue > me (I don't think so), (b) damage my reputation (I'll leave this > one as an exercise for the student), or (c) murder *me* Why can't I damage your reputation? Assuming: a) there exists a public place to cast aspersions on your business b) that I have a receipt digitally signed by you indicating that you accepted the payment and contract from the two parties c) that I can prove I have "executed" my end of the bargain (pun intended) How will you defend yourself? I'll simply challenge you to produce the receipt (signed by me) proving that I received the payment from you, which - obviously - you won't be able to do. Your only recourse is to ignore me and hope that no one else listens to me (might work once but ...). I don't see why the subject of the contract would ever come up. (And surely, you wouldn't try to argue that you didn't pay me simply because the contract was for murder -- I don't think your potential future clients would relish giving their escrow service the power to judge the moral virtue of their contracts.) > SCENARIO TWO > > I set up a phoney murder-for-hire business. Someone contracts > with me to bump-off their rich uncle. The client deposits my > payment with a reputable escrow company, "Murder Escrows R Us." I > go to the uncle and tell him the whole deal. Using digital > technology, bribed coroners, etc., we fake his death. When the > news hits the Net, the escrow pays me off. The uncle comes back > to life, disinherits whomever he suspects wanted him dead. And I > laugh all the way to the digital bank. I create a new pseudonym, > place another murder-for-hire ad, and do it all again. Given our > Brave New World, nobody can touch me. Here's the real problem: How can I (as the hypothetical murderer) prove to the satisfaction of the hiring party and the escrow service that I have fulfilled my part of the contract? It seems that, in order for this scheme to work, the coroner must be in the business of regularly publishing signed and certified death certificates on the net. Otherwise, a premise of the whole scenario (that there is a way for me [the killer] to prove that I have done the deed) is not fulfilled and we would never have made our "anonymous" contract in the first place. So, the coroner (the death-certifying agent) is in a position of considerable trust. And after all, "Murder Escrows R Us" is not the only company making use of the coroner's death certificates; Net Life Assurance Corporation ("Get Net, it pays" :-) will also base its (potentially quite-large) payoffs on the certificates issued by the coroner. I'm assuming therefore that the life insurance companies and the like will exert sufficiently strong influence to ensure that your scenario is extremely unlikely. Perhaps the CyberNation Association of Life Insurance Companies has promised to hunt down and shoot like a dog any coroner they find out has faked a death certificate. Or, perhaps you must put up a very large bond before you become established as a coroner who is trusted to issue net-death certificates. In either case, the problem boils down to this: Everyone has their price; can I, as the hired killer, afford the coroner's price? I'm betting that the coroner's price is pretty damn high. [The murder victim could presumably help with the bribe payment too, but once you've told him about the murder plan, he can take steps to protect himself from you and there will be little motivation for him to help.] (Now how do I get this thing off my head ...) -- Jeff From sandfort at crl.com Wed Sep 21 14:20:05 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Wed, 21 Sep 94 14:20:05 PDT Subject: HIT MEN Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Okay, back to basics. David Merriman wrote: But if the system is set up for total anonymity, _who would know_ that an escrow agent was the "bag man"? Just like no one would know who the contractee was, or the contractor: The escrow agent is a publicly known entity. That's how it gets a reputation. How do you imagine an escrow agent could get a reputation for being a murder's bag man if it didn't advertise as such. If it advertises as such, I believe most people would refuse to do any business with it. If it doesn't advertise, how will it get those sorts of clients? There is no reputational incentive to perform the loathsome service, and plenty of incentive to (a) just keep the money, or (b) blow the whistle to the cops and the intended victim (and keep the money). Please note, this was all intuitively obvious from my previous post. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From sandfort at crl.com Wed Sep 21 14:20:43 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Wed, 21 Sep 94 14:20:43 PDT Subject: HIT MEN Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Patrick May accidentally sent this post only to me. In a subsequent note, he asked me to forward it to the list. My response will come in my following post. S a n d y * * * From schneier at chinet.chinet.com Wed Sep 21 14:35:42 1994 From: schneier at chinet.chinet.com (Bruce Schneier) Date: Wed, 21 Sep 94 14:35:42 PDT Subject: National Research Council study of cryptography Message-ID: Subject: The National Research Council study of National Cryptography Policy To interested parties: The committee membership for the NRC's study of national cryptography policy has been finalized, and the project description and final list of committee membership is attached. I specifically call your attention to the part of the project description that invites members of the interested public to submit views on the questions the study will be addressing. The National Research Council appreciates your interest in this project. Please redistribute this message to anyone you think may be interested. A STUDY OF NATIONAL CRYPTOGRAPHY POLICY September 14, 1994 Cryptographic technologies are critical to a wide variety of important military and civilian applications involving sensitive or classified information that must be protected from unauthorized disclosure. In addition, cryptography is a key component of most authentication technologies, i.e., technologies to guarantee the identity of a message's sender. National cryptography policy has important implications for U.S. economic competitiveness, national security, law enforcement interests, and protection of the rights of private U.S. citizens. In an attempt to clarify some of the relevant policy issues, Public Law 103-160 (passed by the U.S. Congress in November 1993) called for a comprehensive study from the National Research Council on cryptographic technologies and national cryptography policy. The study will commence in the first week of October 1994. As this study proceeds, the committee will make all feasible attempts to solicit a wide range of input and commentary from interested parties. Input will be presented to the committee through a mix of briefings, presentations, consultations, invited and contributed papers, and testimony at regional public hearings. In addition, members of the interested public are invited to submit input to the committee as described below. The study plans to address the following issues: * the impact of current and possible future restrictions and standards regarding cryptographic technology on - the availability of such technology to foreign and domestic parties with interests hostile to or competitive with the national security, economic, commercial, and privacy interests of the U.S. government, U.S. industry, and private U.S. citizens; - the competitiveness of U.S. manufacturers of such technology in the international market; - the competitiveness and performance of commercial U.S. users of such technology; - U.S. national security and law enforcement interests; * the strength of various cryptographic technologies known and anticipated that are relevant for commercial and private purposes; * current and anticipated demand for information systems security based on cryptography; * the impact of foreign restrictions on the use of, importation of, and the market for cryptographic technology; * the extent to which current cryptography policy is adequate for protecting U.S. interests in privacy, public safety, national security, and economic competitiveness; * strengths and weaknesses of current key escrow implementation schemes; * how technology now and in the future can affect the feasible policy options for balancing the national security and law enforcement interests of government and the privacy and commercial interests of U.S. industry and private U.S. citizens; * recommendations for the process through which national security, law enforcement, commercial, and privacy interests are balanced in the formulation of national cryptography policy. The study will be conducted by a 17-member committee (listed at the end of this document) that collectively has expertise in computer and communications technology; cryptographic technologies and cryptanalysis; foreign, national security, and intelligence affairs; law enforcement; science policy; trade policy; commercial and business dimensions of computer technology (hardware and software vendors, users of cryptographic technologies); and interests in privacy and civil liberties. A subpanel of the full committee will be cleared at the SI level and have access to all relevant information to ensure that the findings, conclusions, and recommendations of the unclassified report are consistent with what is known in the classified world. The project plan calls for the study to be delivered approximately two years after full processing of all necessary security clearances. However, the NRC will make every attempt to deliver the study sooner, and it currently believes that the core work of the study will be completed about 18 to 20 months after funding for the study has been received. Additional time will be devoted to dissemination of the study report and follow-up activities. The final report of the study committee is subject to NRC review procedures that ensure the objectivity and integrity of all NRC reports. The main text of the report will be unclassified; classified annexes (if any) will be made available only to those with the appropriate security clearances. PROVIDING INPUT TO THE COMMITTEE The questions that the study is expected to examine are provided above. Members of the interested public are invited to submit their views on these questions and any other questions that you believe the committee should be addressing through either of the channels below. If desired, requests for personal presentations to the committee should be submitted through these channels as well; the committee will respond affirmatively to as many such requests as possible, but time and resource constraints will limit the number of such requests that can be honored. Internet: send comments and other correspondence to CRYPTO at NAS.EDU. U.S. Mail: Cryptography Project Computer Science and Telecommunications Board National Research Council Mail Stop HA-560 2101 Constitution Avenue, NW Washington, DC 20418 COMMITTEE TO STUDY NATIONAL CRYPTOGRAPHY POLICY Kenneth Dam, committee chair, was Deputy Secretary of State (1982- 1985) and is currently the Max Pam Professor of American and Foreign Law at the University of Chicago Law School. General W. Y. Smith, retired, committee vice-chair, is president emeritus of the Institute for Defense Analyses, and has also served in a number of military posts including that of deputy commander in chief of the U.S. European Command in Germany. Lee Bollinger, formerly dean of the University of Michigan Law School, is currently provost of Dartmouth College and a constitutional scholar. Ann Caracristi, retired, was Deputy Director of the National Security Agency (1980-1982). Benjamin Civiletti was U.S. Attorney General (1979-1981), and is currently in private practice with the law firm Venable, Baetjer, Howard and Civiletti. Colin Crook is senior technology officer for Citicorp. Samuel Fuller is vice president of corporate research at Digital Equipment Corporation. Leslie Gelb is president of the Council on Foreign Relations. He served as Assistant Secretary of State for Politico-Military Affairs (1977-1980). Ronald Graham is a director of information sciences at AT&T Bell Labs and a professor of mathematics at Rutgers University. Martin Hellman is professor of electrical engineering at Stanford University. Dr. Hellman was one of the inventors of public key encryption. Julius Katz is president of Hills & Company, and was deputy United States trade representative (1989-1993). Peter Neumann is principal scientist in the Computer Science Laboratory at SRI International. He is the chairman of the ACM committee on computers and public policy, and a member of the ACM study group on cryptography policy. Raymond Ozzie is president of Iris Associates, a wholly-owned subsidiary of the Lotus Development Corporation. Iris Associates is the developer of Lotus Notes. Kumar Patel is vice chancellor for research at UCLA. Edward Schmults was Deputy Attorney General of the United States (1981-1984) and is a former senior vice president for external relations and general counsel for the GTE Corporation. Elliot Stone is executive director of the Massachusetts Health Data Consortium, which is responsible for the collection and analysis of the state's large health care databases. Willis Ware, retired, is with the RAND Corporation as senior computer scientist emeritus. He chairs the Computer System Security and Privacy Advisory Board which was established by the Computer Security Act of 1987. STAFF AND ORGANIZATIONS Marjory Blumenthal is director of the Computer Science and Telecommunications Board (CSTB). Herbert Lin is study director and senior staff officer of the CSTB. Inquiries about this study should be directed to him at 202-334-3191 or via Internet at HLIN at NAS.EDU. The National Research Council (NRC) is the operating arm of the Academy complex, which includes the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The NRC provides impartial and independent advice to the federal government and other policy makers, by applying top scientific and technical talent to answer questions of national significance. In addition, the NRC often acts as a neutral party in convening meetings among multiple stakeholders on various controversial issues, thereby facilitating the generation of consensus. Within the NRC, the CSTB considers technical and policy issues pertaining to computer science, telecommunications, and associated technologies as critical resources and sources of national economic strength. A list of CSTB publications is available on request to CSTB at NAS.EDU or by calling 202-334-2605. From perry at imsi.com Wed Sep 21 14:36:11 1994 From: perry at imsi.com (Perry E. Metzger) Date: Wed, 21 Sep 94 14:36:11 PDT Subject: Laws Outside the U.S. In-Reply-To: <199409211905.PAA28277@bwface.bwh.harvard.edu> Message-ID: <9409212135.AA12278@snark.imsi.com> Adam Shostack says: > It should be mentioned that when you buy a complete solution > from a company, you need to trust them. Bull is not entwined with the > government; it is an arm of the government for all intents and > purposes. Why "for all intents and purposes"? Groupe Bull is *owned* by the French government, along with most big French companies. Until recently, France was run by socialists who had nationalized most banks and industry. Perry From lile at art.net Wed Sep 21 15:11:53 1994 From: lile at art.net (Lile Elam) Date: Wed, 21 Sep 94 15:11:53 PDT Subject: MAIL: crime and remailers Message-ID: <199409212209.PAA25440@art.net> Wow, this just re-inforces my feelings that RSA is scum and Bidzos is at the heart of it and is extream slime and crud... I hated this jerk the first time I met him at a cypherpunks meeting some time ago... Wouldn't it wonderful if he would just crawl back under that scum rock that he came from... Maybe a sniper will hit him someday and free us from having to co-exist with this jerk... It sure is good to know that people don't live forever... :) I just had a terrible thought... what if he's *not* human!!!! the horror, the horror... -lile From tcmay at netcom.com Wed Sep 21 15:18:44 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 21 Sep 94 15:18:44 PDT Subject: Reserved DC-Net IP addresses - NOT! Message-ID: >2) To be interesting, DC nets require physically secure transmission > between neighbors. Given that the internet is not physically secure, > I'm not sure DC nets are going to run on the bare net > any time soon. Presumably one time pads could be used to > implement DC nets in order to maintain "unconditional" security or > public keys could be used to maintain "good" security. > >Perry DC nets don't need _physically_ secure transmission between neighbors, by any interpretation I can think of. Ordinary crypto security, arranged separately from the DC net per se, should be sufficient. For example, swIPe could fit nicely with DC nets. Or any of the usual public key methods. Maybe this is what Perry meant, but some might think from his words that _physical security_ is needed. It is not. Rishab Ghosh in India and Mats Bergstrom in Sweden and Matthew Gream in Australia could all participate in a a Dining Cryptographers Net using only Diffie-Hellman to set up the initial keys. Or using their existing public keys. --Tim May .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From sandfort at crl.com Wed Sep 21 15:23:10 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Wed, 21 Sep 94 15:23:10 PDT Subject: HIT MEN Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Jeff Barber thinks he might have me, but isn't sure enough to dispense with his dunce cap. No need to worry Jeff, I am right, but your reasoning is pretty good, to wit: ... It might be possible to construct [the deal] as "I authorize you to pay the other party if they can produce a certificate that, when decrypted with this key, produces this text." The production of that certificate might only be accomplished through the cooperation of the on-line coroner... Clever, but you have already identified your weak point--the on-line coroner. More on this later. About my SCENARIO ONE (cheating escrow) Jeff offers: Why can't I damage your reputation? Assuming: a)there exists a public place to cast aspersions on your business Granted for the sake of argument. b)that I have a receipt digitally signed by you indicating that you accepted the payment and contract from the two parties Sorry, no can do. Sounds like being an accessory to a crime to me. I wouldn't put anything in writing signed by my known public key, and neither would anyone else. What if our True Names ever became known? Shit happens, you know. c)that I can prove I have "executed" my end of the bargain (pun intended) Here's the rub. What would constitute proof? Not just the fact that the victim was dead--even of foul play. How do you prove, in the "public place" given above, that *you* did the dirty deed? I don't think you can. (And surely, you wouldn't try to argue that you didn't pay me simply because the contract was for murder -- I don't think your potential future clients would relish giving their escrow service the power to judge the moral virtue of their contracts.) I don't know. Some clients would like it, some wouldn't. The market would decide. Don't get too theoretical here. Remember, the vast majority of people think murder is a Bad Thing. I don't think they would give a rat's ass whether or not a murder got paid. This would be *especially* if the escrow passed on some of the dirty money to them in the form of reduced escrow fees. :-) In response to my SCENARIO TWO (fake murder) Jeff wrote: ... in order for this scheme to work, the coroner must be in the business of regularly publishing signed and certified death certificates on the net.... I'm assuming therefore that the life insurance companies and the like will exert sufficiently strong influence to ensure that your scenario is extremely unlikely.... Oh Jeff, you were doing so fine there for awhile. The insurance companies would want to ensure *just the opposite* as long as they were in on the gag. I (the fake murderer) would go to the insurance company as well as the rich uncle. Why? Because they offer rewards for "murderers" who *don't* kill policy holders. The insurance companies, of course, all work closely with the on-line coroner to produce false death certificates to screw over murderers, their clients and/or the escrow companies that do such business. Contrary to popular belief, coroners are against death. No coroner in his right mind would have any problem fooling the bad guys. No electorate, or the private equivalent, would mind a coroner who lied for a Good Reason like helping to prevent murders. Now how do I get this thing off my head ...) No rush, Jeff, you might want to post again on this topic. :-) S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From gnu Wed Sep 21 16:21:24 1994 From: gnu (gnu) Date: Wed, 21 Sep 94 16:21:24 PDT Subject: Encryption standards & procedures legislation Message-ID: <9409212321.AA09967@toad.com> The House Committee on Science, Space & Technology is thinking about legislation that would lay down the rules for the Federal Government with respect to encryption standards. On July 13, they released a draft bill, which hasn't been introduced as legislation; they are just passing it around for comment. The draft bill is available at ftp://ftp.eff.org/pub/EFF/Legislation/ Bills_by_name/encryption_standards_procedures_94_bill.draft. The draft has both good and bad ideas in it. But I'm writing to you to ask for ideas on what the RIGHT bill would be. Perhaps there should be no legislation about this at all. Perhaps there should be tight controls on encryption standards. There are a myriad of possible positions and side issues, like how would you enforce such a bill? What rights of public input and information should there be? How can the public prevent a rerun of Clipper, in which all the public input was accepted but ignored? What standards should the encryption algorithms themselves meet? Should these standards be mandatory for the federal govt? States? Banks? The public? Simply guidelines for voluntary use? Should anyone be liable if a standard, relied upon, is broken? Was known to be broken when proposed? If keys were released which violate someone's rights? If keys were stolen through inadequate security? Should there be tight procedures for escrowed encryption standards, but fewer controls on non-escrowed standards? What level of risk is acceptable in producing encryption standards? Should standards always be public, or can they be trade secret and/or classified? Must they be public domain, or can they be proprietary? Can NSA control a standard, or should some other agency? Should the people at NSA working on standards for non-classified use be available to the FOIA process, or can they remain behind the NSA's FOIA shield law? Must standardized encryption be exportable? Can export controls be based on non-public standards like RC2? Can a standard be adopted over the objection of NSA? Can a standard be adopted which increases the privacy, security, or accountability of the public even though it decreases the NSA's or FBI's ability to wiretap? Etc. Encryption standards range from algorithms (DES), to protocols (Secure IP, digital cash), to verification criteria (DES validation), to procedural issues (Clipper key access, creation and programming of Clipper chips). I've probably forgotten a few. So, please don't take the current draft as a starting point. Tell me what you think the legislation OUGHT to cover, and why. EFF will be talking to the committee over the next weeks and years. You can too, if you want; Tony Clark is the staff member who released the draft. I'm more interested in ideas -- "what might we be forgetting" -- than in detailed legislative language or anything like that. Thanks! The brainstorming that the net and the Cypherpunks did about Clipper issues raised issues that continue to be troublesome and useful. I'm hoping that we can do a similar job for issues related to encryption standards in general. Feel free to forward this message to other interested parties. I recommend sending ideas directly to me (gnu at toad.com); I will summarize the results. CC to cypherpunks at toad.com, sci.crypt, RISKS, or elsewhere, if you think it's worthwhile for the larger community to discuss your suggestions in detail rather than as part of discussing and elaborating the resulting summary of issues. John Gilmore Chair, EFF Board Crypto Committee From tcmay at netcom.com Wed Sep 21 16:23:55 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 21 Sep 94 16:23:55 PDT Subject: THOSE DARNED HIT MEN Message-ID: [I'm back to getting mail late, sometimes by days, as Netcom's overloaded servers bounce incoming mail, which means it gets resent some time later. For example, as I write this, I've seen Sandy's "HIT MEN" response to David Merriman, but not Merriman's post. This straggly situation puts me at a disadvantage, but I shall strive to overcome it.] Sandy Sandfort writes: >I don't buy it. Anonymous digital assassins, murder escrows and >all that work fine in an artificial, abstract, game-theory world. >I doubt we'll see much--if any--of it in the Real World. Why? >Because the market is too richly textured not to come up with its >own cultural, ethical and digital fixes. Of course the real world will evolve complex, richly-textured constructs. We all know that. I never presented a claim that the exact, and simple, behavior could be predicted. Markets just don't work that way. >Would you do business with a escrow that was the bag man for >contract murders? I wouldn't, you wouldn't and the vast majority >of people in the world wouldn't. That wouldn't stop some escrows >from performing that service, but it would run up the cost. When >the costs rise high enough, profitable opportunities are created >for false escrows to enter the business. That's just one problem >that can interfere with such an odious endeavor; there are more. I can't follow Sandy's logic here. That I wouldn't use such services, that Sandy wouldn't, etc., is hardly persuasive. Contract killings happen today, after all. Sandy says this "would run up the cost." But from what basis? I've made no predictions about the costs, either with or without the participation in such markets by Sandy or me! What the costs will be is unknown to me, and I don't plan to try to forecast the costs. All I claim is that anonymous escrow services "solve" the specific problem raised earlier about one or more of the parties welshing on the contract. A kind of 'clearing' mechanism. In any case, there are in fact "escrow agents" today for contract murders. Mob families act in this way, putting the "full faith and credit" of their organizations behind such hits. (I'm of course not saying that welshing never occurs, that snags never develop, etc. Like any market, imperfections exist.) The mob families are not cryptographically pseudonymous, naturally, but to the extent the code of omerta applies, the internal transactions and discussions are cut off from outside observation. Reputations matter. If it becomes known that Frankie the Lip took money and didn't make the hit he contracted to do, he'll not get many more jobs (and his Don may send him to sleep with the fishes, for undermining the market value of his own rep). And so on. I won't belabor the point about how organized crime works, except to say that contracts are routinely enforced by a mixture of things, with reputation an important constituent. Yes. the threat of ultimate violence is paramound, and this is of course lacking in the crypto case. So we have to examine areas where only "reputation" matters. I've done this in earlier posts on this very topic. >I think the best way to illustrate that the anonymous murder >business is nothing more than a bugaboo, is to set the best minds >on the planet--Cypherpunks--to work on the problem. Let's all >put our thinking caps on, and come up with answers to the follow >hypothetical situation: > >Let us assume a world with totally anonymous communications and >payments (strong crypto, remailers, digital cash, etc.). > >1) How would YOU scam money from the system without actually > knocking anyone off? Or in the alternative, > >2) How would YOU use technology to address the problem from > police/private investigator perspective? > >I'm betting that with no more than a few moments of thought, >Cypherpunks will come up with a ton of hacks. To get the ball >rolling, here are two from me: > >SCENARIO ONE > >I set up a meat-and-potatoes escrow business. I keep my nose >clean. I honor my obligations. I build up a good reputation. >At some point, I'll be approached by a murderer and the person >who is hiring him or her. I'll accept the payment. When the >murder is committed, I won't pay off. The murderer will (a) sue >me (I don't think so), (b) damage my reputation (I'll leave this >one as an exercise for the student), or (c) murder *me* (ah, but >first he has to find me; in the world we posit, that won't be (a) The party to the escrow transaction posts a transcript of the communications from the escrow agent, including his digitally signed statements, and produces proof that he upheld his end of the bargain. He then says: "Al's Anonymous Escrow" announced they were holding money for this job, as you can see. I did the job, as you can see from the digitized images I took at the scene, and now Al won't pay up. I call him a liar. I plan to move my business to "Murder, Incorporated," which seems to have a much better attitude." Al cannot deny that the escrow arrangement was made, due to the digital signatures (all handled via anonymous pools or similarly untraceable means, it should be emphasized, despite the obviousness). Al can of course claim that the hit was not made, that the presenter of the evidence was not the actual hitter, etc. (if the party to the signed transaction is also the presenter of the digitized image of the murder scene, for example, that would be mighty compelling evidence that the party was in fact centrally involved). (b) damage to reputation. Sandy leaves it as "exercise for the student," but I think the point I just made shows that fully pseudonymous agents can still present evidence to the court of public opinion and have their reputations influenced positively or negatively. Reputations will still matter. (Again, nothing in my arguments presumes to speak to what the market costs will be, how long it will take reputations to evolve, etc. I have some ideas, but won't make them right now.) (c) retaliating physically against the escrow agent. This is straw man, as we all know. >very easy). If this scenario happens very often, it'll take all >the profit out of the murder business. If an escrow agent does this very often, he'll lose all his business. Opportunity for an agent who takes his reputation more seriously to then gain market share. Just as with Swiss banks who can claim an account was closed by the customer. Since signatures are so easy to forge, relatively speaking, this ought to happen a lot, right? Of course, it happens almost not at all (so far as I've ever heard), because of the points about reputations, future business, etc. Lots of points here, and I'm not planning to get into a massive discussion of why and how illegal gambling (bookies, for example) works this way. (I'll just make the aside that Sandy's arguments apply to bookies the same way: bookmaking can't thrive, because some or most bookies will cheat their customers and their customers can't sue them, can't affect their reputation, and can't physically attack them. The key is that cheated customers can and will "spread the word." This applies, with some minor (but interesting) wrinkles, to crypto-mediated bookies. They're all closely related issues...) >SCENARIO TWO > >I set up a phoney murder-for-hire business. Someone contracts >with me to bump-off their rich uncle. The client deposits my >payment with a reputable escrow company, "Murder Escrows R Us." I >go to the uncle and tell him the whole deal. Using digital >technology, bribed coroners, etc., we fake his death. When the >news hits the Net, the escrow pays me off. The uncle comes back >to life, disinherits whomever he suspects wanted him dead. And I >laugh all the way to the digital bank. I create a new pseudonym, >place another murder-for-hire ad, and do it all again. Given our >Brave New World, nobody can touch me. This just says that standards of proof will be a factor, naturally, and that markets will take these into account. The phoney murder for hire business, call it "Sandy's Salvage Company," will start of with a very low reputation, as with any new outfit with little track record. The standards for proof, the fees paid, etc., will be proportionately affected. However, "Tim's Tribunal," which has had a 5-year record of "really and truly" offing dozens, and which has not been "caught" as being in any of the scams Sandy described, will demand and get a proportionately higher fee, and will face fewer delays in being paid. (Similar arguments apply to any of the parties, which is why I've followed Sandy's lead in switching the focus from how to handle cheating escrow agents to cheating contract killers.) I've written enough. I'm not persuaded by Sandy's arguments that the threat of cheaters is sufficient to derail these markets. It hasn't derailed them in the real world. It won't in the less traceable but even more reputation-critical crypto world. Again, I've made no claims to how ubiquitous such markets will be, or what the market dynamics will be. Only that strong crypto makes possible certain types of markets which are now very illiquid. The issue of "untraceable cheaters" comes up in many more areas than just contract killings: information markets, pseudonymous consulting, etc. This is why reputation, so important in the physical/legal world, is also so important in the crypto world. --Tim May .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From blancw at microsoft.com Wed Sep 21 16:30:07 1994 From: blancw at microsoft.com (Blanc Weber) Date: Wed, 21 Sep 94 16:30:07 PDT Subject: MAIL: crime and remailers Message-ID: <9409212330.AA19832@netmail2.microsoft.com> From: Lile Elam Wow, this just re-inforces my feelings that RSA is scum and Bidzos is at the heart of it and is extream slime and crud... ........ Maybe a sniper will hit him someday and free us from having to co-exist with this jerk... ............................................................... Well, you know, there was that threat from the NSA guy to run him over . . . wonder if the offer still stands. Would that make you feel better? :>) Blanc From lile at art.net Wed Sep 21 16:34:24 1994 From: lile at art.net (Lile Elam) Date: Wed, 21 Sep 94 16:34:24 PDT Subject: MAIL: crime and remailers Message-ID: <199409212332.QAA25845@art.net> >From blancw at microsoft.com Wed Sep 21 16:28:31 1994 > Well, you know, there was that threat from the NSA guy to run him over . . . > wonder if the offer still stands. >Would that make you feel better? > >:>) >Blanc Yes! I would feel like the air was cleaner and the skies bluer. :) From merriman at metronet.com Wed Sep 21 16:47:39 1994 From: merriman at metronet.com (David K. Merriman) Date: Wed, 21 Sep 94 16:47:39 PDT Subject: HIT MEN Message-ID: <199409212346.AA11988@metronet.com> >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > SANDY SANDFORT > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . > >C'punks, > >Okay, back to basics. David Merriman wrote: > > But if the system is set up for total anonymity, _who > would know_ that an escrow agent was the "bag man"? Just > like no one would know who the contractee was, or the > contractor: > >The escrow agent is a publicly known entity. That's how it gets >a reputation. How do you imagine an escrow agent could get a >reputation for being a murder's bag man if it didn't advertise >as such. If the escrow agent has a reputation for reliability, honesty, integrity, etc, then the nature of the transaction is irrelevant. Any reasonably intelligent hit man would have sense enough not to commit all his 'business' to any single escrow agent, just as no reasonably intelligent C'punk would trust all his/her mail to a single remailer. I still don't see the problem: the whole process is anonymized. There is no reason that the escrow agent would have to know *why* the "money" is in escrow, nor who the financer is, nor who the recipient is to be. All that is necessary is for the hit man to provide suitably disguised/encrypted evidence that the terms have been met. Presumably, the person contracting the hit would be aware of how to go about setting all this up would have sufficient wit to establish a means of independent validation; if not, then the hit man would certainly have sufficient motive to do so :-) > If it advertises as such, I believe most people would >refuse to do any business with it. If it doesn't advertise, how >will it get those sorts of clients? The only *fundamental* feature of an escrow agency is it's reputation for reliability/stability/security/etc. The nature of the transactions simply don't matter, just as a remailer's reliability is based on it's up-time, cycle time, input/ouput isolation, etc, regardless of the nature of the messages passing through it. What sorts of clients? The ones that pay the escrow fee? Doubtless, the escrow agency would have a means of ensuring their own payment :-) > There is no reputational >incentive to perform the loathsome service, and plenty of >incentive to (a) just keep the money, or (b) blow the whistle to >the cops and the intended victim (and keep the money). Please >note, this was all intuitively obvious from my previous post. True enough - *but only as long as the nature of the service could be identified*, which would not apply to a properly operated escrow agency. Dave (adjusting Nomex undies under asbestos coveralls) Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From merriman at metronet.com Wed Sep 21 16:50:00 1994 From: merriman at metronet.com (David K. Merriman) Date: Wed, 21 Sep 94 16:50:00 PDT Subject: MAIL: crime and remailers Message-ID: <199409212348.AA12477@metronet.com> >From: Lile Elam > >Wow, this just re-inforces my feelings that RSA is scum and Bidzos >is at the heart of it and is extream slime and crud... > ........ >Maybe a sniper will hit him someday and free us from having to co-exist >with this jerk... >............................................................... > >Well, you know, there was that threat from the NSA guy to run him over . . . >wonder if the offer still stands. > >Would that make you feel better? > >:>) >Blanc > > Only if it could be worked through an anonymous remailer system and blind escrow agent :-) Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From tcmay at netcom.com Wed Sep 21 17:00:06 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 21 Sep 94 17:00:06 PDT Subject: HIT MEN Message-ID: [For some odd reason, I'm only seeing Sandy's posts on this subject, not those of Merriman, Barber, or Mays.] >Patrick missed my irony. Murders can't hurt any escrow's >reputation. To do so, they have to admit to being murderers who >were stiffed by the escrow. NOT BLOODY LIKELY. For murder >escrows, a positive reputation is meaningless. They can't--nor >can anyone else--risk exposure of such negative information. >Escrows that admittedly engage in abetting criminal acts can have >NO MEANINGFUL REPUTATIONS. That's just not true. Currently, many organizations--some known widely, some shadowing, some essentially anonymous--count on their reputations for being efficient, cold-blooded murderers as a means to scare off competitors, increase their market value, etc. From Jamaican gangs who execute the families of their targets to the CIA's Phoenix Program operatives who mutilated their victims horribly, such "reps" are highly useful. To paraphrase Sandy, "BLOODY LIKELY." Admitting to engaging in a criminal activity is not at issue--remember, all parties are cryptographically protected and what they "admit" to doing cannot reflect upon their physical/legal identities, only their digital reputations. And those who contract for such services, via their pseudonyms, can "admit" to wanting to buy such a service. (The issue of whether a well-respected nym like "Locke" would want to publicize a failed hit on his arch-enemy "Demosthenes" is a separate issue, which I won't conflate with this one.) Gambling is illegal in most places, unless run by the state. And yet people gamble, illegally. They use bookies. Bookies who are doing illegal things, as the gamblers are. And yet if they get stiffed by a bookie, which _sometimes_ happens, they tell their friends, family, etc., and the reputation ripples spread. Taking Sandy's "For murder escrows, a positive reputation is meaningless. They can't--nor can anyone else--risk exposure of such negative information. Escrows that admittedly engage in abetting criminal acts can have NO MEANINGFUL REPUTATIONS." argument, are we to assume that this applies to illegal betting? That stiffed bettors won't speak up because there are "Escrows that admittedly engage in abetting criminal acts can have NO MEANINGFUL REPUTATIONS"? Crypto barely changes things, except to make outside interference less likely. If, for example, Black Unicorn offers to transfer 100 Ghost Marks to Pr0duct Cypher, for some C programming, and he doesn't feel he got his money's worth, he can publicize it. Maybe we believe Black Unicorn, maybe we don't. Maybe we ask to hear Pr0duct Cypher's side of the story. Maybe we suggest that SOLONg act as a third party escrow agent. And so forth. Not perfect, in some abstract sense of ultimate truth always coming out, but reputations do indeed matter. And whether the deeds contracted for are heinous or noble depends on your point of view. To William Colby and the Viet Cong, the taking of ears and other body parts by the Phoenix assassins was a fearsomely reputable thing to do, regardless of what the 4H Club in Skokie might have thought about it. If I contract with "Sandy's Salvage--You Pay, We Slay," I want to hear that they've got some satisfied customers. (Yes, flooding of reputations is an issue. Same issues as arise in DC Nets. Same kinds of solutions.) Again, I've written too much, so I'll stop for now. --Tim May .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From blancw at microsoft.com Wed Sep 21 17:11:54 1994 From: blancw at microsoft.com (Blanc Weber) Date: Wed, 21 Sep 94 17:11:54 PDT Subject: MAIL: Professional Crime Message-ID: <9409220012.AA21598@netmail2.microsoft.com> From: David K. Merriman Only if it could be worked through an anonymous remailer system and blind escrow agent :-) ............................................................... Well, hey - a real working model! Something to measure the system against! Blanc From jleb at well.sf.ca.us Wed Sep 21 17:13:47 1994 From: jleb at well.sf.ca.us (John H. LeBourgeois) Date: Wed, 21 Sep 94 17:13:47 PDT Subject: MAIL: crime and remailers Message-ID: <199409220013.RAA24503@well.sf.ca.us> His attitude is certainly one that will not win friends and influence people, however if your whole existance is predicated on stealing public domain research funded by taxpayer money, then your paranoia would drive you to the extremes he exhibits. I always though a good legal defence was to attack the basic patent rights he was issued to begin with. Having just won my 3rd lawsuit ( from scumbag insurance companies with no ethics ) I can say that the majority of lawers ARE lazy scum From merriman at metronet.com Wed Sep 21 18:05:48 1994 From: merriman at metronet.com (David K. Merriman) Date: Wed, 21 Sep 94 18:05:48 PDT Subject: Denial of service attack (stupid flame) Message-ID: --- Forwarded message follows --- alt.security.pgp From: wje at netcom.com (William J. Evans) Subject: Denial of service attack (stupid flame) Date: Wed, 21 Sep 1994 12:11:07 GMT A good denial of service attack is to encourage your opposition to use netcom as his or her news provider. -- Bill Evans ========================================= How does it sound to you, Tim? Dave Merriman From ianf at wiley.sydney.sgi.com Wed Sep 21 18:13:54 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Wed, 21 Sep 94 18:13:54 PDT Subject: Laws Outside the U.S. In-Reply-To: Message-ID: <9409221110.ZM607@wiley.sydney.sgi.com> On Sep 21, 1:08pm, Hadmut Danisch wrote: > - Encryption soft/hardware can not be exported to communist countries > (COCOM) without problems. I don't know exactly, whether it is > forbidden, must be licensed, or must be registered in any way. This had an interesting side-effect in the GSM specifications, as there was a lot of dispute about how secure GSM should be. As West Germany (as it was then) had a lot of borders with the Eastern Bloc, they wanted very strong crypto. France wanted very weak crypto. Considering the players involved, you can imagine the rest. A5 ended up being based on a French design, so I think we can draw the obvious conclusions. Although I have been told that the A5 implementation available on the network bears little relation to the final one released in GSM, I believe that the current feeling is that it has a key entropy of 40 bits maximum, if that. Ian. From sandfort at crl.com Wed Sep 21 18:39:31 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Wed, 21 Sep 94 18:39:31 PDT Subject: HIT MEN Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, Tim May made some good comments about my post, albeit late through no fault of his own. (What is it with Netcom, anyway? Some of you folks on Netdown ... er ... Netcom ought to look into CRL. I've had very little trouble with them, and they are available in parts of the South Bay.) Some of his points have raised by others, so I'll focus in on just a few of Tim's points. I wrote: >Would you do business with a escrow that was the bag man for >contract murders? I wouldn't, you wouldn't and the vast majority >of people in the world wouldn't. That wouldn't stop some escrows >from performing that service, but it would run up the cost.... >the costs rise high enough, profitable opportunities are created >for false escrows to enter the business.... To which Tim responded: I can't follow Sandy's logic here. That I wouldn't use such services, that Sandy wouldn't, etc., is hardly persuasive. Contract killings happen today, after all.... The "etc." Tim left out, is very important. Most people would be revolted by an escrow company that facilitated murders. They would not do *any* escrow business with such parasites. This would mean such companies would have to make *all* their money as escrows for various illegal/immoral activities. Statistically, here just isn't much of market for contract killings; even less for contract killing escrows. Sandy says this "would run up the cost." But from what basis? I've made no predictions about the costs, either with or without the participation in such markets by Sandy or me! Repeat after me: The whole world is watching, the whole world is watching, the whole world... If the market is tiny and the world otherwise boycotts you, the only way to make a living offering such a service (crime escrows) is to charge your clients big bucks. That's how the costs go up, irrespective of whether or not Tim and Sandy are in the market. What the costs will be is unknown to me, and I don't plan to try to forecast the costs. All I claim is that anonymous escrow services "solve" the specific problem raised earlier about one or more of the parties welshing on the contract. A kind of 'clearing' mechanism. Yes, the solve the problem *if they exist*. You have merely posited "anonymous escrow services" as a _fait_accompli_. In the real world, there will only be "anonymous escrow services" for murder, if they make sense economically. I don't think we have to worry about such services supported by altruists. In any case, there are in fact "escrow agents" today for contract murders. Mob families act in this way, putting the "full faith and credit" of their organizations behind such hits.... The mob families are not cryptographically pseudonymous, naturally, but... True, but is exactly *because* they are not cryptographically pseudonymous that they usually abide by their ... honor. They are flesh and blood people, with known identities, addresses, families, etc. Their reputation *does* matter because they are more vulnerable to physical retaliation than is some disembodied e-mail address. Tim wrote several things about SCENARIO ONE (crooked escrow) that I covered in responses to other people. One thing not covered was address by Tim, thusly: He then says: "Al's Anonymous Escrow" announced they were holding money for this job, as you can see. I did the job, as you can see from the digitized images I took at the scene, and now Al won't pay up. Come now Tim, "digitized images"? Like when I killed that lawyer in Jurassic Park with my robot T. Rex. I think the murder will have to do better than that. ...fully pseudonymous agents can still present evidence to the court of public opinion and have their reputations influenced positively or negatively. And in the court of public opinion, the pseudonymous agent would be pilloried for his actions. As a said in a previous post, no one will give a rodent's rear for the contract murderer. Most folks, including me, would applaud the escrow that didn't pay the murderer. I doubt few clients would take their business elsewhere. And as before, the escrow could even pass the savings along to its customers as reduced rates. Works for me. If an escrow agent does this very often, he'll lose all his business. Opportunity for an agent who takes his reputation more seriously to then gain market share. Nonsense. You are thinking like an engineer, not a psychologist or businessperson. People would not take their business away from an escrow who was honorable in every other dealing except for murder. The market has no trouble making such ethical/moral distinctions. Just as with Swiss banks ... Rolled over on Marcos without any discernable loss of business. (I'll just make the aside that Sandy's arguments apply to bookies the same way... No it doesn't. There is nowhere the universality of repugnance towards gambling as there is towards murder. It's a numbers game. Welch on a bet and lots of people--even those who don't like gambling--will disapprove and your reputation will suffer. The number of people who would take their business elsewhere just because you didn't pay a MURDERER (for god's sake), is statistically insignificant. ... I'm not persuaded by Sandy's arguments that the threat of cheaters is sufficient to derail these markets. It hasn't derailed them in the real world. It won't in the less traceable but even more reputation-critical crypto world. That, again, is because the real world does not have the self same anonymity Tim thinks will allow for easy contracts for murder. Sauce for the goose is sauce for the gander. Crypto giveth, and it taketh away. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From mg5n+ at andrew.cmu.edu Wed Sep 21 19:01:58 1994 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Wed, 21 Sep 94 19:01:58 PDT Subject: Netcom Message-ID: Sounds like the people on Netcom are having the same kinds of problems that led me to cancel my kaiwan.com account. From jburrell at crl.com Wed Sep 21 19:15:22 1994 From: jburrell at crl.com (Jason Burrell) Date: Wed, 21 Sep 94 19:15:22 PDT Subject: MAIL: crime and remailers In-Reply-To: <9409212330.AA19832@netmail2.microsoft.com> Message-ID: On Wed, 21 Sep 1994, Blanc Weber wrote: > > Well, you know, there was that threat from the NSA guy to run him over . . . > wonder if the offer still stands. > > Would that make you feel better? > > :>) > Blanc Hey Blanc, can digital money be used for that? Double-blind systems? Uh, wait, the NSA can. . . Hmm, who are those guys running out of that van, dressed in black, with big guns, coming toward my house? (Sound of wood cracking and gunfire) Its the GESAP--. . . :-) From cpunx at october.ducktown.org Wed Sep 21 19:41:54 1994 From: cpunx at october.ducktown.org (cpunx at october.ducktown.org) Date: Wed, 21 Sep 94 19:41:54 PDT Subject: HACK THE SPEW Message-ID: It might interest some to know that Neal Stephenson (author of the cyberpunkish novel, "Snow Crash", which I liked very much), has a decent short story in the latest (October) issue of WIRED magazine. With this story, Stephenson says many things about privacy which I've been trying to say for years, but could never find the words. I found it very gratifying to discover that he sees things the same way. Unfortunately, in WIRED, he's mostly preaching to the choir. I sort of wish this story could get broader distribution, somehow ... The topics of encryption, profile-spoofing, false identities, and other privacy-enhancing techniques figure prominently. He also briefly mentions the cypherpunks, to wit: "You're a cypherpunk, or you know some. You're using codes so tough they're illegal." Apparently, some cypherpunks write ... STORIES, too! --- mkj From tcmay at netcom.com Wed Sep 21 19:41:58 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 21 Sep 94 19:41:58 PDT Subject: HIT MEN In-Reply-To: Message-ID: <199409220239.TAA29050@netcom14.netcom.com> Sandy Sandfort writes: > Tim May made some good comments about my post, albeit late > through no fault of his own. (What is it with Netcom, anyway? > Some of you folks on Netdown ... er ... Netcom ought to look into > CRL. I've had very little trouble with them, and they are > available in parts of the South Bay.) I'm looking. It's all a leapfrogging game. (I can recall when Sandy was Netless, or stuck on some kind of almost-Netless service, now he's probably at a better service than Netcom, which is currently suffering from its past success, probably terminally. My next jump will be to something that supports 28.8 or better, SLIP or PPP, etc.--please, no useless recommendations about how I should get a Linux box and run it off of The Little Garden. And no wasted "What's wrong with Linux?" posts :-}) ...stuff elided... > The "etc." Tim left out, is very important. Most people would be > revolted by an escrow company that facilitated murders. They > would not do *any* escrow business with such parasites. This > would mean such companies would have to make *all* their money as > escrows for various illegal/immoral activities. Statistically, > here just isn't much of market for contract killings; even less > for contract killing escrows. Conflating moral opinions ("revolted," "parasites," "immoral") with the issues about detecting and dealing with cheating is where Sandy and I have our strongest disagreement. But I've made these points elsewhere and won't again. All I'll say is that the _customers_ for various such services are not put off by the immorality or parasite-like nature. And the _size_ of the market is not at issue. I'm not trying to sell this as a business venture, just analyze the effects of strong crypto, of crypto anarchy. Demonstrably there are markets for hits, for kidnappings, for the sale of national defense secrets, for underground organ banks, and so on. Lots of books, articles on the size of the underworld economy (notably, James Mills, "The Underground Empire," and Claire Sterling's new book, "Thieve's World"). > Sandy says this "would run up the cost." But from what > basis? I've made no predictions about the costs, either > with or without the participation in such markets by > Sandy or me! > > Repeat after me: The whole world is watching, the whole world is > watching, the whole world... ???? (I've not been responding to Sandy's jabs and argument about "dunce's caps" and whatnot. I probably ought to delete this paragraph, lest I be seen as flaming, but I won't. I just can't follow the point of these sorts of arguments.) > If the market is tiny and the world otherwise boycotts you, the > only way to make a living offering such a service (crime escrows) > is to charge your clients big bucks. That's how the costs go up, > irrespective of whether or not Tim and Sandy are in the market. Again, I've made no claims whatsover about what the costs will be. Showing my frustration a bit, in line with the points above, how many more times do I have to repeat this? (Answer: None, as I won't make this point again and will ignore any posts that argue about costs.) I can't see any point, frankly, in arguing this further. --Tim May -- Warning: I'm using Netcom as my Internet service, and both mail and News are being delayed by up to several days. I may not be able to respond promptly, and may have missed other posts and messages. .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From hfinney at shell.portal.com Wed Sep 21 20:41:38 1994 From: hfinney at shell.portal.com (Hal) Date: Wed, 21 Sep 94 20:41:38 PDT Subject: My response to NRC crypto study Message-ID: <199409220341.UAA02254@jobe.shell.portal.com> This is a slightly edited version of what I sent: Thank you for giving members of the public such as myself the opportunity to discuss our concerns as the NRC studies the National Cryptography Policy. I will make my points using the outline of issues dated September 14, 1994 as a reference. > * the impact of current and possible future restrictions and standards > regarding cryptographic technology on > > - the availability of such technology to foreign and domestic > parties with interests hostile to or competitive with the > national security, economic, commercial, and privacy > interests of the U.S. government, U.S. industry, and private > U.S. citizens; One traditional method for limiting access by hostile foreign powers to strategically important technology has been the defense-oriented classification system. Important discoveries made by government researchers have been classified at various levels in order to prevent their dissemination. This general approach of secrecy has been applied as well to the SkipJack algorithm used in the Clipper chip. However, this approach has not been completely effective with cryptographic discoveries that are made by private researchers not under the control of the government. Probably the most notable event along these lines was the discovery of public-key encryption technology in the 1970's. The concept of PK encryption, easy to explain and understand even for a technologically knowledgeable layman, spread like wildfire despite some early abortive efforts to suppress it. This discovery has served as the foundation for a wide range of research in cryptography and no doubt is an important reason for the rapid growth of the field over the last twenty years. Today, the electronic networks which circle the globe make communication of new results far easier and more rapid than in the past. And the transparency of national borders on the computer networks means that information, once made available, is available globally. A discovery made today comparable to PK encryption in the 1970's would have been far less likely to be suppressed, and in the future we can expect this tendency to increase. Despite this, the US government is currently wielding clumsy policies which classify all encryption software as munitions and require complicated licensing procedures for their export. There is a terrible mismatch between these policies and the mechanics of information flow today. For one thing, the distinction between distribution within the country and information which flows out of the country is nearly impossible to make today. It was always quite unrealistic to suppose that technology which was widely deployed within the US was unavailable across our borders, but the information networks make it clear that this is a fantasy. As the networks increase in speed, power, and ease of use, the ties between countries will only grow. The net will need to be seen as a global phenomenon, and information on the net will no longer be localized; made available to one, it is made available to all. In this environment, the only way to stop information from making its ways into foreign hands is by keeping it off the net entirely. And that implies restricting what kinds of technologies American citizens can publicly discuss and what kinds of information they can exchange. If we want to keep cryptographic secrets, we must prevent people from knowing or at least talking about those secrets. This would require Draconian policies more suitable to a totalitarian state than the world's greatest democracy. In short, keeping cryptographic technology secret is incompatible with American principles. > - the competitiveness of U.S. manufacturers of such technology > in the international market; > > - the competitiveness and performance of commercial U.S. > users of such technology; Another problem with the present US policies restricting exports of cryptographic technologies is their lack of responsiveness to changing conditions. Despite the fact that such basic algorithms as the RSA public-key encryption system or the DES secret-key system are nearly twenty years old, the government still restricts their export. This is ridiculous. Those algorithms are in use all over the world! From whom are we trying to keep them secret? This is really an illustration of the well-known inertia and inflexibility of bureaucracies. The only effect of these bans is to impair the competitiveness of US business. Manufacturers of cryptographic technology are not allowed to export, and users of cryptography are not allowed to use modern technology if the products might go overseas. It would be as if the US were still determined to keep the design of internal combustion engines secret and so US car manufacturers were forced to use steam because the cars might be sent across the border. In the future, as new algorithms are discovered, the same problem will present itself. The rapidity and ease of communications ensures that if the technology is publicly known, it is globally known. Allowing US manufacturers to use a technology but not to export it is pointless; if they know how to use the technology, chances are the rest of the world does as well. Restricting exports can only benefit competitors in other countries at the expense of US businesses. It is pointless and counterproductive. > - U.S. national security and law enforcement interests; Cryptographic technology has some characteristics which are at odds with the interests of law enforcement and security agencies. In a sense, cryptography is a "purely defensive" technology. It does not threaten anyone, it does not invade anyone's privacy, it does not cause damage or harm. On the contrary, it protects the user from various kinds of threats and invasions of his own privacy. In a way, it levels the playing field, providing the weak with some of the same protections of privacy and secrecy which have been traditionally available only to the strong. The problem is that law enforcement and security interests have gotten used to being strong. It may not have been easy to learn the internal secrets of a powerful opponent, but eavesdropping on a poor country or individual was easy. Indeed, most people have intuitively understood that they would be nearly powerless if threatened in any significant way by law enforcement or national security forces. Now, this may change somewhat. It remains to be seen to what extent these changes will occur, and what their full effects will be. It does appear that if free access continues to be granted to cryptographic technology that people will be more immune to certain types of surveillance. This does not necessarily mean that the world will descend into a nightmare of terrorism and war. It does mean that the agencies whose job it is to keep order will have to adapt, to learn new technologies and new approaches. Naturally, they will resist. Change is never comfortable, and it is all too easy to conjure boogeymen out of the unknown. But before allowing ourselves to be panicked by the thought of untappable phones and unreadable mail, we need to consider the alternatives. Because of the tremendous ease with which information will flow, only extremely severe and harsh measures can keep cryptographic technologies out of the hands of those who want it badly enough. This has been recognized from the beginning by the government, as was seen in its flawed Clipper chip proposal. The fundamental inconsistency with Clipper was that a voluntary standard would not be used by criminals, and the restrictions which would be needed to force criminals to use it would be completely at odds with American freedoms. The government's attempt to have it both ways only sowed fear and mistrust. It may sound harsh, but it is true: the only way in which cryptography which can be defeated by law enforcement will come into use is if people are forced to use it. And the problem is that people already have technologies which are too strong for law enforcement to break. It's too late to put the genii back into the bottle. The only choices at this point are between Big-Brother-style restrictions on use of certain simple algorithms, or a world in which privacy, unbreakable privacy, is a fact of life. Consider carefully whether the latter would be so horrible before you accept choices which are at odds with our national traditions of individual freedom. > * the strength of various cryptographic technologies known and > anticipated that are relevant for commercial and private purposes; In my opinion, the current suite of cryptographic technologies is well suited for commercial purposes. The RSA public-key system has withstood nearly twenty years of attacks and new algorithms for factoring numbers (factoring is the problem on which the algorithm is based). At worst it may be desirable to raise key sizes from the 512 to 1024 bit level which are widely used today to perhaps 1024 to 2048 bits, a level which should provide effectively impenetrable security. As computers get faster the larger key sizes can be handled efficiently, while the time to break the algorithm increases at a much faster rate for larger keys. The result is that the passage of time and the increase in computer speeds only helps the user of RSA rather than the attacker. RSA is typically used in conjunction with a secret-key cypher for efficiency, and here DES has been the choice for a number of years. DES is now showing its age; its 56-bit key size is beginning to be too small to give confidence against an attacker. However, two alternatives are readily available: triple-DES and IDEA. Triple-DES has a key length of 112 or 168 bits, depending on the configuration, and IDEA has a key length of 128 bits. Both of these are large enough that no conceivable attack can be launched based on key size alone. Triple-DES itself has been cryptanalyzed almost as long as DES, and while IDEA is newer its security should be much clearer within the next two or three years. In addition, there are a number of other conventional cyphers being developed all the time. Chances are that one or more of these will be acceptable as well. By the turn of the century there should be at least three or four strong and widely accepted conventional cyphers. In sum, there is no real commercial need for government involvement in the development of new cryptographic technologies. While new approaches are always welcome, the range of technologies which already exists is adequate for commercial encryption needs well into the next century. Here the best policy for the government is to simply facilitate the use of these well established systems. > * current and anticipated demand for information systems security > based on cryptography; Cryptography is going to be a key technology over the next ten to twenty years. There is far more to this technology than simply maintaining privacy, although certainly in the early years this may be the principle market area. But, more generally, cryptography is a technology of information management. It allows precise control over how information is revealed, packaged, and disseminated. Once recent discoveries by cryptography researchers are commercialized and made available to the public there will be whole new areas of business and commercial interest that are barely imagined today. Starting with the nearer term, cryptography will be used initially primarily for privacy and authentication. As commerce moves onto the nets, so too will the need for confidentiality. The insecure nature of many existing networks will be addressed by layering cryptographic protocols on top of the existing foundation. And new networks may be developed with cryptographic security built in from the beginning. An important point will be to make the security trustable and transparent. Trustable means that the end user does not have to trust some third party not to betray his secrets. In an increasingly competitive world where government and corporate espionage are beginning to merge, a system which tells its users to "trust me" is not going to be competitive with one which allows users to determine for themselves that their communications are secure. This suggests that end-to-end encryption, where the message is in the clear nowhere on the network, will be the preferred mode. And at the same time, the encryption will be transparent, built into the software used for access to the network, with user-friendly controls and indicators for the encryption status (and hence reliability) of each piece of information displayed. We see the prototypes for these concepts already with the security extensions to the World Wide Web and its associated software program, Mosaic. Similar concepts are being designed into personal computers as well. Looking out a bit farther, the next big market for cryptography technology will be electronic payment systems. The potential speed and flexibility of electronic commerce requires an equally fast and flexible means of electronic payment. There are many cryptographic technologies which are suitable, including the electronic equivalent of bank drafts, checks, cashier's checks, and, perhaps most controversial, digital cash. It is worth discussing digital cash in a little more detail. It may well be that this technology will produce the next Clipper controversy. The situation is that digital cash provides for a means of payment which is the electronic equivalent of cash. It is private and anonymous. In an era when databases of consumer preferences and buying habits may be one of the major threats to privacy, digital cash will provide protection by allowing transactions to occur anonymously. If there is no record of who participated in the transaction, there is no privacy threat from databases of such records. In a sense, this is nothing new, no more threatening than paying a dollar for bread at the corner grocery store. But law enforcement efforts which rely on tracking the flow of funds may be hindered by the widespread use of digital cash. This could have implications for money laundering, income and sales tax collection, and other types of financial regulations. As with the prospect of encrypted communications, the response by law enforcement is likely to be an attempt to block this technology from coming into widespread use. And once again the choice will be between restrictions on what kinds of algorithms people can run on their computers, and allowing people some privacy in their financial affairs. Other cryptographic technologies which are waiting in the wings include "zero knowledge" proof systems, which allow new forms of authentication, and which make it possible to prove possession of certain information without revealing the information itself; secret sharing systems which allow for true "escrow" of information (unlike the misnamed government "key escrow" which keeps secrets contrary to the interests of the user, rather than on his behalf) with very flexible controls on who can access the information; pseudonym-based credentialing systems which will allow people to prevent linkage of information about them in different databases while allowing them to control which information will be revealed; secret-exchange systems which make it possible for two people to simultaneously exchange secret information in such a way that neither can cheat; many forms of digital signatures, some of which are verifiable only with the cooperation of the signer, but in such a way that he can't cheat; and a variety of others. These technologies will permit wholly new and unforeseeable approaches to managing and controlling information, and will undoubtedly serve as the basis for new companies and even new industries. But these possibilities can only come about if people are allowed to use them. Any approach which requires law enforcement review of every new encryption technology is going to hamstring American companies which want to innovate and compete in the world. The tremendous growth and success of the US software business comes from the free-wheeling competition and innovation which have characterized it. Inserting law enforcement restrictions into the picture can only harm American competitiveness, as we see already in the cryptographic privacy area. As we move into the next century, information itself is going to be a key commodity, and the monkey wrench thrown into the industrial machine by law enforcement restrictions on cryptographic and information technologies is going to have widespread impact. This is not something we can afford in an increasingly competitive world. > * the impact of foreign restrictions on the use of, importation of, and > the market for cryptographic technology; Narrowly speaking, the interests of the United States are best served if our foreign competitors are faced with as many disadvantages as possible. On this view, foreign restrictions on cryptographic technology should be welcomed, as they will only harm foreign companies and make it harder for them to compete with the US. In the broader sense, though, the world market is all interconnected. Inefficiencies and restrictions in one part inevitably harm the smooth operations of other parts. It is no longer easy or even possible in many cases to distinguish activities which are foreign from those which are domestic. Regulations which apply to a company's activities in one country inevitably influence its activities in others. In this sense, foreign restrictions on cryptographic technologies will end up being harmful to US companies and individuals. In the long run, then, it will be best for the US to work to reduce foreign restrictions on the use of cryptography. The prospects of success are excellent since those countries will be feeling their own domestic pressures from companies which are being harmed by those restrictions. And in an international world a country which stubbornly maintains obsolete and inefficient restrictions on internal business activities may simply find itself bypassed, as commerce flows to more hospitable jurisdictions. The great danger, and the one to be most carefully avoided, is the establishment of an international cabal of law enforcement agencies, all calling for uniform restrictions on encryption applied (as they would have to be) in all countries on the globe. This would represent a pre-emptive strike against individual privacy, the formation of a de-facto cartel in which governments around the world band together contrary to the interests of their citizens. It need hardly be pointed out how opposed this is to our American principles and traditions. Furthermore, such an approach is inherently fragile and unstable, as every country has incentives to advance its own interests by releasing the shackles which bind its industry. > * the extent to which current cryptography policy is adequate for > protecting U.S. interests in privacy, public safety, national > security, and economic competitiveness; US cryptography policy has clearly gotten off on the wrong foot. With the disastrous Clipper chip proposal, the government has simultaneously alarmed privacy advocates and demoralized law enforcement. Today, the policy is in a shambles, with indications that the government is withdrawing support for Clipper and searching for other alternatives. The fact is that current cryptographic technology is perfectly adequate for privacy protection. There is no need for government efforts to introduce new cryptographic systems. To the extent that Clipper was presented as a new, improved cryptographic algorithm, it is simply unnecessary. Of course, the stated purpose of Clipper was not to improve privacy, but quite the reverse. Again, as far as meeting the goals of privacy protection, the government need only step aside. Similar considerations hold for economic competitiveness. Here the export restrictions on public-domain cryptographic technology are a ludicrous holdover from the past and serve only to hobble American companies. The single best step the government could take today would be to remove RSA, DES, IDEA, and other international cryptographic standard algorithms from the list of export controlled technology. As for the national interest in public safety and security, cryptography is simply not the threat that it is often painted by law enforcement and security interests. With only a few hundred authorized wiretaps a year on a population of over 200 million people, it is clear that the impact of secure communications will be only marginal. Traditional methods of law enforcement including physical surveillance, infiltration, informants, and similar approaches have been the foundation of crime prevention in the past and undoubtedly will be in the future. Furthermore, attempts to put the cat back in the bag are doomed to failure. There are already widespread programs for cryptographic privacy, and new ones are being written (often by amateurs, so widespread and simple is the technology) all the time. The kinds of regulations which would be required to prevent people from communicating privately would have to be severe and onerous. It was the recognition of this fact which forced the government to back down from early hints that Clipper might not be a voluntary program. Citizens of the United States simply will not tolerate the kinds of government controls that would be necessary in order to return to the days of free wiretapping. > * strengths and weaknesses of current key escrow implementation > schemes; So-called "key escrow", as pointed out by cryptographer Carl Ellison, is misnamed. What these systems really provide is Government Access to Keys, or GAK. That is the real purpose of these key escrow systems. All the discussion about escrow and restrictions on access is window dressing to obscure the fundamental issue and to make it seem more palatable. A true escrow system would be one which held certain information on behalf of the client. An escrow agency has well-defined obligations to the client and to other interested parties. For example, in a sale of real property, an escrow agent may hold the cash for the buyer and pass it to the seller when title has transferred. There are actually many legitimate purposes for escrow in the context of information. One example would be the purchase of some data package over a computer network (say, a music video in electronic form). An escrow agency could assist with the mutual exchange of payment (perhaps in the form of digital cash) and the information package in such a way that both parties are protected against cheating. In this sense, a true "key escrow" agency might be one with which a user could deposit his secret key with assurance that it would be held safely for him. Then if something happened in the future which caused him to lose his key, the escrow agency could follow through with its contractual obligation and return the key to the user. Or, again with appropriate authorization, in the event of the user's death or other circumstances, the agency could reveal the key to the heir or agent of the original user. The key point here is that the escrow agency is providing a service to the user; the user's interaction with the agency is voluntary. This kind of key escrow, if offered by the government, would not be particularly objectionable (although there is no particular reason why this escrow should be a government, as opposed to private, function). Just as the government indirectly backs the banks and provides security to the depositors, so a government key escrow agency could provide secure storage of keys (and perhaps other information). If only this is what the government meant by key escrow! Actually, of course, the real purpose of key escrow is to allow the government to defeat encryption if necessary. Most of the variations on the existing schemes involve what mechanisms are used to ensure that the keys are only revealed under specified conditions. The Clipper chip proposal has been widely discussed elsewhere. The difficulty of ensuring that copies of the keys are not made during the programming process has been pointed out, as well as the problem that knowing the family key (or having access to a family key based decryption unit) allows traffic analysis without needing access to the escrowed database. The possibility of rogue units interoperating with Clipper chips as discovered by Matt Blaze provides a further technical flaw in this proposal. A more recent proposal is also worth discussing. So-called "software key escrow" (SKE) provides similar functionality to the Clipper chip, but in software. A "law enforcement access field" (LEAF) is included in each message by compliant software as with Clipper. The main new feature is that the software on the receiving end can check that the LEAF is valid without knowing the family key. This prevents rogue software from interoperating with compliant software. Although interesting, this proposal is unlikely to achieve its goals without the kinds of harsh restrictions discussed above. The design goal of making it impossible for rogue software to communicate with compliant software is really not relevant as that does not solve law enforcement's problems. It would be an easy matter to create a rogue program which communicated compliantly with compliant software and non-compliantly with rogue software. This allows the hypothetical criminal to communicate with his cohorts privately while communicating freely with everyone else. Again, the only way this system or any similar key escrow system can succeed is if people are forbidden to use anything else. > * how technology now and in the future can affect the feasible policy > options for balancing the national security and law enforcement > interests of government and the privacy and commercial interests > of U.S. industry and private U.S. citizens; To the extent that this debate is expressed as a conflict between government and citizens, it is already clear what has gone wrong. There should not be a conflict between government and its citizenry, not in a democracy. The citizens rule the government in the American system, not the other way around. What has happened here is that certain agencies within the government seem to have forgotten this fundamental fact. They see the people of the United States as, if not their enemies, then at least their potential enemies. Law enforcement and national security agencies have become so accustomed to wielding immense power that they cannot tolerate the thought of giving up some of it. Thus we have their desperate attempt to turn back the clock, to freeze technology at a 1970's level, to prevent people from using the cryptographic tools which are becoming more widespread every day. There is no need to balance the interests of the US government and private citizens. The only interests which are relevant are those of the citizens. What needs to be balanced are those citizens' interests in public safety and their desire for privacy and freedom. This conflict is nothing new. It has always been true that there is a tradeoff between security and freedom. Different countries all around the world have chosen to balance this tradeoff at different points. At one extreme we have totalitarian states where security is everything and individual freedom is nearly gone. The example of Singapore is widely used today as a place where the citizens have, largely voluntarily, given up a great deal of individual privacy and freedom in exchange for a tightly regulated, but peaceful, society. We in the US have traditionally chosen a different, and historically superior, approach. Our national traditions emphasize the importance of the individual. All through American history the lessons we have learned have taught us to respect individual freedoms at the expense of government regulations and controls. This has been one of the fundamental principles which has led to our tremendous success. In the context of the encryption debate, then, the default position should and must be one of individual freedom. We already allow individuals to use any encryption technology they desire. Any proposal to move from this principle, a principle which is firmly in accord with American traditions, should be viewed with the utmost caution. And, as the above discussion has emphasized, there is really no legitimate policy position which moves us only slightly in the direction of greater control. The choice is not between privacy and a little bit of regulation. It is between privacy and very invasive, very intrusive restrictions. The nature of cryptographic technology is such that it is so easy to use that only an intensive effort can prevent its use, or force the use of a government-approved alternative. The policy decision is really between one which maintains American traditions of freedom and one which takes a drastic step towards government control. In the future, this situation will only become worse from the point of view of those opposed to communications privacy. As more countries become computerized, as the global networks spread further, as more people learn how easy it is to ensure their own privacy, it will be all the harder to keep people's communications under government-approved systems. Technology sounds the death knell for traditional ways of approaching the law enforcement and national security business. The longer governments are allowed to ignore that fact the more likely it will be that the totalitarian solution will be imposed. > * recommendations for the process through which national security, > law enforcement, commercial, and privacy interests are balanced > in the formulation of national cryptography policy. The traditional way to balance the competing interests would be to put national security and law enforcement people, business people, and a few "privacy advocates" on a committee, then let them make recommendations to the Executive or Legislative branches of government. Although this may be appropriate for the initial evaluation of the situation, it has serious problems. It puts far too much weight on the specific interests of security and law enforcement. Although these are legitimate duties of government, they are not its only duties, and they certainly do not override the traditional American emphasis on individual liberty. In the next century, the primary economic fact will be international competition. In a global world, there is no longer any place for pointless government regulations which will interfere with the success of domestic business or cause commerce and capital to flee to other countries. Attempting to mollify outdated law enforcement concerns by restricting the use of encryption technologies will only hurt American citizens. The fact is that, given these economic realities, the only policy decision which makes sense is one which encourages, rather than restricts, the use of encryption. Government should relax export controls, retire its key escrow proposals, reveal the SkipJack algorithm used in Clipper, and turn its researchers to the task of helping American competitiveness rather than thinking up new ways of hindering US businesses. The only "process" that is needed is the political courage to overcome the objections of law enforcement and force them to concentrate on the job at hand, stopping criminals, rather than working on new ways to block encryption technology. It doesn't have to be done right away. It will take years for encryption to work its way into the economy. We probably won't see widespread encryption of telephone and other electronic communications for five or even ten years. This time must be used productively by law enforcement to design new strategies to meet the challenges ahead. If the government wastes time on an ultimately doomed campaign to try to freeze technology and restrict encryption then we will all ultimately be the losers. Thank you again for your attention. Hal Finney email: hfinney at shell.portal.com From klbarrus at owlnet.rice.edu Wed Sep 21 20:55:43 1994 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Wed, 21 Sep 94 20:55:43 PDT Subject: META: gopher site Message-ID: <9409220353.AA08218@snowy.owlnet.rice.edu> Here is what Chael sent me (I have a feeling he meant to copy the list as well): > The Cypherpunks gopher hierarchy that was under Karl's home > directory has been officially moved to ~ftp/cypherpunks. Gopher > should work as normal and all of the files should be FTPable as well! > Chael Hall, nowhere at chaos.bsu.edu -- Karl L. Barrus: klbarrus at owlnet.rice.edu 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 "One man's mnemonic is another man's cryptography" - K. Cooper From cactus at bb.com Wed Sep 21 21:02:38 1994 From: cactus at bb.com (L. Todd Masco) Date: Wed, 21 Sep 94 21:02:38 PDT Subject: HACK THE SPEW In-Reply-To: Message-ID: <35qvps$o89@bb.com> In article , wrote: >It might interest some to know that Neal Stephenson (author of the >Unfortunately, in WIRED, he's mostly preaching to the choir. I sort >of wish this story could get broader distribution, somehow ... WIRED's big money, big distribution these days... Representatives referred to it in the C-SPANized DT hearings. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From jamesd at netcom.com Wed Sep 21 21:17:48 1994 From: jamesd at netcom.com (James A. Donald) Date: Wed, 21 Sep 94 21:17:48 PDT Subject: HIT MEN In-Reply-To: Message-ID: <199409220320.UAA00905@netcom10.netcom.com> Timothy C. May writes > Gambling is illegal in most places, unless run by the state. And yet people > gamble, illegally. They use bookies. Bookies who are doing illegal things, > as the gamblers are. And yet if they get stiffed by a bookie, which > _sometimes_ happens, they tell their friends, family, etc., and the > reputation ripples spread. > > Taking Sandy's "For murder escrows, a positive reputation is meaningless. > They can't--nor can anyone else--risk exposure of such negative > information. Escrows that admittedly engage in abetting criminal acts can > have NO MEANINGFUL REPUTATIONS." argument, are we to assume that this > applies to illegal betting? That stiffed bettors won't speak up because > there are "Escrows that admittedly engage in abetting criminal acts can > have NO MEANINGFUL REPUTATIONS"? Illegal betting is merely illegal. Murder is also immoral. This really does make a difference to reputations. For example if you have a criminal record for shoplifting a packet of cigarettes, most bosses will not hire you. But speeding or even drunk driving will not seriously affect your employment prospects. Similarly tax evasion convictions seem to have little effect on ones credit rating. , From sameer at c2.org Wed Sep 21 21:30:28 1994 From: sameer at c2.org (sameer) Date: Wed, 21 Sep 94 21:30:28 PDT Subject: HIT MEN In-Reply-To: Message-ID: <199409220428.VAA21117@infinity.c2.org> > Tim May made some good comments about my post, albeit late > through no fault of his own. (What is it with Netcom, anyway? > Some of you folks on Netdown ... er ... Netcom ought to look into > CRL. I've had very little trouble with them, and they are > available in parts of the South Bay.) Those in the east bay/east sf might want to try c2.org. Cheap, cypherpunk, and growing. (Tiny net right now, but will upgrade by yearend.) plugplug, -- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From tcmay at netcom.com Wed Sep 21 21:30:48 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 21 Sep 94 21:30:48 PDT Subject: HIT MEN In-Reply-To: <199409220320.UAA00905@netcom10.netcom.com> Message-ID: <199409220428.VAA18400@netcom9.netcom.com> James Donald writes: > Illegal betting is merely illegal. Murder is also immoral. > > This really does make a difference to reputations. I'm not persuaded. Reputation is not having a nice feeling, it is expecting that an agent will act as he is expected to act (not an exact definition). To someone who wants to hire a murderer--the NSA's hit teams, for example--the "reputation" of a potentil hire is his track record, basically. Reputations are not scalar properties, seen identically by all persons, but are essentially confidence levels for specific functions to be peformed, or services to be rendered. Carlos the Jackal may or may not have deserved his reputation, but it was his reputation to his potential employers that mattered, not our moral judgments about the bombs he planted or the planes he hijacked. --Tim May -- Warning: I'm using Netcom as my Internet service, and both mail and News are being delayed by up to several days. I may not be able to respond promptly, and may have missed other posts and messages. .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From quill at pwa.acusd.edu Wed Sep 21 21:35:05 1994 From: quill at pwa.acusd.edu (Quill) Date: Wed, 21 Sep 94 21:35:05 PDT Subject: (FWD) New Remailer & "Bit Bucket" Message-ID: <9409220433.AA19234@pwa.acusd.edu> I didn't see this on the list, so I'm forwarding for general interest: Quill I would like to announce a new remailer: nately Send mail to the remailer with the subject "remailer-help" for instructions. This is a Ghio type remailer with one change. Rather than processing incoming messages immediately, I hold them in a pool. Periodically (once per minute for now) the pool is checked. If it holds more than n messages (currently five) then random messages are selected and send to the remailer script until only n messages remain. An undocumented feature of this remailer is that it can act as a bit bucket. All messages requesting forwarding to "null" will be trashed. I am pleased to act as a bit bucket for the purposes of increasing traffic through the web of remailers. I am a graduate student in astrophysics, this is the computer on my desk, and I am root. I am the primary user of this computer. The other occasional users are five graduate students with better things to do than mess with your messages. It should be stable for 2 or 3 years (till I get the Ph.D.) baring any serious legal hassles. -- Lance Cottrell who does not speak for CASS/UCSD lcottrell at popmail.ucsd.edu PGP 2.6 key available by finger or server. -- _____________________ ____________________________________________________ \-=[ iumop ap!sdn ]=-\/If marriage is outlawed, all inlaws will be outlaws/ ------------------------------------------------------------------------- Finger me ... for my PGP 2.6.1 key ... From tcmay at netcom.com Wed Sep 21 21:50:19 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 21 Sep 94 21:50:19 PDT Subject: THOSE DARNED HIT MEN In-Reply-To: <199409211701.AA07055@metronet.com> Message-ID: <199409220447.VAA20057@netcom9.netcom.com> I've finally gotten all the posts from Merriman, Barber, and May (no relation), and am in agreement with them more so than I am with either Sandfort or Donald. I guess democracy wins again, eh? David Merriman writes, quoting Sandy initially: > >Would you do business with a escrow that was the bag man for > >contract murders? > > But if the system is set up for total anonymity, _who would know_ that an > escrow agent was the "bag man"? Just like no one would know who the > contractee was, or the contractor: > > ========================================================= > Date: 21 Sep 2003 07:59:53 -0700 (PDT) > From: nobody at remailer.mafia.org > Subject: HIT MAN Needed > To: alt.jobs.hitmen > > Contract killing needed. 5,000 credit bonus if "accidental", additional > 5,000 credits is done within 30 days. If interested, post MegaCrypted bid > to alt.jobs.hitmen, specifying escrow agency, and using message ID in > subject line. > > MegaCrypt v3.7 key: > dijfwoiertqwgsdfjiwqfnwenfgwiegeowqt-384`=3jkig918ur5=`9ur2ihg ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Not enough entropy here! MegaCrypt v3.7 is clearly a charade. Probably an FBI sting to catch contract killers. But David is right in his point. --Tim May -- Warning: I'm using Netcom as my Internet service, and both mail and News are being delayed by up to several days. I may not be able to respond promptly, and may have missed other posts and messages. .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From blancw at pylon.com Wed Sep 21 22:10:34 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Wed, 21 Sep 94 22:10:34 PDT Subject: MAIL: crime and remailers Message-ID: <199409220511.WAA23992@deepthought.pylon.com> Responding to msg by Jason Burrell: >Hey Blanc, can digital money be used for that? >Double-blind systems? Uh, wait, the NSA can. . . Hmm, >who are those guys running out of that van, dressed in >black, with big guns, coming toward my house? (Sound of >wood cracking and gunfire) Its the GESAP--. . . ............................................................. Sure, Jason - whatever gets you through the fight, it's allright, it's allright. . . . Wait - is that Fabio, with the G.E.S.T.A.-- H.E.A.T., dressed in a sleek black turtleneck & carrying a big gun? But why is he running toward Your house? :>) Blanc From khijol!erc at apple.com Thu Sep 22 01:06:26 1994 From: khijol!erc at apple.com (Ed Carp [Sysadmin]) Date: Thu, 22 Sep 94 01:06:26 PDT Subject: anonymous poster software Message-ID: -----BEGIN PGP SIGNED MESSAGE----- I hacked this up in a little under an hour (with distractions), so it's not the absolute best software - it could stand some improvement - but it works. It could, with very minor hacking, do as an anonymous mailer. I wrote it in response to someone asking me if I could write such a thing for them in C. Yes, there are lots of itty-bitty remailers and posters out there, but this serves the bill for being totally anonymous and it's pretty quick, being written in C. Besides, I didn't want to learn perl or any of that grotesque stuff - I'm a purist at heart ;) - ---------------------------------- cut here -------------------------------- /* * anonpost - strip headers from incoming message, preserving Subject:, then * pass the rest of stdin to inews argv[]. * * Copyright 1994 by Ed Carp (ecarp at netcom.com). All rights reserved. */ /* * How to set this up: * * 0. Change "#define INEWS" and "#define SIG" * * 1. cc -s -o anonpost anonpost.c -O * * 2. mv anonpost /usr/local/bin # or wherever * * 3. echo "* * * * * su -c '/usr/local/bin/anonpost -n alt.sexual.abuse.recovery -f anonasar at khijol.UUCP -r anonasar at khijol.UUCP < /usr/spool/mail/anonasar;rm /usr/spool/mail/anonasar'" >> /usr/lib/crontab * */ #define INEWS "/usr/lib/news/inews " #define SIG "/home/anon-asar/.signature" #include #undef NULL #define NULL (0) main (argc, argv) int argc; char **argv; { char inews[1024]; char subject[128]; char line[1024]; FILE *in, *p; int i; *subject = NULL; while (1) { /* * read header */ while (fgets (line, 1022, stdin) != (char *) NULL) { line[strlen (line) - 1] = NULL; if (strlen (line) < 2) break; if (strncmp (line, "Subject: ", 9) == 0) strcpy (subject, line + 9); } if (*subject == NULL) strcpy (subject, ""); strcpy (inews, INEWS); for (i = 1; i < argc; i++) { strcat (inews, argv[i]); strcat (inews, " "); } strcat (inews, "-t '"); strcat (inews, subject); strcat (inews, "'"); if ((p = popen (inews, "w")) == (FILE *) NULL) { perror (INEWS); exit (1); } /* * read the rest of the article, passing it to inews */ while (fgets (line, 1022, stdin) != (char *) NULL) { line[strlen (line) - 1] = NULL; if ((strcmp (line, "--") == 0) || (strcmp (line, "-- ") == 0)) { while (fgets (line, 1022, stdin) != (char *) NULL) if (strncmp (line, "From", 4) == 0) { *subject = NULL; break; } } if (strncmp (line, "From", 4) == 0) { *subject = NULL; break; } fprintf (p, "%s\n", line); } /* * append the .signature file in the current directory */ if ((in = fopen (SIG, "r")) != (FILE *) NULL) { fprintf (p, "--\n"); while (fgets (line, 1022, in) != (char *) NULL) fprintf (p, "%s", line); fclose (in); } /* * post */ pclose (p); /* * make sure we didn't get an EOF */ if (*subject != NULL) break; } } - -- Ed Carp, N7EKG Ed.Carp at linux.org, ecarp at netcom.com Finger ecarp at netcom.com for PGP 2.5 public key an88744 at anon.penet.fi ** PGP encrypted email preferred! ** "What's the use of distant travel if only to discover - you're homeless in your heart." --Basia, "Yearning" -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLoEldCS9AwzY9LDxAQFEDgP/a0OeUQ//m7KO1dUZhLb3wlI4IzYl70JR PcYL/x2nf+XaskdrWN0YqXqeeV6jaPk7e1xOT/bvKgYs1MADuaUgEgcd0XynYvOl wOFYAxYN+qWi8+rC0DTxUSysOYGUH3hgMyaN5/dqCINC8pOYIz5iO+BEQC8yN9U3 H1GMiexO04w= =371T -----END PGP SIGNATURE----- From sameer at c2.org Thu Sep 22 02:41:58 1994 From: sameer at c2.org (sameer) Date: Thu, 22 Sep 94 02:41:58 PDT Subject: pgp 2.6.1 available on ftp.csua.berkeley.edu Message-ID: <199409220939.CAA27991@infinity.c2.org> available in /pub/cypherpunks/pgp/pgp261 -- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From sandfort at crl.com Thu Sep 22 04:23:30 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Thu, 22 Sep 94 04:23:30 PDT Subject: HIT MEN Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, I'm stymied. I keep arguing the real world, and everyone responds as though this were a MUD game. David Merriman wrote: If the escrow agent has a reputation for reliability, honesty, integrity, etc, then the nature of the transaction is irrelevant.... I'm sorry, but this is patently ludicrous. This is not a MUD or MOO. We're not talking about game theory and the "iterated prisoner's dilemma." This is about the real world. I could cite hundreds of examples where folks don't think "the nature of the transaction is irrelevant." Tree huggers won't buy from McDonalds, irrespective of quality, because Mickey D's "encourage the destruction of the rain forests." Gun nuts won't do business with Taco Bell because it's owned by Pepsico, and they've supported gun control. There are "green" shoppers and "investors of conscience." Hell, Duncan won't even buy the fine chickens produced by Foster farms because Foster is in bed with the Klintones (well not literally... well maybe). The burden of proof is on those who would tell us that human nature will change over-night when crypto-anarchy comes on line. People *do* care about the morality of those with whom they do business. I see no reason to believe that will change. Anonymous murder for hire, is not easy. It isn't going to be any more a threat under crypto-anarchy than it is now. Please, let's get out of this Tabloid, the-sky-will-fall mind set. It's going to be okay. S a n d y Who is signing off this thread. What's coming is coming, no matter what we do or say. History will have the last word. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From perry at imsi.com Thu Sep 22 06:04:21 1994 From: perry at imsi.com (Perry E. Metzger) Date: Thu, 22 Sep 94 06:04:21 PDT Subject: Jim Bidzos In-Reply-To: <199409212209.PAA25440@art.net> Message-ID: <9409221303.AA12884@snark.imsi.com> My humble opinion: Jim is not really the enemy, nor is he really a friend. He is a businessman trying to make a buck via the intellectual property laws. Sometimes this works out in our favor, sometimes it doesn't. He sends out letters defending his intellectual property rights that tend to be full of innuendo and that border on prevarication, but always stay on the proper side of the line; this is such a standard practice among people in businesses like his that I can't fault him for it. Overall, I'd say that anger towards him is misplaced. Perry Lile Elam says: > Wow, this just re-inforces my feelings that RSA is scum and Bidzos > is at the heart of it and is extream slime and crud... I hated this jerk > the first time I met him at a cypherpunks meeting some time ago... > > Wouldn't it wonderful if he would just crawl back under that scum rock > that he came from... > > Maybe a sniper will hit him someday and free us from having to co-exist > with this jerk... It sure is good to know that people don't live forever... > > :) > > I just had a terrible thought... what if he's *not* human!!!! > > the horror, the horror... > > -lile From jamesd at netcom.com Thu Sep 22 07:41:49 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 22 Sep 94 07:41:49 PDT Subject: HIT MEN In-Reply-To: <199409220428.VAA18400@netcom9.netcom.com> Message-ID: <199409221439.HAA27014@netcom2.netcom.com> James Donald writes: > > Illegal betting is merely illegal. Murder is also immoral. > > > > This really does make a difference to reputations. Timothy C. May writes > I'm not persuaded. Reputation is not having a nice feeling, it is > expecting that an agent will act as he is expected to act (not an > exact definition). True. And I, and most people, would expect someone who does murder for hire to lie and cheat. I have found that people usually act with unwavering consistency in this type of thing and are highly predictable - not that I have known murderers, but I have known thieves. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jeffb at sware.com Thu Sep 22 07:48:40 1994 From: jeffb at sware.com (Jeff Barber) Date: Thu, 22 Sep 94 07:48:40 PDT Subject: End of HIT MEN thread In-Reply-To: Message-ID: <9409221438.AA21104@wombat.sware.com> Sandy Sandfort writes: > I'm stymied. I keep arguing the real world, and everyone > responds as though this were a MUD game. > Who is signing off this thread. What's coming is coming, no > matter what we do or say. History will have the last word. I'm sorry that you're signing off this thread, particularly since it was you that challenged others to "disprove" your scenarios. After considerable struggle, I have finally succeeded in coming up with a mechanism through which the hiring party and the murderer-for-hire can make a contract through the escrow service in such a way that the escrow service doesn't know that the contract is for murder. Of course, it requires some additional assumptions -- none of them outrageous IMO. Since you have lost patience with the thread, I won't bother to post the details. This much I will say: I believe that *IF* there is a way to prove to the satisfaction of an unbiased third party that the intended victim is in fact dead [I'm not at all sure of this -- and this is where my additional assumptions come in], *THEN* the contract can be structured in such a way that the knowledge of the contract details are hidden from the escrow service who's overseeing the performance of the contract. So, in your scenario ONE, the escrow service would not know the contract is a hit, and therefore would not cheat. And, it would be completely vulnerable to the accusation if it did so. You say you are arguing the real world. Yet you are proposing or discussing scenarios which are clearly not possible today. So in some sense, you are asking the rest of us to assume some set of future conditions which are predicted to hold -- without any assurance that they will. I did in fact view this as a game which is why I felt free to invent other pieces of infrastructure which didn't seem outrageously improbable. You and Tim (and others) have argued over whether or to what extent an ordinary escrow service will tolerate contracts for illegal and immoral services. My own opinion is closer to yours, but if, as I believe, the knowledge of the contract details can be kept from the escrow service, this all becomes academic anyway. As you say, history will judge. To me, it seems that the hard problem here is how (or whether) a real world event, such as the death of an individual, could ever be "proved" to an impartial observer via the net. As you pointed out, digitized images alone will not fill the bill, which is why I invented the on-line coroner's service. Anyway, it was fun. -- Jeff From danisch at ira.uka.de Thu Sep 22 08:22:29 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Thu, 22 Sep 94 08:22:29 PDT Subject: Laws Outside the U.S. Message-ID: > Isn't it inevitable that this will -- for the same reasons of equity > among the member countries -- evolve into a single set of laws governing > the *use* of crypto throughout the EC? Probably. But perhaps not for private citizens, but for police, bank, government interaction. Since they opened the borders between the countries they really have a problem. In some towns near to France they have robberies, where the robbers just walk 300 meters to France and can't be caught neither by german nor by french police. At the moment we have a some criminal nazis. (we already had the discussion). They use BBS, Fax and cryptosoftware for their national and international communication. In Italy they have islands with more fax-machines than humans. Could be reason enough for prohibition. > Can you provide any predictions as to its content? No. > It seems to me > that the EC may be a *huge* force -- for good or ill -- with respect to > crypto, depending on which way the rules fall out. It _is_ a huge force. But often more ill than good. :-( They have taken the germans their pretty large, well-tasting and cheap bananas and given them ugly, dark-brown, tiny, expensive ones. Perhaps they will do the same with cryptography. :-{ > In the first place, > because of the sheer size of the EC and the combined power and populace > of its member countries, but also because any internal crypto advantage > the EC is perceived to hold might be an additional spur to liberalization > of US crypto export policy. Smile. As long as the US keep their policy, we have a better market. I like the US policy. :-D Hadmut From voidstar at netcom.com Thu Sep 22 08:53:31 1994 From: voidstar at netcom.com (Scott Corcoran) Date: Thu, 22 Sep 94 08:53:31 PDT Subject: Internet Security: Secure Communications Over Untrusted Networks Message-ID: <199409221551.IAA16831@netcom.netcom.com> please post INTERNET SECURITY SECURE COMMUNICATIONS OVER UNTRUSTED NETWORKS A one-day seminar on November 12, 1994 Embarcadero Hyatt Regency Hotel in San Francisco. Methods of achieving authentication, authorization, confidentiality, integrity, and nonrepudiation are key to the successful realization of the National Information Infrastructure (NII). Today's Internet is a proving ground for what will become the NII. The San Francisco Chapter of the IEEE Computer Society has put together an outstanding program on encryption, intrusion detection, firewalls, architectures, and protocols for Internet Security. Speakers in this seminar will describe several of the main techniques that exist today and the directions in which they are evolving. The seminar will be helpful to engineers, engineering managers and product planners seeking current knowledge of Internet Security. PROGRAM 8:30 a.m. Registration opens 9:00 a.m. Introduction 9:05 a.m. Keynote Address James Bidzos, President of RSA 9:45 a.m. Steven Bellovin, Ph.D., Bell Labs "Firewalls for Computer Security" 11:00 a.m. Teresa Lunt, SRI "Intrusion Detection" 11:45 a.m. Round Table Lunch (incl. with registration) 1:00 p.m. Professor Martin E. Hellman, Ph.D., Stanford "Cryptography: The Foundation of Secure Networks" 2:00 p.m. Dan Nessett, Ph.D., SunSoft and PSRG "Future Internet Security Architecture" 3:00 p.m. Matt Blaze, Ph.D., Bell Labs "Protocols: Security Without Firewalls" 4:00 p.m. "Public Safety vs. Private Liberty" A Panel Discussion on the Social Implications of Internet Security Rex Buddenberg NPS Alan McDonald FBI Stewart Baker formerly of the NSA James Bidzos President of RSA Matt Blaze Bell Labs Martin Hellman Stanford A one day seminar in San Francisco, on Saturday, November 12th, covering private and public-key encryption, key-escrow, fire-walls, architecture and protocols for security, intrustion detection, and a spirited panel discussion on "Public Safety vs. Private Liberty" ! SEATING IS LIMITED. PRE-REGISTER BY OCTOBER 15TH. 9:05 Keynote Address James Bidzos, President of RSA James Bidzos, President of RSA Data Security, will present the keynote address. Mr. Bidzos heads a company whose encryption technologies are licensed for products ranging from computer operating systems, to software copy protection, to electronic mail, to secure telephones. RSA has licensed several million copies of its encryption software, and has become a focal point for debate on appropriate application of cryptography. Mr. Bidzos has gained a unique perspective on the requirements of effective cryptographic systems. He will highlight the problem of providing strong encryption for users of computer networks while meeting the legitimate needs of law enforcement 9:45 Steven Bellovin, Ph.D., Bell Labs "Firewalls for Computer Security" When you connect your computer to the Internet, you also create a channel into your computer. Clever vandals, thieves and industrial spies have found ways to abuse most of the Internet protocols from FTP and Telnet to the World Wide Web and Network Time Protocols. Short of pulling the plug, firewalls provide the surest defense. The firewall administrator must keep abreast of new methods of attack and understand how firewalls can mitigate the threat. Steven M. Bellovin, Ph.D., is a senior researcher at AT&T's Bell Laboratories and co-author of the well known guide "Firewalls and Internet Security: Repelling the Wily Hacker." As one responsible for protecting "the phone company" from Internet hackers, Dr. Bellovin can describe from firsthand experience how firewalls can be constructed to screen them out. Dr. Bellovin will join us in a live video teleconference from Bell Laboratories. 11:00 Teresa Lunt, SRI "Intrusion Detection" Inevitably, someone will try to breach your firewall and might succeed. The time it takes you to discover the intrusion and catch the culprit depends on the event logging you have established. However, logging the many different transactions that might expose trespassing produces mountains of data. Automatic digestion of the logs is the only hope of monitoring them all. Teresa F. Lunt, Director of Secure Systems Research at SRI's Computer Systems Laboratory, directs work in multilevel database systems and intrusion detection. Ms. Lunt will describe intrusion detection and demonstrate automated tools developed at SRI to analyze audit data for suspicious behavior. 1:00 Professor Martin E. Hellman, Ph.D., Stanford "Cryptography: The Foundation of Secure Networks" Data in transit across unsecured networks like the Internet are subject to wiretapping attacks and impersonation. Moreover, privacy of communication and authentication of the sender's message are essential to Internet commerce, with exchange of contracts, receipts, credit card drafts and the like increasingly commonplace. Encryption can solve some of these problems, but what kind of encryption? Authentication only or encrypted messages? Secret key or public key, or both? Will you need a giant key ring for mes sage keys, session keys, file keys, and passwords? Martin E. Hellman, Ph.D., Professor of Electrical Engineering at Stanford University, is co-inventor of public key cryptography with Whitfield Diffie and Ralph Merkle. He was elected a Fellow of the IEEE for contributions to cryptography. Dr. Hellman will explore threats to communication and costs of electronic countermeasures. He will explain the importance and means of authenticating electronic messages, and he will survey public key cryptography. Dr. Hellman will describe public key techniques including Rivest-Shamir-Adleman (RSA), Diffie-Hellman, ElGamal and Digital Signature Standard (DSS). He will also describe the current status of export control and encryption standards such as the Data Encryption Standard (DES), Escrowed Encryption Standard (EES) and its encryption algorithm, Skipjack, which is implemented in Clipper and Capstone chips. 2:00 Dan Nessett, Ph.D., SunSoft and PSRG "Future Internet Security Architecture" Dan Nessett, Ph.D., of the SunSoft Division of Sun Microsystems, and until recently with Lawrence Livermore National Laboratory, has worked extensively in local area networks, distributed operating systems and distributed systems security. He is a member of the Privacy and Security Research Group (PSRG), which is convened under the auspices of the Internet Society. Dr. Nessett will explain the emerging Internet security architecture work undertaken by the PSRG. The architecture will guide the development of security mechanisms used in Internet standards. 3:00 Matt Blaze, Ph.D., Bell Labs "Protocols: Security Without Firewalls" We use firewalls because Internet protocols are not inherently secure. Can we rehabilitate the Internet protocols to produce protocols which are secure, not computationally prohibitive, and compatible with existing protocols? Matt Blaze, Ph.D., of Bell Laboratories will talk about the problems of integrating cryptographic protection into large-scale network infrastructure. Dr. Blaze is the author of "A Cryptographic File System for Unix," presented at the 1993 ACM Conference on Communications and Computer Security, and co-author with John Ioann idis of "The Architecture and Implementation of Network-Layer Security Under UNIX," which describes "swIPe," a network-layer security protocol for the IP protocol suite. Dr. Blaze will address issues concerning network security protoc ols, key management and distribution, and threats and models for cryptographic engineering. 4:00 A Panel Discussion on the Social Implications of Internet Security "Public Safety vs. Private Liberty" At one end of an imagined security spectrum lies the information police-state. Through traffic analysis, mandatory personal ID numbers and escrowed encryption, and the ability to record all messages and commerce carried out on the Information Superhighway, governments could maintain dossiers on every aspect of the personal life and business of its citizens. Privacy advocates fear that a corrupt government could use such information against its political enemies and to subvert personal freedoms. At the other extreme lies information anarchy. Through the use of digital cash, anonymous remailers, and strong non-escrowed encryption, the Information Superhighway could become a hide-out for criminals and national security threats. The potential for black-market activity and the associated tax-evasion is so enormous that some have speculated that governments could eventually collapse. Law-enforcem ent advocates fear that they will be unable to keep up with criminals and terrorists who ply their trade electronically. Our distinguished panel will provide insight into the interplay between the rights of individuals to privacy and freedom, the rights of companies to conduct unrestrained trade, and the ability of law enforcement and security agencies to perform their functions efficiently. This conclusion to the seminar will put into perspective the social changes that might be wrought by the technical advances discussed earlier in the day. Panelists include: Rex Buddenberg NPS Alan McDonald FBI Stewart Baker formerly of the NSA James Bidzos President of RSA Matt Blaze Bell Labs Martin Hellman Stanford Rex Buddenberg, Instructor of information systems architecture and applied networking at the Naval Postgraduate School, will moderate the panel. Mr. Buddenberg is a maritime command, communication, control and intelligence (C3I) consultant and a computer networking author. As a C3I architect for the U.S. Coast Guard, he developed plans and specifications for extending Internet connectivity to oceanographic ships. Mr. Buddenberg contemplates the means and effects of net warfare as both the good guys and bad guys share the same network. Alan McDonald, Special Counsel for Electronic Surveillance Matters, Information Resources Division, Federal Bureau of Investigation, is a specialist in the law and policy concerning electronic surveillance, Digital Telephony, and encryption issues. He frequently represents the FBI's view of law enforcement equities in light of advanced telecommunications and encryption. Stewart Baker is a former General Counsel to the NSA and a partner in Steptoe & Johnson, a Washington, DC law firm. His expertise is in telecommunications, computer export policy, security of national information infrastructure and encryption. Mr. Baker brings direct experience with the problem that strong encryption creates for the NSA in protecting our national security. QUESTIONS? CALL (415)-327-6622. Cut-off and complete this form, enclose your check payable to the IEEE SFCS, and mail to: IEEE Council Office 701 Welch Rd. #2205 Palo Alto, CA. 94304 To qualify for the reduced Pre-registration fees, your application with check must be postmarked no later than Oct. 15, 1994. Registration fee includes lunch, refreshments, and parking. Seating is limited. To make sure the seminar is not sold out, call (415) 327-6622. please check the appropriate box Fees on or before Oct. 15th: ___ IEEE Member $ 110 ___ Non-member $ 120 ___ Student $ 85 Fees after Oct. 15th: ___ IEEE Member $ 125 ___ Non-member $ 145 ___ Student $ 100 (students must present ID) The seminar location is the Hyatt Regency Embarcadero Hotel, near the Ferry Building, in San Francisco. Your registration fee includes the all day seminar, lunch, and convenient parking in the garages underneath adjacent Embarcadero Centers 1, 2, or 3. (Keep your ticket for validation). Please print clearly: Name : __________________________________________ Title : __________________________________________ Company: __________________________________________ Address: __________________________________________ __________________________________________ _______________________________ ___ ______ Day phone #:(___)_____-_______ IEEE member (or affiliate) #:_______ ____ (for discount) College/University (if student):___________________ ___ Vegetarian lunch option Refunds will be honored through October 22nd, substitutions any time. Additional information can be obtained by telephoning the IEEE Bay Area Council Office: (415)327-6622. IEEE SFCS RESERVES THE RIGHT TO MAKE CHANGES TO THE SEMINAR Sponsored by the San Francisco Chapter of the IEEE Computer Society. The IEEE is a non-profit organization. From unicorn at access.digex.net Thu Sep 22 09:56:37 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Thu, 22 Sep 94 09:56:37 PDT Subject: On the crime bill and remailers In-Reply-To: <199409201544.IAA04102@jobe.shell.portal.com> Message-ID: <199409221655.AA02106@access1.digex.net> Hal scripsit > > Black Unicorn writes: > >I believe anonymous > >remailers have some use. But they are so targeted to prevent GOVERNMENT > >observation and intercepts, that they just plain look bad. > > I strongly disagree with this. Anonymous remailers as presently constructed > will be almost completely ineffective against any significant government > attempts to surveil email traffic. The government does have the resources > today to defeat most uses of remailers. Since present-day remailers lack > padding features, the correspondence between incoming and outgoing messages, > even with encryption, is relatively easy to establish. This is made worse > by the lack of general support for reordering, which renders the task > almost trivial. While I believe you are correct that remailers are not currently secure against the kind of assets a government would use against them, this was not my point. The benchmark we all seem to use in evaluating the security of any of the new crypto/cypherpunk technologies are the government abilities. How strong is a remailer one asks? Immediately a slew of answers as to how the government could penetrate the system come out. (See above) Then, immediately following, come suggestions to defeat these methods. The key effort is to defeat the worst case technology and the best funded attacker. Is this not a basic axiom of cypherpunks, and cryptography in general? I would argue so. The fact that remailers may or may not be able to withstand government level attacks is academic. The point is they are designed increasingly so. The point is not if we are 75% there, or 100% there, but that the perception will be that the goal is to make them entirely secure. Only programs like the Clipper program do otherwise. The entire POINT is to have the most secure system possible. Do cypherpunks intentionally cripple their software now? How long was I gone? > > Instead, anonymous remailers are clearly targetted against non-government > traffic analysis, generally local associates, system operators, employers, > supervisors, and so on. They allow people to communicate without > repercussions and retribution at work or at school. They let people exchange > email in an insecure environment while hiding both the message address and > its contents. They allow whistle blowers to expose malfeasance without > being punished. These are the kinds of things the remailers are good for. Are good for perhaps, but the theory, the practice will always appear to be anti-authoritarian. In my eyes this is a GOOD thing, in the context of criminal offense, and how the process is likely to be seen by a court.... > Claims here that remailers are designed to support sedition or to > prevent government surveillance are both wrong and harmful. This kind > of material could show up at some future prosecution of a remailer > operator. It is important that we understand clearly what the capabilities > and limitations of current remailers are. Apples and oranges. The current capabilities and the design goal are two different things. You know as well as I that all this will boil down to the words: "Defendant attempted to use used a computer remailer to mask his transactions from authorities. Detective Blow was successful in defeating the defendants efforts and presents the evidence before us today." As for this material being used in court for intent purposes, since when has censorship been a policy here. Are we now in the business of watching what we say in order not to step on too many toes? Are there not thousands of messages with the words "But if the NSA can do X, shouldn't we try Y" on this list? How will these look? > Hal -uni- (Dark) -- 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From unicorn at access.digex.net Thu Sep 22 10:03:04 1994 From: unicorn at access.digex.net (Black Unicorn) Date: Thu, 22 Sep 94 10:03:04 PDT Subject: On the crime bill and remailers In-Reply-To: <9409201556.AA17067@ah.com> Message-ID: <199409221701.AA02407@access1.digex.net> Eric Hughes scripsit > > Black Unicorn writes: > >But they are so targeted to prevent GOVERNMENT > >observation and intercepts, that they just plain look bad. > > I strongly disagree with this. Anonymous remailers as presently constructed > will be almost completely ineffective against any significant government > attempts to surveil email traffic. > > Is this the national security part of government, or the law > enforcement part of government? Certainly the national security > apparatus has the technical means to defeat the current remailers, > but does the FBI or (even more unlikely) the local cops? > > True, the FBI could ask for a data tap on the connections to a > remailer, but they would have to know how to do it, first, and in any > case it would be very expensive. Compatible remailers spanning the > globe could be argued evidence of an attempt to thwart law enforcement > access by internationalization. Certainly remailers hinder law > enforcement, if not actually prevent it. While I agree that remailers could eventually, if not already deter the local cops, and perhaps even federal enforcement, my point was more design goal, not current capability. This distinction is likely to be lost in any court proceedings, or in any FISA proceeding. Again, it means nothing that remailers do or do not have the capability to deter this or that kind of attacker, but that they are not intentionally crippled to allow government circumvention. If I use a scanner to listen to police activity while committing a crime, and such an offense is an obstruction charge in my jurisdiction, does it matter that I was a moron and that I had it tuned to the wrong channel, and was caught? What if the scanner was too primitive to deal with the new 800 MHZ police band? Am I still guilty? What if I was using it to listen to the weather forecast so the stolen flour wouldn't be rained on? Isn't it obvious that the judge will take a dim view of ALL these examples? In this context isn't it important to examine these possibilities as if they are a threat with an eye toward addressing them and making remailers immune to this type of argument? > > And in the end, it's a court that decides, not a military tribunal. > Uni's argument is worth examining and does not fall down on its face. > Why thank you Mr. Hughes! :) > Eric > -uni- (Dark) -- 073BB885A786F666 nemo repente fuit turpissimus - potestas scientiae in usu est 6E6D4506F6EDBC17 quaere verum ad infinitum, loquitur sub rosa - wichtig! From franl at centerline.com Thu Sep 22 11:12:52 1994 From: franl at centerline.com (Fran Litterio) Date: Thu, 22 Sep 94 11:12:52 PDT Subject: Where to get the CYPHERNOMICON other than ftp.netcom.com? Message-ID: ftp.netcom.com is always maxed out with connections. Is there somewhere else I can download the CYPHERNOMICON from? A Web site perhaps? -- Fran Litterio franl at centerline.com (617-498-3255) CenterLine Software http://draco.centerline.com:8080/~franl/ Cambridge, MA, USA 02138-1110 PGP public key id: 1270EA1D From hughes at ah.com Thu Sep 22 12:00:10 1994 From: hughes at ah.com (Eric Hughes) Date: Thu, 22 Sep 94 12:00:10 PDT Subject: HIT MEN In-Reply-To: Message-ID: <9409221822.AA20694@ah.com> I'm sorry, but this is patently ludicrous. This is not a MUD or MOO. We're not talking about game theory and the "iterated prisoner's dilemma." This is about the real world. Game theory _does_ make a distinction between activities that make victims and those that don't. Gambling is victimless. All parties consent to the transaction. The end result is a rearrangement of economic power. There is a small indirect loss to the extent that the two bettors make effort conducting this transaction, but this effort is not freely usable by other parties. Murder has victims. The dead did not consent to their death. There is a direct economic loss in the now unavailable abilities of the dead and indirect economic loss in the process of disposing the dead's affairs. It is not, however, the direct parties to the "transaction" where the game theory applies, but rather in the relation of other parties. If I know that two people are betting with each other, that doesn't affect me, because their activity is completely consensual. If I don't want to gamble, I don't have to. I can't deny my gambling debts if I've never used an opportunity to get any. On the other hand, everyone has enemies and everyone has different enemies at different times. Each person has some risk of being murdered, be it large or small. The relationship between a murderer, their agent, and the victim is _not_ separable from my own interest, because I stand some non-negligible possibility of being the victim in the future. Therefore it is in my own best interest to take action against a structure of murder for hire if the cost of that action is less than the marginal cost of my risk against murder. In other words, the cheaper murder for hire is, the more people there will be who will be interested in making sure it doesn't exist. Risk is a subjective entity. The less able one feels able to identify and analyze potentially harmful events, the higher the risk is. A major change in situation, for example, the existence of a truly anonymous murder market, greatly increases risk, because nobody has experience in how such might behave. Do not be surprised if many, many people take it upon themselves to quash the building blocks for a murder market. Ironically, if it seen that the limiting factor in deployment of these markets is the creative thought of the designers, it will be in the best interest of many people to use these incipient markets to prevent their further growth. Eric From tcmay at netcom.com Thu Sep 22 12:49:32 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 22 Sep 94 12:49:32 PDT Subject: Cyphernomicon FAQ -- Review in "Wired" Message-ID: A couple of items of interest: 1. Rishab Aiyer Ghosh tells me he has committed to write a review of the Cyphernomicon FAQ for "Wired," for either December or January publication. I had nothing to do with this, and it surprised me when he contacted me to notify me. (I reminded him of the "pre-release" status, the incompletenesses and holes, but he feels it's still timely to review it. And by the time his review gets printed, a newer revision will be available.) I'll make some comments later, but I of course urge Rishab to make his own comments here. 2. The Cyphernomicon is available in two main places that I know of: * My own anonymous ftp site: ftp.netcom.com, in pub/tcmay - 6 files, including the full FAQ, listed as "CP-FAQ" - and 2 flavors of this in compressed and gzipped forms - Contents, MFAQ (Most Frequently Asked Questions), etc. - Netcom has been having performance problems, lately * The Karl Barrus/Chael Hall gopher and ftp site: gopher chaos.bsu.edu - Karl has split the full CP-FAQ file into 20 chapters, each of which can be individually retrieved/mailed. The Cyphernomicon can of course be put on other ftp sites, though this complicates the version control problem. I would appreciate it if anybody who does put it on an ftp site agrees to keep it current, to periodically check my own ftp site and copy over newer versions. (I think the approach of _pointers_ to a few sites is a better approach than copying the actual documents to many sites. The most popular docs will be replicated at more sites, but I think the Cyphernomicon FAQ is sufficiently specialized that a few sites will be enough...that might change if Rishab's review in "Wired" meets with interest...) 3. Hal Abelson, Professor of Computer Science at MIT, has asked me if he could convert the FAQ into a Web document for his class on "ETHICS AND LAW ON THE ELECTRONIC FRONTIER." I have great respect for Hal--co-author of course of the seminal "Structure and Interpretation of Computer Programs"--so I responded favorably. He says that if I agree, which I did, he'll leave the Web doc available permanently, even after the class is over. More on what the URL is when it's ready; you can try http://martigny.ai.mit.edu/6095, which is his home page for his class. 4. Yes, I still have concerns about multiple, out-dated copies floating around. I worry about people going to great lengths to "Webify" the version they have, and then being unwilling, naturally enough, to repeat the work each time a new version appears. I worry that the "pre-release" version, the version 0.666 I released, will become frozen/encrusted/trapped in the silk of the aptly-named "Web" and thus forever be the de facto public release. (Unless I abandon the writing tools on my own computer and instead concentrate only on adding links and making changes to the Web version. This I just won't do.) 5. Rishab is especially anxious to get CompuServe, AOL, etc., versions available, or referenced in his review in "Wired." Thus, if any of you want to make this conversion, download the FAQ, or the chapters (from Karl's site), etc., and _agree to keep the version relatively current_, then this would be a Good Thing. (I'm not sure the advanced stuff in the Cyphernomicon, stuff about remailers, digital cash, etc., is the most useful stuff for typical "Wired" readers, given the questions the material will generate (as it does on our own list!), but this is not my call to make. Rishab says the editors at "Wired" want his review, so it's out of my hands.) Rishab says he needs to have the CompuServe/AOL/etc. addresses by 27 September, as his review is due on 1 October. So, not much time. There are of course major _size_ problems. I tried to e-mail the FAQ to one list member without ftp access who assured me his mail system could handle it--but it couldn't. And another list member uses a VAX, and only the first line would transfer. The compressed versions have also caused problems for some folks (though not to others, so I know the versions are kosher). Frankly, I shudder to think about the AOL and CompuServe folks, not to mention the Prodigy customers, trying to get a megabyte-plus file, or a gzipped file! So, if someone makes this available, please be careful to make sure it is really retrievable and readable on these systems. Thanks. --Tim May .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway." From pjm at gasco.com Thu Sep 22 12:57:03 1994 From: pjm at gasco.com (Patrick J. May) Date: Thu, 22 Sep 94 12:57:03 PDT Subject: End of HIT MEN thread In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- (I just want to see how long a thread with the subject "End of ... thread" can keep going.) Jeff Barber writes: > After considerable struggle, I have finally succeeded in coming up with > a mechanism through which the hiring party and the murderer-for-hire > can make a contract through the escrow service in such a way that the > escrow service doesn't know that the contract is for murder. I'm interested in your solution. Mine is to set up the escrow payment seperately from the verification. The escrow agent would release the funds when instructed to do so by a specified verification agent. This eliminates the risk of the escrow agent keeping the money without losing reputation. Now, the verification agent knows that it is certifying that a murder took place and could collude with the escrow agent to split the money, or with the victim's insurer to get a reward, etc. This agent would have to be paid by both the contractor and contractee, regardless of outcome, to remove incentive to collude with the person paying the fee. Therefore, the profit from collusion must be less than the cost of the loss of reputation. If one makes the assumption that such agencies will not care about reputation, such arrangements are impossible. I question this assumption. Also, escrow agents will not deal with known hit verifiers, so the entity that runs such a service must also run a legitimate verification service or have a method for funneling verifications through a legitimate service. > This much I will say: I believe that *IF* there is a way to prove to > the satisfaction of an unbiased third party that the intended victim is > in fact dead [I'm not at all sure of this -- and this is where my > additional assumptions come in], *THEN* the contract can be structured > in such a way that the knowledge of the contract details are hidden > from the escrow service who's overseeing the performance of the contract. I agree (please punch holes in my proposed scenario). I don't know how to provide such a proof. The hit verification agent will have to attend a lot of autopsies and funerals. Regards, Patrick May pjm at gasco.com -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLoHebxByYwhWPvz1AQEd9wP+PaxvOdYbRFJ5AN+RwPT3xNJCf/LBAYXB zeV7/eqjmXQGj9U55FIenw0aIft4si95h3aauB+9/n+PZOtJI7VOoz3igGMTiXX2 0OGqrO2RCrpruH+hc2g8o/xUL/aFsqIVlEJuDmadBeulHTj+Fr16BfTUJ5YjX1rQ scDNLGnR9DA= =wtty -----END PGP SIGNATURE----- From jamesd at informix.com Thu Sep 22 14:34:47 1994 From: jamesd at informix.com (James Donald) Date: Thu, 22 Sep 94 14:34:47 PDT Subject: Tedious Chomsky arguments, some small remailer relevance. Message-ID: <9409222134.AA01859@carbon.informix.com> chen at intuit.com (Mark Chen) writes an amazing article worthy of Chomky himself I note that Chomsky fans, like Chomksy himself, have no shame in lying bare faced in public. > There is no mention anywhere of moral superiority. There > is a statement of the demonstrable fact that "the editors > and the ambassador, in the not very distant past, have > supported racist murder on a scale that exceeds Amin's > wildest fantasies," referring, perhaps, to the (then) > .... One: Chomsky's claim clearly implies a claim of extreme moral superiority. Two: Your claim, and Chomsky's claim, is a flagrant lie Amin murdered three hundred thousand people, ate a few of them, and daydreamed out loud of extending a similar rule over all of black Africa. 2.1. Even if the Ambassador and the editors of the New York times had personally commanded the repression and man made famine in East Timor they could not have clocked up as many as Amin did in real life, let alone in Amin's "wildest fantasies". 2.2 It is completely false that the New York times supported the genocide in East Timor. They were sympathetic to, or tolerant of, the wrong side in East Timor, but, unlike Chomsky, they did not support genocide. Nothing the New York times said or did remotely compares with Chomsky's enthusiastic support of Pol Pot's genocide in Cambodia. Chomsky compared Pol Pot's genocide to the denazification by the French Resistance after world war II. When did the New York Times compare Indonesia's repression in East Timor to reconstruction after the American Civil War? More rationally, Mark Chen claims that I have failed to make my case that Chomsky is seeking to achieve a totalitarian state in America by democratic, constitutional, and institutional methods, as the National German Socialist Workers party did in Germany, rather than by revolutionary methods, as the Bolsheviks did in Russia. Certainly it is true that Chomsky never says in so many words "Hey let us imitate the great methods that Pol Pot used in order to make sure the will of the people prevails over the immensely powerful secret conspiracy by evil racist capitalist imperialists." But Chomsky defines peoples free choice to say one thing rather than another thing, to listen to one source rather than another source, to be "extreme coercion and control". With this definition, it obviously follows that exterminating those who engage in "extreme coercion and control" is an act of self defence. When a socialist argues labor theory of value, I know he is planning to rob me. In the same way, when Chomsky argues that speech is coercion, and choice is submission, I know that he and his pals in the government are planning to enhance our civil liberties by protecting us from that speech, and to enhance our lives by rescuing us from that submission. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From jeffb at sware.com Thu Sep 22 14:49:21 1994 From: jeffb at sware.com (Jeff Barber) Date: Thu, 22 Sep 94 14:49:21 PDT Subject: End of HIT MEN thread In-Reply-To: Message-ID: <9409222112.AA21826@wombat.sware.com> Patrick J. May writes: > (I just want to see how long a thread with the subject "End of ... > thread" can keep going.) I admit, not a very good title with which to continue the thread. > Jeff Barber writes: > > After considerable struggle, I have finally succeeded in coming up with > > a mechanism through which the hiring party and the murderer-for-hire > > can make a contract through the escrow service in such a way that the > > escrow service doesn't know that the contract is for murder. > > I'm interested in your solution. Mine is to set up the escrow > payment seperately from the verification. The escrow agent would > release the funds when instructed to do so by a specified verification > agent. This eliminates the risk of the escrow agent keeping the money > without losing reputation. I simply took it one step farther and did away with the need for verification of a "hit" (of course it's replaced by a step which verifies the "death" but does not require that it appear to be a hit). I did this by assuming into existence an on-line coroner's "clearinghouse" to which ALL the coroners belong and to which all death certificates are filed. This way, no one other than the killer and the hiring party need ever know that a hit has taken place. If the clearinghouse provides an automated e-mail server (or functional equivalent) which will answer the question "Is dead?" with a response message in a standard format and encrypted with a key provided in the request, then the killer and the employer can cooperate in the creation of a request packet and an "expected response" packet. In my scheme, another trusted agent is required during the setup phase -- his only function is to ensure that the employer doesn't cheat in the preparation of these packets. Then, the employer simply gives the encrypted expected response packet to the escrow service with instructions to pay the killer when he can produce a copy of the packet. The killer will only be able to obtain this when the coroner's clearinghouse responds to a query with the "victim is dead" response encrypted in the key prepared by the employer. This key is known only by the employer but was also used in the preparation of the expected response packet. So, the steps are: 1 Employer creates a key P (which he does *NOT* disclose to Killer). 2 The two now cooperate in a set of transactions with Trent using P and C (where C is the public key of the clearinghouse). 3 First, Killer provides plaintext of the request, plaintext of the expected response and the public key of the clearinghouse to Trent. 4 Then, Employer provides P, the plaintext of the expected response and the public key of the clearinghouse to Trent. 5 Trent verifies that both copies of the plaintext of the expected response and both copies of the public key are the same (so that neither of the parties can cheat the other). 6 Now, Trent takes the plaintext of the request, appends P and encrypts the results with the public key of the clearinghouse. This he gives to Killer (doesn't matter if Employer sees it too). 7 And, Trent takes the plaintext of the expected response, encrypts it with P and gives the result to Employer (only). (He also gives a hash of it to Killer so that Killer can verify that Employer gives the same packet to the escrow service below.) 8 Employer gives the encrypted expected-results packet (along with the money, etc.) to the Escrow service with the instructions that Killer can have the money when he produces an exact copy of the packet. 9 After verifying that the escrow service has the money, and that the hash of the packet held by the escrow service matches what Trent gave him, Killer whacks the victim. 10 Within a few days, the victim's death is is duly filed in the clearinghouse. Now, Killer can send the encrypted request packet produced by Trent to the clearinghouse. 11 The clearinghouse uses its private key to decrypt the request producing the plaintext request along with a key (P) in which to encrypt the response. 12 Since the victim really is dead, the clearinghouse produces a plaintext equivalent to the original expected-response plaintext, then encrypts it with P, producing the magic cookie Killer needs to get his money. 13 The clearinghouse returns the results to Killer who forwards a copy to the escrow service along with his demand for the money. 14 The escrow service pays off -- end of contract. Probably, this could be modified so that Trent doesn't need to see the plaintext request and response, but I'd have to get out Schneier and spend all night thinking about that. Also, it doesn't seem that important since the request and response are small snippets of text that Trent operates on a hundred thousand times every day. Furthermore, all Trent can do is refuse to perform the transaction -- neither of the parties to the contract will be out a dime if he won't. > I agree (please punch holes in my proposed scenario). I don't > know how to provide such a proof. The hit verification agent will > have to attend a lot of autopsies and funerals. Avoiding this is the primary reason I have the coroner's association. In essence, all that is needed is a trusted source of information about the real world. It could just be an ordinary general purpose information retrieval service, except that it has to know about deaths of particular individuals and I don't see any route other than the on-line coroner for the information to make it into "cyberspace". OK, now that that's done with... Unless goaded into another response, I too will shut up about this thread. -- Jeff From ianf at wiley.sydney.sgi.com Thu Sep 22 15:38:23 1994 From: ianf at wiley.sydney.sgi.com (Ian Farquhar) Date: Thu, 22 Sep 94 15:38:23 PDT Subject: (Fwd) Internet Security: Secure Communications Over Untrusted Networks Message-ID: <9409230835.ZM1769@wiley.sydney.sgi.com> > of effective cryptographic systems. He will highlight the > problem of providing strong encryption for users of computer > networks while meeting the legitimate needs of law enforcement ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Has anyone else noticed how this exact phrase keeps popping up time and time again? I for one don't consider it axiomatic, and have grave doubts that LEO's do have a legitimate SIGINT requirement at all. It looks like the opposition are formulating their own catch-cries now. Ian. #include From Richard.Johnson at Colorado.EDU Thu Sep 22 16:10:44 1994 From: Richard.Johnson at Colorado.EDU (Richard Johnson) Date: Thu, 22 Sep 94 16:10:44 PDT Subject: "Legitimate" needs of LE (Was Re: (Fwd) Internet Security: Secure Communications Over Untrusted Networks) In-Reply-To: <9409230835.ZM1769@wiley.sydney.sgi.com> Message-ID: <199409222310.RAA02405@spot.Colorado.EDU> -----BEGIN PGP SIGNED MESSAGE----- | > ... networks while meeting the legitimate needs of law enforcement | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | Has anyone else noticed how this exact phrase keeps popping up time | and time again? I for one don't consider it axiomatic, and have | ... That "legitimate needs of law enforcement" phrase raises my hackles every time I see it. My contrary nature makes me want to shout questions like, "Just what *are* the legitimate needs of law enforcement?" and, "Who decides what the legitimate needs of law enforcement are? Law enforcement personnel? Bwahahahah." A more effective response might be to point out (with sufficient force) that "we still, as a nation, haven't decided what the legitimate needs of law enforcement are." Therefore, anyone, especially someone with a political power interest in the matter, who asserts we have decided is attempting to end-run our democracy and usurp power. This whole business that Freeh keeps peddling, for example, about the number of wiretaps (oh, excuse me, the number of wiretaps and remote listening posts and oh so many other kinds of surveillance) to back up his demands for big brother powers over all of us, well, it begs the question. Rich -----BEGIN PGP SIGNATURE----- Version: 2.3a-sterno-bait iQCVAwUBLoIcBPobez3wRbTBAQHCCwP+JTeAes5mxXq/KzazC1VYKTS6Zk+sLreE X3J3ZJU6LKM/DHqeXIe0XGWMNUM1chwh87kd0NGxe9n01XIR73a4slKKsIqk00vS lW8xfCBEJlFNDatbmfcvV2eirBF3cFVeRf63uIB//Qnc3yUFKWBXUuPZrEyqvLlq 49hmB+VDDCk= =QAa2 -----END PGP SIGNATURE----- -- Loudyellnet: Richard Johnson | Sneakernet: ECNT1-6, CB 429, CU Boulder Phonenet: +1.303.492.0590 | Internet: Richard.Johnson at Colorado.EDU RIPEM and PGP public keys available by server, finger or request Speaker to avalanche dragons. Do you really think they listen? From chen at intuit.com Thu Sep 22 16:16:02 1994 From: chen at intuit.com (Mark Chen) Date: Thu, 22 Sep 94 16:16:02 PDT Subject: Tedious Chomsky arguments, some small remailer relevance. In-Reply-To: <9409222134.AA01859@carbon.informix.com> Message-ID: <9409222315.AA11602@doom.intuit.com> James Donald rants: > chen at intuit.com (Mark Chen) writes an amazing article > worthy of Chomky himself Thank you. Now please take your blustering somewhere where it's relevant. Like alt.paranoid.schizophrenics. I'm tired of wiping saliva off of my e-mail. -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From sandfort at crl.com Thu Sep 22 16:16:14 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Thu, 22 Sep 94 16:16:14 PDT Subject: OK, *THIS* IS MY LAST WORD...HONEST Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, That sneaky Jeff Barber has lured me out for one last word; cross my heart and hope to be assassinated by a digitally anonymous crypto-murderer. He wrote: I'm sorry that you're signing off this thread, particularly since it was you that challenged others to "disprove" your scenarios. That was not my main *challenge*. My shoot-from-the-hip scenarios were meant to be illustrative. I wanted Cypherpunks to use their powers for good, not evil. My primary challenge was to think up ways to defeat digital murders for hire. Why? Because: (1) Cypherpunks support strong crypto and other technological means for securing personal privacy. (2) We have enemies who are attempting to suppress such techniques by inflaming the general public with sensationalistic claims (e.g., PGP pedophiles, Net narcotraffickers, anonymous assassins). (3) To offset these tabloid bugaboos, it is in our best interest to solve these "problems" rather than to think up new and better ways to create crypto-chaos. Now everybody can either waste their time thinking up really neat-o keen-o ways to whack innocent spouses, business enemies and rich uncles, or you can support strong crypto and privacy by thinking up ways to mitigate the potentially negative side-effects of crypto-anarchy. Don't forget why we tune into the Cypherpunks Channel. Let's keep our eyes on the prize. I now say adieu to this thread for the second, and last, time. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From jim at bilbo.suite.com Thu Sep 22 16:24:54 1994 From: jim at bilbo.suite.com (Jim Miller) Date: Thu, 22 Sep 94 16:24:54 PDT Subject: It's MEME time!!! Message-ID: <9409222323.AA27984@bilbo.suite.com> I thought I'd jump onto the meme-creation bandwagon before it gets too full.. Cryptography - it's not just for governments anymore! --- Clipper and the Wiretap Bill: salvos in the War On Privacy! --- The price of security is continuous surveillance. --- Denning's Dilemma: Privacy or Oppression. There's no middle ground. --- Surrender Dorothy! From blancw at microsoft.com Thu Sep 22 16:37:06 1994 From: blancw at microsoft.com (Blanc Weber) Date: Thu, 22 Sep 94 16:37:06 PDT Subject: Chomsky Arguments / Redefinitions Message-ID: <9409222338.AA01059@netmail2.microsoft.com> From: James Donald But Chomsky defines peoples free choice to say one thing rather than another thing, to listen to one source rather than another source, to be "extreme coercion and control". With this definition, it obviously follows that exterminating those who engage in "extreme coercion and control" is an act of self defence. . . . . . . In the same way, when Chomsky argues that speech is coercion, and choice is submission, I know that he and his pals in the government are planning to enhance our civil liberties by protecting us from that speech, and to enhance our lives by rescuing us from that submission. ...................................................................... .......... I haven't read Chomsky and have limited acquaintance with the labor theory of value, but I can appreciate the games people can play with torturing definitions to mean other than what is usually understood, until it isn't possible to recognize them. I can't know if what you are saying about him is true, but I must say, you indicate well the things which it is important to pay attention to when someone prepares an intellectual pathway by means of the re-definition of the meanings of acts. If that is what he does, I would be suspicious, too. Blanc From blancw at microsoft.com Thu Sep 22 17:11:29 1994 From: blancw at microsoft.com (Blanc Weber) Date: Thu, 22 Sep 94 17:11:29 PDT Subject: THE LAST WORD... (maybe) Message-ID: <9409230012.AA02451@netmail2.microsoft.com> From: Sandy Sandfort Now everybody can either waste their time thinking up really neat-o keen-o ways to whack innocent spouses, business enemies and rich uncles, or you can support strong crypto and privacy by thinking up ways to mitigate the potentially negative side-effects of crypto-anarchy. ................................................................ Isn't it just another means to an end, like all others. Should only a few be allowed to use a system, method, or invention; should there be barriers against tools because someone might misuse them or misapply them, etc. (same arguments) My question, in noting the possibilities discussed, was to consider what the means of defense would be against such an event transpiring. Not a responsibility for some law-enforcement agency to take up, but for potential victims. Not that there is anything specific which cypherpunks should think up to counter the possibility that crypto will be used for murder-for-hire, but just that it is always necessary for independent anarchist types to arrange for their own solutions to the problems of technological advancement (or any other kind). "Technology" (actually, technologists) make new things possible or easier, and those who exist in the milieu within that culture must find a way to deal with the consequences of the new introduction into their midst. That is the ideal, right - you ascend to new heights of knowledge, ability, and efficacy, rather than keeping everyone on a lower level of functioning because someone might get out of hand and create a problem for others. I wouldn't think, "oh, it can't be done", simply because I myself can't imagine it. I would think, "so - what could I do about that", seeing as how it could be possible to someone and as how it isn't realistic to expect to be able to stop *every* one from reasoning along those lines. And I can think of things which an individual could do to deal with such contingencies, but could there be a crypto solution? Blanc From jamesd at netcom.com Thu Sep 22 17:52:09 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 22 Sep 94 17:52:09 PDT Subject: Chomsky Arguments / Redefinitions In-Reply-To: <9409222338.AA01059@netmail2.microsoft.com> Message-ID: <199409230049.RAA20560@netcom8.netcom.com> Blanc Weber writes > I haven't read Chomsky and have limited acquaintance with the labor > theory of value, but I can appreciate the games people can play with > torturing definitions to mean other than what is usually understood, > until it isn't possible to recognize them. Thank you for your kind words. By the way when I called this thread "more tedious Chomsky stuff" I was perfectly serious - This thread has been beaten to death time and time again, and many people have a kill file that automatically kills anything with Chomsky in the header. Chomsky correctly points out all sort of lies and bias in the mass media. Since some the evils he points to are indeed real and indeed wrong, people automatically sympathize with what he says. (He pulled terrible clangers on Pol Pot and Idi Amin, but this is irrelevant to the argument. Even when the misleading statements that he complains about are real and evil, the language he uses still implies that coercive solutions to the problem are just, necessary, and will make us more free.) The problem is that if you call it media bias, you imply one class of solutions. If you call it a coercive system of power and control, you get a different class of solutions. The language that Chomsky uses suggests to me he very much favors that other class of solutions. But it is absolutely true, as the supporters of Chomsky claim, that Chomsky has never said explicitly in so many words, that coercive solutions to the problem of political untruths, are good. On the other hand he has never said that they are bad either, and the language he uses would` tend to make a reasonable person feel that coercive solutions to this problem are good. Obviously the problems that Chomsky justly complains about are largely solved when everyone owns their own printing press, or its network equivalent. But for some strange reason I do not hear him saying "Hurrah, the cavalry have arrived." -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From klbarrus at owlnet.rice.edu Thu Sep 22 17:54:28 1994 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Thu, 22 Sep 94 17:54:28 PDT Subject: MATH: Brands' cash, Hal's post #2 Message-ID: <9409230054.AA24515@snowy.owlnet.rice.edu> -----BEGIN PGP SIGNED MESSAGE----- This post gives numerical examples to go along with Hal Finney's excellent description of Brands' digital cash, posted earlier. If the math is too much, just remember the whole point: > Blind signatures are, IMO, the key to anonymous digital cash, and in fact > to many forms of anonymity. The ability to engage in mutual information > manipulation with another person, while guaranteeing that no linkage will > later be possible between the data exchanged and the results of that > calculation, is the foundation for interacting in a complex way without > losing any privacy... > Vicki wants to end up with a non-interactive signature on m', which is a > special transformation of m. To do this, she engages in an interactive > signature protocol with Paul, getting him to sign m... the result is > that she ends up with a non-interactive signature on m' because Paul was > willing to participate in an interactive signature session on m Continuing along: > Now for the mathematics. Recall the g is the "generator" of the group, > the base of all of the powers. x is Paul's secret key, and GX=g^x is his > public key. I will use g = 10, n = 17389 as in the previous example. Paul will choose x = 351 to be his secret key, so GX = 10^351 mod 17389 = 16987 is his public key. In addition, the message is m = 1994. > As the first step of the interactive protocol, Paul chooses a random w > and sends Vicki MX = m^x, GW = g^w, and MW = m^w. Paul chooses a random w = 666 MX = 1994^351 mod 17389 = 11740 GW = 10^666 mod 17389 = 7115 MW = 1994^666 mod 17389 = 13262 > The relationship between m', which is what Vicki will end up > with a signature on, and m, which is the number that Paul sees, is > m' = (m^s)*(g^t). Vicki chooses s = 3694, t = 1243 m' = (1994^3694)*(10^1243) mod 17389 = 10313 > the challenge c is calculated as the hash of (m,MX,GW,MW). Vicki > must transform these numbers so that Paul will not recognize them, but in > such a way that the mathematical relationships are maintained. > To do this, Vicki chooses two (more) random numbers, u and v (along with > s and t above). Vicki chooses u = 5192, v = 100 > MX' = m'^x = ((m^s)*(g^t))^x = (m^(s*x))*(g^(t*x)) = (MX^s)*(GX^t) > GW' = g^w' = g^(u*w+v) = (g^(u*w))*(g^v) = (GW^u)*(g^v) > MW' = m'^w' = ((m^s)*(g^t))^(u*w+v) = [...] = > (GW^(u*t))*(MW^(u*s))*(m'^v) MX' = (MX^s)*(GX^t) = (11740^3694)*(16987^1243) mod 17389 = 10710 GW' = (GW^u)*(g^v) = (7115^5192)*(10^100) mod 17389 = 12113 MW' = (7115^(5192 1243))*(11740^(5192 3694))*(10313^100) mod 17389 = 9314 > Using these, Vicki calculates her hash c'= Hash(m',MX',GW',MW'). c' = hash(10313,10710,12113,9314) = 7672 (some hash function I made up) > Now, the c she sends to Paul... > c = c'/u c = (7672/5192) mod 17389 = 323 [ 5192 c = 7672 mod 17389 --> 5192 c" = 1 mod 17389 --> c" = 3520 ==> c = c" 7672 mod 17389 = 323 check: (323 5192) mod 17389 = 7672 ] > Paul will ... calculate r = c*x+w. r = (323 351 + 666) mod 17388 = 9711 > [Vicki calculates] r' = u*r + v r' = (5192 9711 + 100) mod 17388 = 11800 > The resulting signature on m' is (MX',GW',MW',r') So the resulting signature is (10710,12113,9314,11800) Okay, that should be an actual example of the protocol, unless I messed up somewhere ;) I hope to finish going through Hal's third post soon. Karl Barrus klbarrus at owlnet.rice.edu -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLoImUMSF/V8IjI8hAQGRmAP/RojMlpm8rnnx4K6c3GEHsBoQL7hIhdBB bTiwBhkXbi8ZhHsZJtX9mFceIhTK7yIxVsq9y17d2m5NghGME1qtIN+MjbbvwHfp j9S9fWwF6/mIiRvV9IM1a23IGhyZi0ZQASLKRiPlStjbcwv6QoGxZQuTyGOD8pSn hpoKosUFbqY= =EIjf -----END PGP SIGNATURE----- From jamesd at netcom.com Thu Sep 22 18:09:31 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 22 Sep 94 18:09:31 PDT Subject: HIT MEN In-Reply-To: <199409220428.VAA18400@netcom9.netcom.com> Message-ID: <199409230107.SAA22269@netcom8.netcom.com> Timothy C. May writes > > James Donald writes: > > > Illegal betting is merely illegal. Murder is also immoral. > > > > This really does make a difference to reputations. > > I'm not persuaded. Reputation is not having a nice feeling, it is > expecting that an agent will act as he is expected to act (not an > exact definition). > > .... > > Carlos the Jackal may or may not have deserved his reputation, but it > was his reputation to his potential employers that mattered, not our > moral judgments about the bombs he planted or the planes he hijacked. Carlos claimed to be a political terrorist, not a simple mercenary - to be motivated by moral considerations. This claim was probably a simple lie, but true or false, if he had claimed to be a simple hitman for hire, he would have been out of business fast. Large scale, well organized illegal gambling does exist, and operates smoothly on a basis of trust. No large scale murder for hire organizations exist, and such operations as do exist operate very erraticly because of extreme distrust and treachery. Morality is more than just game theory. It is game theory plus our methods for categorizing acts in terms that we can apply game theory to. Honoring an illegal bet has much in common with speaking the truth, paying ones debts, and honoring a contract. Honoring a murder for hire contract, whether by the murderer or the payer, has little in common with these things. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From SAMUEL.KAPLIN at warehouse.mn.org Thu Sep 22 19:35:54 1994 From: SAMUEL.KAPLIN at warehouse.mn.org (SAMUEL KAPLIN) Date: Thu, 22 Sep 94 19:35:54 PDT Subject: National Research Council Message-ID: <5AFFF612@warehouse.mn.org> Subject: National Research Council > Kenneth Dam, committee chair, was Deputy Secretary of State (1982- > 1985) and is currently the Max Pam Professor of American and Foreign > Law at the University of Chicago Law School. > General W. Y. Smith, retired, committee vice-chair, is president > emeritus of the Institute for Defense Analyses, and has also served in a > number of military posts including that of deputy commander in chief of > the U.S. European Command in Germany. > Lee Bollinger, formerly dean of the University of Michigan Law School, > is currently provost of Dartmouth College and a constitutional scholar. > Ann Caracristi, retired, was Deputy Director of the National Security > Agency (1980-1982). > Benjamin Civiletti was U.S. Attorney General (1979-1981), and is > currently in private practice with the law firm Venable, Baetjer, Howard > and Civiletti. > Colin Crook is senior technology officer for Citicorp. > Samuel Fuller is vice president of corporate research at Digital > Equipment Corporation. > Leslie Gelb is president of the Council on Foreign Relations. He served > as Assistant Secretary of State for Politico-Military Affairs > (1977-1980). > Ronald Graham is a director of information sciences at AT&T Bell Labs > and a professor of mathematics at Rutgers University. > Martin Hellman is professor of electrical engineering at Stanford > University. Dr. Hellman was one of the inventors of public key > encryption. > Julius Katz is president of Hills & Company, and was deputy United > States trade representative (1989-1993). > Peter Neumann is principal scientist in the Computer Science Laboratory > at SRI International. He is the chairman of the ACM committee on > computers and public policy, and a member of the ACM study group on > cryptography policy. > Raymond Ozzie is president of Iris Associates, a wholly-owned > subsidiary of the Lotus Development Corporation. Iris Associates is the > developer of Lotus Notes. > Kumar Patel is vice chancellor for research at UCLA. > Edward Schmults was Deputy Attorney General of the United States > (1981-1984) and is a former senior vice president for external relations > and general counsel for the GTE Corporation. > Elliot Stone is executive director of the Massachusetts Health Data > Consortium, which is responsible for the collection and analysis of the > state's large health care databases. > Willis Ware, retired, is with the RAND Corporation as senior computer > scientist emeritus. He chairs the Computer System Security and Privacy > Advisory Board which was established by the Computer Security Act of > 1987. Is it me or are there a disproportionate amount of legal/government/military/ types on this list? Keeping this in mind, do you really think any of our comments will go anywhere but in the old circular file? --BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCNAy5pUekAAAEEAKrDj64Zj9AJU+gC7/Ivdk8b1ef6a1T9K5CGFeu1yFDSXLyD DLIdGunZR/4ilosLMxdlZcNqPwZ3HgxL+Gk3y2SwYfqKpeWExWPgb696lgzf2BRC tED15ZAwi3UDIkcouv2PBiDwPNUUmnLb5diDXdA3qtALb+XzlwpnimeWAf3FAAUT tCFTYW11ZWwgS2FwbGluIDwrMSAoNjEyKSA1MzAtNzMxNj6JAJUCBRAuaVLjQqfV nzRSzxkBAcXuA/47yIN+sltMyIRqCgUZz/gubdI6LUcpFsTcXsFWppROpAWFPJv0 J9z/UoP1kjJ+nrAAizuKuhmC5eg5OOxUE+tUgSPl6hAtu2xJYmKtCbQpxF0sG8ni 4e8I8Zsk5vcopO5Vub96CiVgPjI5vITCb32kcLKI1yyFaztbHdtOasUthrQuU2Ft dWVsIEthcGxpbiA8c2FtdWVsLmthcGxpbkB3YXJlaG91c2UubW4ub3JnPg== =J2S+ --END PGP PUBLIC KEY BLOCK----- ----------------------------------------------------------------------------- Fido: Sam Kaplin 1:282/1018 | "...vidi vici veni" - Overheard Compuserve: 75240,131 | outside a Roman brothel. samuel.kaplin at warehouse.mn.org | 75240,131 at compuserve.com | Change is the only constant in the For confidential communications use PGP | Universe..."Four quarters, please." ----------------------------------------------------------------------------- =========================================================================== Processed by WILDUUCP! v1.00 for WILDCAT! =========================================================================== From karn at qualcomm.com Thu Sep 22 20:09:12 1994 From: karn at qualcomm.com (Phil Karn) Date: Thu, 22 Sep 94 20:09:12 PDT Subject: National Research Council In-Reply-To: <5AFFF612@warehouse.mn.org> Message-ID: <199409230310.UAA05079@servo.qualcomm.com> >Is it me or are there a disproportionate amount of legal/government/military/ >types on this list? Keeping this in mind, do you really think any of our >comments will go anywhere but in the old circular file? My thoughts exactly. The committee's classification/clearance policy was undoubtedly intended to skew its membership much more than to protect any legitimate government secret. After all, they're supposed to be discussing openly available civilian encryption technologies. Funny how the most obvious, no-brainer public policy questions always seem to generate the most controversy... Phil From jgostin at eternal.pha.pa.us Thu Sep 22 20:09:18 1994 From: jgostin at eternal.pha.pa.us (Jeff Gostin) Date: Thu, 22 Sep 94 20:09:18 PDT Subject: Chomsky Arguments / Redefinitions Message-ID: <940922224629O9Hjgostin@eternal.pha.pa.us> jamesd at netcom.com (James A. Donald) writes: [Blanc's statements Re: this argument about Chomsky, whomever the hell he is.] > By the way when I called this thread "more tedious Chomsky stuff" > I was perfectly serious - This thread has been beaten to death > time and time again, and many people have a kill file that > automatically kills anything with Chomsky in the header. I haven't had the pleasure of reading this thread before, but, thanks to the wonder of killfiles, I won't have to again. *plonk* to Threads-From-Hell From jef at ee.lbl.gov Thu Sep 22 21:07:21 1994 From: jef at ee.lbl.gov (Jef Poskanzer) Date: Thu, 22 Sep 94 21:07:21 PDT Subject: kerberosV telnet Message-ID: <199409230347.UAA04094@hot.ee.lbl.gov> Anyone have any fun diffs for kerberized telnet/telnetd that I could play with? An IDEA encryption module? A Diffie-Hellman module? Standards not necessary, we're just experimenting here. --- Jef From werner at mc.ab.com Thu Sep 22 21:13:52 1994 From: werner at mc.ab.com (tim werner) Date: Thu, 22 Sep 94 21:13:52 PDT Subject: crypt Message-ID: <199409230413.AAA06674@sparcserver.mc.ab.com> Hi, I built crypt awhile back. I'm pretty sure I got the source from ghost.dsi.unimi.it. Now that site says everything has been moved to ftp.dsi.unimi.it, but there seems to be no crypt.c there, although there is plenty of other crypt stuff. In the meantime, I was cleaning up (big mistake), and lost my copy of the source. Can someone tell me where the source is for the crypt program? I'd like to build it for my Linux system. ps I promise not to export it. thanks, tw From khijol!erc at apple.com Thu Sep 22 22:31:56 1994 From: khijol!erc at apple.com (Ed Carp [Sysadmin]) Date: Thu, 22 Sep 94 22:31:56 PDT Subject: kerberosV telnet In-Reply-To: <199409230347.UAA04094@hot.ee.lbl.gov> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > Anyone have any fun diffs for kerberized telnet/telnetd that I could > play with? An IDEA encryption module? A Diffie-Hellman module? > Standards not necessary, we're just experimenting here. Try talking to Dave Safford at TAMU - or, I think that in the 4.4BSD release telnet has all that stuff already in it. - -- Ed Carp, N7EKG Ed.Carp at linux.org, ecarp at netcom.com Finger ecarp at netcom.com for PGP 2.5 public key an88744 at anon.penet.fi ** PGP encrypted email preferred! ** "What's the use of distant travel if only to discover - you're homeless in your heart." --Basia, "Yearning" -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLoJi/iS9AwzY9LDxAQExuwP/amqVDQbtUEcPSLhxyjyB0Of7wSzD7Qyn ln5Wly3NdT0Zpf7zLDUagjcIFJyGzVAEK/EVHHktA0/atG/3xrv6rZ+IFVw7ByOF dksnfWOigWzmZRAzP1zXgMx1loXXZfNOuMAGTZoCS40nGbUfl240vqCzMTf/TuVS FVmbi7zdk1U= =Vszw -----END PGP SIGNATURE----- From jkreznar at ininx.com Thu Sep 22 22:46:34 1994 From: jkreznar at ininx.com (John E. Kreznar) Date: Thu, 22 Sep 94 22:46:34 PDT Subject: Laws Outside the U.S. In-Reply-To: <9409211841.AA01750@tis.com> Message-ID: <9409230545.AA10496@ininx> -----BEGIN PGP SIGNED MESSAGE----- Carl Ellison writes > To me, it's obvious that this isn't a real LE problem. That leaves open > the question of why the US and others want to limit crypto. > ... > My answer: because the Agency advancing it (with cypherpunks as unwitting > accomplices) wants to create the perception of a threat of loss of power > in those who have power (Congress, President) so that they'll give > state-of-emergency powers to the appropriate Agency to fight back. > Net result: no real threat; real increase in power for one Agency. Don't attribute to a sinister, power-hungry elite that which is a natural consequence of democratic political society. Execution of the voters' orders can be thwarted by strong crypto. This is affirmed by voices as diverse as Donn Parker, who says that a democracy can't operate if people have absolute privacy, and Tim May, who seeks to use crypto as a way to bypass democracy. As long as a large proportion of the people think it's somehow decent or civilized to democratically supplant personal choice with collective dictate in everything from health care arrangements to the elementary school curriculum, there will be a large constituency for limiting crypto to prevent this interference with their tyranny of the majority. The danger of focusing on the intrigues of the power elite is that it diverts attention from the real culprit: democracy itself. John E. Kreznar | Relations among people to be by jkreznar at ininx.com | mutual consent, or not at all. -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLoJqT8Dhz44ugybJAQHiRgP/Xl+ai++Fp4y+ROs1iv8A8fRIMmTsSOyq +Qjkx3gdfcOeDTgwQq8xMS10yu2wLAul+bZ763p1g+w9aeSjzf41nmKTTvxzSz9+ QQ+2t7MPrza7MtmfdvAf8p8WT94sdqQ21MOC90idxO+PZv0pYI6zn4x1QlQDCfGi kf+JdE4KqBc= =GpUg -----END PGP SIGNATURE----- From dfloyd at runner.utsa.edu Thu Sep 22 23:44:45 1994 From: dfloyd at runner.utsa.edu (Douglas R. Floyd) Date: Thu, 22 Sep 94 23:44:45 PDT Subject: Data Haven via FTP Message-ID: <9409230646.AA22980@runner.utsa.edu> -----BEGIN PGP SIGNED MESSAGE----- Here is a possible way to set up a data haven using FTP, instad of mailing your stuff. Term is a program that allow you to set up pseudo-SLIP between two boxes. It also allows one to redirect ports. If it would be possible to redirect say port 10000 on box A to the ftp port of box B, then one could FTP to box A and that would be for all intents and purposes an "anon remailer" for box B. This could be chained as well... port A on Box A to port B on box B to port C on box C to ftp on the target box. This is a very rough idea. Authication is still a problem. Possibly have the files in a directory that is readable, writable, but not "ls"-able, and the files PGP encrypted, or put them in incoming, and the server encrypts them with the owner's PGP key, and renames the file. - -- Just some rough ideas from one that is awake much too late. Douglas R. Floyd -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLoJ5p3Dkimqwdwa5AQHmxgP+Ijc8BmWOgTotFKmUDr7a6L1Q6EsgwWDB fi+P6NbW5Bq18FUsakcb/WXUd5dbMw94D0xQNeAJDE/CkIZmWhPu/IWNXZvqJ9ZA nr0/hrR3LF6LgCtH/Mqoq75JeRimVyaSpWuMgKxCtwJE6cFtp+AQ1+ABDqP4YQCw iJE1UzM3qbI= =KoYf -----END PGP SIGNATURE----- From p.v.mcmahon.rea0803 at oasis.icl.co.uk Fri Sep 23 00:22:19 1994 From: p.v.mcmahon.rea0803 at oasis.icl.co.uk (p.v.mcmahon.rea0803 at oasis.icl.co.uk) Date: Fri, 23 Sep 94 00:22:19 PDT Subject: any CP going to the International Cryptography Institute this week? Message-ID: <9409221800.AA14481@getafix.oasis.icl.co.uk> > > Carl Ellison writes: > > I have the program in front of me and it looks ominous. > > Here's a soft copy. At least you can say it appears to present a consistent > point of view. You may be right, but I think you will find that the commercial speakers will raise a different set of "global challenges" to those identified by governments. > That should be good for the keynote speakers, Mr. Freeh and > Mr. Gore. (The soft copy shows Mr. Glickman as the other keynote; a hardcopy > in front of me here shows Mr. Gore --I don't know which is more recent.) One of my colleagues is among the speakers. We don't plan to advocate GAK or key escrow ... From merriman at metronet.com Fri Sep 23 00:52:14 1994 From: merriman at metronet.com (merriman at metronet.com) Date: Fri, 23 Sep 94 00:52:14 PDT Subject: It's MEME time!!! Message-ID: ---------------Original Message--------------- I thought I'd jump onto the meme-creation bandwagon before it gets too full.. Cryptography - it's not just for governments anymore! --- Clipper and the Wiretap Bill: salvos in the War On Privacy! --- The price of security is continuous surveillance. --- Denning's Dilemma: Privacy or Oppression. There's no middle ground. --- Surrender Dorothy! ----------End of Original Message---------- How 'bout: Dorothy Denning: Clipper [clip her] TLA's are AFU Dammit, it's *my* net, too! Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From j.hastings6 at genie.geis.com Fri Sep 23 03:03:50 1994 From: j.hastings6 at genie.geis.com (j.hastings6 at genie.geis.com) Date: Fri, 23 Sep 94 03:03:50 PDT Subject: Media Bias Message-ID: <199409231003.AA147514599@relay2.geis.com> James A. Donald (jamesd at netcom.com) writes: >I note that Chomsky fans, like Chomksy himself, have no >shame in lying bare faced in public. I have seen Chomsky speak at F.A.I.R. (Fairness and Accuracy in Reporting - a New Left anti-media-bias watchdog inspired by the right-wing Accuracy In Media group), and have heard him on KPFK. I saw the movie about him and have read some of his writing, including articles in Anarchy magazine. The movie, as I remember it from a year or two ago, claims that the East Timor people suffered the same magnitude of oppression at the hands of the U.S.-supported Indonesians, as did the Cambodians under the Khmer (were they Soviet or Chinese puppets? Or independent?). In a dramatic scene in the Chomsky film, the press reports about the Cambodian killing fields, convenient for the U.S. anti-Communist fascist imperialist running-dog empire, *ahem*, rolled across the floor of a warehouse, with lights flicking on as the spool of printouts passed under them, covering a great length of the floor. The reports of East Timor atrocities were relatively non-existent. How do you explain that, Man?! Fight the Power! Right Awn! I don't say that Chomsky isn't biased himself, or that Timor equals Cambodia, I'm just telling you what I remember. >Your claim, and Chomsky's claim, is a flagrant lie >... the Ambassador and the editors of the New York times ... >could not have clocked up as many as Amin did in real life, >let alone in Amin's "wildest fantasies". I wonder where the other guy came up with Chomsky's Uganda comparison. >Nothing the New York times said or did remotely compares with Chomsky's >enthusiastic support of Pol Pot's genocide in Cambodia. >Chomsky compared Pol Pot's genocide to the denazification by the French >Resistance after world war II. When I saw him live and on stage, Chomsky said he thought the genocide stories about Cambodia were as bogus as the other 99% lies told by the lapdog "adversarial" press (like Yellow Rain "chemical warfare" actually caused by bee droppings). Or the Gulf of Tonkin incident. Or Terrorists, Pedophiles, Money-Launderers, and Dope Dealers that will surely get us all if Digital Telephony and Clipper aren't adopted. Can we really blame him for doubting the unreliable media? He stopped defending Khmer Rouge (sp?) when he became convinced that the killing fields were real. In other words, he would never support genocide. That's the Party Line anyway, comrade. >But Chomsky defines peoples free choice to say one thing rather >than another thing, to listen to one source rather than another >source, to be "extreme coercion and control". What is the source of this accusation? Chomsky is an extreme free-speech anarchist, from what I've read about and by him. He even defended the right of Holocaust-revisionist Robert Faurisson to speak about his historical beliefs against the French state's claim that it has the right to determine what is "historical fact." Chomsky himself does not deny the Holocaust. >...when Chomsky argues that speech is coercion, and choice is submission, >I know that he and his pals in the government are planning to enhance our >civil liberties by protecting us from that speech, and to enhance our >lives by rescuing us from that submission. Fine. Death to P.C. government-imposed "sensitivity." But, what does Chomsky have to do with this? According to the S.F. Weekly in 1989, Noam Chomsky was once described in a college newspaper as both "a Nazi sympathiser" and "a Soviet apologist." That's a neat trick, maybe possible during the Hitler-Stalin pact. However, the Soviets wouldn't let him enter the worker's paradise because he called it "The Dungeon State" in one of his many books. And his support for free speech, even for those with controversial non-P.C. positions, makes his Nazi qualifications, and your "speech is coercion" accusation, suspect. Looks like an un-F.A.I.R. smear job to me. Kent - j.hastings6 at genie.geis.com Ham packet AX.25: WA6ZFY @ WB6YMH.#SOCA.CA.USA.NA (or "NoAm") From perry at imsi.com Fri Sep 23 06:23:37 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 23 Sep 94 06:23:37 PDT Subject: kerberosV telnet In-Reply-To: <199409230347.UAA04094@hot.ee.lbl.gov> Message-ID: <9409231323.AA14290@snark.imsi.com> Jef Poskanzer says: > Anyone have any fun diffs for kerberized telnet/telnetd that I could > play with? An IDEA encryption module? A Diffie-Hellman module? > Standards not necessary, we're just experimenting here. The Cygnus release of Kerberos v4 contains much of what you want. The 4.4 BSD version of Telnet also contains much of what you want. Perry From michael.shiplett at umich.edu Fri Sep 23 07:13:39 1994 From: michael.shiplett at umich.edu (michael shiplett) Date: Fri, 23 Sep 94 07:13:39 PDT Subject: kerberosV telnet In-Reply-To: <9409231323.AA14290@snark.imsi.com> Message-ID: <199409231413.KAA26039@judgmentday.rs.itd.umich.edu> "pem" == Perry E Metzger writes: "jp" == Jef Poskanzer says: jp> Anyone have any fun diffs for kerberized telnet/telnetd that I jp> could play with? An IDEA encryption module? A Diffie-Hellman jp> module? Standards not necessary, we're just experimenting here. pem> The Cygnus release of Kerberos v4 contains much of what you pem> want. The 4.4 BSD version of Telnet also contains much of what pem> you want. The Cygnus Network Security product now contains telnet/telnetd? When I pulled it over (early in the year), it didn't have much more than some KPOP tools and the standard Kerberos tools. Is ftp/ftpd included as well? michael From perry at imsi.com Fri Sep 23 07:24:28 1994 From: perry at imsi.com (Perry E. Metzger) Date: Fri, 23 Sep 94 07:24:28 PDT Subject: kerberosV telnet In-Reply-To: <199409231413.KAA26039@judgmentday.rs.itd.umich.edu> Message-ID: <9409231424.AA14398@snark.imsi.com> michael shiplett says: > pem> The Cygnus release of Kerberos v4 contains much of what you > pem> want. The 4.4 BSD version of Telnet also contains much of what > pem> you want. > > The Cygnus Network Security product now contains telnet/telnetd? I believe it does, though I must admit not to have checked in a while... .pm From nobody at cass156.ucsd.edu Fri Sep 23 07:39:26 1994 From: nobody at cass156.ucsd.edu (Anonymous) Date: Fri, 23 Sep 94 07:39:26 PDT Subject: IBM-Led Consortium. Any thoughts? Message-ID: <9409231442.AA16607@nately.UCSD.EDU> This just in. I haven't seen it posted so I thought I would. ===========================begin forwarded message========================= IBM-Led Consortium Signs Federal Contract to Develop NII Protocol Sept. 16 CONTRACTS/VENTURES HPCwire ============================================================================= A news release from IBM Corporation -- Somers, N.Y. -- A consortium of organizations led by IBM has been awarded a contract by the U.S. government to develop open industry software protocols that will integrate computing environments across the U.S. manufacturing base. The protocols, based on object-oriented technology using Distributed System Object Model (DSOM) and System Object Model (SOM), will make it easy for organizations of any size to share the same information so they can work more cooperatively and efficiently on projects together. The Cooperative Agreement that was just signed with the U.S. Department of Defense (DoD) calls for the development of National Industrial Information Infrastructure Protocols (NIIIP) as part of the Technology Reinvestment Project (TRP). NIIIP will allow disparate systems of different manufacturers to be linked and exchange information real-time so companies can work as a single, integrated "virtual enterprise" to address a business opportunity. Much of the NIIIP work will be consolidating and "harmonizing" the many sets of existing protocols, and then doing pilot projects and demonstration work to prove the efficacy of the recommended approach. The NIIIP protocols are viewed by the DoD's Advanced Research Projects Agency (ARPA) as one of the fundamental building blocks of the National Information Infrastructure (NII). Since all U.S. manufacturing companies will be able to use the NIIIP protocols, the government expects that American industry's competitiveness will increase with their use. The TRP is designed to link the best of America's defense and commercial industries. TRP projects are intended to create "dual use" technologies that have both military and commercial applications. They help defense firms make the transition to commercial markets, prepare defense engineers and workers for the manufacturing industries of the future, and help prepare commercial firms to provide defense products in case of national emergencies. The $60 million project is made up of federal matching funds and existing and incremental development costs, as well as in-kind funds from the consortium members. The consortium members will invest more than half of the total project costs. In addition to IBM, the other members of the consortium are: STEP Tools, Inc.; Enterprise Integration Technologies; UES, Inc.; the University of Florida; Texas Instruments Incorporated; Rensselaer Polytechnic Institute; Digital Equipment Corporation; Lockheed Aeronautical Systems Company; MESC Electronic Systems, Inc.; International TechneGroup Incorporated; Taligent; CAD Framework Initiative, Inc.; General Dynamics, Electric Boat Division and the National Institute of Standards and Technology. The NIIIP proposal was sponsored by the IBM Manufacturing Industry and also includes participation by the IBM Microelectronics Division, Software Solutions Division, and the Networking Software Division. Their products include a broad array of software, hardware, and integration services to provide concurrent engineering and computer-integrated manufacturing (CIM) that help manufacturers reduce time to market, improve product quality and lower unit costs, while meeting environmental and other international standards. As overall Program Manager, IBM will manage the system design, development, and integration, as well as the establishment of commercial channels for delivery of the project's resultant software products, planned for completion in 1998. IBM also will be responsible for skills transfer through its CIM in Higher Education Alliance, a nationwide IBM-sponsored organization consisting of 97 U.S. colleges, universities and technical institutions. Selection of the IBM-led consortium's proposal from among the 2,850 proposals submitted is a significant endorsement of IBM's leadership in the field of information technology with proven experience in creating open software products, providing technical software support, and managing a broad array of distribution channels. The DoD announced earlier this year that it had selected this consortium to develop NIIIP under the TRP, but it held off formally approving the deal until the Cooperative Agreement was reached. ***************************************************************************** H P C w i r e S P O N S O R S Product specifications and company information in this section are available to both subscribers and non-subscribers. *900) Ampex 915) Genias Software 916) MasPar Computer 912) Avalon Computer *930) HNSX Supercomputers 905) Maximum Strategy 921) Cray Research Inc. 902) IBM Corp. 906) nCUBE 907) Digital Equipment 904) Intel SSD *932) Portland Group 909) Fujitsu America 928) Kendall Square Res 935) Silicon Graphics *Updated information within last 30 days ***************************************************************************** Copyright 1994 HPCwire. To receive the weekly HPCwire at no charge, send e-mail without text to "trial at hpcwire.ans.net". =========================end forwarded message=============================== Any thoughts? (In a vain attempt to attract people from RE: HIT MEN) _/_/_/ _/_/_/ _/ _/ _/_/_/ _/ _/ Disobedience is the true _/ _/ _/ _/ _/ _/ _/_/ _/ foundation of liberty. _/_/_/ _/ _/ _/ _/ _/_/_/ _/ _/ _/ The obedient must be slaves. _/ _/ _/ _/ _/ _/ _/_/_/_/ _/ _/_/_/ _/_/_/ _/_/_/ _/_/_/ _/ _/ _/_/_/ "Civil Disobedience" _/ (Thoreau) From merriman at metronet.com Fri Sep 23 08:20:19 1994 From: merriman at metronet.com (merriman at metronet.com) Date: Fri, 23 Sep 94 08:20:19 PDT Subject: IBM-Led Consortium. Any thoughts? Message-ID: ---------------Original Message--------------- This just in. I haven't seen it posted so I thought I would. ===========================begin forwarded message========================= .. ... As overall Program Manager, IBM will manage the system design, development, and integration, as well as the establishment of commercial channels for delivery of the project's resultant software products, planned for completion in 1998. IBM also will be responsible for skills transfer through its CIM in Higher Education Alliance, a nationwide IBM-sponsored organization consisting of 97 U.S. colleges, universities and technical institutions. ----------End of Original Message---------- Whether or not it works depends on how much IBM is willing/able to let the other players do what they're good at without sticking more than 2 or 3 of it's thumbs in everything. >From a C'punk perspective, I notice there isn't any specific mention of security or privacy in it. >From a "consumer" view, they don't seem to be bothering to ask anyone what they want - looks like "Here's what we're gonna do, like it or lump it." :-( I wonder how much good it would do to email some folks on the list with a list of concerns about the project? Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From rishab at dxm.ernet.in Fri Sep 23 09:33:01 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 23 Sep 94 09:33:01 PDT Subject: Crypto irrelevant to hit men Message-ID: Crypto and anon escrow are largely irrelevant to the world market in assasinations, nuclear terrorism or whatever. To put my response to the whole 'HIT MEN' thread very concisely: 1. 'crypto anarchy' does make it easier for people to _hire_ murderers. It does NOT make it any easier to _commit_ murders. 2. it may be difficult for an escrow agency to have good reputations among murderers as well as doctors. I agree with Sandy that people don't bother only about reputations for specific activities, but consider organizations as a whole. However, reputations as I defined them in my "Social punishment" posts are clearly valid within possibly independent social units. You may have a good reputation with murderers but not with Aunt Maud. 3. Sandy says (2) leads to agencies with limited clientele, therefore higher rates, therefore more fraud. Narcotic drug trafficking is a $500 BILLION annual industry (HDR 1994). Part of the high cost is the 'illegal' and possibly 'immoral' status of the trade. This does not necessarily mean an unsustainable market - indeed it's one of the world's fastest growing businesses. Nor do the high premia result in unsustainable levels of fraud. I wouldn't put my money in a bank run by the Cali cartel, no matter how unlikely they are to ever fail. But enough people in the drug business trust them. Enough people trust the shady runner in the New York alley. 4. A agency only need to have a good reputation with its _clients._ It doesn't matter that others hold the agency in poor regard. Conversely, the agency _needs_ a good reputation with its clients, it doesn't matter that others hold it in _high_ regard. To conclude, I don't believe that crypto anarchy will significantly change the _amount_ of murders and such crimes. Or even the ability of the law enforcement to solve them (even without crypto, hardly any murders are solved by tapping phones). Crypto anarchy will only make it possible to be involved in such activity from anywhere in the world, just as cyberspace will enable lots of others to interact more conveniently. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From mpd at netcom.com Fri Sep 23 09:37:02 1994 From: mpd at netcom.com (Mike Duvos) Date: Fri, 23 Sep 94 09:37:02 PDT Subject: Fast Modular Factorial? Message-ID: <199409231634.JAA05777@netcom15.netcom.com> A small question about large integer math... We are all familar with the fact that x^(2^n) mod p may be evaluated with only n modmults which accumulate geometrically increasing powers of x. Does a similar fast algorithm exist for computing (2^n)! mod p? The only difference here is that one is accumulating a huge product of consecutive integers instead of the same integer multiplied many times. I am interested in values of n around several hundred. I have played with this quite a bit and am unable to see any easy exploitable symmetry which would lead to an efficient algorithm. Any ideas? -- Mike Duvos $ PGP 2.6 Public Key available $ mpd at netcom.com $ via Finger. $ From jgrubs at voxbox.norden1.com Fri Sep 23 10:11:54 1994 From: jgrubs at voxbox.norden1.com (Jim Grubs, W8GRT) Date: Fri, 23 Sep 94 10:11:54 PDT Subject: IBM-Led Consortium. Any thoughts? Message-ID: <1u84sc1w165w@voxbox.norden1.com> -----BEGIN PGP SIGNED MESSAGE----- merriman at metronet.com writes: > I wonder how much good it would do to email some folks on the list with a > list of concerns about the project? Let's try it and see. -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLoMKfTDUWq8RWEeNAQHaoQQAx8X+7iW2sUrYl0cBmd/QZ6xMT1h2+CUl xBjLFVViSAc/kh/P041ijw1lraqH80ehl1KmUT4IjSRe/b+bRAAkP00u6k2Ohcw0 Notfu6Avcrmmh2ofXsbU2Y1CuIkmZgNVvOCmo2SjVMz+X4TEvN3SQN1PY2aLYF2n nugOBDWrt2o= =8RrV -----END PGP SIGNATURE----- -- jgrubs at voxbox.norden1.com Jim Grubs, W8GRT VoxBox Enterprises 6817 Maplewood Ave., Sylvania, OH 43560-1956 Telephone (Voice): 419-882-2697 From mg5n+ at andrew.cmu.edu Fri Sep 23 10:18:30 1994 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Fri, 23 Sep 94 10:18:30 PDT Subject: Fast Modular Factorial? In-Reply-To: <199409231634.JAA05777@netcom15.netcom.com> Message-ID: mpd at netcom.com (Mike Duvos) wrote: > A small question about large integer math... > > We are all familar with the fact that x^(2^n) mod p may be > evaluated with only n modmults which accumulate > geometrically increasing powers of x. > > Does a similar fast algorithm exist for computing (2^n)! mod p? > > The only difference here is that one is accumulating a huge > product of consecutive integers instead of the same integer > multiplied many times. I am interested in values of n > around several hundred. > > I have played with this quite a bit and am unable to see any > easy exploitable symmetry which would lead to an efficient > algorithm. > > Any ideas? Nope. The ability to take fast modular factorials as you suggest implies the ability to factor large numbers in polynomial time. If (n!)mod x = 0 then there is a factor of x which is less than n. If you can solve modular factorials, then you can solve for the largest factor of x in logarithmic time. Obviously, nobody has found a method to do either. From nobody at c2.org Fri Sep 23 10:51:35 1994 From: nobody at c2.org (Anonymous User) Date: Fri, 23 Sep 94 10:51:35 PDT Subject: National Research Council Message-ID: <199409231749.KAA14054@zero.c2.org> Mr. Karn said: /From: Phil Karn /To: SAMUEL.KAPLIN at warehouse.mn.org />Is it me or are there a disproportionate amount of legal/government/military/ />types on this list? Keeping this in mind, do you really think any of our />comments will go anywhere but in the old circular file? /My thoughts exactly. The committee's classification/clearance policy /was undoubtedly intended to skew its membership much more than to /protect any legitimate government secret. After all, they're supposed /to be discussing openly available civilian encryption technologies. /Funny how the most obvious, no-brainer public policy questions always /seem to generate the most controversy... And what, pray tell, is per se wrong with "legal types"? Why do you think Bollinger, Hellman, Neumann, Patel are knee-jerk non-liberals? (Or even Civiletti for that matter, he's reasonable). OK there are no *radicals* but what do you expect from the establishment? I think you will get a respectful hearing if you make sensible comments. I have no doubt that you personallly will do the latter. SOLONg From ravage at bga.com Fri Sep 23 10:56:02 1994 From: ravage at bga.com (Jim choate) Date: Fri, 23 Sep 94 10:56:02 PDT Subject: Fast Modular Factorial? In-Reply-To: Message-ID: <199409231755.MAA03386@zoom.bga.com> > > If (n!)mod x = 0 then there is a factor of x which is less than n. If > you can solve modular factorials, then you can solve for the largest > factor of x in logarithmic time. Obviously, nobody has found a method > to do either. > Just some thoughts... If x < n then (n!)modx will always be 0. Since n! is simply the product of the numbers 1...n and is always a integer product dividing by x simply removes the factor m such that we have the product of 1...m-1,m+1...n. If x>n and x is not a prime then the result will again always be 0 since we can break x down into factors smaller than n and the previous argument removes the various factors. If x is prime and x>n then we will get a result that is non-zero. Take care. From werner at mc.ab.com Fri Sep 23 11:14:37 1994 From: werner at mc.ab.com (tim werner) Date: Fri, 23 Sep 94 11:14:37 PDT Subject: crypt program Message-ID: <199409231814.OAA15924@sparcserver.mc.ab.com> >Date: Fri, 23 Sep 1994 00:13:39 -0400 >From: tim werner > >Can someone tell me where the source is for the crypt program? I'd like >to build it for my Linux system. I forgot the name under which I had it was bin-crypt.c. I have it after all. Thanks. tw From Brian.McMurry at f844.n102.z1.fidonet.org Fri Sep 23 11:26:24 1994 From: Brian.McMurry at f844.n102.z1.fidonet.org (Brian McMurry) Date: Fri, 23 Sep 94 11:26:24 PDT Subject: art encryption... Message-ID: <3840.2E830BEA@mcws.fidonet.org> -----BEGIN PGP SIGNED MESSAGE----- On Monday, 19-Sep-94 Lile Elam wrote to cypherpunks: > Well, it looks like I have to delve into this subject as I should > really know what's available for signing art. PHOTO>Electronic Imaging vol. 37 no. 6, 1994 had a couple of very comprehensive articles on copyright protection trends. The list of available products included: * Stego (Mac shareware) which can embed data in and retrieve data from PICT images w/o changing the appearance or size. They plan to add other image formats as well as audio and video for both Mac & PeeCee platforms. * Nikon is developing a method of incorporating an electronic signature into their digital cameras. This signature would include lens settings, exposure, time/date, plus the photographer's personal digital signature. They want it to be compatible with AOCE (below). * AOCE (Apple Open Collaboration Environment technology) is integrated into Mac System 7 Pro as Digital Signature Manager and, guess what, it uses RSA licensed public-key encryption. * Kodak and RSA are working on an encryption scheme for photo CDs where only the low-res images are freely viewable, the hi-res ones require a key to access. * Common Ground (Mac & PeeCee) saves text and images as a Portable Document Format(PDF) and has security built-in that can restrict the text/graphics from being copied or printed. * Kodak Pro Photo CD allows copyright information and color settings to be tagged onto any image. This information can latter be read by Kodak Photo CD Access Plus or Photo CD programmer's toolkit. * (icky toggle methods not transcribed) For futher reading they suggest, "Protecting Intellectual Property Rights on the Information Superhighways" by Joseph L. Ebersole. The paper includes discussion of laws, copyright management, encryption, standards, and glyphs-to-video steganography. Published by the Information Industry Association(IIA), Washington, D.C. -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLoE6ud2dg1OWsljdAQF8LAQAp0z5bF0IoZtf4W78WvPBkrfcSFPpoQhN +twh6XSZlA9tVlWhNEVwtEU2tTiHvJckjNxHEtk8hFdJwkMkV1ZXbz90iTkQbQ09 99xtMPRdn35dX8mPKRZ3VMq19DxW0bYDkZcjsuHLvPbM6Oj1jcXSnX8inFPX/AvZ kvXbE2giJDA= =mHql -----END PGP SIGNATURE----- --- CNet XFIDO 2.63 * Origin: *AACHEN* 818-972-9440 Burbank, CA FIDONET (1:102/844) -- : Brian McMurry - via mcws.fidonet.org - Public Access (213)256-8371 : ARPA/INTERNET: Brian.McMurry at f844.n102.z1.fidonet.org : UUCP: ...!bengal!mcws!844!Brian.McMurry : Compu$erve: >internet:Brian.McMurry at f844.n102.z1.fidonet.org From rishab at dxm.ernet.in Fri Sep 23 11:46:05 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Fri, 23 Sep 94 11:46:05 PDT Subject: Cyphernomicon FAQ -- Review in "Wired" Message-ID: tcmay at netcom.com (Timothy C. May): > 1. Rishab Aiyer Ghosh tells me he has committed to write a review of the > Cyphernomicon FAQ for "Wired," for either December or January publication. > I had nothing to do with this, and it surprised me when he contacted me to > notify me. (I reminded him of the "pre-release" status, the It surprised _me_ that you put this on the list - magazines usually don't care to announce their future stories so much in advance, but this is a little review and cypherpunks are noted for their discretion ;-) so I guess it's ok. As far as the "usefulness" of info on "advanced stuff", and the "questions it will generate" - awareness is all about arousing curiousity. It will be a Good Thing if people who keep reading about the nuclear terrorists and pedophiles can come and see for themselves what _really_ goes on on the list. Of course the membership may soar for a while before declining again, but _some_ new useful people are bound to join. > 3. Hal Abelson, Professor of Computer Science at MIT, has asked me if he > could convert the FAQ into a Web document for his class on "ETHICS AND LAW If he does a good job, then it would be nice. A web is really the best way to browse through so much inter-related info. > 4. Yes, I still have concerns about multiple, out-dated copies floating > around. I worry about people going to great lengths to "Webify" the version Come on. Responsible sysadmins regularly mirror updates - from the thousands of PGP sites to the dozens who download 6 mb of movie databases each week. Every one does not get in sync as soon as the new release is out, but these things usually don't take more than a week. > 5. Rishab is especially anxious to get CompuServe, AOL, etc., versions > available, or referenced in his review in "Wired." Thus, if any of you want Scott Loftesness (76703.407 at compuserve.com), the primary SysOp of CompuServe's Telecom and Internet Forums says he'll have the Cyphernomicon in both forums: TELECOM FORUM (GO TELECOM) LIBRARY: NETWORK SECURITY (LIB 6) FILENAME: CYPFAQ.ZIP INTERNET FORUM (GO INETFORUM) LIBRARY: RESOURCES-TECHNICAL (LIB 15) FILENAME: CYPFAQ.ZIP Worst comes to worst, WIRED can put it up in their forums at AOL etc. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From jim at acm.org Fri Sep 23 11:47:09 1994 From: jim at acm.org (Jim Gillogly) Date: Fri, 23 Sep 94 11:47:09 PDT Subject: National Research Council In-Reply-To: <5AFFF612@warehouse.mn.org> Message-ID: <9409231846.AA00599@mycroft.rand.org> > Is it me or are there a disproportionate amount of legal/government/military/ > types on this list? Keeping this in mind, do you really think any of our > comments will go anywhere but in the old circular file? Disagree. Looks balanced or perhaps even weighted toward good guys to me. I haven't met many of them, but certainly Marty Hellman, Peter Neumann, and Willis Ware are on the Good Guys side. Willis (a colleague here at RAND) is carefully neutral on the political stuff, but is strongly pro-privacy. I assume Sam Fuller is the guy who was on my thesis committee back at C-MU 20 years ago, and he was sensible and non-political then. Another half dozen of them appear from credentials to be business and academic. Very few appear to be obvious government types. Jim Gillogly 2 Winterfilth S.R. 1994, 18:44 From tcmay at netcom.com Fri Sep 23 12:04:26 1994 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 23 Sep 94 12:04:26 PDT Subject: Cyphernomicon FAQ -- Review in "Wired" In-Reply-To: Message-ID: <199409231901.MAA26569@netcom10.netcom.com> > tcmay at netcom.com (Timothy C. May): > > > 1. Rishab Aiyer Ghosh tells me he has committed to write a review of the > > Cyphernomicon FAQ for "Wired," for either December or January publication. > > I had nothing to do with this, and it surprised me when he contacted me to > > notify me. (I reminded him of the "pre-release" status, the > > It surprised _me_ that you put this on the list - magazines usually don't care > to announce their future stories so much in advance, but this is a little > review and cypherpunks are noted for their discretion ;-) so I guess it's ok. Sorry! It never occurred to me that this could be a secret, as several Cypherpunks have reported on upcoming articles they are writing, or are to be interiviewed in. But, like Rishab mentioned, be discreet (as well as being discrete, always a good thing for number theorists). on Abelson's Web doc: > If he does a good job, then it would be nice. A web is really the best way to > browse through so much inter-related info. That's a matter of opinion, and perhaps of age. I find most hypertext docs incredibly confusing and incoherent. Web docs I've seen are often just a mishmash (mishmosh, for you Gen Xers) of scraps, of articles, and of pointers to other, equally disorganized docs. This is a raging debate in hypertext and authorial circles. The "voice of the author" vs. "lost in hyperspace." What kind of job Hal Abelson and his associates do--if they still plan to do it (Hal contacted me within a matter of hours of the release, so he clearly couldn't have seen much of it...maybe it's considered too extreme, too outre, for an MIT class...)--is of course unknown. I don't think any of them has the time to do a fine-granularity linkage, so the "Web browsing" will mostly likely just be the usual course-granularity linkages of entire chapters, not individual points, a la Nelson. > > 4. Yes, I still have concerns about multiple, out-dated copies floating > > around. I worry about people going to great lengths to "Webify" the version > > Come on. Responsible sysadmins regularly mirror updates - from the thousands of > PGP sites to the dozens who download 6 mb of movie databases each week. Every > one does not get in sync as soon as the new release is out, but these things > usually don't take more than a week. If they agree to do so. But I see a lot of old, outdated FAQs on people's systems, indicating that updates are often not diligently done. All I ask is that anyone who puts up copies at their sites agrees to maintain them as current, and if they leave their site or can't maintain the docs currently, that they then delete the old version(s) and thus not lead anyone into thinking that what they find is current. Seems reasonable to me. --Tim May -- Warning: I'm using Netcom as my Internet service, and both mail and News are being delayed by up to several days. I may not be able to respond promptly, and may have missed other posts and messages. .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From lile at art.net Fri Sep 23 12:13:08 1994 From: lile at art.net (Lile Elam) Date: Fri, 23 Sep 94 12:13:08 PDT Subject: IBM-Led Consortium. Any thoughts? Message-ID: <199409231910.MAA04394@art.net> Have you been NIIIP'ed today? :) From mg5n+ at andrew.cmu.edu Fri Sep 23 12:14:12 1994 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Fri, 23 Sep 94 12:14:12 PDT Subject: Fast Modular Factorial? In-Reply-To: <199409231755.MAA03386@zoom.bga.com> Message-ID: Jim choate wrote: > Just some thoughts... > > If x < n then (n!)modx will always be 0. Since n! is simply the product of > the numbers 1...n and is always a integer product dividing by x simply > removes the factor m such that we have the product of 1...m-1,m+1...n. And there will always be such a value for m equal to kx where k is an integer less than n/x If x is non-prime, there may be factors f and g such that f*g=x. In that case, if n>f and n>g then n=0, hence finding the smallest value of n such that (n!)mod x =0, will yeild a factor of x. In that case, dividing by x would remove the factors f and g, yeilding a zero remainder. > If x>n and x is not a prime then the result will again always be 0 since > we can break x down into factors smaller than n and the previous > argument removes the various factors. > > If x is prime and x>n then we will get a result that is non-zero. Yes, but if x is not prime, and x>n, (n!)mod x will not necessarily be zero, unless x>n>x/2 A few examples: mod 7: n 1 2 3 4 5 6 7 8 9 10 n! 1 2 6 3 1 6 0 0 0 0 mod 15: n 1 2 3 4 5 6 7 8 9 10 n! 1 2 6 9 0 0 0 0 0 0 Note that for mod 15, n=>5 produces only zeros, revealing the factor 5. From mpd at netcom.com Fri Sep 23 12:25:56 1994 From: mpd at netcom.com (Mike Duvos) Date: Fri, 23 Sep 94 12:25:56 PDT Subject: Fast Modular Factorial? In-Reply-To: Message-ID: <199409231923.MAA19299@netcom12.netcom.com> Matthew J Ghio writes: > Nope. The ability to take fast modular factorials as you > suggest implies the ability to factor large numbers in > polynomial time. > If (n!)mod x = 0 then there is a factor of x which is less > than n. If you can solve modular factorials, then you can > solve for the largest factor of x in logarithmic time. > Obviously, nobody has found a method to do either. I should mention that I am interested in the case (2^n)! mod p where p is a prime and (2^n) << p. In this case no individual term of the factorial will be equal to zero mod p, and since the non-zero residues form a group under multiplication, the result can never be zero either. The ability to solve this special case may also imply the ability to factor large numbers in polynomial time, but in some less obvious way. -- Mike Duvos $ PGP 2.6 Public Key available $ From huntting at glarp.com Fri Sep 23 14:58:23 1994 From: huntting at glarp.com (Brad Huntting) Date: Fri, 23 Sep 94 14:58:23 PDT Subject: IBM-Led Consortium. Any thoughts? In-Reply-To: Message-ID: <199409232155.PAA09862@misc.glarp.com> > From a C'punk perspective, I notice there isn't any specific mention of > security or privacy in it. Typical Uncle Sam > From a "consumer" view, they don't seem to be bothering to ask anyone what > they want - looks like "Here's what we're gonna do, like it or lump it." :-( Typical IBM From hfinney at shell.portal.com Fri Sep 23 16:06:09 1994 From: hfinney at shell.portal.com (Hal) Date: Fri, 23 Sep 94 16:06:09 PDT Subject: Fast Modular Factorial? Message-ID: <199409232305.QAA13709@jobe.shell.portal.com> I find that for the numbers I have tried, that (p-1)! mod p = (p-1) if p is prime, else it equals 0, with one exception (p=4). So if this is true (probably a standard result; it sounds familiar) then it might actually be easier to find the factorial of a larger number mod a prime than a smaller one. Hal From merriman at metronet.com Fri Sep 23 16:38:15 1994 From: merriman at metronet.com (merriman at metronet.com) Date: Fri, 23 Sep 94 16:38:15 PDT Subject: CPs write Bumper Stickers Message-ID: Got my samples of bumper sticker stock from Williams & Macias today, and it looks *real* good. Nice, heavy paper, feels like some kind of plastic coating on it to make it weather-resistant. The description sheet that came with it says that it can also be run through copiers and offset presses, that it can be drawn on directly, and takes color (dry-toner). W&M is calling them SlapSticks. The 2041 (3 stickers/sheet) has 3 short (but full-width) areas; the 2042 has 2 full-height areas. The stuff also comes with two different adhesives: "temporary" and "removable". The "temporary" is to allow washing off with soap and water; the "removable" is more durable. From the descriptions, it sounds like the difference between a post-it note, and adhesive tape (roughly). Each sticker is on it's own little die-cut area, and the areas are separated with perfs to make separation easier. Prices are $19.95 for 20 sheets, with Bumper Sticker Remover fluid for the "removeable" stickers at $2.75 for 11 oz. can. 2x41 is 3 stickers/sheet, 2x42 is 2 stickers/sheet. Replace x with 0 for removable adhesive, use 1 for "temporary". The number (again) is 1-800-310-0890; Williams & Macias 3707 South Godfrey Blvd. Spokane, WA 99204-5753 (509) 624-5170 Only got sampled one sheet of each kind, though :-( Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From ravage at bga.com Fri Sep 23 16:39:29 1994 From: ravage at bga.com (Jim choate) Date: Fri, 23 Sep 94 16:39:29 PDT Subject: Fast Modular Factorial? In-Reply-To: <9409231852.AA05749@fnord.sybgate.sybase.com> Message-ID: <199409232338.SAA21725@zoom.bga.com> > > >If x>n and x is not a prime then the result will again always be 0 since > >we can break x down into factors smaller than n and the previous argument > >removes the various factors. > > Unless I misunderstand you, this isn't true. Any non-prime containing > more prime factors than n! doesn't satisfy this test; nor does any > non-prime containing factors > n. > Will think on this. It seems to me that if you have a even number of prime factors you can multiply them out and get an even number which you should be able to remove easily. Do you mean that the number of prime factors is greater than n! or greater than the number of prime factors of n!? Also, consider that in the case of a x>>n you might actually run out of enough factors smaller than n to remove. This is one case I didn't have time to look at earlier. Right now I am looking at behaviour where x>(n)^1/2 and also when x>(n!)^1/2. > 6! == 2 * 3 * (2*2) * 5 * (2*3) == 720 > 116 == 2 * 2 * 29 > 27 == 3 * 3 * 3 > > 720 mod 116 == 24 > 720 mod 27 == 18 > > 6!= 2 * 3 * 4 * 5 * 6 = 720 116 is > 6 so this does not disprove my assertion. The factor which is left over, ie 29, is prime. 27 is > 6 so this does not seem to disprove it either since in 6! there is a 3 * 3 which removes one of the factors and you are left with 3 which is prime. Consider x=n again, this means that n! is really n(n-1)! and the mod of (n!)modx is equivalent to n(n-1)!modx which leave us with a multiplicitive factor of (n-1)! and a remainder of 0. One other point that may be irrelevant is that n! is always an even number. The reason is that the very last multiplier is 2. From chen at intuit.com Fri Sep 23 17:07:53 1994 From: chen at intuit.com (Mark Chen) Date: Fri, 23 Sep 94 17:07:53 PDT Subject: Fast Modular Factorial? In-Reply-To: <199409232305.QAA13709@jobe.shell.portal.com> Message-ID: <9409240007.AA15297@doom.intuit.com> > I find that for the numbers I have tried, that (p-1)! mod p = (p-1) if > p is prime, else it equals 0, with one exception (p=4). So if this > is true (probably a standard result; it sounds familiar) then it might > actually be easier to find the factorial of a larger number mod a > prime than a smaller one. Using "~" to mean congruence, and "L()" as the Legendre symbol, the general rule is: (p - 1)! ~ -L(a/p)a^((p - 1)/2) mod p. L(a/p) will equal 1 or -1, depending on whether or not a is a quadratic residue mod p. The result stems from Euler's criterion. - Mark - -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From chen at intuit.com Fri Sep 23 17:13:13 1994 From: chen at intuit.com (Mark Chen) Date: Fri, 23 Sep 94 17:13:13 PDT Subject: Fast Modular Factorial? Message-ID: <9409240012.AA15318@doom.intuit.com> As a footnote to my previous message, (p - 1)! ~ -1 mod p whenever p is prime (Wilson's theorem). This follows immediately from the general rule that I gave. - Mark - -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From banisar at washofc.epic.org Fri Sep 23 17:19:42 1994 From: banisar at washofc.epic.org (Dave Banisar) Date: Fri, 23 Sep 94 17:19:42 PDT Subject: Another Civil Liberty Group Message-ID: <00541.2863196001.192@washofc.epic.org> Date 9/23/94 Subject Another Civil Liberty Group From Dave Banisar To Cypherpunks List Another Civil Liberty Group Opposes Wiretap Bill The American Civil Liberties Union (ACLU) today wrote to Rep. Jack Brooks, Chairman of the House Judiciary Committee, "to express the ACLU's opposition to the FBI Wiretap Access Bill, H.R. 4922." The organization's position is the latest indication that the legislation is running into serious trouble in Congress for several reasons, including strong opposition from civil liberties and privacy advocates. The bill's proponents had initially hoped to bring it to a vote on the floors of the House and Senate by mid-September. Instead, the bill remains in committees of both houses and is the object of a grassroots campaign to prevent its enactment. Excerpts from the ACLU letter: "The principal problem remains that any digital telephone bill which mandates that communications providers make technological changes for the sole purpose of making their systems wiretap- ready creates a dangerous and unprecedented presumption that government not only has the power, subject to warrant to intercept private communications, but that it can require private parties to create special access. It is as if the government had required all builders to construct new housing with an internal surveillance camera for government use. ... "Moreover, the FBI has not borne the burden of proving why such an extraordinary requirement is necessary. ... "H.R. 4922 proposes a radical and expensive change in our telecommunications structure. The threats it poses, now and prospectively, are real, but the need for it is far less than evident or proven. We urge that your Committee not rush into consideration of this far reaching measure with so little time left in the session." The Electronic Privacy Information Center (EPIC) is urging all concerned individuals and organizations to contact the following members of Congress immediately: Rep. Jack Brooks Sen. Howard Metzenbaum (202) 225-6565 (voice) (202) 224-7494 (voice) (202) 225-1584 (fax) (202) 224-5474 (fax) For more information about the FBI Wiretap Bill, check the Voters Telecomm Watch (VTW) gopher site (gopher.panix.com) or send e- mail to . From sal at panix.com Fri Sep 23 14:34:52 1994 From: sal at panix.com (Sal Denaro) Date: Fri, 23 Sep 1994 17:34:52 -0400 (EDT) Subject: No subject Message-ID: hi ray. can ya do me a favor? Tell the fine folks on Cypher Punks that I will be handing out disks at UNIX expo, I have 100 3.5" 1.44 mb floppies and a ready to compile version of PGP- Plus a copy of the cypto articles you gave me last time. If anyone has ready to run (i.e. pkgadd, or tar -xvf pgp ) versions of PGP for SUN, SCO AIX, linux or some other UNIX drop me a line. I hope to have both source and ready to run disks. (And some PC disks as well) If you live in the NYC area, and want to go to UNIX-Expo for free (I have two extra passes, First come First Served) or just want to help- send mail to sal at panix.com -- sal at panix.com Yes, I use PGP. Salvatore Denaro Live fast, Die young, Hack C++ My heart is broke/but I have some glue Sex, Drugs and Cryptography. Help me inhale/and mend it with you From jef at ee.lbl.gov Fri Sep 23 17:49:29 1994 From: jef at ee.lbl.gov (Jef Poskanzer) Date: Fri, 23 Sep 94 17:49:29 PDT Subject: kerberosV telnet Message-ID: <199409240049.RAA08485@hot.ee.lbl.gov> >> Anyone have any fun diffs for kerberized telnet/telnetd that I could >> play with? An IDEA encryption module? A Diffie-Hellman module? >> Standards not necessary, we're just experimenting here. > >The Cygnus release of Kerberos v4 contains much of what you want. The >4.4 BSD version of Telnet also contains much of what you want. "That turns out not to be the case." The version of CNS that we have doesn't have any encryption beyond DES. 4.4BSD telnet is basically identical to kerberosV telnet, and the only encryption it has is DES. You may have misunderstood my message, assuming I was looking for patches to some random unspecified version of telnet to make it kerberized and give it IDEA and DH capabilities. That would have been a stupid request to make. Thanks for the compliment. Let me be crystal clear this time. We have kerberosV telnet. It has DES encryption, and a few authentication options that do not include Diffie-Hellman. I am curious whether anyone has already started playing with adding new encryption and authentication modules, for example IDEA and DH. --- Jef From merriman at metronet.com Fri Sep 23 19:12:54 1994 From: merriman at metronet.com (merriman at metronet.com) Date: Fri, 23 Sep 94 19:12:54 PDT Subject: ATT logo wanted Message-ID: Has anyone got a copy of the AT&T logo, or know where I could find one? I'd prefer a vector format, but would accept .gif, etc. I'd like to see if I can put the deathstar logo and the "Had your phones tapped...." tagline on a bumper sticker :-) Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From merriman at metronet.com Fri Sep 23 20:38:31 1994 From: merriman at metronet.com (merriman at metronet.com) Date: Fri, 23 Sep 94 20:38:31 PDT Subject: SlapSticks Message-ID: Okay, I've printed my first set of bumper stickers, using the W&M bumper sticker stock for laser printers. It prints out *great*, and the "removeable" adhesive seems to have enough holding power to keep in on a car, but not so much as to become a permanent fixture (anyone seen a Bush in '92 bumper sticker of late? :-). I guess I'll find out this winter how well the SlapSticks withstand wind, rain, etc. here in north Texas... Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From rarachel at photon.poly.edu Fri Sep 23 22:36:41 1994 From: rarachel at photon.poly.edu (Arsen Ray Arachelian) Date: Fri, 23 Sep 94 22:36:41 PDT Subject: Unix Expo Disk Distribution Plea Message-ID: <9409240539.AA25616@photon.poly.edu> Forwarded message: From merriman at metronet.com Sat Sep 24 00:05:14 1994 From: merriman at metronet.com (merriman at metronet.com) Date: Sat, 24 Sep 94 00:05:14 PDT Subject: LD Message-ID: I've heard mention of LD around here before, but I've just gotten my first "real life" view of him on alt.security - that is one *seriously* disturbed person. Phew! Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From jburrell at crl.com Sat Sep 24 00:34:59 1994 From: jburrell at crl.com (Jason Burrell) Date: Sat, 24 Sep 94 00:34:59 PDT Subject: LD In-Reply-To: Message-ID: On Sat, 24 Sep 1994 merriman at metronet.com wrote: > I've heard mention of LD around here before, but I've just gotten my first > "real life" view of him on alt.security - that is one *seriously* disturbed > person. Phew! > > Dave Merriman I can't speak for the rest of the rant-viewers, but I don't think that's the real Detweiler. In fact, the guy is (almost) denying that he is the real Detweiler anyway. I'm sure csn.org has been flooded with complaints. I really don't know, though, if the messages originated at csn.org or not. I never checked the headers, as I know the account exists. From pierre at shell.portal.com Sat Sep 24 01:40:04 1994 From: pierre at shell.portal.com (Pierre Uszynski) Date: Sat, 24 Sep 94 01:40:04 PDT Subject: Laws Outside the U.S. Message-ID: <199409240839.BAA24353@jobe.shell.portal.com> > From: Phil Karn > Okay, how about the text of the French law regulating cryptography? > It's available as http://www.ens.fr/equipes_dmi/grecc/loi.html. It's > in French, and unfortunately my 3 years of high school study aren't up > to the task. Anybody out there fluent in the language who would care > to prepare an English translation? OK, here is a first shot at the translation of the French law articles that were reported to be posted at: http://www.ens.fr/equipes_dmi/grecc/loi.html There are still a few questions I need to ask the original transcriber (who left no email address of course), or others. So, for now, consider this a limited private distribution, for cypherpunk eyes only. I'll repost with the answers later (If and when I ever get them.) Given the latest entertaining news from France, simply translating French law into English may be a crime. American officials would add: "Yeah! That's it!, even for foreigners operating outside their/my/any country!" :-) As to the quality of the translation: I'm not an american lawyer, nor a french lawyer, and any given legal paragraph can usually be interpreted either way. This may not even be my reading tomorrow... To avoid confusing things even further, I'll limit my comments in the translation to remarks concerning the translation itself, in square brackets []. And don't blame me for the quality of the English, the French itself is laughable (although much more understandable than tax law, let me tell you :-) The drastic editing is the responsibility of the previous transcribers. All typos are my computer's fault. I wasn't even there. Pierre. pierre at shell.portal.com +++++++++++++++++++++++++++++++++++++++++++++++++++ [French] Law number 90-1170, published in the "Journal Officiel" of December 30, 1990. (The first 27 articles concern the encryption of information transmitted via radio or mail.) Article 28. - By cryptologic services, one means all services aimed at transforming through secret conventions information or clear signals into information or signals unintelligible by third parties, or at achieving the reverse operation, via means, hardware or software, designed to that end. To preserve the interests of defense and internal or external national security, the supply, export, or use of cryptologic means or services are subject: a) to prior declaration when this means or service can have no other use than authenticating a communication or than ensuring the integrity of the transmitted message. b) to prior authorization by the Prime Minister in all other cases. A decree of the "Conseil d'Etat" [President and some ministers, if I recall] determines the circumstances in which the declaration is filed, or the authorization granted, as per the previous paragraph. This decree can make provisions for a simplified system of declaration or authorization for certain types of equipment or services, or for certain categories of users. II. - In addition to the provisions of the customs code, anyone having exported a cryptologic means, or having provided or made to be provided a cryptologic service without the authorization mentioned in paragraph I of the present article, will be punished by a fine of 6000 F [US$1,200] to 500 000 F [US$100,000] and by imprisonment of one to three months or by one of these two sentences only. The court can, in addition, forbid the person from requesting this authorization for a period of at most two years, or five years for subsequent offenses. In case of conviction, the court can, in addition, pronounce the forfeiture of the cryptologic equipment. III. - In addition to police officers and customs officers in their jurisdiction, agents authorized for this purpose by the Prime Minister and sworn in the conditions specified by the "Conseil d'Etat", can investigate and report by a [sworn, whatever] statement any violations of the present article and of the corresponding regulations. Their statements are forwarded within five days to the "Procureur de la Republique" [district attorney ?]. They can enter business locations and transportation means, request the disclosure of any business documents and take copies of them. They can, on location or by convocation, collect information and justifications. +++++++++++++++++++++++++++++++++++++++++++ Decree Number 92-1358 of December 28, 1992, published in the "Journal Officiel" of December 30, 1992. Decision of December 28, 1992 about declarations and requests for authorization relative to cryptologic equipment and services. ... Art. 4 - Require prior declaration, the provision, export, and use of any cryptologic equipment and services ... in particular : - The equipment, hardware or software, susceptible to ensure the confidentiality of communications of any nature, or the confidentiality of data stored in memory; - Cryptologic services that ensure the confidentiality of all or part of a communication, or of data stored in memory; - Cryptoanalytic equipment and services. [This "declaration" article may in fact be an "authorization" article. That would be a pretty major mistake of the previous transcriber, and needs confirmation.] Art. 6 - Smart cards that do not allow, in and of themselves, that is without the need for external cryptologic devices, to ensure the confidentiality of communications, benefit of the same declarations filed and authorizations obtained for the equipment and services with which they are used. Art. 7 - Are not considered cryptologic equipment, the means, hardware or software, specifically designed for the protection of software against illegal copying or use, even if they use methods or devices kept secret, on the condition that they do not allow the encryption, either directly or indirectly of that software package. ... Art. 9 - In case of uncertainty of the requestor, as to whether some equipment or service belongs to the category of cryptologic equipment and services, the central service for the security of information systems is consulted. Paris, Decmber 28, 1992. French version according to Jerome RABENOU Student at the Villetaneuse Law School. Paris - France. (may have been edited by webmaster Florent.Chabaud at ens.fr) Tentative translation: Pierre Uszynski. pierre at shell.portal.com From sebaygo at sibylline.com Sat Sep 24 07:21:35 1994 From: sebaygo at sibylline.com (Allen Robinson) Date: Sat, 24 Sep 94 07:21:35 PDT Subject: It's MEME time!!! Message-ID: On Fri, 23 Sep 1994, merriman at metronet.com wrote: > How 'bout: > Dorothy Denning: Clipper > [clip her] > > TLA's are AFU > > Dammit, it's *my* net, too! Very good. If I could offer one minor change, how 'bout: Dorothy Denning? Clip 'er! No intent to nitpick on my part. I think they're all deserving of meme-hood. They would make darn fine bumpersticker copy, too. AR From iris!CN=Ray_Ozzie/O=Iris at uunet.uu.net Sat Sep 24 07:50:21 1994 From: iris!CN=Ray_Ozzie/O=Iris at uunet.uu.net (CN=Ray Ozzie/O=Iris@IRIS) Date: Sat, 24 Sep 94 07:50:21 PDT Subject: National Research Council Message-ID: You shouldn't immediately dismiss the establishment as being unsympathetic; many of us are working toward common goals, but in different ways. In my case, since '84, through mass commercial distribution of strong crypto. While you can obviously trust no one to represent your interests with 100% accuracy, I've been here for a while and will most definitely be trying to represent CP viewpoints through my perception of those expressed in this forum. Ray From dps at kafka.atinc.com Sat Sep 24 08:07:37 1994 From: dps at kafka.atinc.com (Doug Shapter) Date: Sat, 24 Sep 94 08:07:37 PDT Subject: OTA releases report on Encryption Message-ID: >From the Washington Post, Sept. 23. (please ignore typos) ---- _Delay Urged on Encryption Technologies_ by Elizabeth Corcoran WP Staff Writer The Office of Technology Assessment, in a report to be released today, suggests that Congress consider stopping the Clinton administration from using some the data encryption technologies that have aroused public criticism until legislators can review the policies. Industry and public policy groups have continued to critize he adminstrations plan to rely on specific technologies for encrypting phone and computer messages since it was made public in early 1993. Studies by the OTA, which reports to Congress, usually outline a spectrum of public policy recommendations. In contrast, those familiar with this report say it takes an unusually strong stand. It suggested that legislators take an active role in issues such as "key excrow" encryption, a technique that would let the government crack scrambled phone and computer messages by putting the means for unlocking such communications into the hands of a designated grou, such as a government agency. "It's essential to have an open debate before putting key escrow into place," said Joan Winston, who directed the OTA report. "Given the government's track record so far, the only place that debate can take place openly is in Congress." Ray kammer, deputy director at the National Institute of Standards and Technology, said the OTA reports fairly portrays both sides of the encryption debate and that the adminstration "expects and welcomes" additional discussions. Even so, he added, " the administration needs to move adhead with the key escrow system on a strictly voluntary basis." With recess only a few weeks away, Congress is unlikely to act on the adminsistration's encryption policies this year, sources said. Sen William V. Roth (R-Del.), who requested the OTA study, said in a prepared statement that he intends to call for hearings and offer admendments to the Computer Security Act, which comes up for review next year. --- Doug Shapter dps at kafka.atinc.com From perry at imsi.com Sat Sep 24 11:49:31 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sat, 24 Sep 94 11:49:31 PDT Subject: kerberosV telnet In-Reply-To: <199409240049.RAA08485@hot.ee.lbl.gov> Message-ID: <9409241849.AA16990@snark.imsi.com> Jef Poskanzer says: > "That turns out not to be the case." The version of CNS that we have > doesn't have any encryption beyond DES. 4.4BSD telnet is basically > identical to kerberosV telnet, and the only encryption it has is DES. The 4.4 telnet is NOT identical. Its much better code, has lots of neat new capabilities that you probably want, is more modular, and the versions I saw had hooks for D-H and the like, which is where most of the work is -- you can get the D-H code from RSAREF and steal the IDEA code from PGP; from there the changes are small. And yes, I assumed that you didn't have an encrypted telnet at all. It would not have been a stupid assumption to make because this request occurs on Cypherpunks at four month intervals. Perry From Richard.Johnson at Colorado.EDU Sat Sep 24 12:16:49 1994 From: Richard.Johnson at Colorado.EDU (Richard Johnson) Date: Sat, 24 Sep 94 12:16:49 PDT Subject: LD In-Reply-To: Message-ID: <199409241916.NAA09685@spot.Colorado.EDU> -----BEGIN PGP SIGNED MESSAGE----- | > I've heard mention of LD around here before, but I've just gotten my first | > "real life" view of him on alt.security - that is one *seriously* disturbed | > person. Phew! | | I can't speak for the rest of the rant-viewers, but I don't think that's | the real Detweiler. In fact, the guy is (almost) denying that he is the... Heh. Perhaps Lance Detweiler is spoofing Larry Detweiler. It's worth a good laugh at least. The posts are short enough that either Larry D. has gotten more abbreviated and lost his flowery touch, or Lance just doesn't see any point in getting into long, involved pseudo-discussions with himself, for our amusement. Then again, maybe you're all a figment of my imagination. Rich -----BEGIN PGP SIGNATURE----- Version: 2.3a-sterno-bait iQCVAwUBLoSJCvobez3wRbTBAQHfrAQArhCM9yMcH0NWMUXBTBx4amDpg/9b7vak +Jbq7etDntK+lO8nSCGuOCrZZSClFeg+/bgtKLILKaeAdlkGcFsleyFPobG55WUw RyYf2W+XUzn3m1sSKsDsY0KPCMsO5eH+YdOi7yVX6QwWaGEAmQTWv8Kym6kC3qY1 9cZ4KL9JBMY= =6dCh -----END PGP SIGNATURE----- -- Loudyellnet: Richard Johnson | Sneakernet: ECNT1-6, CB 429, CU Boulder Phonenet: +1.303.492.0590 | Internet: Richard.Johnson at Colorado.EDU RIPEM and PGP public keys available by server, finger or request Speaker to avalanche dragons. Do you really think they listen? From mg5n+ at andrew.cmu.edu Sat Sep 24 12:43:55 1994 From: mg5n+ at andrew.cmu.edu (Matthew J Ghio) Date: Sat, 24 Sep 94 12:43:55 PDT Subject: Fwd: Anonymous Long Distance Phone Calling In-Reply-To: <9409241357.tn28073@aol.com> Message-ID: I thought this might be of interest to cypherpunks. Especially the part about encryption... I would also be interested to know if anyone has dealt with this company (reputation and so on). ---------- Forwarded message begins here ---------- Return-path: From: LeslieR2 at aol.com X-Mailer: America Online Mailer Sender: "LeslieR2" Message-Id: <9409241357.tn28073 at aol.com> Date: Sat, 24 Sep 94 13:57:47 EDT Subject: Re: Anonymous Long Distance Phone Calling TRACELESS CALLS. Call the U.S. and most of the world withoutmaking a permanent record on your telephone bill of whom you are calling. When you utilize these phone cards (debit calling cards), you take the first step in achieving complete privacy in your long distance phone or fax calling. OVERVIEW: The phone card is used like any other phone cards, instead of making a permanent record of your call with either a calling card or charged to your home phone, you use a pre-paid debit card. Useage is very simple:You first call a toll-free 800 number, and then you will be instructed by the computer to enter your PIN number. The computer will notify you of how many $ worth of calls you have left. Then you will be able to call your long distance number (U.S. or worldwide) with complete anonymity. The card can be used from any touch-tone phone, at home, the office or on the road from any pay phone without needing any coins. The computer will notify you when you have only one minute left on your card. HOW TO PURCHASE YOUR CALLING CARD: You send a $50 or $100 blank Cashier's check, or cash, to the address stated below. I have purchased a pile of PIN cards and I randomly select one and send it to you. The company I buy these cards from, keeps no records, if they did, all records of sales are to me in my name unfortunately. I keep no records of addresses or PIN numbers who I am sending to. After you receive your card you go about making your calls and then when you want to add more time to your calling card (recharge the card), This is where you gain another level of privacy, because I step out of the loop and you will communicate with Traceless, the providing company, directly. You send a money order or cash and your PIN number to the address provided on the card and they will recharge the anonyous PIN number with the amount sent. You put no name or return address on the envelope. Since all they did was send a pile of cards to me and I sent them out they have no way of knowing who what or where the cards went to. Alternatively, for those who have an offshore Visa, MasterCard or American Express accounts, you can set it up so that your PIN account can be credited by certain amounts when you hit a certain key while making phone calls to the special 800 number. If this option is appealing to you, let me know and I can send some more information. Also for those that need voice encryption that option is available. Again if you want more info on this let me know. THE COST: When making long distance calls the charge will be 35 cents per minute anywhere in the United States. If you make calls to Canada the charge is 70 cents. Prices to other parts of the world depend on where. If you need the list of the countries and their charges let me know, most countries of the world except some third world countries. If you have anymore questions please let E-mail me and I will try to answer them.Otherwise mail your checks and take your first step towards greater telecommunications privacy. Reach out and call without your telephone bill reaching back and haunting you. R & L PO Box 1492 Yakima, Wa. 98901 From jef at ee.lbl.gov Sat Sep 24 13:02:40 1994 From: jef at ee.lbl.gov (Jef Poskanzer) Date: Sat, 24 Sep 94 13:02:40 PDT Subject: kerberosV telnet Message-ID: <199409242002.NAA10352@hot.ee.lbl.gov> Perry Metzger: >Jef Poskanzer says: >> "That turns out not to be the case." The version of CNS that we have >> doesn't have any encryption beyond DES. 4.4BSD telnet is basically >> identical to kerberosV telnet, and the only encryption it has is DES. > >The 4.4 telnet is NOT identical. Its much better code, has lots of >neat new capabilities that you probably want, is more modular, and the >versions I saw had hooks for D-H and the like, which is where most of >the work is -- you can get the D-H code from RSAREF and steal the IDEA >code from PGP; from there the changes are small. I just did a diff -r between the Kerberos V telnet/telnetd/libtelnet and the 4.4BSD version. From 1.5 MB of source code I get 40KB of diffs. In my book a 2% difference qualifies as basically identical. Plus 90% of the diffs were memcpy/bcopy changes. I know there are nice hooks in the code for adding new encryption and authentication modules. I know it would be relatively easy to add IDEA and DH. That's why I'm asking whether anyone has already done it. Do you get it this time, or should I go for four? Perry, why don't you let someone else reply this time? --- Jef From greg at ideath.goldenbear.com Sat Sep 24 13:43:26 1994 From: greg at ideath.goldenbear.com (Greg Broiles) Date: Sat, 24 Sep 94 13:43:26 PDT Subject: Fwd: Anonymous Long Distance Phone Calling In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Matthew Ghio writes: > I thought this might be of interest to cypherpunks. Especially the part > about encryption... I would also be interested to know if anyone has > dealt with this company (reputation and so on). > ---------- Forwarded message begins here ---------- > From: LeslieR2 at aol.com > Message-Id: <9409241357.tn28073 at aol.com> > Date: Sat, 24 Sep 94 13:57:47 EDT > Subject: Re: Anonymous Long Distance Phone Calling > The phone card is used like any other phone cards, instead of making a > permanent record of your call with either a calling card or charged to your > home phone, you use a pre-paid debit card. Useage is very simple:You first > call a toll-free 800 number, and then you will be instructed by the computer ^^^^^^^^^^^^^^^^^^^^ sigh. > to enter your PIN number. The computer will notify you of how many $ worth > of calls you have left. Then you will be able to call your long distance > number (U.S. or worldwide) with complete anonymity. The card can be used > from any touch-tone phone, at home, the office or on the road from any pay > phone without needing any coins. The computer will notify you when you have > only one minute left on your card. This scheme seems to boil down to "trust us, we won't tell" anonymity; much like the C-punk remailers, but it'd get awfully expensive to chain with these cards at $.35/min. There are two opportunities for tracking/ logging - when the cards are purchased, and when the calls are made. ("800" number calls deliver the caller's number to the owner of the 800 number - sometimes immediately, sometimes as part of billing detail.) The cards seem to trade convenience (no pocket full of quarters) for security (they may track purchases after all). There's nothing at all anonymous about them if you don't use them from payphones, or other unsecure public phones. Cards like these are available for cash at Western Union offices, greeting card stores, and truck stops. They're also more likely to be in the $3-20 range instead of $50 or $100 - which is nice, because you shouldn't reuse them if you don't want eavesdroppers to tie your dealings with party A to your dealings with party B. I don't see much value in encryption if it's not end-to-end; seems like most potential eavesdroppers are going to be located on the customer-to-CO link at either/both ends, which won't be encrypted unless you've got crypto gear installed at caller and callee locations .. which makes their product much less interesting. -----BEGIN PGP SIGNATURE----- Version: 2.5 iQCVAgUBLoSOmH3YhjZY3fMNAQGqwgQAllrwXVa3zNiSaX13AE6H4emSatSBnScZ RaMpiVfaciwMREWr/G/IBCn1uys3BvUGgUS++e6SY4uFSQm22zTr2jI70Kd5SOXc MMWvOxjC1HAev+uw1moROFleIS16ZdPmIsM+NOSHClCY+AuY2fKSUSTSNQuetI1B quE3r6KnSls= =7nVn -----END PGP SIGNATURE----- From perry at imsi.com Sat Sep 24 14:10:29 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sat, 24 Sep 94 14:10:29 PDT Subject: kerberosV telnet In-Reply-To: <199409242002.NAA10352@hot.ee.lbl.gov> Message-ID: <9409242110.AA17251@snark.imsi.com> Normally I like to answer inquiries, but it seems that Jef meets answers with insults, so I don't see any reason to give him further information. Perry Jef Poskanzer says: > Perry Metzger: > >Jef Poskanzer says: > >> "That turns out not to be the case." The version of CNS that we have > >> doesn't have any encryption beyond DES. 4.4BSD telnet is basically > >> identical to kerberosV telnet, and the only encryption it has is DES. > > > >The 4.4 telnet is NOT identical. Its much better code, has lots of > >neat new capabilities that you probably want, is more modular, and the > >versions I saw had hooks for D-H and the like, which is where most of > >the work is -- you can get the D-H code from RSAREF and steal the IDEA > >code from PGP; from there the changes are small. > > I just did a diff -r between the Kerberos V telnet/telnetd/libtelnet > and the 4.4BSD version. From 1.5 MB of source code I get 40KB of diffs. > In my book a 2% difference qualifies as basically identical. Plus 90% > of the diffs were memcpy/bcopy changes. > > I know there are nice hooks in the code for adding new encryption > and authentication modules. I know it would be relatively easy to > add IDEA and DH. That's why I'm asking whether anyone has already > done it. Do you get it this time, or should I go for four? > > Perry, why don't you let someone else reply this time? > --- > Jef From jef at ee.lbl.gov Sat Sep 24 14:32:32 1994 From: jef at ee.lbl.gov (Jef Poskanzer) Date: Sat, 24 Sep 94 14:32:32 PDT Subject: kerberosV telnet Message-ID: <199409242132.OAA10701@hot.ee.lbl.gov> >Normally I like to answer inquiries, but it seems that Jef meets >answers with insults, so I don't see any reason to give him further >information. Not at all, Perry. It's only when a loudmouth gives *incorrect* answers multiple times that I start getting pissed. And I thank you for sparing the list any more of your "information", if it's of similar quality to what you've posted so far. --- Jef From jamesd at netcom.com Sat Sep 24 14:45:56 1994 From: jamesd at netcom.com (James A. Donald) Date: Sat, 24 Sep 94 14:45:56 PDT Subject: Media Bias -- Chomsky Message-ID: <199409242143.OAA01549@netcom2.netcom.com> Please put "Chomsky" in your threads title, or else we will get flamed by the numerous people who have "Chomsky" in their kill files j.hastings6 at genie.geis.com describes a Chomsky movie where Chomsky protests about media priorities. The problem is that Chomsky does not use words such as "bias" and "persuasion". Instead he uses words such as "coercion" and "control" If he said "bias" the implication would be that we should deal with this problem by individual action, for example we should subscribe to magazines and so forth that give us diverse views - that we should respond as individuals. By using words such as "control" he implies that we should respond collectively to resist these acts of coercion. He calls speech, and thus implies they should be met with force. The natural and intended emotional response to Chomsky's lies and distortions is: "How do you explain that, Man?! Fight the Power! Right Awn!" By defining speech and ideas as force and coercion Chomsky is implicitly arguing for democratic control of speech and ideas. He implies that democratic control of speech and ideas would be a vast improvement in our civil liberties, that it would make us more free. If you say "bias" as Rush Limbaugh does, then the obvious implication is that one should start ones own newsletter and or attend to alternative sources of information. When Rush says "Media Bias" he is really saying "buy my book, listen to my radio show, watch my TV show." When Chomsky says that the public are "subject to a system of rigid ideological control" (not that particular newspapers are subject to rigid ideological control by imperialist capitalist stooges, but that *the people* are subjected to rigid ideological control by imperialist capitalist stooges") he is saying that the speech acts he that protests are acts of violence and coercion and thus he implies that we should defend ourselves collectively against such speech. In other words he is perverting the language so that for him "freedom of speech" is democratic control of speech and ideas by the people. Speech should be subjected to democratic control by the people, and this will make us more free and expand civil liberties. If Susie tells stories of how John ruined his life with drugs or booze, one might reasonably conclude that Susie is telling us to be selective and exercise self control. If Susie tells stories of how evil drug lords/publicans ruined Johns life by *forcing him* to consume drugs and or booze, one can only conclude that Susie is calling for drug/alcohol prohibition. Chomsky continually claims that we are *coerced* into accepting the ideas of the evil imperialist capitalist conspiracy. From this I reasonably infer he is arguing for democratic control of speech and ideas. He continually describes (and wildly exaggerates) the problem using language that implies that only a collective, rather than individual, response to misinformation can make us free. As you know, democratic control of speech and ideas was tried very successfully under the National Socialist German Workers party. In practice it proved remarkably similar to the undemocratic control of speech and ideas employed in the Soviet Union. j.hastings6 at genie.geis.com writes > East Timor people suffered the same magnitude of oppression at the > hands of the U.S.-supported Indonesians, as did the Cambodians under > the Khmer [Rouge] ... > .... > > The reports of East Timor atrocities were relatively non-existent. > > How do you explain that, Man?! Fight the Power! Right Awn! (I assume that Right Awn! is a smiley) What Chomsky said about US involvement in Indonesian imperialism is a pack of lies. (Or rather what he implies - Chomsky mostly lies by carefully arranging truths and half truths so as to give a wildly misleading impression.) But even if what Chomsky said about the US involvement in Indonesian imperialism was completely true one can easily point to even more extreme examples bias in the opposite direction in the press. For example compare the massive publicity for Pinochet's murder of a handful of people, the deadly silence concerning the murder of huge numbers of people mostly women and children, by the marxist anti American regime in Ethiopia. This genocide was vastly greater than Timor, and you do not see Chomsky jumping up and down about media silence concerning Ethiopia. (One can easily dig up the real, rather boring, reasons why Ethiopia was ignored, and one can easily dig up the real, rather boring, reasons why East Timor was ignored, but is more fun to allege that the press is controlled by a vast evil immensely powerful communist conspiracy and force the commies write up the complicated boring research for a change.) > When I saw him live and on stage, Chomsky said he thought > the genocide stories about Cambodia were as bogus as the > other 99% lies told by the lapdog "adversarial" press (like > Yellow Rain "chemical warfare" actually caused by bee > droppings). ... > > Can we really blame him for doubting the unreliable media? > > He stopped defending Khmer Rouge (sp?) when he became > convinced that the killing fields were real. In other > words, he would never support genocide. That's the Party > Line anyway, comrade. Like practically everything Chomsky says, the above is a half truth that is used to imply a lie. Sure, in the beginning, all reasonable people assumed that the reports of genocide were more vomit by the Pentagon misinformation machine (not the lapdog press -- the press was very far from being lapdog -- it had been lapdog in the beginning, but dramatically shifted.) That is what I assumed -- at first. It soon became apparent that the reports of genocide were horribly real. But Chomsky kept right on pushing the same wheelbarrow on and on and on as the terrible evidence piled up, until the Vietnamese invaded - and *then*, when the winds of politics blew, he abruptly changed his position. This shows his position was based purely on politics, and that he displayed a contemptuous disregard for the truth, for principle, and for human lives. It reminds me of that scene in the book "1984" where in the middle of hate week, yesterdays enemy suddenly becomes today's ally, and yesterdays ally becomes today's enemy. Orwell's fictional hate week was based in part on real life abrupt shifts in magazines such as "New Republic" when Stalin made a non aggression pact with Hitler, and the further abrupt shift when Hitler broke that treaty. > Chomsky is an extreme free-speech anarchist, from what > I've read about and by him. He even defended the right of > Holocaust-revisionist Robert Faurisson to speak about his > historical beliefs against the French state's claim that it > has the right to determine what is "historical fact." > Chomsky himself does not deny the Holocaust. Chomsky is not an anarchist. He advocates an economic system very similar to that advocated by the National Socialist German Workers party, and somewhat different from that advocated by the Bolsheviks. This was demonstrated very nicely in his papers on GATT, which described managed trade as democratic control and as control by the people. If you define the Washington bureaucracy as "the people", as Chomsky does whenever he discusses acts of theft, coercion, and violence by the current American government against American individuals, then fascism is anarcho socialism by definition, and Chomsky is indeed an anarchist. Chomsky may well be tolerant of holocaust revisionists, as am I, but Chomsky fans show a notable lack of tolerance for other forms of speech, as is most noticeable on the net. This leads me to suspect that Chomsky's tolerance of holocaust revisionism may well be based on grounds somewhat different my own. If Chomsky was a fan of free speech, he would be celebrating what the laser printer and the internet have made possible. If he was genuinely concerned with monopolistic control of speech, rather than ensuring that "the people" exercised that monopoly, he would be celebrating what is now happening. Chomsky has the very clear objective of creating a economic, social and political system based on democratic control of speech, thought, work, and property, through the Democrat Party, using normal constitutional, legal, institutional and democratic means, just as the National Socialist German Workers party successfully did in Germany. Clearly this objective is far more realistic and achievable than the ridiculous fantasy of the Marxists of coming to power in America through revolutionary means. Since there are clearly a great many people who seek and desire totalitarianism, with their group at the top, we should hardly be surprised to see large number of people seeking to achieve this through means that are workable and feasible, rather than through means that are absurd and impossible. Nor should we be surprised to find that these people are mostly in the party whose ideas can most readily be perverted to this objective. > According to the S.F. Weekly in 1989, Noam Chomsky was > once described in a college newspaper as both "a Nazi > sympathiser" and "a Soviet apologist." That's a neat trick, The ideological difference between the Soviet Union and Nazi Germany is so slight as to be almost indiscernible. Stalin permitted abortion on a large scale, Hitler on a modest scale. Stalin murdered Jews on a modest scale, Hitler on a large scale - but this was more a tactic to create a body of killers who had no choice but to support him, rather than through any burning ideological difference. Apart from Jews and abortion, I cannot see any noticeable political difference between Hitler and Stalin, other than the very important fact that Hitler took power through democratic, constitutional, and institutional means, and that Hitler obeyed the letter of the constitution (while grossly violating the spirit of the constitution.) Similarly Hitler respected the form of property rights while brushing business owners aside and running their businesses directly by the German people for the greater good of the German nation. Chomsky would do likewise, rather than implementing the Soviet form of socialism. My impression is that if Chomsky or (more likely) one of his disciples were to achieve power he would resemble Stalin on abortion, and on America's Jews - the Asians, and he would resemble Hitler in regard to democracy and the constitution, and property rights. (Constitution as currently interpreted by the supreme court -- not constitution as originally written, of course.) But I would not be particularly surprised if he resembled Hitler on both Asians and on the Constitution (Supreme court version). I can definitely and confidently say that he would *not* resemble Stalin on the constitution and property rights. This is why people get hysterical when other people call Chomsky a totalitarian and a commie sympathizer. It is perfectly true, and perfectly clear, that Chomsky aims to achieve totalitarian terror by means radically different from those intended by the commies. In this sense he is clearly not a commie sympathizer. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From perry at imsi.com Sat Sep 24 15:44:35 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sat, 24 Sep 94 15:44:35 PDT Subject: [John Ioannidis: Alleged RC4 speed and key setup times] Message-ID: <9409242244.AA17339@snark.imsi.com> John Ioannidis sent me the following interesting message. He's been playing a bit with the alleged RC4 code posted anonymously to cypherpunks a while back. He gave me permission to forward this to cypherpunks. Perry ------- Forwarded Message From: John Ioannidis Subject: Alleged RC4 speed and key setup times The key setup time for the alleged rc4 code is the same as the time to encrypt about 1200 bytes of data. Key setup time is independent of key length (if you discount possible cache interactions). I haven't tried to optimize (other than what the compiler (gcc -O4) can do) the key setup time, the way I optimized the cipher, but still... Anyway, you can do slightly over 4000 key setups per second on a S10/51 (the time to en/decrypt a 64-byte block is trivial), so you can test 2^12 keys per second on a S10, or 2^12*16 = 2^16 keys/sec on a 16-processor SparcCenter-1000. That's 2^16 * 2^17 keys per day, so you need 2^9 days to exhaustively search a 40-bit keyspace on a fairly common machine such as the S1000. Move that back down to 2^13 days for a S10; The CS dept easilly has 2^8 machines with the average speed of a S10 (some are slower, some are a LOT faster, and tehy have more than 256 machines anyway). That means that, by dedicating the CS dept's resources, we can crack a 40-bit key in 2^7 days (2^6 on the average, of course). As another example, Lehman has 2^11 S10 equivalents, so that figure would go down to 2^2 days or a 4-day weekend. Well, the above goes to prove that 40bits isn't all that much (which we already knew), but I wanted to get a feel of what it means it terms of resources that mere mortals like us have access to. /ji ------- End of Forwarded Message From perry at imsi.com Sat Sep 24 15:53:45 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sat, 24 Sep 94 15:53:45 PDT Subject: kerberosV telnet In-Reply-To: <199409242132.OAA10701@hot.ee.lbl.gov> Message-ID: <9409242253.AA17355@snark.imsi.com> I used to have a good deal of respect for Jef Poskanzer. He's written a buch of good software over the years, especially his portable bitmap manipulation stuff, and I found much of his other software to be useful. I'd never dealt with him before, and I was suprised to discover that he doesn't know how to behave in a civilized manner, and doesn't deserve the respect. It always saddens me to find this sort of thing out, but I suppose thats the way life is. Perhaps someone more gentle than I can explain to Jef that when people try to help you and answer a question, even if you don't think their answer is useful, that screaming obsenities at them (in private mail he's called my information to him "bullshit", among other things) isn't likely to serve your real interests. Perry Jef Poskanzer says: > >Normally I like to answer inquiries, but it seems that Jef meets > >answers with insults, so I don't see any reason to give him further > >information. > > Not at all, Perry. It's only when a loudmouth gives *incorrect* > answers multiple times that I start getting pissed. > > And I thank you for sparing the list any more of your "information", > if it's of similar quality to what you've posted so far. > --- > Jef From jef at ee.lbl.gov Sat Sep 24 16:09:43 1994 From: jef at ee.lbl.gov (Jef Poskanzer) Date: Sat, 24 Sep 94 16:09:43 PDT Subject: kerberosV telnet Message-ID: <199409242309.QAA11077@hot.ee.lbl.gov> >I used to have a good deal of respect for Jef Poskanzer. He's written >a buch of good software over the years, especially his portable bitmap >manipulation stuff, and I found much of his other software to be >useful. I'd never dealt with him before, and I was suprised to >discover that he doesn't know how to behave in a civilized manner, and >doesn't deserve the respect. It always saddens me to find this sort of >thing out, but I suppose thats the way life is. > >Perhaps someone more gentle than I can explain to Jef that when people >try to help you and answer a question, even if you don't think their >answer is useful, that screaming obsenities at them (in private mail >he's called my information to him "bullshit", among other things) >isn't likely to serve your real interests. > >Perry > >Jef Poskanzer says: >> >Normally I like to answer inquiries, but it seems that Jef meets >> >answers with insults, so I don't see any reason to give him further >> >information. >> >> Not at all, Perry. It's only when a loudmouth gives *incorrect* >> answers multiple times that I start getting pissed. >> >> And I thank you for sparing the list any more of your "information", >> if it's of similar quality to what you've posted so far. >> --- >> Jef From jef at ee.lbl.gov Sat Sep 24 16:13:10 1994 From: jef at ee.lbl.gov (Jef Poskanzer) Date: Sat, 24 Sep 94 16:13:10 PDT Subject: kerberosV telnet Message-ID: <199409242313.QAA11090@hot.ee.lbl.gov> >I never once mentioned the Kerberos V code. I explicitly said >"Cygnus" in my message. As for the Kerberos V stuff, I've never seen >it and would not pretend to know what it looks like, and thus wouldn't >mention it. No, of course you didn't mention it. I mentioned it, in the subject of the first message of this ridiculous thread. Apparently you STILL DON'T GET IT. And I still fail to see how my pointing out that you are confused can reasonably be called an "insult". --- Jef From jya at pipeline.com Sat Sep 24 16:18:00 1994 From: jya at pipeline.com (John Young) Date: Sat, 24 Sep 94 16:18:00 PDT Subject: Crypto in BYTE Message-ID: <199409242317.TAA22858@pipe1.pipeline.com> Peter Wayner writes in October BYTE on electronic documents in business. Admirably covers encryption, digital signatures, authentication, digital cash, timestamps and more. See "EDI Moves the Data", pp.121-128. The issue has some other mentions of crypto. John From CCGARY at MIZZOU1.missouri.edu Sat Sep 24 16:41:21 1994 From: CCGARY at MIZZOU1.missouri.edu (Gary Jeffers) Date: Sat, 24 Sep 94 16:41:21 PDT Subject: CEB - Sept 24, 1994 Message-ID: <9409242340.AA23906@toad.com> CYPHER-REBELS ELECTRONIC BOOK (CEB) SEPTEMBER 24, 1994 ISSUE 3 Publisher Gary Lee Jeffers ccgary at mizzou1.missouri.edu A compendium of the best software & info for today's electronic privacy freedom fighters. This text may be distributed in part or in full anywhere you want. It may be given away freely or copies may be sold. CEB wants to be free & valuable. If, as Chairman Mao says: "Political power grows out of the barrel of a gun.", then what is democracy? TABLE OF CONTENTS Chapter 1. PGP Section 1. PGP general Section 2. Michael Johnson's PGP FAQ contribution Section 3. Stealth PGP. Chapter 2. Steganography. "A picture is worth a thousand words." Chapter 3. Shells for PGP Section 1. Christopher W. Geib's WinPGP26.ZIP Section 2. Ross Barclay's WinFront 3.0 Chapter 4. Generally cool things. Section 1. Loompanics sources. Section 2. Viruses sources. Chapter 5. Getting the Cypherpunks' archived & indexed list. Chapter 6. Remailers & chained remailers. Chapter 7. Current problems in Crypt. Chapter 8. Text sources. Section 1. Books Section 2. Rants Section 3. CYPHERNOMICON - Tim May's "official" Cypherpunks' FAQ. Chapter 9. Cypherpunks' mailing list. getting on etc.. CCCCCCCCCC YYYY YYYY PPPPPP HH HH EEEEEEE RRRRRRRRR CCCCCCCCCC YY YY PP PP HH HH EEEEEEE RRRRRRRRR CCC YY YY PP PP HH HH EE RR RR CCC YY YY PPPPPP HHHHHHHH EE RR RR CCC YYY PP HHHHHHHH EEEEEEE RR RR CCC YYY PP HH HH EEEEEEE RRRRRRRR CCC YYY PP HH HH EE RRRRRRR CCC YYY PP HH HH EE RRRRRR CCCCCCCCCC YYY PP HH HH EE RR RR CCCCCCCCCCC YYY PP HH HH EEEEEEE RR RR PP HH HH EEEEEEE RR RR RRRRRRRRRRR RR RR RRRRRRRRRRRRRR EEEEEEEEE RRRRRRRRRRR EEEEEEEEEEE BBBBBBBB EEEEEEEEEE SSSSSSS RRRRRRRR EEEEEEEEE BBBBBBBBBBB EE EEEEEEE SSSSSSSSS RR RRRR EEEEEEEEEE BBBBBBBBBB EEEEEEE SSSSSSSSS RRR RRRR EEEEEEEE BBBBBBBB EEEEEEE SSSSSSSS RRR RRRRR EEEEEE BBBBBB EEEEEEEE SSSSSSSSS RRRRRRRRRRRRRR EEEEEEE BBB EEEEEEEEEEE SSSSSSSSSS RRRRRRRRRRRRRR EEEEEEEEEE BB EEEEEEEEEEE SSSSSSS RRRRRRR RRRR EEEEEEEEEE BBB EEEEEEEEEEEEEE SSSSSSSSSSSSS RRR RRRRR EEEEEEEEEEEE BBBBB EEEEEEEEEEEEEEE SSSSSSSSSSSS RRRRR RR EEEEEEEE BBBBBBB EEEEEEEEE SSSSSSSSSS RR RRRRR EEEEEE BBBBBBBBB EEEEEEE SSSSSSSSSS RR RRRRR EEEEEE BBBBBBBBB EEEEEEE SSSSSSSSSS RRR RRRRRR EEEEEEEEEEE BBBBBBBB EEEEEEEEEEEE SSSSSSSSSSS RRRR RRRRRRR EEEEEEEEEEEEE BBBBBBB EEEEEEEEEEEEE SSSSSSSSSSSS PPPPPPPPPPP GGGGGGGGG PPPPPPPPPPP PPPPPPPPPPP GGGGGGGGG PPPPPPPPPPP PPP PP GGG PPP PP PPPPPPPPPPPP GGG GGGGGGG PPPPPPPPPPP PPPPPPPPPP GGG GGGGGGG PPPPPPPP PPP GGG GG PPP PPP GGGGGGGGGGGGG PPP PPP GGGGGGGGGGGG PPP Chapter 1. PGP general. PGP is Pretty Good Privacy from Phil Zimmermann. It is currently the best available encryption available to civilians at large. Zimmermann is the programmer on the original PGP versions but now, apparently, just guides other programmers in making improved versions. PGP uses two encryption algorithms: RSA for its Public Key powers & IDEA for its bulk encryption. The advantages of PGP over other crypt/decrypt systems are: 1. RSA algorithm. Allows users to communicate without needing a secure channel to exchange keys. - PUBLIC KEY ENCRYPTION. 2. The program system has been very well done & has huge development support. 3. It has huge popularity. 4. Security is guaranteed with distribution of source code & public investigation. 5. Its free. 6. Both RSA & IDEA are "STRONG" algorithms. MIT,s PGP 2.6 has the blessing of Zimmermann. PGP 2.6 ui is believed to have Zimmermann's approval because he has not attacked it. It is believed that Zimmermann will not endorse the ui version due to possible legal problems. Section 2: Michael Johnson's PGP FAQ contribution Michael Paul Johnson has an excellent faq on Subject: Where to Get the Latest PGP (Pretty Good Privacy) FAQ (Last modified: 7 September 1994 by Mike Johnson) You can get this faq by anonymous ftp to: ftp.csn.net /mpj/getpgp.asc It is also posted monthly on alt.security.pgp The latest versions of PGP are VIACRYPT PGP 2.7 , MIT PGP 2.6.1 & PGP 2.6ui. Which is best? I would say MIT PGP 2.6.1. It has source code which VIACRYPT doesn't give you & it is more advanced than the ui version. In comparing the MIT & ui versions, Michael Johnson had this to say: "The "unofficial international" versions are really just PGP 2.3a, modified just enough to make it compatible ust with MIT PGP 2.6, but do not include all of the fixes in MIT PGP 2.6 the and MIT PGP 2.6.1. They are named pgp26ui* or have "ui" somewhere a in their file names." In his faq, he gives some instances in which sions the ui version might be preferable. Section 3: Michael Johnson's PGP bomb contribution. From: Michael Johnson Subject: PGP Time Bomb FAQ PGP TIME BOMB FAQ Michael Johnson writes: "There has been some confusion about the annoying "Time Bomb" in MIT PGP2.6, as well as some other PGP version compatibility issues. This is an attempt to clear up some of that confusion." You can get this faq by anonymous ftp to: ftp.csn.net /mpj/pgpbomb.asc Section 3. Stealth PGP 37 Stealth PGP refers to a PGP file that does not have the RSA prefix tag on the beginning of a PGP encrypted file or to PGP utility software that disguises this tag. Possibly, a later version of PGP with have this as an option. The advantages of "Stealthy" PGP are that its files cannot be found by Internet search programs that hunt for the PGP/RSA tag & that a "Stealthy" file may be more securely hidden by a good steganography program. From: Mark Grant Subject: Stealth PGP Responding to my question "Has Stealth PGP been done yet?" Mark Grant says: Kind of, there's a 'stealth' filter available that strips and attaches headers to PGP messages after encryption. It's available from various places, and the documentation is available on my 'other people's PGP addons' WWW page : http://www.c2.org/~mark/pgp/other.html There's also information about Privtool, my PGP-aware mail program for Sun workstations at : http://www.c2.org/~mark/privtool/privtool.html Mark EMAIL: mark at unicorn.com URL : http://www.c2.org/~mark/ Chapter 2. Steganography "A picture is worth a thousand words." ============================================= %% = !I = %% %%% = !!! BB = %%%* *%%%% = **!!** & = *** @** = u \ x! ) < = * *** + m ) c $ = ** = # k } � = � = $%- & u = = ------- = @!p +e$ ~ # = � = h �6& ; | = � = =,# {{ = � = = � � = = � � = = � � ============================================= � � STILL LIFE WITH CRYPT +++++++++++++++++++++++++++++++++++++++++++++ Steganography is the craft of hiding messages in pictures. The text is, of course, encrypted text rather than plain text. The current best steganography program has been done by Arsen Arachelian Below, follows his text contribution: From: rarachel at prism.poly.edu (Arsen Ray Arachelian) WNSTORM is available from: ftp.wimsey.bc.ca:/pub/crypto/software/dist/US_or_Canada_only_XXXXXXX/Steg Usual routine to get it. i.e. cd /pub/crypto/software, get the README file, and if you agree to the terms then follow the instructions. Short description off the top of my head (I wrote the beastie) Another info scrap should be in the same directory as WNSTORM. WNSTORM is a data encryption/steganography utility which is pretty secure for most uses. Unlike some stego systems WNSTORM is expandible, all you have to do is write your own LSB injector/extractor for whatever data format you wish to hide information into. WNSTORM doesn't require the recipient of the host picture, sound, movie, etc. to have the original un-stormed picture. Unlike primitive stego programs, WNSTORM doesn't compare an stormed picture with an unstormed picture. WNSTORM will cover its tracks statistically. If it changes a 0 bit in the LSB data stream to a zero, or a 1 bit to a 1, it does nothing. If it changes a 1 bit to a zero, it will balance itself by changing an unused adjacent 0 bit to a 1. Ditto for a 0->1 transform. WNSTORM will NOT change every bit of the LSB in order to prevent detection. It will use a passkey along with a probabilistic algorithm to decide which bits it will change. The algorithm for picking bits depends on the previous succesfully encoded/decoded cyphertext AND the passkey. Internally WNSTORM works by picking "windows" or "packets" of bytes out of either a random number stream or an LSB stream extracted from a picture, sound, movie, etc. It then injects eight bits of cyphertext into this window. Each window is of variable size. The bit locations where the bits are inserted are randomly exchanged for each pass. The bit values are also randomly exchanged for each pass. WNSTORM includes an injector/extractor for PCX images, however I will write more injecotr/extractor programs for it in the future, and OTHERS can do so as well. Chapter 3. Shells for PGP. Section 1. Christopher W. Geib's WinPGP26.ZIP From: "David K. Merriman" Subject: Christopher W. Geib's Windows PGP shell I've just finished making an ftp deposit to soda in the cypherpunks/ incoming directory of WinPGP26.ZIP; it's the latest version of the Windows PGP shell Shareware, and understands 2.6/2.6ui/2.7. Dave Merriman Section 2. Ross Barclay's WinFront 3.0 From: Ross Barclay Subject: PGP WinFront 3.0 Now Available! (New Windows front end for PGP) To: cypherpunks at toad.com, ~rbarclay at TrentU.ca -----BEGIN PGP SIGNED MESSAGE----- Announcing PGP WinFront 3.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ A freeware Windows front end for PGP 2.3a and 2.6 Copyright 1994 Ross Barclay (rbarclay at trentu.ca) WHAT IT IS: - PGP WinFront is the most fully featured free (or otherwise) Windows front end available. It will make using PGP easy for beginners, and it will drastically increase the speed at which experts use it too. PGP WinFront is now into is third revision and I have tried to implement as many of the suggestions that I received as possible. PGP WinFront was designed by its users, but was coded by me. Features: - Supports secret key ring placement on floppy drive - Support en/decryption to/from clipboard - Move / Copy / Delete files - Online hypertext help - Online hypertext PGP help - Keyring reader to pick names, view key characteristics - Keyring reader supports less-often used "huge" keyrings - Signature Checker - Very configurable - over 25 user-definable settings - more . . . This program does too much to list here. And it's free! This version is a complete rewrite of the popular PGP WinFront 2.0. The feature-set has largely been set by users who sent in suggestions. Please read the file README.TXT and peruse the help files. Please send me your comments. HOW TO GET IT: At the moment, there are 2 ways to get this program: 1) Via FTP - The PGP WinFront 3.0 filename is called PWF30.ZIP. - It has been uploaded to the incoming directories of the following FTP sites: ftp.cica.indiana.edu ftp.eff.org ftp.wimsey.bc.ca black.ox.ac.uk soda.berkeley.edu ftp.informatik.uni-hamburg.de ftp.ee.und.ac.za ftp.demon.co.uk - Hopefully, they will be slotted into the PGP directories soon. On CICA, it will be placed into \pub\pc\win3\utils. That is where PWF20.ZIP was placed. - Once you get the program, please upload it to other FTP sites! 2) From Colorado Catacombs BBS - dial (303)772-1062. The file is called PWF30.ZIP - once you get the program, please upload it to other BBSs. *** The mail access system I had was discontinued. This is because the file was too big to fit into my account. However, you can still register PWF and request certain PGP and PWF related items using my mail access system. Details of these are on the "About" screen of PWF 30. - --Ross Barclay - ------------------------------------------------------------------------- Ross Barclay (rbarclay at trentu.ca), Assistant Editor | To receive my PGP | public key, send PC NEWS Review: Windows Edition | me e-mail with the Bellevue, WA (206) 399-8700 | subject: GET KEY - ------------------------------------------------------------------------- To receive PC NEWS Review, send me e-mail with the subject: GET PNR. - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLmZ7fdgpRteEZ9JhAQFeXgIAxIpvJQeMsx7YecNgtusBDMqL662XFeX2 qL0qF8HcN4ReZ9MYjtn9t8N1zWGxkPOXQEI3KfM7uk8JTzxjZ5LG2g== =gSYT -----END PGP SIGNATURE----- Chapter 4. Generally cool things. Section 1. Loompanics sources. Something cool from Vincent: Most of the Loompanics Unlimited catalog is online as: gopher://gopher.well.sf.ca.us/00/Business/catalog.asc And you can send mail to them at: loompanx at pt.olympus.net You can also get their catalog at: Loompanics Unlimited PO box 1197 33 Port Townsend, Wa. 98368 P id Send $5.00 for their general catalog - free with any order. Section 2. Viruses sources. AMERICAN EAGLE PUBLICATIONS Cypherpunks, I have found a source of info. that I just must share! American Eagle Publications, Inc. P. O. Box 41401 Tucson, AZ 85717 I'm sure they will send you a catalog just for the asking. So, what are they about? They are about VIRUSES! They don't just carry a couple of virus things - they are the VIRUSES-ARE-US of the virus world! They have a journal: Computer Virus Developments Quarterly. They have books on viruses, virus protection, cryptanalysis, the science fiction book "Heiland", a CD-ROM for $99.95 of several thousand live viruses, disks of viruses with source code, executable & utilities, programs & cards for boot protection, & even a virus IDEA computer system protector. Copy follows for two items of particular interest to Cypherpunks: POTASSIUM HYDROXIDE, KOH By the "King of Hearts" A sophisticated piece of software which uses ideas first developed by computer virus writers to secure your computer system against those who would like to get their hands on the information in it. You give KOH a pass phrase, & it uses state of the art IDEA data encryption algorithm to encrypt all of the information on your hard disk & your floppies. It is, for all intents & purposes, unbreakable, & works well with DOS & Windows. Many encryption programs offered commercially are easily cracked, but this one is not. Some people call this program a virus, come say it is not. In ways, it acts like a virus to do some of your security housekeeping for you. Yet at worst it is a friendly virus that lets you choose when & how it will replicate. program & manual on disk, $10 program, full source, & manual on disk, $20 (Overseas customers add $12: KOH cannot be exported from the US, but since it was not developed in the US, we will forward your order to the overseas distributor. Please allow 6 weeks for delivery) HEILAND By Franklin Sanders 276 pages, Paperback, 1986 Here's an entertaining book about America in the year 2020. If you wonder if it's proper to use viruses in wartime or if such a virus could be termed "good", this book will give you some food for thought. Sanders makes use of computer "worms" when the oppressed people of the US attack the federal government in an all-out war against tyranny. Sanders uses his worms right too - not as some all-powerful monster. Rather, they are deployed as part of a larger military strategy. For a book written in 1986, that's not bad! And if you're fed up with the government, this book is sure to give you a vision for the future. Sanders has been part of the mounting tax protest in this country. He's fought the IRS in court for years & won some important battles. Unfortunately the government seems to be con- firming some of his worst suspensions about them. Now you can get a good dose of his philosophy & his ideas about remedying our problems. And if you work for the government, don't be offended - this book is doubly recommended for you! Book, $8.00 for shipping add $2 per book. 5% sales tax for AZ. residents. It is my belief that in the next few years more uses for viruses than just being a vandal will be found. Also, they may find a place in protecting our electronic freedom. - for instance virus remailers. Also see my previous post - The FREEDOM DEAMON. Also, they have a place in my CHATTERBOX concept(a remailer for chat mode or commands). "Viruses aren't just for Sociopaths anymore!" Also, I suspect the state may start cracking down on virus tech- nology. Incidentally, did you all know that crypt has a place in modern viruses? Encryption is used to hide "nasty" code & virus signatures until they get into the system & decrypt. Yours Truly, Gary Jeffers PUSH EM BACK! PUSH EM BACK! WWWAAAYYY BBBAAACCCKK! BBBEEEAAATTTTT STATE ! Chapter 5. Getting the Cypherpunks' archived & indexed list. Vincent also tells us about the complete Cypherpunk's text on line & indexed with fast access times: Eric Johnson has put one together as: http://pmip.maricopa.edu/crypt/cypherpunks/Cypherpunks.src Please don't think that you used to be safe doing something illegal on this list and that you no longer are. That would be foolish. -- Vince The "http" is for "Hyper-Text Transport Protocol". This is not FTP, though it is a protocol similar in function to FTP. It is used by "WWW" (World Wide Web) of which Mosaic is the most popular implementation. If you have Mosaic, you can just give the above path. If you do not have mosaic, you should spend some time trying to get it. Mosaic makes it really easy to quickly move through lots of information on the net. Mosaic is a point and click hypertext interface. You can FTP to ftp.ncsa.uiuc.edu and go into Mosaic. WWW has a simple language for writting your own hypertext documents - "HTML" (Hyper Text Markup Language). You can think of this as sort of like Troff, LaTeX or Postscript, but for hypertext documents. One page of HTML can make dozens of normal files easy to access. For example, my README.html security page points to many normal files: ftp://furmint.nectar.cs.cmu.edu/security/README.html It turns out that the mail database is really in "WAIS" (Wide Area Information Server). You can use WAIS directly, though I think it is easier to use through mosaic. To use WAIS you would do: ws -h pmip.maricopa.edu -d cpindex/Cypherpunks The "ws" may be "waissearch" on your system. You can get lots of info on WAIS from ftp://wais.think.com/comp.infosystems.wais-FAQ As someone pointed out, this "http" method does not yet work with "lynx" (a text only implementation of WWW) on the cypherpunks mail database. It seems it will take a new version of lynx or WAIS for this to work. But the Unix "xmosaic" works fine. :-) This form of global filename starting with something like "ftp://", "http://", "gopher://" etc is also part of the WWW architecture. These names are called "URLs" for Universal Resource Locator. Well, that is probably enough acronyms for today. :-) -- Vince From: Vincent.Cate at FURMINT.NECTAR.CS.CMU.EDU To: cypherpunks at toad.com Subject: WWW Acronyms (was Re: Cypherpunks' mail database does exist) Gary Jeffers: > Vincent, you state that a fully archived, indexed cypherpunks >mailing list exists as: >http://pmip.maricopa.edu/crypt/cypherpunks/cypherpunks.src >Ok, so I ftp'ed to pmip.maricopa.edu & tried to get to cypherpunks.src, >but even the subdirectories weren't there. The "http" is for "Hyper-Text Transport Protocol". This is not FTP, though it is a protocol similar in function to FTP. It is used by "WWW" (World Wide Web) of which Mosaic is the most popular implementation. If you have Mosaic, you can just give the above path. If you do not have mosaic, you should spend some time trying to get it. Mosaic makes it really easy to quickly move through lots of information on the net. Mosaic is a point and click hypertext interface. You can FTP to ftp.ncsa.uiuc.edu and go into Mosaic. You also have a typo, it is "Cypherpunks.src" with a capital C. WWW has a simple language for writting your own hypertext documents - "HTML" (Hyper Text Markup Language). You can think of this as sort of like Troff, LaTeX or Postscript, but for hypertext documents. One page of HTML can make dozens of normal files easy to access. For example, my README.html security page points to many normal files: ftp://furmint.nectar.cs.cmu.edu/security/README.html It turns out that the mail database is really in "WAIS" (Wide Area Information Server). You can use WAIS directly, though I think it is easier to use through mosaic. To use WAIS you would do: ws -h pmip.maricopa.edu -d cpindex/Cypherpunks The "ws" may be "waissearch" on your system. You can get lots of info on WAIS from ftp://wais.think.com/comp.infosystems.wais-FAQ As someone pointed out, this "http" method does not yet work with "lynx" (a text only implementation of WWW) on the cypherpunks mail database. It seems it will take a new version of lynx or WAIS for this to work. But the Unix "xmosaic" works fine. :-) This form of global filename starting with something like "ftp://", "http://", "gopher://" etc is also part of the WWW architecture. These names are called "URLs" for Universal Resource Locator. Well, that is probably enough acronyms for today. :-) -- Vince PS I only read cypherpunks once a day, some time after midnight when my collection for the day is done. From: rishab at dxm.ernet.in Subject: Accessing the Cpunk WAIS archive "Gary Jeffers" > http://pmip.maricopa.edu/crypt/cypherpunks/Cypherpunks.src > is the location of all the Cypherpunks' posts with index. I can > get to this place by placing a "www" in front of this instruction. Do an archie search for lynx or mosaic or some other decent browser. This is a WAIS indexed archive; no hyper links; you type in a keyword, and get a list of matching articles, and select one (or more) of them to look at. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA Chapter 6. Remailers & chained remailers. From: wcs at anchor.ho.att.com (bill.stewart at pleasantonca.ncr.com +1-510-484-6204) Message-Id: <9408300753.AA22369 at anchor.ho.att.com> To: CCGARY at MIZZOU1.missouri.edu Subject: Re: Using remailers, chained remailers? There's somebody who posts a remailer summary to the list about monthly. There are three or four sets of remailers out there: - anon.penet.fi, which gives you an account an12345 at anon.penet.fi which people can reply to. Send "Subject: help" to anon at anon.penet.fi and it'll probably give you a useful reply. Its big use is for anonymous Usenet posting with working replies. - The cypherpunks remailers, which are mostly one-way no-reply mailers; some also support Usenet posting. Soda is pretty typical. - Various enhanced cypherpunks remailers, which have features like encrypted reply addresses you can attach at the end. You can get information on using the soda remailer by sending email to remailer at csua.berkeley.edu, with "help" somewhere in the posting; I'm not sure if it wants it in the Subject: or in the body. That's the remailer that posts from "Tommy the Tourist" with random NSA-bait at the bottom of postings. Here's a recent posting on getting status of remailers. Note that some really only remail once per day, so they may be working fine even if it says they're not. ---- Date: Mon, 15 Aug 1994 13:39:33 -0700 From: Raph Levien To: cypherpunks at toad.com Subject: "finger remailer-list at kiwi.cs.berkeley.edu" now operational Hi all, I have written and installed a remailer pinging script which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, at http://http.cs.berkeley.edu/~raph/remailer-list.html Please do not take the uptime figures too seriously, at least for another week or so. The script has only been running reliably for a few days. Please let me know about any other remailers which I missed. I've only included remailers which can mail to arbitrary addresses, so I already know chop and twwells are missing. If you've got a Web page, please feel free to include a link to this page. If you think your Web page is relevant to the subject of remailers, let me know and I'll link it in. Comments and suggestions welcome! Raph Levien ------- # Bill Stewart AT&T Global Information Solutions, aka NCR Corp # 6870 Koll Center Parkway, Pleasanton CA, 94566 Phone 1-510-484-6204 fax-6399 # email bill.stewart at pleasantonca.ncr.com billstewart at attmail.com # ViaCrypt PGP Key IDs 384/C2AFCD 1024/9D6465 Chapter 7. Current problems in Crypt. 1. We need an Internet Chat PGP system for conversations in real time. Note: #Freedom channel on the Internet Chat system has carried out fast encrypted conversations for years. When a Cypherpunk contacted one of their members (Sargent someone), he was politely told that their system was private. Sargent was unwilling to disclose method. Is their system some kind of security by obscurity code that cannot be varied (like by a drop in crypt/decrypt algorithm)? Or maybe the crypt method could be a drop in variable method & Sarge was unaware of it? Possibly other #Freedom members would be more knowledgeable? Possibly, a knowledgeable & diplomatic Cypherpunk could hit paydirt by pursuing this. 2. Has Arsen Arachelian really solved the problem of discovery of crypt in steganograpy by statistical examination of the least significant bits in his WNSTROM? I have seen no debate on this. 3. If the Feds capture the internet & put their anti-privacy hardware & protocols in place & outlaw remailers, does anyone have any idea how to build secure & effective remailers? A "Fortress remailer"? 4. If the above possibility happens & Cyperpunks' list is outlawed, does anyone have ideas how to make a "Fortress list"? Chapter 8. Text sources. Section 1. Books. From: Stanton McCandlish Subject: O'Reilly PGP book Date: Wed, 7 Sep 1994 13:38:58 -0400 (EDT) coming soon, PGP hits the mainstream: PGP: Pretty Good Privacy by Simson Garfinkel 1st Edition November 1994 (est.) 250 pages (est),ISBN: 1-56592-098-8, $17.95 (est) PGP is a freely available encryption program that protects the privacy of files and electronic mail. It uses powerful public key cryptography and works on virtually every platform. PGP: Pretty Good Privacy by Simson Garfinkel is both a readable technical users guide and a fascinating behind-the-scenes look at cryptography and privacy. Part I of the book describes how to use PGP: protecting files and email, creating and using keys, signing messages, certifying and distributing keys, and using key servers. Part II provides background on cryptography, battles against public key patents and U.S. government export restrictions, and other aspects of the ongoing public debates about privacy and free speech. -- Stanton McCandlish


    mech at eff.org

    Electronic Frontier Fndtn.

    Online Activist The best book in cryptography is: APPLIED CRYPTOGRAPHY Protocols, Algorithms, and Source Code in C by Bruce Schneier Loompanics advertising copy follows: In Applied Cryptography, data security expert Bruce Schneier details how programmers can use cryptography - the technique of enciphering messages - to maintain the privacy of computer data. Covering the latest developments in practical cryptographic techniques, the book shows programmers who design computer software and systems we use every day. Along with more than 100 pages of actual C source code of working cryptographic algorithms, this pratical handbook: * Explains data encryption protocols and techniques currently in use and likely to be used in the future. * Offers numerous present day applications - from secure correspondence to anonymous messaging. * Includes numerous source code fragments and shows how to incorporate them into larger programs. * Discusses related issues like patents, export laws, and legal rulings. And much more! 1994, 7 1/2 x 9, 636 pp, Illustrated, indexed, soft cover. APPLIED CRYPTOGRAPHY: $44.95 (order number 10062) $4.00 for shipping and handling. UPS ground. Additional $7.50 if you want UPS w day air(blue)- that would be $11.50. Loompanics Unlimited PO Box 1197 Port Townsend, WA 98368 Section 2. Rants. For good rants FTP to soda.berkeley.edu /pub/cypherpunks/rants Section 3. CYPHERNOMICON - Tim May's "official" Cypherpunks' FAQ. This is a giant (1.3MB uncompressed) faq by Tim May. To get it by anonymous ftp: ftp to ftp.netcom.com /pub/tcmay - This directory has it & its associated files. Chapter 9. Cypherpunks' mailing list. getting on etc.. ======================================================================== 63 X-Delivery-Notice: SMTP MAIL FROM does not correspond to sender. Received: from MIZZOU1 (SMTP) by MIZZOU1 (Mailer R2.10 ptf000) with BSMTP id 8875; Sun, 11 Sep 94 23:25:40 CDT Received: from relay2.UU.NET by MIZZOU1.missouri.edu (IBM VM SMTP V2R2) with TCP; Sun, 11 Sep 94 23:25:39 CDT Received: from toad.com by relay2.UU.NET with SMTP id QQxgzh01248; Mon, 12 Sep 1994 00:22:38 -0400 Received: by toad.com id AA27527; Sun, 11 Sep 94 21:22:46 PDT Date: Sun, 11 Sep 94 21:22:46 PDT Message-Id: <9409120422.AA27527 at toad.com> To: CCGARY at MIZZOU1.missouri.edu From: Majordomo at toad.com Subject: Majordomo results Reply-To: Majordomo at toad.com -- >>>> help This is Brent Chapman's "Majordomo" mailing list manager, version 1.92. In the description below items contained in []'s are optional. When providing the item, do not include the []'s around it. It understands the following commands: subscribe [

    ] Subscribe yourself (or
    if specified) to the named . unsubscribe [
    ] Unsubscribe yourself (or
    if specified) from the named . get Get a file related to . index Return an index of files you can "get" for . which [
    ] Find out which lists you (or
    if specified) are on. who Find out who is on the named . info Retrieve the general introductory information for the named . lists Show the lists served by this Majordomo server. help Retrieve this message. end Stop processing commands (useful if your mailer adds a signature). Commands should be sent in the body of an email message to "Majordomo at toad.com". Commands in the "Subject:" line NOT processed. If you have any questions or problems, please contact "Majordomo-Owner at toad.com". PUSH EM BACK! PUSH EM BACK! WWWAAAYYYY BBBAAACCCK! BBBEEEAAATTTT STATE! From sameer at c2.org Sat Sep 24 17:11:08 1994 From: sameer at c2.org (sameer) Date: Sat, 24 Sep 94 17:11:08 PDT Subject: tier-remailing available in the remailer installer Message-ID: <199409250009.RAA15586@infinity.c2.org> I added a slight bit to the remailer installer that I've written which allows you to setup a "tiered" remailer. A "tiered" remailer is one which only sends outgoing mail to another remailer.. that way the remailer that you might run would not come under as much heat as a last hop remailer. (A message such as: To: remail at scaredsite.com From: sameer at c2.org Anon-To: cypherpunks at toad.com Subject: hi would turn into To: remail at c2.org From: nobody at c2.org Anon-To: cypherpunks at toad.com Subject: hi when it went out of the remailer) available on ftp.csua.berkeley.edu:/pub/cypherpunks/remailer/remailer-install.v1.tar.gz -- sameer Voice: 510-841-2014 Network Administrator Pager: 510-321-1014 Community ConneXion: The NEXUS-Berkeley Dialin: 510-549-1383 http://www.c2.org (or login as "guest") sameer at c2.org From khijol!erc Sun Sep 25 00:01:26 1994 From: khijol!erc (Ed Carp [Sysadmin]) Date: Sun, 25 Sep 94 00:01:26 PDT Subject: kerberosV telnet In-Reply-To: <199409242313.QAA11090@hot.ee.lbl.gov> Message-ID: > >I never once mentioned the Kerberos V code. I explicitly said > >"Cygnus" in my message. As for the Kerberos V stuff, I've never seen > >it and would not pretend to know what it looks like, and thus wouldn't > >mention it. > > No, of course you didn't mention it. I mentioned it, in the subject > of the first message of this ridiculous thread. Apparently you > STILL DON'T GET IT. > > And I still fail to see how my pointing out that you are confused can > reasonably be called an "insult". You have to excuse Perry. You see, in Perry's eyes, anyone who doesn't agree with him, and has the intestinal fortitude to say so, is called names and told they are "insulting" him. As Tom Clancy says in "Debt of Honor", "It was a source of constant surprise to Ryan that important grown-ups so often acted like five-year-olds." -- Ed Carp, N7EKG Ed.Carp at linux.org, ecarp at netcom.com Finger ecarp at netcom.com for PGP 2.5 public key an88744 at anon.penet.fi ** PGP encrypted email preferred! ** "What's the use of distant travel if only to discover - you're homeless in your heart." --Basia, "Yearning" From tcmay at netcom.com Sun Sep 25 00:20:16 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 25 Sep 94 00:20:16 PDT Subject: "Debt of Honor" and Solution to Congress Problem In-Reply-To: Message-ID: <199409250717.AAA05229@netcom10.netcom.com> Ed Carp [Sysadmin] wrote: > .... As Tom Clancy says in "Debt of > Honor", "It was a source of constant surprise to Ryan that important > grown-ups so often acted like five-year-olds." Speaking of "Debt of Honor," I just finished it last week. The best Clancy novel I've read in several years. It bogs down in too many pages in the second half, in my opinion, but the descripton of the U.S. financial system is masterful, a better introduction to how monetary policy affects interest rates I haven't seen. And the description of the events surrounding a car defect is chilling, and gripping. I won't give any spoilers, but Clancy's solution to the problem of too much government is, shall I say, "explosive." The Sato Solution is something we can all work toward. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From perry at imsi.com Sun Sep 25 07:15:32 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sun, 25 Sep 94 07:15:32 PDT Subject: kerberosV telnet In-Reply-To: <199409242313.QAA11090@hot.ee.lbl.gov> Message-ID: <9409251415.AA17913@snark.imsi.com> I was not continuing this on cypherpunks, but Mr. Pozkanzer seems to have an insistance on posting bits of private mail, so I suppose I should return the compliment. I have no interest in continuing this past this message. I suspect everyone is extremely bored already. Jef Poskanzer says: > And I still fail to see how my pointing out that you are confused can > reasonably be called an "insult". You said: >That would have been a stupid request to make. Thanks for the >compliment. Implying that myself and the others answering your request were somehow being insulting -- when we were simply answering a question in good faith. >It's insulting to demonstrate that you are bullshitting, eh? Sure Perry. Refering to a stranger who's just tried to give you some help as a "bullshitter" is not, I hope, what your parents taught you about good manners. >Not at all, Perry. It's only when a loudmouth gives *incorrect* >answers multiple times that I start getting pissed. Would you like being called a loudmouth? Do you, say, call your mother a loudmouth when you meet her? Would you go up to a stranger under most circumstances and say "you're a loudmouth"? Would you expect that the stranger would take it as a friendly statement? You have no sense of how to behave around your fellow human beings, Mr. Pozkanzer. Perry From bdolan at well.sf.ca.us Sun Sep 25 08:28:57 1994 From: bdolan at well.sf.ca.us (Brad Dolan) Date: Sun, 25 Sep 94 08:28:57 PDT Subject: Secret evidence in judicial hearings Message-ID: <199409251528.IAA17615@well.sf.ca.us> Links to crypto are weak (maybe!) but I think this may be of interest to some on the list: Associated Press reported yesterday: "A former NASA researcher has been ordered deported as a suspected North Korean agent following a hearing at which he was not allowed to see all the evidence against him. [...] Lee was ordered [deported] on Friday by federal immigration Judge Michael Suarez, partly on the basis of classified FBI information that Suarez refused to divulge to either Lee or his attorney, Herbert Gee. Lee said neither he nor his lawyer was allowed to attend the government's closing statements Wednesday."  From sandfort at crl.com Sun Sep 25 08:52:09 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Sun, 25 Sep 94 08:52:09 PDT Subject: H.E.A.T. BEAT Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . H.E.A.T. seekers, Please note my new title for these reviews in the subject line. Consider it a filtering aid--pro or con. CODE NAME: FRAME-UP The Team is in Culebra ("snake"), Panama to capture a gunrunner, Salazar, who's supplying terrorists. They pretend to be hanging out on the beach (bikini alert) and the grab him as he is making a "private" cellular call to the terrorists. During the snatch, they find that he is carrying cocaine, so that's what he gets busted for. He will being going before Judge Diaz, who is not corrupt, so he's toast unless his brother can rig something. "Something" comes in the form of Celia Alvarez, a Salazar gun moll who bears a striking resemblance to our own Romana Machado. She comes to our hero, Mike, and tells him she wants to make a break from Salazar's gang. She gets Mike to her room to talk about it, and gives him a Mickey Finn. When Mike comes to, he's in bed with his gun in his hand and a dead guy (shot with Mike's gun) on the floor. They dead guy is judge Diaz. The cops burst in, Celia says, "he did it" and away goes Mike. After this point, the plot self-destructs and makes no sense at all. No matter; that's not why we're here. Before all this happen, however, there is a gratuitous montage of babes in bikinis, intercut with scenes of our heroes basking on the beach, practicing martial arts, frolicking in the water, playing with puppies, etc. (For those of you who are more interested in good-looking guys than gals, there were plenty of shots of shirtless male Team members, posing and flexing their muscles.) The upshot of the weird plot twists is that the Team loses its official backing and has to go in on its own to save Mike. To do this, they first break into the DEA's computer. The purpose of the intrusion is to put information *into* the database. They create files that say that Marcos and Cat are big-time drug dealers. With this, they are able to infiltrate Salazar's operation and ... well I'm not sure what the idea was, but it gives Marcos a chance to slick back his hair (all bad guys on Acapulco H.E.A.T. have slicked back hair), and dress in a cheesy pimp outfit. Cat gets to put on too much makeup and tart it up in a short, tight, red dress. Besides the computer break-in, there is only one other "hi-tech" plot device. Outside Salazar's villa, the Team uses a "long range mike" to pick up Mike's voice inside. The microphone was an incredibly cheap-looking hand-held parabolic mike. It was only about a foot in diameter, and they were using it *through the windshield* of their car. There was also a briefcase with a flash bomb inside, but that's not particularly hi-tech. Of course, there is a climactic shoot-em-up, but the only thing that gets blown up is the aforementioned flash Grenada briefcase. There was, however, some deliciously irresponsible firearms role modeling. When Ashley finds Mike, he's handcuffed. They have one of their typical romantic banters that ends with her saying, "Maybe I should just shoot you and blame it on Salazar." Mike responds with a smart-ass comment, at which point Ashley points her pistol at Mike, causing him to cringe away with his hands over his head. She than pulls the trigger and shots through the links connecting the two wrist sections of Mike's handcuffs. Ya' gotta love a woman like that. (Or else!) S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From rubin at faline.bellcore.com Sun Sep 25 08:54:06 1994 From: rubin at faline.bellcore.com (Avi Rubin) Date: Sun, 25 Sep 94 08:54:06 PDT Subject: Upgrade to Betsi Message-ID: <199409251553.LAA04234@faline.bellcore.com> Update on Bellcore's Trusted Software Integrity System ------------------------------------------------------ The format of Betsi certificates has now been upgraded to accomodate multiple files. The md5sum program, which is included in the contrib directory of the pgp 2.6.1 distribution, takes a list of files or wildcards as arguments and produces a list of md5 hash sums followed by file names. The format of a request for certificate message is the same as before for one file, and as follows for multiple files: To: certify at bellcore.com Subject: certify -----BEGIN PGP SIGNED MESSAGE----- Bebeto J. Romario thumper.bellcore.com MD5 2ee29998b334297dcc32102eb857fbc3 Fontmap Version 2.1 c3e5704be89c4d4807d5fec11b1752e6 Great.Program.zip dc3a8031d65db8bb0ec3de046abe79b2 README 012ffa34521f97ae381fb5f11f837016 Trusted.Dist.tar.Z -----BEGIN PGP SIGNATURE----- Version: 2.6 iQB1AwUBLoGbvJti/eSkC5bZAQFudQL/W4u7zOE9yp8rTXsSQK2L9pfHIYNzOkRB g4lNKTHzFXgbEdN8+DzpB2mKCYYTNw+k/qP/Hui0yaG0oeksNYnqJN1zzB0vWhgG TyFzJqVop/QlYIlrItFr+LD1ebDBOYon =UGQZ -----END PGP SIGNATURE----- The paper at thumper.bellcore.com in /pub/certify/Betsi.ps has been updated to reflect this upgrade, and it is further explained there. I am currently working on writing mosaic pages to facilitate the process of sending various messages to Betsi. For more information on Betsi send a message to certify at bellcore.com with the subject: help. ********************************************************************* Aviel D. Rubin Email: rubin at faline.bellcore.com Bellcore (MRE-2M354) http://www.citi.umich.edu/users/rubin/ 445 South St. Morristown, NJ 07960 Voice: +1 201 829 4105 USA FAX: +1 201 829 5889 From jgostin at eternal.pha.pa.us Sun Sep 25 09:17:11 1994 From: jgostin at eternal.pha.pa.us (Jeff Gostin) Date: Sun, 25 Sep 94 09:17:11 PDT Subject: kerberosV telnet Message-ID: <940925113141A9Jjgostin@eternal.pha.pa.us> Jef Poskanzer writes: > No, of course you didn't mention it. I mentioned it, in the subject > of the first message of this ridiculous thread. Apparently you > STILL DON'T GET IT. Since you two can't send what should be in private email anywhere but the list, I'm sending this discussion where it belongs... *PLONK* to Threads-From-Hell. (TM) From jef at ee.lbl.gov Sun Sep 25 09:53:39 1994 From: jef at ee.lbl.gov (Jef Poskanzer) Date: Sun, 25 Sep 94 09:53:39 PDT Subject: kerberosV telnet Message-ID: <199409251653.JAA12371@hot.ee.lbl.gov> >I was not continuing this on cypherpunks, but Mr. Pozkanzer seems to >have an insistance on posting bits of private mail, so I suppose I >should return the compliment. Gosh gee gee whillikers Perry, what did you expect me to do after you started quoting from private email, hmmmmmmm? --- Jef From wfgodot at iquest.com Sun Sep 25 10:58:10 1994 From: wfgodot at iquest.com (Michael Pierson) Date: Sun, 25 Sep 94 10:58:10 PDT Subject: TIS, SKE, & CyberCash Inc. Message-ID: John Young wrote: > Peter Wayner writes in October BYTE on electronic documents in > business. > > Admirably covers encryption, digital signatures, > authentication, digital cash, timestamps and more. > > See "EDI Moves the Data", pp.121-128. > > The issue has some other mentions of crypto. Also worthwhile is the article on page 40 which discusses Trusted Information Systems' software-key escrow proposal. After seeing it I decided to hunt down the TIS Software Key Escrow paper at ftp://ftp.tis.com/pub/crypto/ske. It makes for interesting reading on the kinder, gentler, sugar-coated incarnation of key escrow that we're likely to be seeing more of. Sugar-coated or not, it still has poison inside. TIS's proposal is even more noteworthy considering their affiliation with the CyberCash Inc. venture written about in the 09/13/94 WSJ article posted here several days ago (ie. $whois cybercash.com = TIS). So, one of the leading proposals for SKE comes from a company involved with one of the leading digicash ventures. It looks like TIS is a company to watch. The TIS SKE paper asserts that: "Key escrow cryptography has been a controversial topic since it was proposed in 1993. We believe that it is most likely to be accepted for use outside of government if it is authorized by legislation that sets forth the circumstances under which keys may be released and the sanctions for abuse of the escrow process" Well, hell will freeze over before it is accepted by this citizen. Those who have seen how RICO and the Forfeiture Law have run amok in this country have no reason to feel sanguine about the potential future abuses of key escrow. I don't expect the statutory limitations on its misuse to be any more reliable than the search and seizure limitations or due process requirements of the Forth and Fifth Amendments which have been vitiated over the past decade or so. And the prospect that the surveillance state infrastructure which the Friends of Big Brother (FOBBs) are trying to put into place today will be available for potentially more tyrannical leaders that may appear in the future, even more inimical to liberty, privacy and personal sovereignty than the current ones, is not a comforting thought. -Michael From cactus at bb.com Sun Sep 25 11:35:59 1994 From: cactus at bb.com (L. Todd Masco) Date: Sun, 25 Sep 94 11:35:59 PDT Subject: kerberosV telnet In-Reply-To: <199409251653.JAA12371@hot.ee.lbl.gov> Message-ID: <364g6c$i38@bb.com> Could you two, like, grow up or something? -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From matsb at sos.sll.se Sun Sep 25 11:36:04 1994 From: matsb at sos.sll.se (Mats Bergstrom) Date: Sun, 25 Sep 94 11:36:04 PDT Subject: H.E.A.T. BEAT In-Reply-To: Message-ID: Speaking of hi-tech related screen fanatsy I just saw an old (1992) movie starring Robert Redford, Dan Akroyd and Sidney Poiters (forgot - or never noticed - the title) with rather 'advanced' crypto ties. A professor of mathematics, specialist in primes, had constructed a 'black box' (containing a matchbox-sized chip) that could break all passwords in a few seconds. Lots of other fantastic machinery also. And the NSA had a big part. Somehow the manuscript seems to have been written by an author with some understanding of the implications of strong crypto. An ex-starving cypherpunk?? Mats From tcmay at netcom.com Sun Sep 25 11:58:14 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 25 Sep 94 11:58:14 PDT Subject: TIS, SKE, & CyberCash Inc. In-Reply-To: Message-ID: <199409251855.LAA21791@netcom16.netcom.com> Michael Pierson wrote: > TIS's proposal is even more noteworthy considering their affiliation > with the CyberCash Inc. venture written about in the 09/13/94 WSJ > article posted here several days ago (ie. $whois cybercash.com = TIS). > So, one of the leading proposals for SKE comes from a company > involved with one of the leading digicash ventures. It looks like > TIS is a company to watch. I agree that this is a crucial development to watch. Two related (I think) developments: - Al Gore writes a guest editorial in the latest "Discover" magazine. His theme: an expansion of the "National Information Infrastructure" he calls the "Global Information Infrastructure." The New World Order in cyberspace. Wanna bet that this GII will have passports, authorization slips, tax collection capabilities, and is-a-person credentials? - The latest "Internet World" (Oct. '94, p. 11) confirms that Microsoft is building Internet connectivity into upcoming releases of Windows and Windows NT. Given their known involvement in SKE/GAK (confirmed to me in e-mail, and reported here on this list a few months back), this "Microsoft said it will build in suppport for those protocols in the next versions of Windows and Windows NT" statement bears close watching. (The scenario I think is likely: SKE is put in at the OS level, perhaps with these SLIP/PPP/TCP-IP protocols. Ostensibly "voluntary," it actually won't be, because selection of "escrow agents" will be from a list of approved entities. A *truly* voluntary system would allow complete bypassing, or selection of a "bit bucket" as the escrow agent. Fat chance.) (TIS statemen on SKE elided.) > Well, hell will freeze over before it is accepted by this citizen. > Those who have seen how RICO and the Forfeiture Law have run > amok in this country have no reason to feel sanguine about the > potential future abuses of key escrow. I don't expect the statutory > limitations on its misuse to be any more reliable than the search > and seizure limitations or due process requirements of the Forth and > Fifth Amendments which have been vitiated over the past decade or so. > And the prospect that the surveillance state infrastructure which the > Friends of Big Brother (FOBBs) are trying to put into place today > will be available for potentially more tyrannical leaders that may > appear in the future, even more inimical to liberty, privacy and > personal sovereignty than the current ones, is not a comforting thought. Agreed. We need to watch carefully this one. A "voluntary" software key escrow system is of course OK (useful for people afraid of forgetting their keys, for companies that don't want the death of employees to cut them off from corporate secrets, etc.). But any system in which the escrow key holders are *not* freely selectable from a list one generates one's self (where the agents may be the company lawyer, one's mother, one's priest, the bit bucket, the machine down the hall, or nothing at all, etc.) is *not voluntary*. The recent conference on international use of crypto, noted by other recenly and by several of us back in July, had an ominous agenda. Did any of you attend? I get the feeling that wheels are turning, that deals are being cut. And given the EFF's recent sell-out on Digital Telephony (which is of course related to this, especially since the OS makers like Microsoft and Apple are negotiating deals with the cable-telco companies, thus presumably making the OS makers partners in the "wiretapping" requirements), I would not be surprised to see similar deals being arranged behind the scenes. Much as I fear direct democracy, I also fear this kind of smoke-filled room trading away of our liberties. Wiretap bills, Software Key Escrow, Government Access to Keys, information superhighways, Data Cops...it's all getting pretty worrisome. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From tcmay at netcom.com Sun Sep 25 12:06:26 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 25 Sep 94 12:06:26 PDT Subject: "Sneakers" and Len Adelman In-Reply-To: Message-ID: <199409251903.MAA22506@netcom16.netcom.com> Mats Bergstrom wrote: > > > Speaking of hi-tech related screen fanatsy I just saw an old (1992) > movie starring Robert Redford, Dan Akroyd and Sidney Poiters (forgot > - or never noticed - the title) with rather 'advanced' crypto ties. > A professor of mathematics, specialist in primes, had constructed a > 'black box' (containing a matchbox-sized chip) that could break all > passwords in a few seconds. Lots of other fantastic machinery also. > And the NSA had a big part. Somehow the manuscript seems to have been > written by an author with some understanding of the implications of > strong crypto. An ex-starving cypherpunk?? > "Sneakers" was not an "old" movie..."old" is something I saw in 1960! 1992 is also the year Cypherpunks got started (Eric can elaborate, but I think he met a lot of the "Wired" planning team at a "Sneakers" sneak (ers) showing in San Francisco.) In any case, Len Adelman, the "A" in "RSA," was a technical advisor in the film. The pseudo-mathematical cant in the movie was probably provided by him. Not exactly an ex-starving Cypherpunk. (Adelman was also Fred Cohen's thesis advisor at the University of Southern California, and has done a lot of work on computer viruses.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From merriman at metronet.com Sun Sep 25 12:14:45 1994 From: merriman at metronet.com (David K. Merriman) Date: Sun, 25 Sep 94 12:14:45 PDT Subject: H.E.A.T. BEAT Message-ID: <199409251914.AA24139@metronet.com> >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > SANDY SANDFORT > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . > For the Alison Armitage fans out there (YO! Sandy! :-), the local snoozepaper TV listings indicate that she's going to be co-host(ess) of an athletic competition program called (stand by....) BeachClash. Guest athletes compete against regular cast ("Hardbodies" with names like Ripper, Breeze, and Zuma) - Beach Blanket American Gladiators? Appears to be nationally syndicated; might be worth looking into (pun intended!). Here in the Dallas area, the new program is already slated for the old H.E.A.T. timeslot (midnight!); haven't found out where H.E.A.T. went off to.... Hmmmmm. Athletic competition. Alison. Beach. *drool* :-) Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From perry at imsi.com Sun Sep 25 12:28:38 1994 From: perry at imsi.com (Perry E. Metzger) Date: Sun, 25 Sep 94 12:28:38 PDT Subject: TIS, SKE, & CyberCash Inc. In-Reply-To: <199409251855.LAA21791@netcom16.netcom.com> Message-ID: <9409251928.AA18513@snark.imsi.com> Timothy C. May says: > (The scenario I think is likely: SKE is put in at the OS level, > perhaps with these SLIP/PPP/TCP-IP protocols. Ostensibly "voluntary," > it actually won't be, because selection of "escrow agents" will be > from a list of approved entities. A *truly* voluntary system would > allow complete bypassing, or selection of a "bit bucket" as the escrow > agent. Fat chance.) They can build what they like, Tim. The protocols being defined right now by the IETF do not include provisions for escrow. Thus far, no one from the NSA, or even TIS, has come up to me and said that I should change the draft RFCs that I am writing. Any such OS support for SKE in Microsoft software would not be interoperable with anyone else's software. Since the bulk of the internet does not run on Microsoft platforms, and since Microsoft doesn't sell things like routers and the like, even Microsoft has to interoperate if they want their packets to move past the local ethernet. Perry From tcmay at netcom.com Sun Sep 25 12:42:29 1994 From: tcmay at netcom.com (Timothy C. May) Date: Sun, 25 Sep 94 12:42:29 PDT Subject: TIS, SKE, & CyberCash Inc. In-Reply-To: <9409251928.AA18513@snark.imsi.com> Message-ID: <199409251939.MAA01385@netcom16.netcom.com> Perry E. Metzger wrote: > They can build what they like, Tim. The protocols being defined right > now by the IETF do not include provisions for escrow. Thus far, no one > from the NSA, or even TIS, has come up to me and said that I should > change the draft RFCs that I am writing. Any such OS support for SKE > in Microsoft software would not be interoperable with anyone else's > software. Since the bulk of the internet does not run on Microsoft > platforms, and since Microsoft doesn't sell things like routers and > the like, even Microsoft has to interoperate if they want their > packets to move past the local ethernet. Good! I'm glad to hear that such developments make a "takeover" of Internet protocols less likely. (Even better might be a heavy international involvement, with folks from countries that are not malleable and controllable by the New World Order Task Force.) Despite my periodic alarms, I'm pretty optimistic about our chances for escaping the "Big Brother Inside" future--my Cyphernomicon should make this optimism clear. Although I'm an admitted extremist in my views, I do try to steer clear of the two extremes: Extreme 1: It's all over. Big Brother is here. Give up. Extreme 2: We've already won. It's all over. They can do nothing to us. I think we're somewhere in between, with some frightening laws on the horizon (look at the War on Drugs, civil forfeiture, tax laws, currency reporting requirements, health care proposals, etc.), but also with some new "degrees of freedom" that make control very difficult. The war isn't over yet. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From pfarrell at netcom.com Sun Sep 25 14:06:59 1994 From: pfarrell at netcom.com (Pat Farrell) Date: Sun, 25 Sep 94 14:06:59 PDT Subject: MS, IBM, Apple, EFF and DTB [was : TIS, SKE, & CyberCash Inc. Message-ID: <61387.pfarrell@netcom.com> tcmay at netcom.com (Timothy C. May) writes: > - The latest "Internet World" (Oct. '94, p. 11) confirms that > Microsoft is building Internet connectivity into upcoming releases of > Windows and Windows NT. ^^^^^^^^^^ this one, at least has been released and should be at your local computer store RSN. I've been on the NT beta test, and it is really nice. The built in SLIP/PPP will massivly increase the number of real internet hosts. It is easy to use and robust. They don't ship Cello/Mosaic, but that is trivial to add. > (The scenario I think is likely: SKE is put in at the OS level, > perhaps with these SLIP/PPP/TCP-IP protocols. > > And given the EFF's recent sell-out on Digital Telephony (which is of > course related to this, especially since the OS makers like Microsoft > and Apple are negotiating deals with the cable-telco companies, thus > presumably making the OS makers partners in the "wiretapping" > requirements), I would not be surprised to see similar deals being > arranged behind the scenes. Much more than working deals, Microsoft wants to be an Internet Serivce Provider (ISP), much like Apple and IBM have recently become. IBM's new OS/2 has a "one button" signon/configuration onto their service. Apple has been bundling eWorld for a while. But I don't see Tim's OS-oriented collusion. The EFF sell out clearly focused on defining service providors and then excluding then, specifically, from the burden of DTB. Doesn't look like they like GAK any more than Tim or me. Pat Pat Farrell Grad Student pfarrell at cs.gmu.edu Department of Computer Science George Mason University, Fairfax, VA Public key availble via finger #include From wmo at rebma.rebma.mn.org Sun Sep 25 22:23:29 1994 From: wmo at rebma.rebma.mn.org (Bill O'Hanlon) Date: Sun, 25 Sep 94 22:23:29 PDT Subject: PGP, remailer@rebma.mn.org Message-ID: <199409260526.AAA00862@rebma.rebma.mn.org> The remailer at rebma.mn.org was not using pgp 2.6, and it was having trouble with messages that used the newer versions. (I think it was running 2.3.) Anyway, I fixed it, but I imagine there's been some traffic that didn't get remailed. Sorry. -Bill From merriman at metronet.com Sun Sep 25 22:58:47 1994 From: merriman at metronet.com (David K. Merriman) Date: Sun, 25 Sep 94 22:58:47 PDT Subject: Beach Clash first edition review Message-ID: <199409260557.AA18670@metronet.com> Yup. Pretty much a case of Beach Blanket American Gladiators; except that it's two "teams", each team consisting of HomeTown Folks and 2 each of the HardBodies (1 each male & female). Swimsuits on contestants are "sports" types (can't afford to have anything popping free on national TV, eh?). Bystanders/Audience, however, suffer no such limitations :-) Ditto on "personal interviews" with contestants (guys, too, for those so inclined). Alison wears normal street clothes (sorry Sandy!) Team names are Suitably Impressive and Beach-y: Tigersharks and Sea Otters Tonights program included: > two-pass swim/climb: guys come in from out at sea, girls climb rope. One guy rides paddleboard in, tags girl who climbs rope to release flag, which signals other guy to swim in from raft - said guy then tags same girl who releases additional flag. > hill climb: guys & girls climb wet plastic fake hills, run back to beginning, tag another team member who climbs, until all have gone over the hills. > raft drag: guy team member on jet ski pulls girl team member hanging onto inflatable raft. > VolleySmash: 4-person/team volleyball on a giant airmattress > BungeeBall: contestants try to run against restraint of bungee cord, getting close enough to make freethrows. > BeachBout: contestants try to knock each other off horizontal pole using foam bats. > King of the Raft: male/female contestants paddle out to raft to join other members to try to climb pyramid and displace ball. > Walk the Plank: team members walk across the horizontal pole from BeachBout while opposing team throws "dodge balls" at them. > Surf War: tug-o-war in the surf. > Crash and Burn: obstacle course through/in the surf and beach. I'm sure there are crypto/privacy issues here, but I'm too thick to see them :-) Mildly amusing, but not something I'm going to stay up 'till midnight for next week. Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From blancw at pylon.com Sun Sep 25 23:15:35 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Sun, 25 Sep 94 23:15:35 PDT Subject: Chomsky (Thread from Hell) Message-ID: <199409260616.XAA16173@deepthought.pylon.com> Responding to msg by James A. Donald: >He implies that democratic control of speech and ideas >would be a vast improvement in our civil liberties, >that it would make us more free. But who pays attention to what Chomsky thinks (say, by comparison to others similarly inclined). >In other words he is perverting the language so that >for him "freedom of speech" is democratic control of >speech and ideas by the people. Then who is going to understand what he really means? >He continually describes (and wildly exaggerates) the >problem using language that implies that only a >collective, rather than individual, response to >misinformation can make us free. He isn't the only one who ever has, or ever will, advocate such things. He's not on the board of directors of the NII, is he; or how does he exert influence? >. . . .Chomsky fans show a notable lack of >tolerance for other forms of speech, as is most >noticeable on the net. So is it Chomsky, or his fans who are the problem? And how do they succeed in making themselves influential? >Since there are clearly a great many people who seek >and desire totalitarianism, with their group at the >top, we should hardly be surprised to see large >number of people seeking to achieve this through means >that are workable and feasible, rather than through >means that are absurd and impossible. This type of person is interchangeable: they could follow someone (like Chomsky) today or someone else tomorrow. It should always be possible to recognize the difference between one thing and another - one kind of idea or social system or another - just as you have, by seeing the contradictions and actual relations in the expressed statements, proposals, methodologies, etc. It looks as though you are simply fighting the ideas which many people have always found to their advantage to believe, but I can't see where Chomsky is the only & most important reason why they are willing to think as they do. So - those are my comments on Chomsky, about which I will write no more, as he doesn't sound interesting at all to pursue. Blanc From cactus at bb.com Mon Sep 26 01:32:05 1994 From: cactus at bb.com (L. Todd Masco) Date: Mon, 26 Sep 94 01:32:05 PDT Subject: Chomsky (Thread from Hell) In-Reply-To: <199409260616.XAA16173@deepthought.pylon.com> Message-ID: <366164$r5a@bb.com> In article <199409260616.XAA16173 at deepthought.pylon.com>, wrote: > But who pays attention to what Chomsky thinks (say, by >comparison to others similarly inclined). ... > He isn't the only one who ever has, or ever will, advocate >such things. He's not on the board of directors of the NII, is >he; or how does he exert influence? ... > So is it Chomsky, or his fans who are the problem? And how do >they succeed in making themselves influential? ... > This type of person is interchangeable: they could follow >someone (like Chomsky) today or someone else tomorrow. ... > It looks as though you are simply fighting the ideas which >many people have always found to their advantage to believe, >but I can't see where Chomsky is the only & most important >reason why they are willing to think as they do. So - those >are my comments on Chomsky, about which I will write no more, >as he doesn't sound interesting at all to pursue. Amazing. Truly amazing. You could try actually reading what the man's written before dismissing him on one person's inflamatory rhetoric. I assure you, what he has to say is quite interesting, whether you agree with it or not (I don't always): it's just not worth arguing with someone who claims to know what Chomsky believes better than Chomsky does. -- L. Todd Masco | "A man would simply have to be as mad as a hatter, to try and cactus at bb.com | change the world with a plastic platter." - Todd Rundgren From samuel.kaplin at .mn.org Mon Sep 26 05:37:49 1994 From: samuel.kaplin at .mn.org (Samuel Kaplin) Date: Mon, 26 Sep 94 05:37:49 PDT Subject: Fwd: Anonymous Long Distance Phone Calling Message-ID: <940926072942121@.mn.org> -----BEGIN PGP SIGNED MESSAGE----- > HOW TO PURCHASE YOUR CALLING CARD: >You send a $50 or $100 blank Cashier's check, or cash, to the address >stated below. I have purchased a pile of PIN cards and I randomly select >and send it to you. The company I buy these cards from, keeps no records, >if they did, all records of sales are to me in my name unfortunately. >keep no records of addresses or PIN numbers who I am sending to. After yo >receive your card you go about making your calls and then when you want to >add more time to your calling card (recharge the card), This is where yo >gain another level of privacy, because I step out of the loop and you will >communicate with Traceless, the providing company, directly. You send a >money order or cash and your PIN number to the address provided on the car >and they will recharge the anonyous PIN number with the amount sent. You >no name or return address on the envelope. Since all they did was send a >pile of cards to me and I sent them out they have no way of knowing who wh >or where the cards went to. Alternatively, for those who have an offsho >Visa, MasterCard or American Express accounts, you can set it up so t >your PIN account can be credited by certain amounts when you hit a certai >key while making phone calls to the special 800 number. If this option i >appealing to you, let me know and I can send some more information. Also >for those that need voice encryption that option is available. Again >you want more info on this let me know. I wonder how anonymous this will be once the subpoenas start flying. I think that this is still traceable via this method: 1) The authorities have you under physical surveillance (A tail) 2) Since they know where you've been they pull the phone records and see all of the outgoing calls. 3) They get the records from this company and match the time or the number that the call was placed from. (800 billing records have this) 4) Now they know where you called. You are relying on this unknown company to NOT cave in when subpoenas are flying around. I wouldn't, especially at 30+ cents a minute. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCNAy5pUekAAAEEAKrDj64Zj9AJU+gC7/Ivdk8b1ef6a1T9K5CGFeu1yFDSXLyD DLIdGunZR/4ilosLMxdlZcNqPwZ3HgxL+Gk3y2SwYfqKpeWExWPgb696lgzf2BRC tED15ZAwi3UDIkcouv2PBiDwPNUUmnLb5diDXdA3qtALb+XzlwpnimeWAf3FAAUT tCFTYW11ZWwgS2FwbGluIDwrMSAoNjEyKSA1MzAtNzMxNj6JAJUCBRAuaVLjQqfV nzRSzxkBAcXuA/47yIN+sltMyIRqCgUZz/gubdI6LUcpFsTcXsFWppROpAWFPJv0 J9z/UoP1kjJ+nrAAizuKuhmC5eg5OOxUE+tUgSPl6hAtu2xJYmKtCbQpxF0sG8ni 4e8I8Zsk5vcopO5Vub96CiVgPjI5vITCb32kcLKI1yyFaztbHdtOasUthrQuU2Ft dWVsIEthcGxpbiA8c2FtdWVsLmthcGxpbkB3YXJlaG91c2UubW4ub3JnPg== =J2S+ - -----END PGP PUBLIC KEY BLOCK----- ----------------------------------------------------------------------------- Fido: Sam Kaplin 1:282/1018 | "...vidi vici veni" - Overheard Compuserve: 75240,131 | outside a Roman brothel. samuel.kaplin at warehouse.mn.org | 75240,131 at compuserve.com | Change is the only constant in the For confidential communications use PGP | Universe..."Four quarters, please." ----------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAgUBLoUKLwpnimeWAf3FAQHfCAQAlCNoT0syIxVnHp+IqQpXRsrwRmOpWBk3 pB+GLBSwBgz9Vyl/unPj8PsxekkN6O5j+3eLAvVLQvluC1Ab0bAwkK44ta1ltRnz 3nXb4SQmNeLieKk+42iEXDNTUoplDhrf4FyoNew+k/NT3DzdlQi3rGA7SHUzfsZ2 4DqqXx6f/pc= =iXgU -----END PGP SIGNATURE----- From samuel.kaplin at .mn.org Mon Sep 26 05:37:57 1994 From: samuel.kaplin at .mn.org (Samuel Kaplin) Date: Mon, 26 Sep 94 05:37:57 PDT Subject: Jim Bidzos Message-ID: <940926072942126@.mn.org> -----BEGIN PGP SIGNED MESSAGE----- - ->:My humble opinion: Jim is not really the enemy, nor is he really a - ->:friend. He is a businessman trying to make a buck via the intellectual - ->:property laws. Sometimes this works out in our favor, sometimes it - ->:doesn't. He sends out letters defending his intellectual property - ->:rights that tend to be full of innuendo and that border on - ->:prevarication, but always stay on the proper side of the line; this is - ->:such a standard practice among people in businesses like his that I - ->:can't fault him for it. Overall, I'd say that anger towards him is - ->:misplaced. Unfortunately Herr Bizdos is not dealing with the business community, he is dealing with the INTERNET community. While all the sabre rattling may be acceptable within the business community, it is not acceptable within the INTERNET community. In effect Bizdos created his own problem. If the code was stolen, he should have had better physical security on it. If a licensee anonymously posted it, he should have included a means of tracing the code back to the source of the leak, then pursue that individual, not the whole INTERNET crypto community. If the code was reverse engineered, that's one of the risks in not patenting it. Personally I'm tiring of the whole affair. - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCNAy5pUekAAAEEAKrDj64Zj9AJU+gC7/Ivdk8b1ef6a1T9K5CGFeu1yFDSXLyD DLIdGunZR/4ilosLMxdlZcNqPwZ3HgxL+Gk3y2SwYfqKpeWExWPgb696lgzf2BRC tED15ZAwi3UDIkcouv2PBiDwPNUUmnLb5diDXdA3qtALb+XzlwpnimeWAf3FAAUT tCFTYW11ZWwgS2FwbGluIDwrMSAoNjEyKSA1MzAtNzMxNj6JAJUCBRAuaVLjQqfV nzRSzxkBAcXuA/47yIN+sltMyIRqCgUZz/gubdI6LUcpFsTcXsFWppROpAWFPJv0 J9z/UoP1kjJ+nrAAizuKuhmC5eg5OOxUE+tUgSPl6hAtu2xJYmKtCbQpxF0sG8ni 4e8I8Zsk5vcopO5Vub96CiVgPjI5vITCb32kcLKI1yyFaztbHdtOasUthrQuU2Ft dWVsIEthcGxpbiA8c2FtdWVsLmthcGxpbkB3YXJlaG91c2UubW4ub3JnPg== =J2S+ - -----END PGP PUBLIC KEY BLOCK----- ----------------------------------------------------------------------------- Fido: Sam Kaplin 1:282/1018 | "...vidi vici veni" - Overheard Compuserve: 75240,131 | outside a Roman brothel. samuel.kaplin at warehouse.mn.org | 75240,131 at compuserve.com | Change is the only constant in the For confidential communications use PGP | Universe..."Four quarters, please." ----------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAgUBLoW8JwpnimeWAf3FAQHSpQP+ONtJQFljElHW+cZqVS2Ad7qikN+58A/w SpUHb6jhkSjuQoEHMUxM54vpTPiPgaE+TGCvBt5u2d4zqJVeF52FYbS+MUvoT6rs 3pYuF0DxR23MBElthtJUdaLUOW6w2pSXk7bcCL5bgCiB9zHe+V/KmzvRdSX8y9xf ttke5IXHBeA= =QGMi -----END PGP SIGNATURE----- From perry at imsi.com Mon Sep 26 05:50:51 1994 From: perry at imsi.com (Perry E. Metzger) Date: Mon, 26 Sep 94 05:50:51 PDT Subject: Jim Bidzos In-Reply-To: <940926072942126@.mn.org> Message-ID: <9409261250.AA19682@snark.imsi.com> samuel.kaplin at .mn.org (Samuel Kaplin) says: > Unfortunately Herr Bizdos is not dealing with the business community, he is > dealing with the INTERNET community. What does that mean? You mean that RC4 was released somehow only to the "internet community" and somehow the rest of the world isn't involved? > While all the sabre rattling may be acceptable within the business > community, it is not acceptable within the INTERNET community. There is no "internet community". There is the U.S. and its laws. Jim Bidzos has food in his fridge only in so far as RSA DSI makes money. RSA DSI makes money only in so far as he defends their intellectual propery claims under U.S. law. This does not make his behavior what I would call nice, but it does EXPLAIN it. Jim Bidzos's motives are crystal clear. He isn't a mystery. He's a guy who's job is making money off of RSA DSI's patents and other intellectual property, and so far as I can tell everything he's done has always been completely consistant with that. Whether you LIKE the fact that he does his job well isn't the point. Lots of people act as though they found his note on RC4 suprising. What did you expect? A letter saying "thank you for reducing my firm's profits"? His methods are precisely the ones that you would expect him to be using. Perry From raph at CS.Berkeley.EDU Mon Sep 26 06:49:36 1994 From: raph at CS.Berkeley.EDU (Raph Levien) Date: Mon, 26 Sep 94 06:49:36 PDT Subject: List of reliable remailers Message-ID: <199409261350.GAA20229@kiwi.CS.Berkeley.EDU> I have written and installed a remailer pinging script which collects detailed information about remailer features and reliability. To use it, just finger remailer-list at kiwi.cs.berkeley.edu There is also a Web version of the same information, at: http://www.cs.berkeley.edu/~raph/remailer-list.html Please let me know about any other remailers which I missed. I've only included remailers which can mail to arbitrary addresses, so I already know chop and twwells are missing. This information is used by premail, a remailer chaining and PGP encrypting client for outgoing mail, which is available at: fftp://soda.berkeley.edu/pub/cypherpunks/premail/premail-0.22.tar.gz For the PGP public keys of the remailers, as well as some help on how to use them, finger remailer.help.all at chaos.bsu.edu This is the current info: REMAILER LIST This is an automatically generated listing of remailers. The first part of the listing shows the remailers along with configuration options and special features for each of the remailers. The second part shows the 10-day history, and average latency and uptime for each remailer. You can also get this list by fingering remailer-list at kiwi.cs.berkeley.edu. $remailer{"chaos"} = " cpunk hash ksub"; $remailer{"vox"} = " cpunk oldpgp. post"; $remailer{"avox"} = " cpunk oldpgp post"; $remailer{"extropia"} = " cpunk pgp special"; $remailer{"portal"} = " cpunk pgp hash"; $remailer{"alumni"} = " cpunk pgp hash"; $remailer{"bsu-cs"} = " cpunk hash ksub"; $remailer{"rebma"} = " cpunk pgp hash"; $remailer{"jpunix"} = " cpunk pgp hash latent cut post"; $remailer{"wien"} = " cpunk pgp hash nsub"; $remailer{"c2"} = " eric pgp hash"; $remailer{"soda"} = " eric pgp. post"; $remailer{"penet"} = " penet post"; $remailer{"ideath"} = " cpunk hash ksub"; $remailer{"usura"} = " cpunk pgp. hash latent cut post"; $remailer{"leri"} = " cpunk pgp hash"; $remailer{"desert"} = " cpunk pgp. post"; $remailer{"underdog"} = " cpunk pgp hash latent cut post"; $remailer{"nately"} = " cpunk pgp hash latent cut"; catalyst at netcom.com is _not_ a remailer. Last ping: Mon 26 Sep 94 6:00:01 PDT remailer email address history latency uptime ----------------------------------------------------------------------- wien remailer at ds1.wu-wien.ac.at ++********#+ 5:08 99.99% c2 remail at c2.org *+*-*+**+-** 29:25 99.99% chaos remailer at chaos.bsu.edu #**#*****### 1:18 99.99% ideath remailer at ideath.goldenbear.com *-.++*+***** 31:44 99.99% leri remail at leri.edu *+*-*+****#* 13:43 99.99% bsu-cs nowhere at bsu-cs.bsu.edu ***+*--**# # 20:40 99.99% portal hfinney at shell.portal.com ********##*# 4:01 99.97% underdog lmccarth at ducie.cs.umass.edu **********+* 4:22 99.92% penet anon at anon.penet.fi ************ 34:17 99.81% jpunix remailer at jpunix.com * #*****-*#* 7:46 99.79% vox remail at vox.xs4all.nl -.- .-..-. 14:02:41 99.66% soda remailer at csua.berkeley.edu ...__..-.. 8:25:41 99.27% alumni hal at alumni.caltech.edu **** ******* 5:25 99.02% extropia remail at extropia.wimsey.com ++++-+-++ * 1:01:20 99.00% nately remailer at nately.ucsd.edu -+++* 54:21 98.17% rebma remailer at rebma.mn.org -+-_..--+-- 10:18:14 97.33% usura usura at xs4all.nl **+***+***+ 6:05 96.17% desert remail at desert.xs4all.nl -------.--- 24:51:16 82.67% Suggested path: chaos;c2;wien For more info: http://www.cs.berkeley.edu/~raph/remailer-list.html Options and features cpunk A major class of remailers. Supports Request-Remailing-To: field. eric A variant of the cpunk style. Uses Anon-Send-To: instead. penet The third class of remailers (at least for right now). Uses X-Anon-To: in the header. pgp Remailer supports encryption with PGP. A period after the keyword means that the short name, rather than the full email address, should be used as the encryption key ID. oldpgp Remailer does not like messages encoded with MIT PGP 2.6. Other versions of PGP, including 2.3a and 2.6ui, work fine. hash Supports ## pasting, so anything can be put into the headers of outgoing messages. ksub Remailer always kills subject header, even in non-pgp mode. nsub Remailer always preserves subject header, even in pgp mode. latent Supports Matt Ghio's Latent-Time: option. cut Supports Matt Ghio's Cutmarks: option. special Accepts only pgp encrypted messages. History key * # response in less than 5 minutes. * * response in less than 1 hour. * + response in less than 4 hours. * - response in less than 24 hours. * . response in more than 1 day. * _ response came back too late (more than 2 days). If you've got a Web page, please feel free to include a link to this page. If you think your Web page is relevant to the subject of remailers, let me know and I'll link it in. Comments and suggestions welcome! Note to remailer operators: this script generates hourly ping messages. If you don't want that, let me know and I will take your mailer off the list, or increase the interval between pings. Raph Levien From ravage at bga.com Mon Sep 26 07:10:29 1994 From: ravage at bga.com (Jim choate) Date: Mon, 26 Sep 94 07:10:29 PDT Subject: (n!)modx ... Message-ID: <199409261410.JAA26009@zoom.bga.com> Hi all, In a reply late last week concerning large values of x and x having many prime factors I made the comment that even pairs might be factored out by multiplying them and then finding a different way to factor the product. I as assuming that the product of two primes would not produce a product which in general could not be factored a different way. This seems to be in error. So far the vast majority of cases I have looked at have failed. This leaves the problem of large values of x which have many prime factors that appear either two or more times in n. At this point I don't see a way to use this relationship to further gain. Any ideas would be greatly appreciated. Side Note: I have lost the original post concerning this subject. I am still working on a paper concerning the behaviour of the mod function and would like to provide credit where credit is due. If you are the original author or can provide the e-mail address (please reply via e-mail) of the author it would be much appreciated. Take care. From blancw at microsoft.com Mon Sep 26 09:24:07 1994 From: blancw at microsoft.com (Blanc Weber) Date: Mon, 26 Sep 94 09:24:07 PDT Subject: Chomsky (Thread from Hell) Message-ID: <9409261624.AA08349@netmail2.microsoft.com> From: L. Todd Masco You could try actually reading what the man's written before dismissing him on one person's inflamatory rhetoric. I assure you, what he has to say is quite interesting, whether you agree with it or not (I don't always). . . . . . ............................................................. Sure, with all those questions on my mind I wouldn't just dismiss him entirely or not examine any of his work - I suffer too much from curiosity to do that. But as I'm already quite familiar with the ideas at issue, the controversy surrounding what what he, in particular, has to say does not much alarm me whether he is right or wrong, unless he happens to be someone who is in a position to affect a part of my life directly. Then for sure I would investigate him more precisely. Blanc From pstemari at bismark.cbis.com Mon Sep 26 10:25:39 1994 From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) Date: Mon, 26 Sep 94 10:25:39 PDT Subject: Fast Modular Factorial? In-Reply-To: <199409231755.MAA03386@zoom.bga.com> Message-ID: <9409261722.AA27286@focis.sda.cbis.COM> > > If (n!)mod x = 0 then there is a factor of x which is less than n. If > > you can solve modular factorials, then you can solve for the largest > > factor of x in logarithmic time. Obviously, nobody has found a method > > to do either. > > > Just some thoughts... ... > If x>n and x is not a prime then the result will again always be 0 since > we can break x down into factors smaller than n and the previous argument > removes the various factors. This doesn't work--(x > n) & x not prime doesn't imply that x has a factor less than n. That's only true if sqrt(x) >= n. From ravage at bga.com Mon Sep 26 10:31:46 1994 From: ravage at bga.com (Jim choate) Date: Mon, 26 Sep 94 10:31:46 PDT Subject: DNA at last (fwd) Message-ID: <199409261731.MAA06332@zoom.bga.com> Forwarded message: From cactus at bb.com Mon Sep 26 11:37:03 1994 From: cactus at bb.com (L. Todd Masco) Date: Mon, 26 Sep 94 11:37:03 PDT Subject: Chomsky quote (thread from hell) Message-ID: <199409261842.OAA03804@bb.com> What does James Donald believe Chomsky believes? > Of course Noam Chomsky is optimistic - he favors limitless and > absolute state power and the forcible and violent silencing of all > those who deviate from political correctness. What does Chomsky believe Chmosky believes? >Noam Chomsky, in a 4/16/94 e-mail response to a question from Steve >Shalom, says: > > In my opinion, not only mainstream intellectuals but also others > who produce a constant stream of lies, distortion, racist screeds, > etc., should be permitted freedom of speech. The state should not > have the power to stop them. The same freedom extends to > hypocrites, like faculty senates who choose one particularly and > usually quite marginal example because career and power interests > are served thereby, while ignoring vastly more significant and > awful cases because the opposite is true. And Congress, of which > the same is correct. (BTW, I must admit that Cypherpunks is the last place I expected to find someone who doesn't think that control over information flow is real power: that's the thesis that lies at the center of most of the Chomsky statements that have been attacked). -- Todd From Flyinggoat at aol.com Mon Sep 26 08:54:58 1994 From: Flyinggoat at aol.com (Flyinggoat at aol.com) Date: Mon, 26 Sep 1994 11:54:58 -0400 Subject: DNA at last Message-ID: <9409261152.tn139618@aol.com> I copied this out of the San Jose Mercury News this morning. US TEAM EXTRACTS FRAGMENTS OF DNA FROM DINOSAUR BONES (reuters)LONDON- American scientists have extracted genetic material from the bones of a 65 million-year-old dinosaur--but they won't be recreating the mighty beasts as happened in the film "Jurassic Park". Paleontologist Jack Horner, and advisor on Steven Spielburg's hit film about dinosaurs, managed to isolate fragments of DNA from the femur of a Tyrannosaurus Rex, the Sunday Times reported.(me: what Sunday times? The London Sunday Times?) Detailing the findings of the Montana University lecturer, it said Horner's team is to publish evidence that the fragments resemble those of modern-day birds. This would mean that dinosaurs did not die out 65 million years ago as generally assumed. Some may have survived and evolved into birds.(me: continued to evolve into birds) Horner has been racing against another US team, led by Professor Scott Woodward of Utah's Brigham Young University, to be first with the dinosaur DNA details. Woodward told the Sunday Times: "I think we will find there were almost as many different kinds of dinosaurs on Earth as there are animals today and that some were probably closely related to birds." But neither Horner or Woodward forecast that Jurassic Park would come true. DNA fragments can be amplified and copied, but they are only a tiny part of the total genetic make-up needed to re-create dinosaurs. (me: comments?) Betty Cunningham(Flyinggoat at aol.com) From STANTON at ACM.ORG Mon Sep 26 12:02:32 1994 From: STANTON at ACM.ORG (STANTON at ACM.ORG) Date: Mon, 26 Sep 94 12:02:32 PDT Subject: TIS, SKE, & CyberCash Inc. Message-ID: <01HHKJS55WLU00JQ0Z@PASCAL.ACM.ORG> Tim May writes: > I think we're somewhere in between, with some frightening laws on the > horizon (look at the War on Drugs, civil forfeiture, tax laws, > currency reporting requirements, health care proposals, etc.), but No Joke. From what I hear, the feds are about to close on of the loopholes in currency reporting by extending the reporting requirments to wire transfers From jdblair at phoenix.sas.muohio.edu Mon Sep 26 12:23:48 1994 From: jdblair at phoenix.sas.muohio.edu (John Blair) Date: Mon, 26 Sep 94 12:23:48 PDT Subject: TIS, SKE, & CyberCash Inc. In-Reply-To: <01HHKJS55WLU00JQ0Z@PASCAL.ACM.ORG> Message-ID: <9409261923.AA21412@phoenix.sas.muohio.edu> > > Tim May writes: > > > I think we're somewhere in between, with some frightening laws on the > > horizon (look at the War on Drugs, civil forfeiture, tax laws, > > currency reporting requirements, health care proposals, etc.), but > > No Joke. From what I hear, the feds are about to close on of the > loopholes in currency reporting by extending the reporting requirments > to wire transfers > An article in todays WSJ describes these new requirements in more detail. Organizations must now record all wire transfers, and report suspicious transactions to the feds. -john. ---------------------------------------------+---------------------------- John Blair: | this space for rent... voice: (513) 529-3980 | Unix System Administrator, Juggler | Student of Interdisciplinary Studies | (finger me for PGP key) From remailer-admin at chaos.bsu.edu Mon Sep 26 13:09:38 1994 From: remailer-admin at chaos.bsu.edu (Anonymous) Date: Mon, 26 Sep 94 13:09:38 PDT Subject: No Subject Message-ID: <199409262013.PAA11740@chaos.bsu.edu> Does anybody know if this ``BlackNet'' thingie is for real? I found this offered for sale someplace on the Net. BLACKNET INTELLIGENCE WEEKLY, 19 SEP 94 ***RECENT SATELLITE DEPLOYMENTS*** 18. MENTOR/JEROBOAM SIGINT launched 27 AUG 94, 04:58 EDT, Canaveral. Multi-spectral "K-9" mission, target includes cellular traffic, U.S. Northeast. Joint NRO/CIO/FinCEN mission. Achieved orbit, all systems nominal. 19. JUMPSEAT SIGINT ferret launched 3 MAY 94, 07:31 PDT, Vandenberg. NRO mission. Titan IV. Balkans/Bosnia is target. Mission nominal. ***CTIC/Ricebird Crypto Modules*** E-Systems now shipping Commanders' Tactical Terminal/Hybrid-Receive Only" (CTT/H-R) modules to authorized agencies. Tactical Information Broadcasting Service (TIBS) and Tactical Data Information Exchange System Broadcast (TADIXS-B) modules now included CAPSTONE-compliant cryptography submodules. Authorized LE use only. ***FISSIONABLES MARKET*** Hamburg, FRG: Arrests of 12 SEP 94 point to increasing prices on Class-IV fissionables. NEST personnel arrived from Nevada, 13 SEP 94, and all evidence transferred. .... From talon57 at well.sf.ca.us Mon Sep 26 13:36:00 1994 From: talon57 at well.sf.ca.us (Brian D Williams) Date: Mon, 26 Sep 94 13:36:00 PDT Subject: Forwarded: tagging info Message-ID: <199409261832.LAA11095@well.sf.ca.us> Forwarded from Extropians: First off, before I discuss schemes for tagging data, let me say that I'm completely opposed to copyrights, patents, and all forms of intellectual property law. They're unhip and anti-extropian. I realize that a majority of Extropians will come out in favor of copyright law, given that they're knowledge workers, but they're misguided: there are plenty of ways to turn information into cash without making the free exchange of information illegal. Use your originality rather than a big stick. (For more, see my article "Free the Bits", article #94-9-488) That said, let me describe the ways I've worked out to be Big Brother. I've done some work on methods of tagging data in such a way that the tags can't be removed without destroying the information. This is what we really want if we're trying to trace where our data goes. I'm interested in cryptographically strong methods of tagging data, so putting tags in the noise bits of an image, or in the whitespace of text, is not good enough. Such tags can be easily ripped out. The old mapmaker's trick -- inserting a small nonexistent street into each map -- is more like what I'm getting at. The idea is to do a small amount of damage at a chosen site, in such a way that if the thieves try to cover up the damage without detecting the target site, they will have to destroy the information they set out to steal. Mainly I've thought about the case of tagging a piece of ASCII text, with a different set of tags for each copy of the text, enabling me to enforce a contract with a buyer of the information not to redistribute it. I'm going to choose to make small content changes, like exchanging a word for its synonym, as my means of inserting tags into the text which can't be smoothed away. The meat of what I'm interested in is when, say, 10 thieves get together and compare their (distinctly tagged) copies of a newswire article. Can they succeed in removing the tags and distributing a clean copy? They do a "diff" of their copies and discover that the 100'th word is sometimes "but" and sometimes "however", and similarly for 20 other words throughout the document. The thieves now have to decide which word to include in their output document (say, by flipping a coin), in order to scramble any information the tagger hoped to insert. So who wins? Tagger or thieves? The short answer is, my kind of tagging is effective in most cases, but not against a large group of sophisticated thieves (more than about 20 or so of them). This is because the number of tag bits required, according to my calculations, is exponential in the number of thieves. To see some stuff I wrote last year as part of a discussion on the sci.crypt newsgroup, and code for a simulator I wrote to test out an interesting case, retrieve article #94-9-497... -- Marc Ringuette (mnr at cs.cmu.edu). Freely forward/archive this. End of forwarded message Brian D Williams Extropian Cypherpatriot "A country that wants to be unarmed and free, wants what never has been and never will be." --- Thomas Jefferson From infoaclu at aclu.org Mon Sep 26 14:55:10 1994 From: infoaclu at aclu.org (ACLU Information) Date: Mon, 26 Sep 94 14:55:10 PDT Subject: ACLU release and letter on FBI wiretap bill Message-ID: <199409262152.RAA08256@pipe1.pipeline.com> ACLU * ACLU * ACLU * ACLU * ACLU * ACLU * ACLU * ACLU * ACLU NEWS RELEASE * NEWS RELEASE * NEWS RELEASE * NEWS RELEASE ACLU Opposes FBI Wiretap Access Bill; Legislation Would Create Dangerous Precedent For IMMEDIATE RELEASE September 26, 1994 Contact: Barry Steinhardt BarryS @ aclu.org or Kathy Parrent, 212-944-9800, ext. 424 The American Civil Liberties Union today called on the House Judiciary Committee to reject the FBI Wiretap Access Bill, H.R. 4922, which would require private electronics manufacturers to insure that the FBI can wiretap using developing telecommunications technologies. In a letter sent to Congressman Jack Brooks, Chair of the House Judiciary Committee, the ACLU stated that the bill "... creates a dangerous and unprecedented presumption that government not only has the power, subject to warrant to intercept private communications, but that it can require private parties to create special access. It is as if the government had required all builders to construct new housing with an internal surveillance camera for government use." "Moreover, the FBI has not borne the burden of proving why such an extraordinary requirement is necessary..." the letter said. A copy of the full letter with the ACLU's detailed objections follows. ___________________________________________________________________________ September 22, 1994 Honorable Jack Brooks Congressman, State of Texas 2449 Rayburn House Office Building Washington, D.C. 20515-4309 Dear Congressman Brooks: We are writing to you to express the ACLU's opposition to the FBI-Wiretap Access Bill, H.R. 4922. While we were not actively involved in Subcommittee deliberations, we have reviewed the legislation and we have several major concerns. The principal problem remains that any digital telephone bill which mandates that communications providers make technological changes for the sole purpose of making their systems wiretap-ready creates a dangerous and unprecedented presumption that government not only has the power, subject to warrant, to intercept private communications, but that it can require private parties to create special access. It is as if the government had required all builders to construct new housing with an internal surveillance camera for government use. Even if such use were triggered only by a judicial warrant, such a requirement would be strongly resisted by the American people. H.R. 4922 establishes a similar requirement, and is without precedent. Moreover, the FBI has not borne the burden of proving why such an extraordinary requirement is necessary. In 1993, there were fewer than 1,000 wiretaps authorized and many of them failed to yield any substantive evidence while intercepting many innocent conversations. It is far from clear that digital telephones will substantially obstruct legitimate law enforcement efforts. Without further public discussion and debate, the public will not have a sufficient opportunity to weigh the loss of privacy against the FBI's claims. There has been no opportunity to learn the full extent of the types of investigations that the FBI claims were precluded because of a restriction on their public dissemination. Yet, based on these secret assertions, 91 such incidents were cited by the FBI. On those slim assertions, the public's loss of privacy in digital communications is all but assured and taxpayers will be asked to pay an extraordinary price. H.R. 4922 authorizes $500 million over the next four years to reimburse telecommunications carriers for the costs that would be imposed by the bill. Even if you accept these cost estimates -- the industry puts the real cost in the billions -- we will spending $125 million or $125,000 per wiretap, for the fewer than 1,000 taps that will be conducted each year. As you know, the ACLU has the greatest respect for Congressman Edwards and Senator Leahy. Both have been tireless champions for civil liberties. The Edwards/Leahy proposal is an improvement over earlier versions offered by the FBI and we applaud their efforts to add new privacy protections. The proposed expansion of the Electronic Communications Privacy Act to cordless phones and the requirement that a court order be obtained for transactional data from electronic communication providers both are steps forward and merit separate consideration by the Congress. But they cannot and should not be traded for the unprecedented intrusion represented by H.R. 4922. In several respects, H.R. 4922 is still too broad in its application. For example, earlier versions of the bill would have applied directly to on-line communication and information services such as internet providers, America On Line, Compuserve, Prodigy etc. H.R. 4922 would apply directly only to "telecommunications carriers" such as the Regional Bell Operating Companies. But this provision does not narrow the scope of the bill as much as it might seem. First, with the new presumption that the government is entitled to require private manufacturers to insure its ability to wiretap, law enforcement will undoubtedly be back in future years insisting that this limitation thwarts its efforts and will seek to broaden the coverage to other information providers. Once the basic principle of H.R. 4922 is accepted, what arguments remain to resist its expansion. The limited application of H.R. 4922 is surely temporary; what matters is the basic requirement, not its immediate application. More importantly, law enforcement will still have the opportunity to intercept on-line communications over the internet or commercial on-line networks, by tapping into the facilities of the telecommunications companies. As critics of the earlier versions had noted the coverage of the on-line providers was largely redundant. All these communications still pass over telephone lines. Law enforcement does not need access at every point in a telecommunication in order to intercept it. Access at any one point is sufficient and that would be readily available since ultimately on-line communications must travel over the public switched telephone network which the bill requires be wiretap ready. Moreover, given the commingled nature of digital communication lines, it is inevitable that more private information from third parties will be intercepted than would be the case with analog phones, and the minimization requirements in the bill will not prevent this. In the end, this proposal will make our telecommunications structure more, not less vulnerable. In its original form the FBI Digital Telephony proposal would have given the power to the Attorney General to impose standards on communication providers which would guarantee that their systems were wiretap-ready. Essentially, this would have created a centralized wiretapping system that threatened the privacy of the entire nation and was dependent for its security on a few select people. This raised the real concern that if electronic communications service providers must design their systems to allow and ensure FBI access, then the resulting mandatory "back doors" may become known to and be exploited by "criminals." The new proposal contains the same risks. It would have the technical standards developed by the industry, through trade associations or standard-setting bodies, in consultation with the Attorney General. But it contains a "safe harbor" provision, which protects a carrier from sanction if it is in compliance with standards created by this approach. The safe harbor provision virtually guarantees that the standards developed through the industry-based process will be adopted by all. Whether the standards are directly imposed by government or created by concerted industry action, in consultation with the government, makes little difference. The result is the same. A centralized wiretapping capacity with all of its vulnerabilities will still be created. Finally, we have grave concerns about the encryption provisions. The Edwards/Leahy version has been described as "neutral" on encryption. The bill provides that telecommunications providers do not need to decrypt data, unless they hold the key. In the short term, this is an improvement over the earlier versions of the bill which would have created obligations to decrypt, but there are at least two longer term problems. First, is the new presumption that industry has the affirmative responsibility to create special technical capacity for the government to snoop. Can there be any real doubt that the FBI will be back in the years to come asserting that its ability to intercept communications has been thwarted by easily available encryption and that an industry obligation, analogous to the new obligation to provide wiretap capacity, must be created. Secondly, in some cases the telecommunications providers may well hold the key -- particularly as they expand the services they provide to their customers. H.R. 4922 proposes a radical and expensive change in our telecommunications structure. The threats it poses, now and prospectively, are real, but the need for it far less than evident or proven. We urge that your Committee not rush into consideration of this far reaching measure with so little time left in the session. We thank you for your consideration of our views and we would be happy to sit down with you to discuss these issues. Sincerely, Ira Glasser Laura Murphy Lee --endit-- The ACLU urges interested persons to contact the following members of Congress immediately: Rep. Jack Brooks Sen. Howard Metzenbaum (202) 225-6565 (voice) (202) 224-7494 (voice) (202) 225-1584 (fax) (202) 224-5474 (fax) ============================================================= ACLU Free Reading Room | A publications and information resource of the gopher://aclu.org:6601 | American Civil Liberties Union National Office mailto:infoaclu at aclu.org | "Eternal vigilance is the price of liberty" . -- ACLU Free Reading Room | American Civil Liberties Union gopher://aclu.org:6601 | 132 W. 43rd Street, NY, NY 10036 mailto:infoaclu at aclu.org| "Eternal vigilance is the ftp://aclu.org | price of liberty" From pcw at access.digex.net Mon Sep 26 16:25:00 1994 From: pcw at access.digex.net (Peter Wayner) Date: Mon, 26 Sep 94 16:25:00 PDT Subject: National Research Council Message-ID: <199409262322.AA08337@access3.digex.net> >You shouldn't immediately dismiss the establishment as being unsympathetic; >many of us are working toward common goals, but in different ways. In my >case, since '84, through mass commercial distribution of strong crypto. > >While you can obviously trust no one to represent your interests with 100% >accuracy, I've been here for a while and will most definitely be trying to >represent CP viewpoints through my perception of those expressed in this >forum. > >Ray This is certainly true. For instance, I've spoken with one ex-Air Force Intelligence Officer who feels that Clipper is a bad idea because it gives the enemy a single target to attack. Grab clipper and you've got the key to everything. He may care about "rights" but he talks about security. From pcw at access.digex.net Mon Sep 26 16:32:05 1994 From: pcw at access.digex.net (Peter Wayner) Date: Mon, 26 Sep 94 16:32:05 PDT Subject: Kennedy in Florida? Blacknet reprise? Message-ID: <199409262329.AA08500@access3.digex.net> >Does anybody know if this ``BlackNet'' thingie is for real? >I found this offered for sale someplace on the Net. > > >BLACKNET INTELLIGENCE WEEKLY, 19 SEP 94 > >***RECENT SATELLITE DEPLOYMENTS*** > >18. MENTOR/JEROBOAM SIGINT launched 27 AUG 94, 04:58 EDT, Canaveral. >Multi-spectral "K-9" mission, target includes cellular traffic, U.S. >Northeast. Joint NRO/CIO/FinCEN mission. Achieved orbit, all >systems nominal. > I'm not sure if I could understand why FinCEN would need a satellite, but perhaps I just don't know their whole mission. Especially since everyone is going to be reporting every little favor exchanged soon. Plus, can you use a satellite to grab cellular phone traffic? Isn't the point of cellular to make the transmitters broadcast at a low enough power so you can put another transmitter reasonably closeby broadcasting at the same frequency. If the satellite could disambiguate the traffic from two different cells at the same frequency, couldn't a cellular phone substation? But I really don't know anything about this. I'm just being skeptical. Besides, do they still use the name Canaveral? I thought everything was named after Ted Kennedy now. :-) (Generation X humor.) -Peter From klbarrus at owlnet.rice.edu Mon Sep 26 16:48:55 1994 From: klbarrus at owlnet.rice.edu (Karl Lui Barrus) Date: Mon, 26 Sep 94 16:48:55 PDT Subject: CASH: Lone Star Cards Message-ID: <9409262348.AA14491@snowy.owlnet.rice.edu> The State of Texas rolled out a new cash card today (at a demo, the real rollout is Oct. 1), intended to replace food stamps over within two years. This card is to be used like bank ATM card, so none of the parties are private, and thus this isn't digital cash in the strong crypto/cypherpunks sense. A user swipes the card at a grocery store and then enters a PIN, which causes a transfer of funds from the Department of Human Services (or something like that) to the store. The Comptroller states that this system will lower costs through reduced paperwork and reduced fraud. Who knows, perhaps the checkout scanner logs can be sold for a profit to various companies too! ;) Anyway, just thought I'd mention it - this fits in with various predictions by Tim that an outright ban on cash will begin with steps like this. -- Karl L. Barrus: klbarrus at owlnet.rice.edu 2.3: 5AD633; D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 2.6: 088C8F21; 97 73 9E 8B 98 3E DD B5 E8 97 64 7E 20 95 60 D9 "One man's mnemonic is another man's cryptography" - K. Cooper From TOMJEFFERSON at delphi.com Mon Sep 26 18:01:55 1994 From: TOMJEFFERSON at delphi.com (TOMJEFFERSON at delphi.com) Date: Mon, 26 Sep 94 18:01:55 PDT Subject: _Do_ read a little Chomsky! Message-ID: <01HHKXQ92OZA9C9ESC@delphi.com> You don't have to agree with where he wants to go to enjoy his analyses of where we are and where we are going. He can be devastating. The cheap way to sample Chomsky is to monitor misc.activism.progressive (or is it alt.-.-?) { From jgostin at eternal.pha.pa.us Mon Sep 26 18:21:11 1994 From: jgostin at eternal.pha.pa.us (Jeff Gostin) Date: Mon, 26 Sep 94 18:21:11 PDT Subject: Forwarded: tagging info Message-ID: <940926190955Z4Jjgostin@eternal.pha.pa.us> Brian D Williams writes: > of intellectual property law. They're unhip and anti-extropian. > I realize that a majority of Extropians will come out in favor of Is there an Extropians FAQ, or someone who'd care to give me an explanation of what the Extropians are all about? I've heard about "you" for too long now, and don't know who "you" are. TIA! --Jeff -- ====== ====== +----------------jgostin at eternal.pha.pa.us----------------+ == == | BOYCOTT SEA QUEST DSV... ask me why. | == == -= | PGP 2.[3a|6] Key Available | ==== ====== +---------------------------------------------------------+ From random at anywhere.us Mon Sep 26 18:38:28 1994 From: random at anywhere.us (Just some guy) Date: Mon, 26 Sep 94 18:38:28 PDT Subject: Ping Message-ID: <9409270137.AA04368@toad.com> Pinging Cypherpunks From j.hastings6 at genie.geis.com Mon Sep 26 18:41:16 1994 From: j.hastings6 at genie.geis.com (j.hastings6 at genie.geis.com) Date: Mon, 26 Sep 94 18:41:16 PDT Subject: Gen (x-1) Message-ID: <199409270140.AA197940046@relay2.geis.com> CNN and others reported that 46% of Generation Xers believe in UFOs, but only 9% believe Social Security will be around when they're old. Har! Kent - j.hastings6 at genie.geis.com From nobody at shell.portal.com Mon Sep 26 20:33:42 1994 From: nobody at shell.portal.com (nobody at shell.portal.com) Date: Mon, 26 Sep 94 20:33:42 PDT Subject: Spurious Emissions Message-ID: <199409270333.UAA12451@jobe.shell.portal.com> Spurious Emissions Problem: Get yourself a sheet of log/lin graph paper. Orient the paper so that the log axis is horizontal, and the linear is vertical. On the very bottom major axis of the lin, mark it as -157. The next major axis up would be -147. Next up from that is -137, and so on, to -117. Label this axis as dbmV/m RMS. On the very left of the log axis, mark it as 100. Next major log line is 1K. Next one is 10K, then 100K, 1M, 10M, 100M, 1G, 10G. Label this as Hz. Starting at the junction of 100/-148, draw a nice, straight line to 2K/-148. Continue the line to 10K/-152, then 100M/-124, then 1G/-120, then to 10G/-120. If a body was to test for emissions at a distance of 1 meter, and kept their emission levels below that line, they might consider themselves Real Resistant. Discussions with a Person Who Knows (but wishes to remain anonymous, curiously) have indicated that a body might like to have a room like this: steel outsides (like, say, one of those steel pre-fab sheds), and make sure that steel was grounded *real good* (like at each vertical support, and for each wall's outside material). To make sure there weren't any gaps, a person might want to use fastening screws every 2 or 3 inches, or better still, weld all the junctions. Then they could put insulation (regular thermal type) inside, and hold it in place with steel (or better still, aluminum, since it literally blocks magnetic fields as opposed to absorbing them like steel does) flyscreen, making sure to overlap the screen a good 6 inches at the junctions, covering all inside surfaces (including any windows), and "sewing" the overlapped screen bits with metal wire (preferably the same metal as the screen). Getting in and out screws up any Effects and Properties, but those can be dealt with by having a good 6 inch solid metal overlap on the door, so that it made good mechanical and electrical contact with the wall when the door was closed - there are companies that are more than happy to sell those little metal fingers that you see on RF gear to help with this. Power should be run through standard solid metal conduit, underground, from the power source (electrically isolated, like a transformer) and only appear aboveground inside the room. It should also be *heavily* filtered. A room like this wouldn't be formally certifiable in any official capacity, but would sure screw up anyone trying to monitor emissions, forcing them to either get in real close (and risk discovery), or give up as being too much trouble. But of course, all this is Pure Supposition and Theory. - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From karn at qualcomm.com Mon Sep 26 21:10:02 1994 From: karn at qualcomm.com (Phil Karn) Date: Mon, 26 Sep 94 21:10:02 PDT Subject: Letter from State Dept Message-ID: <199409270410.VAA08658@servo.qualcomm.com> I received the following letter today from the State Dept. I filed my appeal on June 7, 1994, and according to their own rules they're supposed to respond in 30 days. For background, see http://www.cygnus.com/~gnu/export.html. --Phil United States Department of State Washington, DC 20520 September 20, 1994 Philip R. Karn, Jr. 7431 Teasdale Avenue San Diego, CA 92122 Dear Mr. Karn: I am writing with regard to your appeal of CJ Case 081-94, concerning your "applied cryptography source code disk." As you undoubtedly realize, your appeal raises particularly important and difficult issues. We have met with your attorney, Mr. Thomas J. Cooper, about the appeal, and have consulted with him several times by telephone. I wanted to convey to you personally, as we have conveyed to him, the care with which we are reviewing your appeal. The review has entailed widespread State Department and inter-agency consultation. To ensure that the various legal and policy issues raised by your appeal are satisfactorily addressed, I have found it necessary to extend the normal period for consideration of such an appeal. The consideration of your appeal is now in its final stages. I appreciate the patience with this process that you and your attorney have shown, and look forward to shortly providing you with a response. Sincerely, [signature] Martha C. Harris Deputy Assistant Secretary for Export Controls From prz at acm.org Tue Sep 27 00:42:03 1994 From: prz at acm.org (Philip Zimmermann) Date: Tue, 27 Sep 94 00:42:03 PDT Subject: PRZ on 2048-bit keys, etc. Message-ID: Folks, a lot of people seem to be eager to generate 2048-bit keys with various not-from-me versions of PGP that have been hotwired to allow 2048-bit keys to be generated. MIT PGP 2.6.1 was supposed to allow 2048-bit keys, but not generate them. Because of yet another bug, the new intended feature of accepting 2048-bit keys does not really work for 2.6.1. That particular feature was added late, and not really tested before the release. We are preparing a 2.6.2 release this week to fix this problem, and maybe a few others. PGP 2.6.2 will accept, but not generate, bigger keys. Why, you may ask, did I go through the trouble of making (well, OK, trying to make) 2.6.1 accept bigger keys, but not actually generate them? I'm glad you asked. Because this is part of a carefully phased keysize upgrade path. You see, from PGP 2.0 on up, each version of PGP that had to introduce a new data format to support a new feature was done in this same manner. A new format is first read by the new release, but not generated. Then, in the next release after that, the new format is generated. This allows time for the new software (that accepts the new format) to be thoroughly propagated through the user community before the new format is actually generated by the even newer software released later. This makes life easier for all PGP users, by preserving interoperability as much as possible. This means that any two consecutive releases of PGP are bidirectionally compatible. My intent was to get a thorough deployment of PGP software that could accept bigger keys before anyone was actually generating any bigger keys. I do it this way to serve the interests of the PGP user community. PGP development has always worked this way, and no one complained before. Now it seems that people everywhere are all too eager to release their very own hacked version that screws up my efforts to preserve interoperability. They make all kinds of changes without talking to me first, to find out why I do things this way, before dashing ahead with what they think the rest of the PGP users need. My phone number is in the PGP documentation. It would be so easy for code developers to simply pick up the phone and call me, and maybe find out why a particular PGP feature (or bug) is in there, when I intend to fix it, or if indeed it should be fixed at all. I would prefer that people call me before they create and release mutant strains of PGP. A little direct human contact by phone goes a long way in defusing misunderstandings about PGP. I would urge that people not generate 2048-bit keys until 2.6.2 has been in circulation for at least a couple of months, to give it time to spread through the user community. I will release a new version later that actually generates 2048-bit keys, for the diehards that want them, and the new software will offer many other improvements as well. I urge that people use the releases of PGP that I make and publish through MIT. The development process includes participation of the user community, and I take seriously everyone's suggestions for what should be included in PGP. I do not work in a vaccuum here in Boulder. I do not make many public statements about PGP export issues, because my lawyers won't let me, but that should not be interpreted as insensitivity to the needs of the PGP user community. There is still an ongoing criminal investigation concerning export of PGP, and I am still the target. Some militant Europeans may think I don't care about PGP usage outside the USA. At least one guy in Europe has demanded that I make statements about and get involved in export-related issues of PGP, and says I've "sold out" (Really? Sold out to whom? And for how much?). I haven't sold out. But I also don't enjoy the freedom of speech that other Americans enjoy. Of course, none of these remarks I'm making here should be interpreted to mean that I approve of anyone violating US export law. And, BTW-- for those of you who get all paranoid whenever I post something on the newsgroups that is not digitally signed with PGP -- Look, sometimes I just don't feel like signing everything I say. There is another email encryption protocol, PEM, which makes you sign every message, because PEM is designed for accountability for every remark you make, and assigning blame. PGP doesn't require you to sign every encrypted message, because PGP doesn't try to put you under oath every time you open your mouth. In my circumstances, maybe I just don't feel like making every little note I write be a signed affidavit. -Philip Zimmermann prz at acm.org From scmayo at rschp2.anu.edu.au Tue Sep 27 04:32:55 1994 From: scmayo at rschp2.anu.edu.au (Sherry Mayo) Date: Tue, 27 Sep 94 04:32:55 PDT Subject: Quantum cryptanalysis thread on sci.crypt Message-ID: <9409271132.AA11917@toad.com> Constraints of time mean I've been skimming thru' c'punx a bit lately, but I was wondering if anyone here has any views on the quantum crytanalysis thread that has been gracing sci.crypt of late. I haven't noticed it here but maybe I missed it (in which case - sorry guys). I first read about it in New Scientist (24 Sept 94) No 1944, p 21. the upshot being that if there is any mileage in the quantum computing idea, then it may lead to computers that can rapidly factorise primes (not good news for RSA). The main objections of skeptics are that noise/defects of manufacture make such quantum computers unfeasible. On the other hand, the New Scientist Article suggests that the technology for making a quantum computer may not be that far away. This may be just sensationalism, but even if its only a dim possibility in 25 years time its got to be worth a mention. Given the recent developments in materials science I don't think the possibility of manufacturing such things can be ruled out as some suggested on sci.crypt. The matter of being swamped by noise may be an insurmountable problem, and anyway is not something I am qualified to comment on. Any well informed people out there with any comments? Sherry From pstemari at bismark.cbis.com Tue Sep 27 08:57:34 1994 From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) Date: Tue, 27 Sep 94 08:57:34 PDT Subject: Majordomo sigh Message-ID: <9409271557.AA09181@focis.sda.cbis.COM> Gee, it was awfully quiet this AM.... Return-Path: Date: Tue, 27 Sep 94 08:51:03 PDT To: psmarie at cbis.com From: Majordomo at toad.com Subject: Majordomo results: ping Reply-To: Majordomo at toad.com -- >>>> who cypherpunks Members of list 'cypherpunks': glowell at thorn.wpd.sgi.com cypherpunks-local at bb.com sebaygo at sibylline.com michael.shiplett at umich.edu cypherpunks at umich.edu Rolf.Michelsen at delab.sintef.no adwestro at ouray.Denver.Colorado.EDU Andreas.Elbert at gmd.de doug at OpenMind.com jeffb at sware.com ksackett at cs.uah.edu collsc at snowbird.aud.alcatel.com koontzd at lrcs.loral.com trollins at debbie.telos.com matthewn at uiuc.edu From GRABOW_GEOFFREY at tandem.com Tue Sep 27 10:03:05 1994 From: GRABOW_GEOFFREY at tandem.com (GRABOW_GEOFFREY at tandem.com) Date: Tue, 27 Sep 94 10:03:05 PDT Subject: Anonymous Long Distance Phone Calling Message-ID: <199409271002.AA28985@comm.Tandem.COM> >You send a $50 or $100 blank Cashier's check, or cash, to the address >stated below. I have purchased a pile of PIN cards and I randomly selec >and send it to you. The company I buy these cards from, keeps no record The aforementioned method provides only hides who paid for the call. Couldn't you do the same with a pocket full of coins? True anonymous phone calls would have to be routed through several long distance companies. Since MCI, Sprint & AT&T don't talk to each other, that ought to be the best way to hide the caller and callie. BTW, does anybody have the access phone numbers for any other long distance companies? G.C.G. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Geoffrey C. Grabow | "What we demand are rigidly defined | | Oyster Bay, New York | areas of doubt and uncertainty!" | | | -------------------- | | grabow_geoffrey at tandem.com | Clipper, SkipJack & Digital Telephony | | | JUST SAY NO!!! | |----------------------------------------------------------------------| |PGP 2.6 fingerprint = AA 9E 35 12 F8 93 72 8D 1C E5 D5 BC 74 BE 49 D3| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From RGRIFFITH at sfasu.edu Tue Sep 27 11:16:32 1994 From: RGRIFFITH at sfasu.edu (RGRIFFITH at sfasu.edu) Date: Tue, 27 Sep 94 11:16:32 PDT Subject: test/ignore Message-ID: <01HHLWF3F1520039FA@TITAN.SFASU.EDU> This is a test to see if the new addressing scheme at my site has messed up my ability to post to this list as it has some. From cactus at bb.com Tue Sep 27 12:07:31 1994 From: cactus at bb.com (L. Todd Masco) Date: Tue, 27 Sep 94 12:07:31 PDT Subject: No Subject Message-ID: <199409271912.PAA20599@bb.com> who cypherpunks From pstemari at bismark.cbis.com Tue Sep 27 12:28:31 1994 From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) Date: Tue, 27 Sep 94 12:28:31 PDT Subject: test Message-ID: <9409271928.AA10595@focis.sda.cbis.COM> just a test From pstemari at bismark.cbis.com Tue Sep 27 12:31:04 1994 From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) Date: Tue, 27 Sep 94 12:31:04 PDT Subject: test Message-ID: <9409271930.AA10643@focis.sda.cbis.COM> just a test From chen at intuit.com Tue Sep 27 13:57:13 1994 From: chen at intuit.com (Mark Chen) Date: Tue, 27 Sep 94 13:57:13 PDT Subject: test Message-ID: <9409272056.AA00210@doom.intuit.com> Another test. My mail server went down and I just wanted to make sure that everything was kosher again. -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From dcwill at ee.unr.edu Tue Sep 27 14:25:48 1994 From: dcwill at ee.unr.edu (Dr. D.C. Williams) Date: Tue, 27 Sep 94 14:25:48 PDT Subject: Mandatory email verification Message-ID: <199409272123.OAA09324@python> Greetings: Is anyone aware of a way to modify sendmail to require a verified digital signature for all mail sent? This subject came up after a discussion of the possible repercussions of forged email through port 25. Even a good PGP user can't use manual encryption on a message-by- message basis as a defense for false mail attribution. For example, someone forges a defamatory message and signs your name to it. The recipient brings it to public attention and you try to claim "it doesn't have my PGP sig, therefore I didn't send it". The obvious counter is that you purposely failed to sign it to preserve your plausible deniability. The only way this would work is if the system you're on won't accept mail unless accompanied by a digital signature, which would allow the user to claim innocence if it wasn't his sig. The mailer would also have to check the sig to ensure that it belongs to an authorized user on the system to prevent people from creating one-time keys just to appease the mailer and prevent their real sig from being used. Running this version of "SIGmail" (<-- note flashy new marketing name) on your system would seem to be a reasonable defense against claims of false attribution. Has anyone done any work along these lines? Is there an obvious fault with a system which would operate in this manner? Please don't misconstrue this as an attack on anon mail, which obviously needs to be preserved. What I'm interested in avoiding is mail forged with another user's name. All that's required to do a convincing job now is an account on the user's home system and some knowledge of ESMTP. Seems to me like this is a potential disaster waiting to happen. Maybe the H.E.A.T. crew can solve this one . . . Fabio, we need you! =D.C. Williams From jamiel at sybase.com Tue Sep 27 14:47:40 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Tue, 27 Sep 94 14:47:40 PDT Subject: Why did the cypherpunk cross the road? Message-ID: I dunno, but I do know the list seems dead again... -j -- "It's a question of semantics, and I've always been rather anti- semantic." -Gene Simmons ___________________________________________________________________ Jamie Lawrence From m5 at vail.tivoli.com Tue Sep 27 14:51:54 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Tue, 27 Sep 94 14:51:54 PDT Subject: Mandatory email verification In-Reply-To: <199409272123.OAA09324@python> Message-ID: <9409272151.AA02026@vail.tivoli.com> D. C. Williams writes: > Is anyone aware of a way to modify sendmail to require a verified > digital signature for all mail sent?... > Has anyone done any work along these lines? Is there an obvious > fault with a system which would operate in this manner? I think that changing "sendmail" to do this would have lots of repercussions. Many services send mail automatically, and most of them aren't equipped to do digital signatures. | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From adam at bwh.harvard.edu Tue Sep 27 15:02:23 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Tue, 27 Sep 94 15:02:23 PDT Subject: Mandatory email verification In-Reply-To: <199409272123.OAA09324@python> Message-ID: <199409272201.SAA12209@spl.bwh.harvard.edu> DC Williams writes: | Is anyone aware of a way to modify sendmail to require a verified digital | signature for all mail sent? This subject came up after a discussion | of the possible repercussions of forged email through port 25. | Even a good PGP user can't use manual encryption on a message-by- | message basis as a defense for false mail attribution. For example, | someone forges a defamatory message and signs your name to it. The | recipient brings it to public attention and you try to claim "it doesn't | have my PGP sig, therefore I didn't send it". The obvious counter is that | you purposely failed to sign it to preserve your plausible deniability. | The only way this would work is if the system you're on won't accept | mail unless accompanied by a digital signature, which would allow the | user to claim innocence if it wasn't his sig. The mailer would also have | to check the sig to ensure that it belongs to an authorized user on the | system to prevent people from creating one-time keys just to appease the | mailer and prevent their real sig from being used. Running this version | of "SIGmail" (<-- note flashy new marketing name) on your system would | seem to be a reasonable defense against claims of false attribution. | | Has anyone done any work along these lines? Is there an obvious fault | with a system which would operate in this manner? Design areas to be worked out: Will the system drop such mail silently, or return it to the sender? Will the messages returned to sender be signed by the mail system? If so, will they contain any reference to the message sent? How will you protect the keys used for signing? If the 'bounce' messages aren't signed, a great way to generate flamage would be to send messages to the user claiming that his recent mail was not properly signed, causing him to send another copy, annoying the hell out of all the recipeints. I'd like to close this message by saying that mandatory signing is not a good idea. People will generate a low security key, and leave it totally unsecured. The way most folks with a clue deal with forged mail is they see the writing style is different, the person is advocating a new & different position, or the mail is just random flammage. Most folks regularly disregard this sort of thing as children playing with a new toy. Requiring the use of signatures for all mail is silly. Adam From mccoy at io.com Tue Sep 27 15:48:37 1994 From: mccoy at io.com (Jim McCoy) Date: Tue, 27 Sep 94 15:48:37 PDT Subject: Mandatory email verification In-Reply-To: <199409272123.OAA09324@python> Message-ID: <199409272247.RAA18617@pentagon.io.com> > From: "Dr. D.C. Williams" > > Is anyone aware of a way to modify sendmail to require a verified digital > signature for all mail sent? This would be very difficult to do in the short-term because of the current problems of few PKCAs and the relatively poor intergration of signatures into current mail user agents. But, rather than providing user-keyed authentication, it should be possible for you to set up your sendmail so that you could prove that an _outgoing_ message did or did not originate at your site (e.g. rather than verify userx sent it you can say with reasonable certainty that userx at my.domain sent that message.) Create a public key pair for the mail system. Messages being sent out are given a signature based upon the user who sent the message (the person who invoked sendmail...), so if someone tried to forge mail that had the appearance of coming from your site you would be able to at least show that it was not actually sent from the @foo.bar mail system. It is not too difficult to push the system a little further and be able to show that if the message does have such a signature then either the user did send the message or the originating system was hacked. A few more quick hacks would let someone send a mail message to the site given on the From line and have it check the signature and report back on whether or not the message was obviously forged or if it has the right sending signatures. Such a system would only take a few hours of hacking to get operational, and users would not be significantly inconvenienced by it's operation and would only need to query it if they wanted to check the validity of a message... jim From wfgodot at iquest.com Tue Sep 27 17:33:52 1994 From: wfgodot at iquest.com (Michael Pierson) Date: Tue, 27 Sep 94 17:33:52 PDT Subject: TIS, SKE, & CyberCash Inc. In-Reply-To: <199409251855.LAA21791@netcom16.netcom.com> Message-ID: Timothy C. May wrote: > A "voluntary" software key escrow system is of course OK (useful for > people afraid of forgetting their keys, for companies that don't want > the death of employees to cut them off from corporate secrets, etc.). > But any system in which the escrow key holders are *not* freely > selectable from a list one generates one's self (where the agents may > be the company lawyer, one's mother, one's priest, the bit bucket, the > machine down the hall, or nothing at all, etc.) is *not voluntary*. Of course the State's current interest has little to do with these legitimate issues. All the government rhetoric about "voluntary" encryption standards is a smokescreen. I believe those who don't want to eventually see government *dictated* key escrow, and the outlawing of alternatives should not let themselves be lulled by it. A case in point is Tony Clark's draft legislation proposal for the "Encryption Standards and Procedures Act" from the House Committee on Science, Space, and Technology. In the preamble we have the sole reassuring mention of "voluntary": "To amend the National Institute of Standards and Technology Act to provide for the establishment and management of voluntary encryption standards to protect the privacy and security of electronic information, and for other purposes." Then in the Findings and Purposes section it starts to get at the crux of the real agenda: "(2) The proliferation of communications and information technology has made it increasingly difficult for the government to obtain and interpret, in a timely manner, electronic information that is necessary to provide for public safety and national security." This primary agenda is restated in the Requirements subsection under Federal Encryption Standards: "(C) shall contribute to public safety and national security; (E) shall preserve the functional ability of the government to interpret, in a timely manner, electronic information that has been obtained pursuant to an electronic surveillance permitted by law; (F) may be implemented in software, firmware, hardware, or any combination thereof; and (G) shall include a validation program to determine the extent to which such standards have been implemented in conformance with the requirements set forth in this paragraph." Later on, in the Definitions section, the term "electronic information" for the purposes of the legislation is defined in what I find to be an ominously expansive way: "(8) The term 'electronic information' means the content, source, or destination of any information in any electronic form and in any medium which has not been specifically authorized by a Federal statute or an Executive Order to be kept secret in the interest of national defense or foreign policy and which is stored, processed, transmitted or otherwise communicated, domestically or internationally, in an electronic communications system..." What does "voluntary" really mean in the context of the repeatedly stated need to provide for "public safety and national security"? Does it mean that those who are the putative threats to said "public safety and national security" may volunteer to participate?? I can see them lining up right now. But then, I sure as hell don't plan to volunteer either. Uh oh, I guess that makes me suspect. The more I think about it, the more ludicrous and derisible this pretense of "voluntary" becomes. How can someone not _want_ to volunteer to "contribute to public safety and national security?" If you can succeed in imposing this framework on the issue, then dealing with the heretics is so much easier. > I get the feeling that wheels are turning, that deals are being cut. I certainly concur with that feeling. The wheels are definitely turning. They are racing to get the fundamentals in place in advance of social and technical developments that might make their job more difficult in the future. I wouldn't be surprized to see some cyberspatial version of the Reichstag fire come along as a goad to stampede the body politic into rash action on this issue. Perhaps a series of such incidents involving a spectrum of the usual bogeymen in a way so as to push the hot buttons of the widest possible demographic. As time goes by the constituency that could oppose their actions grows. Concurrent developments in software and DSP technology are opening the window of opportunity for affordable consumer products that could provide secure, real-time public-key encryption of voice and data communications. Once people have the knowledge and the tools in their hands, they are much less inclined to accept ignorance as strength. Which is why it is urgent that we do what we can to spread the knowledge and forge the tools while the time is ripe. > Wiretap bills, Software Key Escrow, Government Access to Keys, > information superhighways, Data Cops...it's all getting pretty > worrisome. It sure ain't my idea of the millennium... -Michael From merriman at metronet.com Tue Sep 27 18:19:36 1994 From: merriman at metronet.com (David K. Merriman) Date: Tue, 27 Sep 94 18:19:36 PDT Subject: TIS, SKE, & CyberCash Inc. Message-ID: <199409280118.AA08011@metronet.com> >Timothy C. May wrote: > >> A "voluntary" software key escrow system is of course OK (useful for >> people afraid of forgetting their keys, for companies that don't want >> the death of employees to cut them off from corporate secrets, etc.). >> But any system in which the escrow key holders are *not* freely >> selectable from a list one generates one's self (where the agents may >> be the company lawyer, one's mother, one's priest, the bit bucket, the >> machine down the hall, or nothing at all, etc.) is *not voluntary*. > > > > > "To amend the National Institute of Standards and Technology > Act to provide for the establishment and management of > voluntary encryption standards to protect the privacy and > security of electronic information, and for other purposes." ~~~~~~~~~~~~~~ Government-ese for "here, bend over this barrel". > > >Then in the Findings and Purposes section it starts to get at the >crux of the real agenda: > > > "(2) The proliferation of communications and information > technology has made it increasingly difficult for the > government to obtain and interpret, in a timely manner, > electronic information that is necessary to provide for > public safety and national security." ~~~~~~~~~~~~~~~~~ Grab your vaseline, > > >This primary agenda is restated in the Requirements subsection >under Federal Encryption Standards: > > > "(C) shall contribute to public safety and national security; > big dude named "Bubba" and his frinds are gonna pay you a conjugal visit; > (E) shall preserve the functional ability of the government > to interpret, in a timely manner, electronic information > that has been obtained pursuant to an electronic surveillance > permitted by law; > no condom. > (F) may be implemented in software, firmware, hardware, or > any combination thereof; and > Assume the position, > (G) shall include a validation program to determine the > extent to which such standards have been implemented in > conformance with the requirements set forth in this paragraph." > and *smile*. > >Later on, in the Definitions section, the term "electronic >information" for the purposes of the legislation is defined in what >I find to be an ominously expansive way: > > > "(8) The term 'electronic information' means the content, > source, or destination of any information in any electronic > form and in any medium which has not been specifically > authorized by a Federal statute or an Executive Order to be > kept secret in the interest of national defense or foreign > policy and which is stored, processed, transmitted or > otherwise communicated, domestically or internationally, in > an electronic communications system..." > Oh, yeah - you get charged barrel rent, too. - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From lcottrell at popmail.ucsd.edu Tue Sep 27 20:57:48 1994 From: lcottrell at popmail.ucsd.edu (Lance Cottrell) Date: Tue, 27 Sep 94 20:57:48 PDT Subject: Last few messages never arrived Message-ID: Well, looks like I am part of the growing company of people having trouble mailing to this list. I thought the traffic looked very light lately. -------------------------------------------------- Lance Cottrell who does not speak for CASS/UCSD loki at nately.ucsd.edu PGP 2.6 key available by finger or server. "Love is a snowmobile racing across the tundra. Suddenly it flips over, pinning you underneath. At night the ice weasels come." --Nietzsche From CCGARY at MIZZOU1.missouri.edu Tue Sep 27 21:38:46 1994 From: CCGARY at MIZZOU1.missouri.edu (Gary Jeffers) Date: Tue, 27 Sep 94 21:38:46 PDT Subject: SUFFERANCE remailers Message-ID: <9409280438.AA10300@toad.com> SUFFERANCE REMAILERS Definition of SUFFERANCE REMAILER: A remailer that exists only so long as the U.S. Feds get around to outlawing it.; a sitting duck remailer. ; a remailer whose physical location may easily be found.; a remailer whose operator is vulnerable to the State's gun argument.; currently, the only kind of remailer there is. Definition of FORTRESS REMAILER: A remailer whose physical location cannot be found. ; a remailer that does not require the consent of the State. ; a Freedom remailer. Anybody got any idea at all how to build a Fortress remailer? PUSH EM BACK! PUSH EM BACK! WWWAAAYYY BBBAAACCCKK! BBBBEEEAAATTTT STATE! From genie at gate.net Tue Sep 27 21:52:51 1994 From: genie at gate.net (Breakdown) Date: Tue, 27 Sep 94 21:52:51 PDT Subject: SUFFERANCE remailers In-Reply-To: <9409280438.AA10300@toad.com> Message-ID: On Tue, 27 Sep 1994, Gary Jeffers wrote: > SUFFERANCE REMAILERS [snip] > Definition of FORTRESS REMAILER: A remailer whose physical location > cannot be found. ; a remailer that does not require the consent of > the State. ; a Freedom remailer. > Hm, aren't European remailers something "like" Fortress remailers? The State surely doesn't require consent for anon.penet.fi or such and no one in the US(well I hope no one) knows the physical location of it... And you can post just about anything through that one :).... Genie -- Finger for a PGP key Send PGP preferrably. PEACE - Live it or rest *IN* it... From merriman at metronet.com Tue Sep 27 22:24:13 1994 From: merriman at metronet.com (David K. Merriman) Date: Tue, 27 Sep 94 22:24:13 PDT Subject: SUFFERANCE remailers Message-ID: <199409280523.AA15201@metronet.com> > SUFFERANCE REMAILERS > > Definition of SUFFERANCE REMAILER: A remailer that exists only so >long as the U.S. Feds get around to outlawing it.; a sitting duck >remailer. ; a remailer whose physical location may easily be found.; >a remailer whose operator is vulnerable to the State's gun argument.; >currently, the only kind of remailer there is. > > Definition of FORTRESS REMAILER: A remailer whose physical location >cannot be found. ; a remailer that does not require the consent of >the State. ; a Freedom remailer. > > Anybody got any idea at all how to build a Fortress remailer? > PUSH EM BACK! PUSH EM BACK! > WWWAAAYYY BBBAAACCCKK! > BBBBEEEAAATTTT STATE! > > I see two modes of tracking a remailer: physical or electrical (signal) tracing of it's connection(s). The solutions I can think of, right off the top of my head, are to either make it excessively difficult to find, or excessively difficult to *access*. The first can be dealt with either by using a wireless link of some kind (radio lan, comm laser, etc), or physical confusion of the link (running it into a sealed room with umpteen bajillion other identical links so that it wouldn't be possible to literally trace the cable). Another choice is a touch more difficult, but not insurmountable: repetitive links physically isolated (first option, multiplied), so that any given message packet could be sent across any given non-physical link, and still arrive at the remailer: array of wireless links on different frequencies (frequency-hopping to confuzzle triangulation?), or bank of uncolliminated or diffused (to increase the possible target area, per the first choice) lasers pointed in different directions toward repetitive, dispersed optical links. Variation on the laser option would be to have a single Tx/Rx pair, but bounce the laser beam off the moon (it's been done). The transfer rate would probably eat dirt, but _do-able_. The second is a bit tougher: I can't think of anything that isn't accessible without sufficient motivation (I mean, the CIA built a damn ship for the sole purpose of recovering a sunken USSR sub, f'chrissake). This is further amplified by the fact that it wouldn't be strictly necessary to access the hardware itself to take it off line: cutting power or comm links to it would be just as effective as dismantling it, as would something like detonating an underground nuke a few hundred meters away and just vibrating it to death. If we're not limited by reality, hang it off a small nuke power source, link it to a transoceanic cable, and drop it in the ocean (someplace nice and deep). I'll leave any other options as an exercise for the rest of the list :-) Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From samuel.kaplin at .mn.org Tue Sep 27 23:47:26 1994 From: samuel.kaplin at .mn.org (Samuel Kaplin) Date: Tue, 27 Sep 94 23:47:26 PDT Subject: Mighty quiet lately Message-ID: <940928014320585@.mn.org> -----BEGIN PGP SIGNED MESSAGE----- Today I received four whole messages from the cypherpunks list. Is it my system or are things mighty quiet lately. Maybe the roundup of us chronic dissidents has begun. ----------------------------------------------------------------------------- Fido: Sam Kaplin 1:282/1018 | "...vidi vici veni" - Overheard Compuserve: 75240,131 | outside a Roman brothel. samuel.kaplin at warehouse.mn.org | 75240,131 at compuserve.com | Change is the only constant in the For confidential communications use PGP | Universe..."Four quarters, please." ----------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAgUBLokINwpnimeWAf3FAQELDQP/SMoIlXiVk69ulJlYegYvO4FbLgC5Xiou 2PQuMs7eRgEX0Qko+VBXVQw2zU1Fd+MLGsDCTzLJEyduPQtTSXsBFHjFfIJ7ecsV 55iZ3gi1r+aafO6MhzMQ2UIRUVrOiRrFmAG8hAAxurSuSpFn6YoEB61rvY5YUhdQ RkvFj92lnEU= =2PaT -----END PGP SIGNATURE----- From scmayo at rschp2.anu.edu.au Wed Sep 28 00:34:31 1994 From: scmayo at rschp2.anu.edu.au (Sherry Mayo) Date: Wed, 28 Sep 94 00:34:31 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread on sci.crypt? Message-ID: <9409280734.AA12090@toad.com> -----BEGIN PGP SIGNED MESSAGE----- Hi all, Sorry if this has already been brought up (I've been skimming through c'punx lately and may have missed it) but does anyone have any comment on this thread (see title). I first read about this in New Scientist (Sept 24th, No 1944). To summarize: Shor came up with an algorithm that could use quantum effects to rapidly factorise large primes. To build such a quantum computer requires manufacturing techniques not yet available, although two other researchers (one is called Eckart) streamlined Shor's algorithm and proposed a design for a "factorization engine" using quantum dot technology. You'd need to put a lot more quantum dots on a chip than is currently possible to build such a device, but the suggestion could be possible in a few years time. the article hinted that Hitachi were already hard at work on the problem. Detractors of the proposed technique say problems of noise and sensitivity to mechanical defects are insurmountable and the technique could never work. I was wondering if anyone here has any comment. After reading the New Scientist article I immediately checked it out in sci.crypt and saw a few articles there (but they weren't on the whole any more enlightening that the New Scientist article). I was wondering if anyone here had any views (informed or otherwise :-) I suppose cypherpunks should keep up with the latest developments (or even possibilities), and where there's quantum cryptanalysis presumably there's also quantum cryptography :-) Sherry ps if anyone is interested I'll try and dig out the references. -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLokdq+Fu4n6w1qeBAQEnQgP+Mcu2NV89WuaZ9gJu5tluDzDDj0eZTj41 fWl/Opdw7mY+EqE+RZyWCHKXCx5ibgupZiAoliOfH9VoACd3aoAFJWb+4sMbPwKS ycb6IhKHKhQQA7Q/wnVUGBb4G4B1ozC/2spCmLM83Nv2mcIzXfo5OlPU6ppg4oRU pIfJzpcB7hM= =iG+g -----END PGP SIGNATURE----- From samuel.kaplin at .mn.org Wed Sep 28 03:07:00 1994 From: samuel.kaplin at .mn.org (Samuel Kaplin) Date: Wed, 28 Sep 94 03:07:00 PDT Subject: SUFFERANCE remailers Message-ID: <940928050514627@.mn.org> -----BEGIN PGP SIGNED MESSAGE----- :Definition of SUFFERANCE REMAILER: A remailer that exists only so :long as the U.S. Feds get around to outlawing it.; a sitting duck :remailer. ; a remailer whose physical location may easily be found.; :a remailer whose operator is vulnerable to the State's gun argument.; :currently, the only kind of remailer there is. : Definition of FORTRESS REMAILER: A remailer whose physical location :cannot be found. ; a remailer that does not require the consent of :the State. ; a Freedom remailer. How about locating it in a recalcitrant country e.g. North Korea, Libya, Iraq, Iran. During the Gulf war scuttlebutt has it that Iraq used encrypted communications on the Internet to keep its C3 functions up. (Command, Control, Communications) If they can't get at the remailer its pretty hard to shut it down. Use satellite communications instead of copper and it would be real hard to shut down. Disclaimer: This post is hypothetical, it has NO basis in reality, O.K. NSA ----------------------------------------------------------------------------- Fido: Sam Kaplin 1:282/1018 | "...vidi vici veni" - Overheard Compuserve: 75240,131 | outside a Roman brothel. samuel.kaplin at warehouse.mn.org | 75240,131 at compuserve.com | Change is the only constant in the For confidential communications use PGP | Universe..."Four quarters, please." ----------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAgUBLokcVQpnimeWAf3FAQETQgQAmPmokZfX3N1boq1V8w3hlQBaBCyUmDtY 6n8yMhbEKJULDxr9eGr1N+kqdGfVG5XksgBsIyvyrAsuLyPHRxkYuBokqMd7g38m pXdN1i63XH/0ZFluDf+QSywgu0hKOuJf1QgvRhMW9IhzalmyvAnWIJfEa/DkvfNY 8U3m5YMsuQQ= =K7xv -----END PGP SIGNATURE----- From dps at kafka.atinc.com Wed Sep 28 05:32:17 1994 From: dps at kafka.atinc.com (Doug Shapter) Date: Wed, 28 Sep 94 05:32:17 PDT Subject: Mandatory email verification In-Reply-To: <199409272247.RAA18617@pentagon.io.com> Message-ID: <9409280832.ZM12030@kafka.atinc.com> Its my understanding that to be truly useful on multi-user systems, digital signatures require some user input (eg, PGP requires entering a pass phrase). Sendmail could be hacked easily enough to append signatures and to even ask the user for the requisite pass phrase-- or sendmail can append the signature automagically, using an environment variable (yuch, just a touch insecure?) or some other method (a root-owned and executed shell script). The first method, having sendmail ask the user for the pass phrase, is most secure, but also the most inconvienent. For instance, at our site, we have several distributed workstations. We send numerous mail messages to each other every day, and signing each one would be a real pain. To prevent this sendmail could be hacked to only require signatures on mail messages addressed outside the domain. This still leaves us back at the original problem-- one of us could flame the boss and then deny the authenticity of the message because it lacked our signature. The automagic method is frightfully insecure. Creating an environment variable transparently requires that the pass phrase be physically located on the system, instead of the user's mind. (I wouldn't want to ask users to slip in their "pass phrase" disk every morning when they log on). There is also a question of trust-- a dishonest sysadm could easily break this method. The dishonest sysadm could also easily break a shell script method, as could anyone who got the root password. Jim McCoy pointed out aptly that the hack could be done quickly, but, laying technical issues aside, do we really want our computers signing our mail for us (what about messages to anonymous remailers-- a digital signature defeats that in short order)? That's the real question. -- Doug Shapter dps at kafka.atinc.com finger dps at kryten.atinc.com for PGP public key From rishab at dxm.ernet.in Wed Sep 28 06:15:22 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Wed, 28 Sep 94 06:15:22 PDT Subject: alt.fan.tv-serial.bikinis Message-ID: merriman at metronet.com (David K. Merriman): Subject: Beach Clash first edition review Sandy's H.E.A.T was hard enough on my poor 'D' key; I hope the Cypherpunks list is not mutating into alt.fan.tv-serial.bikinis... ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From dcwill at ee.unr.edu Wed Sep 28 06:34:03 1994 From: dcwill at ee.unr.edu (Dr. D.C. Williams) Date: Wed, 28 Sep 94 06:34:03 PDT Subject: Mandatory email verification In-Reply-To: <9409280832.ZM12030@kafka.atinc.com> Message-ID: <199409281332.GAA11124@python> > > automagically, using an environment variable (yuch, just a touch > insecure?) or some other method (a root-owned and executed shell > script). I'm now working on a system (internal to each machine) which checks any mail to be sent for a signature (affixed by a mail front-end or by the user if he prefers to use the raw mail interface). This sig is produced by a key created my the system administrator solely for the purpose of verifying mail authenticity - any user who wants more security is still free to generate a separate key pair for encryption purposes. All that would be required is to sign the cyphertext with the "mail key" after encryption with whatever other key(s) the user wished to use. The mail sig has to be the last signature affixed to the message if it's to be stripped before sending (see below). The problem of key pass phrases is one I hadn't thought of yet. Remember that the "mail key" pair is not intended for any purpose beyond mail authentication. What if the private keys are stored in separate directories with rwx permissions for the individual user only? The keyring could be accessed by a mail program run by that user but not by anyone else (except uid 0), which is as secure as any UNIX system can hope for. Remember that uid 0 made the keys in the first place! The script which adds the sig wouldn't need a unique passphrase to sign with the "mail key". Of course, users' own private keys used for encryption would be protected in whatever manner they see fit, although (as beaten to death in another thread) keeping private keys on public machines is often a risky proposition. Once the system has verified that the mail submitted for transmittal does indeed have a valid sig, the sig could be stripped before sending. This would have absolutely no impact on other systems' mail, because all of the "sig, verify, strip" processes are confined to the user's machine. In fact, the mail recipient wouldn't even know this had occurred, ensuring proper use with remailers. All this system does is provide some reasonable protection for users against mail forgery originating from their own machine. My experiments with port 25 show that a telnet connection from a remote machine to port 25 causes the remote machine's address to appear in the ESMTP headers. However, mail sent from a local connection to port 25 can't be readily distinguished from mail sent via "normal" mail programs (mail, elm, pine, etc.). On the systems I've examined, I can enter a user's login through port 25 and sendmail will affix his real identity from /etc/passwd just as though that user had sent the mail. For instance, a user can forge mail from root on their own machine. I don't know about you, but that's something that concerns me. It's entirely possible that someone impersonating root could send email to a user to change his password as a "system test", giving the bad guy access to someone else's account. Admittedly, this is a pretty benign example, but the potential for real damage is there. It might well be that I'm overly concerned with something that really isn't a problem. However, the more I think about possible acts of "e-terrorism" which can be caused by convincingly forged email, the more concerned I become. If everybody knew how insecure mail really is and afforded it the proper amount of suspicion and distrust, this wouldn't be much of a problem (I don't know anybody who believes that "for a good time, call 555-XXXX" messages written in bathroom stalls were put there by the person who belongs to that phone number). However, I sense that many well meaning but largely uninformed people seem to think that email is secure, private, and inviolable. Given that level of trust, the possible consequences which might flow from convincingly forged email are significant. It's probably easier to fix the mail than attempt to educate the public, although I might well be wrong in that assessment. =D.C. Williams From nobody at shell.portal.com Wed Sep 28 07:03:47 1994 From: nobody at shell.portal.com (nobody at shell.portal.com) Date: Wed, 28 Sep 94 07:03:47 PDT Subject: MAIL: sufference remailers Message-ID: <199409281403.HAA00906@jobe.shell.portal.com> -----BEGIN PGP SIGNED MESSAGE----- Gary Jeffers makes a post about "sufference" and "fortress" remailers. > SUFFERENCE REMAILER: > a remailer whose operator is vulnerable to the State's gun argument.; > FORTRESS REMAILER: A remailer whose physical location cannot be > found. ; a remailer that does not require the consent of the State. ; Sure there are fortress remailers, just become a government and run one yourself. Maybe I'm missing the point, but I don't see the use of discussing such far flung unrealistic remailers. In the "sufference" case: there is no such thing as a remailer that isn't vulnerable to the State's gun argument, unless you are a Highlander, or otherwise immortal (don't lose your head ;) And even then, your equipment isn't indestructible. As for not requiring consent, moving to another country is similar to chaining mail: now several governments have to collude to shut you down, and you hope that this offers more protection (much like hoping remailer operators don't get together to trace your steps). Sure, you could place a computer with satellite hookups and a power supply on a raft in the middle of the pacific and run your remailer from there - this kind of stuff may work for internal activities - but remailing implies communicating with the world: somebody has to supply you a feed, and they can be pressured if it is inconvenient to pressure you. I can however see (in the future) people running remailers on their personal net-connected machines, requiring digital postage. Hopefully the net good usage will outweigh the net bad, and thus remailers will be grudgingly tolerated. But this isn't any "fortress" remailing system. Thoth -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLol3avFYvlqvuKtBAQFnowQAwbfOP45kwvo1qrri5IbraJ5P4JUmGJdr zMvbmMup8rjLxuZKGoGYmAWQQfXK03j/UdmHr7RV6hvQ5Z7Jpd5Zf88CFrMcl/HP UWUjXys6ZXqs0Q9FQAsITeCHJFDAIpk5UTRdrxu0BmQqfRSrX2+7Kim02D7Iatm7 E3krhjzupaQ= =vHXe -----END PGP SIGNATURE----- From dwomack at runner.utsa.edu Wed Sep 28 07:13:12 1994 From: dwomack at runner.utsa.edu (Dave) Date: Wed, 28 Sep 94 07:13:12 PDT Subject: Sufferance remailers Message-ID: <9409281415.AA22580@runner.utsa.edu> Great idea, but IMHO going offshore is a bit difficult... it might be easier to arrange with a `useful idiot` to get an extra phone installed in their closet, which would then call forward to a local (and changeable) phone number, where the computer would be physically located. The computer itself would be transportable, and ideally everything would be enclosed in a self-contained unit with just two outlets...one for electricity, and one for the telephone connection. A further security step would be to trap the box such that if it were opened improperly, the disk drive would be physically destroyed. The local phone calls don't create toll records, nor will a tap or pin register, since the forwarding occurs in the phone co. central office. An important element would be to move the machine around, both physically and electronically, so that there was a moving target...and, if you were willing to accept the phone costs, you could set up offshore. Comments? Any flaws in this? Regards, Dave From nobody at c2.org Wed Sep 28 08:00:30 1994 From: nobody at c2.org (Anonymous User) Date: Wed, 28 Sep 94 08:00:30 PDT Subject: No Subject Message-ID: <199409281458.HAA04516@zero.c2.org> Hopefully, this will better moderated than the last clipper event at MIT, where a single disruptive audience member wouldn't keep his !@#$ mouth shut, and augered an NSA technical presentation into a forum for him to preach his political gospel. COMMUNICATIONS FORUM GOVERNMENT WIRETAPPING, ENCRYPTION AND THE CLIPPER CHIP DEBATE Thursday, September 29, 1994 4PM MIT MEDIA LAB Bartos Theatre, E15-070, 20 Ames Street, Cambridge, MA 02139 Dorothy Denning, Dept. of Computer Science, Georgetown University Robert Holleyman, Business Software Alliance James Kallstrom, Special Operations Division, FBI Ronald Rivest, Dept. of Electrical Engineering and Computer Science, MIT Moderator: Stephen Kent, Chief Scientist for Security Technology, BBN The federal government says it is necessary to update America's wiretapping capabilities to keep up with technological advances -- and that not doing so could mean losing the battle against organized crime and terrorism. Last year the Clinton Administration proposed the "Clipper Chip," a data encryption plan which would put the "keys" for decoding phone, fax and computer communications in the hands of the government. The much-publicized plan has met with strong opposition from privacy groups, business executives and computer professionals, and has also been challenged on technical grounds. At the center of the debate is the question of how to balance national and personal security concerns, on the one hand, with the right to privacy and the need to maintain the international competitiveness of businesses that use encoded communications, on the other. Recently, government officials have expressed a willingness to compromise on some features of the Clipper Chip, but the debate continues over what kind of encryption system should be implemented and what role industry should play in the development and use of a new system. This forum brings together representatives of the FBI, the computer software industry, and academic computer scientists who will share their views and concerns about the Clipper Chip and alternative systems of data encryption. From perry at imsi.com Wed Sep 28 08:08:06 1994 From: perry at imsi.com (Perry E. Metzger) Date: Wed, 28 Sep 94 08:08:06 PDT Subject: MIT forum on Clipper. In-Reply-To: <199409281458.HAA04516@zero.c2.org> Message-ID: <9409281507.AA25835@snark.imsi.com> Anonymous User says: > Hopefully, this will better moderated than the last clipper event at MIT, > where a single disruptive audience member wouldn't keep his !@#$ mouth > shut, and augered an NSA technical presentation into a forum for him to > preach his political gospel. Steve Kent, the listed moderator, is a powerful personality. I doubt he's going to allow anyone to bully their way into the discussion. Perry > > COMMUNICATIONS FORUM > > GOVERNMENT WIRETAPPING, ENCRYPTION AND THE CLIPPER CHIP DEBATE > > Thursday, September 29, 1994 4PM > MIT MEDIA LAB > Bartos Theatre, E15-070, 20 Ames Street, Cambridge, MA 02139 > > Dorothy Denning, Dept. of Computer Science, Georgetown University > Robert Holleyman, Business Software Alliance > James Kallstrom, Special Operations Division, FBI > Ronald Rivest, Dept. of Electrical Engineering and Computer Science, MIT > Moderator: Stephen Kent, Chief Scientist for Security Technology, BBN > > The federal government says it is necessary to update America's wiretapping > capabilities to keep up with technological advances -- and that not doing > so could mean losing the battle against organized crime and terrorism. > Last year the Clinton Administration proposed the "Clipper Chip," a data > encryption plan which would put the "keys" for decoding phone, fax and > computer communications in the hands of the government. The > much-publicized plan has met with strong opposition from privacy groups, > business executives and computer professionals, and has also been > challenged on technical grounds. At the center of the debate is the > question of how to balance national and personal security concerns, on the > one hand, with the right to privacy and the need to maintain the > international competitiveness of businesses that use encoded > communications, on the other. Recently, government officials have > expressed a willingness to compromise on some features of the Clipper Chip, > but the debate continues over what kind of encryption system should be > implemented and what role industry should play in the development and use > of a new system. This forum brings together representatives of the FBI, > the computer software industry, and academic computer scientists who will > share their views and concerns about the Clipper Chip and alternative > systems of data encryption. From honey at citi.umich.edu Wed Sep 28 08:09:18 1994 From: honey at citi.umich.edu (peter honeyman) Date: Wed, 28 Sep 94 08:09:18 PDT Subject: First Virtual Message-ID: <9409281509.AA23295@toad.com> > Does anybody know anything about a new company named "First Virtual"? I > know they got NSB from BellCore and a couple of other researchers. nsb will be giving an invited talk at the winter '95 usenix conference in new orleans. Speaker: Nathanial Borenstein Affiliation: First Virtual Abstract: Traditional approaches to introducing commerce to the Internet focus on using the Internet to facilitate the sale of goods and services. However, these approaches require either encryption or a closed system in order to safeguard payment. By restricting our focus to information commerce -- transactions not involving physical goods or service -- we can radically simplify the underlying commerce model, with extremely important consequences for the usability and democracy of the Internet's payment infrastructure. http://www.citi.umich.edu/u/honey/usenix.html has general info on the winter '95 usenix conference. peter From nobody at cass156.ucsd.edu Wed Sep 28 08:11:23 1994 From: nobody at cass156.ucsd.edu (Anonymous) Date: Wed, 28 Sep 94 08:11:23 PDT Subject: SUFFERANCE remailers Message-ID: <9409281514.AA19526@nately.UCSD.EDU> Samuel Kaplin writes: >How about locating it in a recalcitrant country e.g. North Korea, Libya, >Iraq, Iran. During the Gulf war scuttlebutt has it that Iraq used encrypted >communications on the Internet to keep its C3 functions up. (Command, >Control, Communications) If they can't get at the remailer its pretty hard >to shut it down. Breakdown writes: >Hm, aren't European remailers something "like" Fortress remailers? The >State surely doesn't require consent for anon.penet.fi or such and no one >in the US(well I hope no one) knows the physical location of it... And >you can post just about anything through that one :).... Hmm. Unfortunately I think we're missing the point here. Perhaps a redefinition of SUFFERANCE REMAILERS... A SUFFERANCE REMAILER is remailer which exists only so long as *any* government, organization, person(s) does not decide (for whatever reasons) to shut it down, outlaw it, etc. Firstly, a remailer which is not directly vunerable to the U.S.'s "gun argument" may still be vunerable to any other country's gun argument; information is power, and no State may be trusted to act in our best interest insofar as information and communication are concerned. Secondly, sing the *placement* of a remailer in a recalcitrant country as the only means of defense against U.S. legislation will pretty much insure that the remailer's general location will, sooner or later, become a military target; whereas the remailer's location makes it *indirectly* vunerable to the U.S.'s "gun argument," the very fact that it is accessible by U.S. citizens makes it *directly* vunerable to the U.S. military machine. (Again, this is using on placement as a means of defense against any U.S. legislation.) And this brings up point C... It would not only be necessary to legislate against remailers, but would be necessary to legislate against *access* to remailers. This is what I imagine would happen. Lastly, Dave Merriman writes: [snip] >into a sealed room with umpteen bajillion other identical links [snip} Umpteen is spelled with an 'h.' ;) >> SUFFERANCE REMAILERS >> >> Definition of SUFFERANCE REMAILER: A remailer that exists only so >>long as the U.S. Feds get around to outlawing it.; a sitting duck >>remailer. ; a remailer whose physical location may easily be found.; >>a remailer whose operator is vulnerable to the State's gun argument.; >>currently, the only kind of remailer there is. >> >> Definition of FORTRESS REMAILER: A remailer whose physical location >>cannot be found. ; a remailer that does not require the consent of >>the State. ; a Freedom remailer. Feeling a little Detweiler today.... _/_/_/ _/_/_/ _/ _/ _/_/_/ _/ _/ I detest what you write, _/ _/ _/ _/ _/ _/ _/_/ _/ but I would give my life _/_/_/ _/ _/ _/ _/ _/_/_/ _/ _/ _/ to make it possible for _/ _/ _/ _/ _/ _/ _/_/_/_/ _/ you to continue to write. _/_/_/ _/_/_/ _/_/_/ _/_/_/ _/ _/ _/_/_/ --Voltaire _/ (in a letter to M. le Riche) From perry at imsi.com Wed Sep 28 08:12:02 1994 From: perry at imsi.com (Perry E. Metzger) Date: Wed, 28 Sep 94 08:12:02 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread on sci.crypt? In-Reply-To: <9409280734.AA12090@toad.com> Message-ID: <9409281511.AA25850@snark.imsi.com> Sherry Mayo says: > Detractors of the proposed technique say problems of noise and sensitivity > to mechanical defects are insurmountable and the technique could never work. I generally speaking am leery of arguments from how well manufacturing can be done -- especially since manufacturing might someday be done perfectly using things like nanotechnology or even primitive percursors like placing your atoms for your quantum dots one by one using atomic force microscope tips (our own Tim May once proposed constructing scanning grids of such tips for such purposes.) On the other hand, I've still yet to hear any good commentary on what Shor's result really is and what sort of techniques it depends on. > ps if anyone is interested I'll try and dig out the references. Please do Perry From pstemari at bismark.cbis.com Wed Sep 28 08:12:10 1994 From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) Date: Wed, 28 Sep 94 08:12:10 PDT Subject: Sufferance remailers In-Reply-To: <9409281415.AA22580@runner.utsa.edu> Message-ID: <9409281511.AA27106@focis.sda.cbis.COM> > The local phone calls don't create toll records, nor will > a tap or pin register, since the forwarding occurs in the > phone co. central office. Actually, the switches *are* recording this information. I've always been on unmeasured service, and Ameritech sent me a rather detailed analysis of my local calling patterns in an attempt to get me to switch to measured service. From meconlen at IntNet.net Wed Sep 28 08:19:42 1994 From: meconlen at IntNet.net (Michael Conlen) Date: Wed, 28 Sep 94 08:19:42 PDT Subject: Sufferance remailers In-Reply-To: <9409281415.AA22580@runner.utsa.edu> Message-ID: On Wed, 28 Sep 1994, Dave wrote: > The local phone calls don't create toll records, nor will > a tap or pin register, since the forwarding occurs in the > phone co. central office. I dont know about you but the local phone service here, GTE, does keep records like that. Anyway you are basicaly talking about something that would be beyond being worth while. > An important element would be to move the machine around, > both physically and electronically, so that there was a > moving target...and, if you were willing to accept the > phone costs, you could set up offshore. Shure... ...only what around $350 US to set up and register... ...that only takes about two weeks to get registerd with teh NIC Groove on dude Michael Conlen From hfinney at shell.portal.com Wed Sep 28 09:00:32 1994 From: hfinney at shell.portal.com (Hal) Date: Wed, 28 Sep 94 09:00:32 PDT Subject: Sufferance remailers In-Reply-To: <9409281415.AA22580@runner.utsa.edu> Message-ID: <199409281600.JAA06989@jobe.shell.portal.com> dwomack at runner.utsa.edu (Dave) writes: >Great idea, but IMHO going offshore is a bit difficult... >it might be easier to arrange with a `useful idiot` to >get an extra phone installed in their closet, which would >then call forward to a local (and changeable) phone >number, where the computer would be physically located. >The computer itself would be transportable, and ideally >everything would be enclosed in a self-contained unit >with just two outlets...one for electricity, and one for >the telephone connection. Can't they shut down the closet just as easily as they would have shut down your computer? This seems to be a problem with all approaches which seek to hide the "real remailer" A behind a "front machine" B. They could just shut down B. So sometimes people propose that they will just switch to a different front machine C, and R is still safe. Then they shut down C. So we switch to D, etc. But really, couldn't B, C, D, ... just have been remailers themselves? What do you really gain by keeping A secret? Perhaps if the front machines are much cheaper than remailer machines it might make sense, but it really doesn't take much horsepower to run a remailer; probably the net connection is the expensive part, so B, C, D, etc. are going to be just as expensive as A. Hal From jim at bilbo.suite.com Wed Sep 28 10:00:25 1994 From: jim at bilbo.suite.com (Jim Miller) Date: Wed, 28 Sep 94 10:00:25 PDT Subject: FORTRESS REMAILERS Message-ID: <9409281659.AA02045@bilbo.suite.com> To my mind, remailer vulnerability starts with the Net addresses used to send to them and send from them. It seems to me that a fortress remailer must have solve two problems: 1) Getting a message to the remailer without knowing the remailer's Net address. 2) Sending a message from the remailer without revealing a Net address. Problem 1 can be easily solved by having users send messages to various new groups the remailer scans. The messages would be encrypted with the remailer's public key. The remailer continuously scans for new messages encrypted with its public key. When it finds one, it decrypts it and processes it. Problem 2 it the tricky part. How can the remailer inject a message back into the public Net without revealing its Net-location? If the remailer could sovle this problem, then why couldn't everybody use the same solution, eliminating the need for remailers? The one possibility is that the solusion requires something that most average users can't do or can't acquire economically (i.e. most everybody can grow their own food, but why bother). I haven't come up with any really good ideas here. Here are a couple thoughts: a) Using various hacker tricks to forge "From:" e-mail addresses. b) Use short-lived addresses. Set the remailer up some how so it can frequently acquire new e-mail addresses. Each address would only be used to forward a limited number of messages, and then it would be abandoned. Jim_Miller at suite.com From rishab at dxm.ernet.in Wed Sep 28 10:04:40 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Wed, 28 Sep 94 10:04:40 PDT Subject: Little Brother will watch you! Message-ID: <9409281654.AA03333@doe.ernet.in> Of some interest to the list. Rishab ------------------- Electric Dreams Weekly column for The Asian Age by Rishab Aiyer Ghosh #30, 26/September/1994: Lamplighters in cyberspace After diving into cyberspace for a while, people are often relieved to temporarily return to brickspace - which is what I call the 'real world'. On the other hand, it would be nice if the knowbots and electronic agents that will one day cater to all your information needs could do the same for your lights and thermostat. Maybe they could learn your personal lighting preferences for different hours of the day, and adapt to your activities and moods. Technology is a decorated excuse for laziness. When you have the information superhighway at your doorstep, why not invite it inside? Let software reach beyond the World Wide Web into the World Wide Lamplighter, let programs change more than your accounts or your photographs, and you've opened up a whole new area of information technology - appliance control. Gadgets have been controlled by computers long before the infobahn was even dreamt of. Large, cumbersome gadgets that manufacture jet engines or process iron to steel. But your bedside lamp still waits for you to turn it off. Appliance control devices basically help you turn your bedside lamp off for you - they control the resistance in a light dimmer, or the current to a motor that opens a door, or the thermostat of an air conditioner. Appliance control devices are themselves controlled by software. The software could come from anywhere - even an electronic network. Cyberspace meets refrigerators. Appliance controllers could be attached to everything. One for each lamp, power point, door, window shade and chair leg. All the controllers will be networked, so that they can talk to each other, to the set-top box on an interactive TV or to a notebook computer at the other end of the world. To intelligent agents, the digital butlers trained to learn your preferences as you work in the realm of information, talking to an appliance controller would be as natural as searching for a book in an electronic library. Feedback sensors associated with appliances could inform the agents how you like your pizza, or when to darken the room as you fall asleep, reading. They would also switch things of as you leave the room, saving you the trouble as well as the pangs of guilt. Of course it would be like living not with Big Brother, but dozens of little Lilliputian ones, watching, listening and working for you. To realize this dream, in 1988, Apple Computer co-founder Mike Markkula started Echelon, a company to promote and manufacture networked appliance controllers. Echelon's controller, the Neuron chip, is a little device that talks to the universe through radio. Echelon hopes that its product will become the standard and start appearing just everywhere, but for the moment the major market is industrial. Manufacturers long used to computers controlling devices that build cars and trains are beginning to place appliance controllers within them. A Motorola study suggests that the average home in the year 2000 will have a little under 250 controller chips, but currently homes have only 50 or so, mainly in VCRs, microwave ovens and other hi-tech devices. So until twenty- first century consumers are ready for synchronized lights that turn on as you enter the room, and are willing to trust the complex software that will drive large controller networks, cyberspace pioneers will just have to dream on. Blurring the boundaries between cyberspace and brickspace, between information and reality, appliance control devices and networks can greatly increase the efficiency of living. They can save energy, improve security, and make you feel quite pampered in a comfortable home. Unless, that is, your sulking apartment refuses to let you in. Rishab Aiyer Ghosh is a freelance technology consultant and writer. You can reach him through voice mail (+91 11 3760335) or e-mail (rishab at dxm.ernet.in). --====(C) Copyright 1994 Rishab Aiyer Ghosh. All rights reserved====-- This article may be redistributed in electronic form only, provided that the article and this notice remain intact. This article may not under any circumstances be redistributed in any non-electronic form, or redistributed in any form for compensation of any kind, without prior written permission from Rishab Aiyer Ghosh (rishab at dxm.ernet.in) --==================================================================-- From tcmay at netcom.com Wed Sep 28 10:59:12 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 28 Sep 94 10:59:12 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread on sci.crypt? In-Reply-To: <9409280734.AA12090@toad.com> Message-ID: <199409281757.KAA13989@netcom8.netcom.com> Sherry Mayo wrote: > Sorry if this has already been brought up (I've been skimming through c'punx > lately and may have missed it) but does anyone have any comment on this > thread (see title). > > I first read about this in New Scientist (Sept 24th, No 1944). To summarize: > Shor came up with an algorithm that could use quantum effects to rapidly > factorise large primes. To build such a quantum computer requires manufacturing > techniques not yet available, although two other researchers (one is called > Eckart) streamlined Shor's algorithm and proposed a design for a "factorization > engine" using quantum dot technology. You'd need to put a lot more quantum > dots on a chip than is currently possible to build such a device, but the > suggestion could be possible in a few years time. the article hinted that > Hitachi were already hard at work on the problem. Several companies are pursuing advanced lithography techniques and alternatives to conventional CMOS; the work on "quantum wells" and "quantum dots" is along these lines. I'm not holding my breath. (Rather, I *am* holding my Intel stock, as I see no significant chance that anything will displaced fairly conventional circuitry and lithography anytime soon.) In any case, the Shor work on a quantum factorer is interesting, but is at least several decades away, in my opinion. And even then it is likely to be "workable" out to some number of digits (roughly, number of digits = precision needed), by which time the conventional advances in computer power will mean we're all using 10,000-bit moduli (especially if we have just heard that NSA has just spend $32 billion to build a Shor machine able to factor 3000-bit moduli :-} ). Our own James Donald has written several long essays on Shor's results, taking a more optimistic (or pessimistic, depending on one's goals) view. Also, as Sherry noted, extensive discussion pops up in sci.crypt and the new group, sci.crypt.research. Bennett and Brassard's quantum cryptography, also discussed extensively, is closer to be realized practically. (It uses the Uncertainty Principle for polarized photons in a fiber optic cable to determine if a channle has been tapped.) A plug for the Cyphernomicon FAQ: My FAQ has several entries on quantum methods for crypto. Grep it for quantum, Shor, Brassard, Bennett, etc. > I suppose cypherpunks should keep up with the latest developments (or even > possibilities), and where there's quantum cryptanalysis presumably there's > also quantum cryptography :-) > > Sherry There is indeed interest in this. But bear in mind that even the most optimistic proponents admit this stuff is many years, probably many decades, away. Sort of like where the crypto that now interests us was in 1925. (And I think conventional number-theoretic crypto will stay way ahead of any machines that can ever be built. A gut feel, but based loosely on the exponential increase in complexity vs. the linear growth in technology.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From jamiel at sybase.com Wed Sep 28 11:02:26 1994 From: jamiel at sybase.com (Jamie Lawrence) Date: Wed, 28 Sep 94 11:02:26 PDT Subject: SUFFERANCE remailers Message-ID: At 8:11 PM 9/27/94, Gary Jeffers wrote: > Anybody got any idea at all how to build a Fortress remailer? As I see it, the main things one must defend a single machine acting as a remailer against are physical accesibility, denial of service and violation through monitoring mail flow. The physical accesibility problem is tricky, but obviously has been done for other physical items.. Stick it somewhere secret. Of course you can't know how secret it is until someone tries to find it. Wireless communication, as others pointed out, are pretty nessessary for this. The other two problems are software, and have been discussed quite a bit here. The answers above aren't bery compelling, and I don't see much way around this. Groups with large amounts resources are typically good at finding things when they put thier minds to it. The solution here, and I think this has been talked about here, too, is to create redundant destributed remailers. Issues here are trust, protocol and availability. Trust could be developed through the web of trust method, encouraged by existing remailers using this protocol, but the key issue is being able to trust a message going over potentially insecure remailer nodes can be considered valid if delivered. That way if Julf ends up being a under-deep-cover NSA agent and this hypothetical remailer-web is infested with bad-guys, there is still nothing they can do except render a message undeliverable. I'm trying to come up with something good here, but am still working on it. The vision I have for remailers in a perfect world is that everyone runs one and bounces around message 'packets' (small parts of the message (all signed and encrypted multiple times, of course) according to specific instructions. In a less than perfect world, a smaller network running this method could be created. This takes the form of the originator dumping the message into the stream, and forwards them off to some other sites. The message would be split into small packets which are encrypted multiple times to multiple different sites into the stream. This would probably have to be done by software, as it would be a complex task to manually split, encrypt etc. any but the smallest message. The software would need to be kept up to date about all potential public keys to encrypt to, and need to pick a set at random from this info. It would also insert routing intstructions as needed. The next site checks to see if it can decrypt the packet it recieves. If it can, it does so and sends it forwards it somewhere else, and repeat. If not, it just sends it onward. This continues for n layers of encryption for each packet, with the final message in the form of x packets encrypted only once ending up at the proper destination, which reassembles the message. All remailers reorder packets and insert noise as apporpriate. Obvious problems are bandwidth, time delay and having a site the message was signed to go down. The last issue can be taken care of by having group keys for this purpose, so that a given layer of encryption can be decrypted by any one of n sites with key m. This adds the problem of someone collecting all the keys and being able to crack the whole thing, but I think this is surmoutable. Band width and time delay stem from the same problem, and obviously this system would never work on the internet as it stands. If this web were, say, 300 sites worldwide, then they could work conjunction with the pre- existing remailers now available. Also, if the network grew to the point where it was impracticle to bounce at random, intermediate steps could be added, such as 'send me to austalia' or 'send me to mafiaNet', which would then cut down the number of bounces before a layer of decription was achived. As far as availability, well, it doesn't exist. Comments? Is this dumb? Did I just duplicate someone elses idea? From tcmay at netcom.com Wed Sep 28 11:03:14 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 28 Sep 94 11:03:14 PDT Subject: Iraqi C-Cubed I In-Reply-To: <940928050514627@.mn.org> Message-ID: <199409281802.LAA14477@netcom8.netcom.com> Samuel Kaplin wrote: > How about locating it in a recalcitrant country e.g. North Korea, Libya, > Iraq, Iran. During the Gulf war scuttlebutt has it that Iraq used encrypted > communications on the Internet to keep its C3 functions up. (Command, > Control, Communications) If they can't get at the remailer its pretty hard > to shut it down. Use satellite communications instead of copper and it would > be real hard to shut down. Much more important to the survivability of Iraqi C-Cubed I was their use of Banyan-type networks. Links could be cut by bombs, SEAL sappers, etc., and then the network would reconfigure and "heal." Several U.S. companies supplied the technology, according to reports in EE Times, etc., and export laws may be changed as a result. (No matter, as plenty of other countries supply similar network topology software. The Internet is in many countries....) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From nobody at leri.edu Wed Sep 28 11:05:43 1994 From: nobody at leri.edu (nobody at leri.edu) Date: Wed, 28 Sep 94 11:05:43 PDT Subject: Apple patents OTP reuse! Message-ID: <199409281806.LAA04582@x.pyramid.com> Like a lot of people, I often get angry when I read US patents. At best, I'll get confused or bored. Tonight, probably for the first time ever, I found comic relief in the otherwise sterile pages of a patent. Check out US Patent 5,345,508, "Method and Apparatus for Variable-Overhead Cached Encryption", by Lynn, Zweig and Mincher, assigned to Apple Computer, issued September 6, 1994. These guys have patented the notion of reusing one-time pads. That's right, reusing one-time pads! To "cut the computational overhead", they say, they generate a PN sequence once and then reuse it by XOR with successive packets until a "use limit" is reached. Quoting: "When the maximum count value specifies that the PN sequence is to be used only once, the security afforded by the present invention will be high, but a new PN sequence must be generated for each message sequence transmitted and so the computational overhead will also be high. If the maximum count value specifies a maximum count value [sic] greater than one, the PN sequence stored in the cache will be reused to encrypt the maximum count number of message sequences. The resulting ciphertext messages will be more vulnerable to statistical cryptoanalytic attack as the maximum count value increases..." No shit! Talk about missing out on some absolutely fundamental concepts... There may actually be a silver lining to this utterly silly patent. Although I've only looked it over briefly, it seems to unintentionally cover the TIA's so-called voice "privacy" technique for TDMA digital cellular -- i.e., generating a pseudorandom sequence at the beginning of a call and then reusing it for every frame. Maybe Apple could be persuaded to agressively sue everybody so cellular will switch to *real* encryption... :-) From doug at OpenMind.com Wed Sep 28 11:25:58 1994 From: doug at OpenMind.com (Doug Cutrell) Date: Wed, 28 Sep 94 11:25:58 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread on sci.crypt? Message-ID: Tim May: >In any case, the Shor work on a quantum factorer is interesting, but >is at least several decades away, in my opinion. And even then it is >likely to be "workable" out to some number of digits (roughly, number >of digits = precision needed), by which time the conventional advances >in computer power will mean we're all using 10,000-bit moduli >(especially if we have just heard that NSA has just spend $32 billion to >build a Shor machine able to factor 3000-bit moduli :-} ). I won't argue whether Shor's work will be implemented or not within any given time period, but I thought that one of the most important properties of it is that once (and if) achieved, the resources required to factor increasingly large moduli lengths go up only polynomially, not exponentially. Doug Cutrell From perry at imsi.com Wed Sep 28 11:36:37 1994 From: perry at imsi.com (Perry E. Metzger) Date: Wed, 28 Sep 94 11:36:37 PDT Subject: Iraqi C-Cubed I In-Reply-To: <199409281802.LAA14477@netcom8.netcom.com> Message-ID: <9409281836.AA26086@snark.imsi.com> Timothy C. May says: > Much more important to the survivability of Iraqi C-Cubed I was their > use of Banyan-type networks. Links could be cut by bombs, SEAL > sappers, etc., and then the network would reconfigure and "heal." This was in fact perfectly normal internet technology. I design networks like that all the time. > Several U.S. companies supplied the technology, according to reports > in EE Times, etc., and export laws may be changed as a result. > > (No matter, as plenty of other countries supply similar network > topology software. The Internet is in many countries....) Linux and NetBSD and BSDI and every other version of Unix with networking in it can act as a router -- therefore, one would imagine that all 386 computers should be export controlled. (The notion of trying to control an idea as simple as automatic network routing, full descriptions of which are in dozens of textbooks and full implementations of which are available for free, is a joke.) Perry From rishab at dxm.ernet.in Wed Sep 28 11:44:32 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Wed, 28 Sep 94 11:44:32 PDT Subject: Datacom watchdog set up in INDIA Message-ID: Datacom watchdog set up in India -------------------------------- The Forum for Rights to Electronic Expression (FREE) has been formed in India as a body dedicated to extending fundamental rights to the electronic domain. FREE owes its creation to an attack on Indian datacom by the Indian government, in the form of exorbitant licence fees (a minimum Rs. 1.5 million = US$50,000 each year for a BBS, much higher for e-mail). The Indian government also dug up the 1885 Indian Telegraph Act, a legacy of our British colonial masters, and used it to reserve for itself the right to uplink to a satellite, as well as to require the provider of any telecom value-added service to ensure that no objectionable or obscene messages are carried on the network. Value added services covered under these guidelines include e-mail, voice mail, BBSes, video conferencing, etc. Any specially authorised officer of the government, "if satisfied that it is necessary or expedient to do so" in the interests of security of the State, friendly relations with foreign states, or for preventing incitement to the commission of an offence, may also tap into the system. As yet, FREE does not have any office bearers or staff. All discussions are carried out by the entire membership on the FidoNet echo FREE. Posting to the echo makes you a member of FREE, unless you specifically ask not to be made one. Decisions on what may be published as a FREE document are taken by consensus. The first document that FREE published was a letter to the Indian government making suggestions relating to telecom policy. All published FREE documents and related material are available by Gopher to mahavir.doe.ernet.in and will soon be available at the EFF Gopher/Web/FTP site: gopher://gopher.eff.org/1/Groups/FREE http://www.eff.org/pub/Groups/FREE/ ftp://ftp.eff.org/pub/Groups/FREE/ To get the FREE echo on FidoNet or for any other correspondence with FREE, send mail to free at arbornet.org. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From LAURENN%smtpgate at earth.wri.org Wed Sep 28 11:50:28 1994 From: LAURENN%smtpgate at earth.wri.org (LAURENN%smtpgate at earth.wri.org) Date: Wed, 28 Sep 94 11:50:28 PDT Subject: new rules: filing electronic tax returns Message-ID: <9409281458.aa10019@earth.wri.org> Hi there -- I haven't seen this mentioned, or maybe I missed it, but doesn't the following message scare you? ... no tax-return filing electronically without fingerprints on file? ... how are CPA's and lawyers somehow exempt??? doubleplusungood. -- LaurenN at wri.org ------------------------------------------------- Subject: Edupage 9/22/94 NEW RULES FOR FILING ELECTRONICALLY With the number of fraudulent claims for tax refunds increasing, the IRS is tightening up on who can file returns electronically. New applicants must be 21 years old, must be U.S. citizens or have permanent resident alien status, must authorize a credit check and agree to be fingerprinted. Lawyers, CPAs and enrolled agents need only show proof of their professional status. (Wall Street Journal 9/21/94 A1) From m5 at vail.tivoli.com Wed Sep 28 12:08:54 1994 From: m5 at vail.tivoli.com (Mike McNally) Date: Wed, 28 Sep 94 12:08:54 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread on sci.crypt? In-Reply-To: <9409280734.AA12090@toad.com> Message-ID: <9409281902.AA07664@vail.tivoli.com> Timothy C. May writes: > In any case, the Shor work on a quantum factorer is interesting, but > is at least several decades away, in my opinion. Operating from the assumption that this work by Shor is realistically worthwhile, has there been any research into employing similar techniques for encryption? In other words, in the "world" of quantum algorithmics, are there analogs to the hard problems currently exploited by cryptographic systems in our current Turing machine "world"? | GOOD TIME FOR MOVIE - GOING ||| Mike McNally | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" | From tcmay at netcom.com Wed Sep 28 12:11:46 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 28 Sep 94 12:11:46 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread on sci.crypt? In-Reply-To: Message-ID: <199409281911.MAA23364@netcom8.netcom.com> Doug Cutrell wrote: > I won't argue whether Shor's work will be implemented or not within any > given time period, but I thought that one of the most important properties > of it is that once (and if) achieved, the resources required to factor > increasingly large moduli lengths go up only polynomially, not > exponentially. > I don't know. I skimmed Shor's stuff when it appeared. A lot more analysis will be needed....and we have many decades left to get started! But even if the effort required grows polynomially, think of what that means in real dollars, potentially. For example, just to imagine some engineering numbers: Alice is spending 15 cents worth of 2045 computer power to use a 10,000-bit modulus for her messages. The GSA (Global Security Agency, which replaced the NSA in 2008) has a Shor machine, built with the latest nanotech rod-logic computers. It cost them $32 billion to build, and it can "crack" a 10,000-bit modulus in 10 days, at a cost of $20,000 (in 2045 dollars). Alice switches to 15,000-bit moduli....the how much longer does it take the Shor machine to do its thing? (Even if polynomial, what factor?) I won't speculate further. The numbers are indeterminate, even to Shor, I suspect. In any case, nothing for Cypherpunks to worry about in our lifetimes (certainly not in my lifetime, and probably not in the lifetime of our youngest members). --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From tcmay at netcom.com Wed Sep 28 12:16:43 1994 From: tcmay at netcom.com (Timothy C. May) Date: Wed, 28 Sep 94 12:16:43 PDT Subject: Iraqi C-Cubed I In-Reply-To: <9409281836.AA26086@snark.imsi.com> Message-ID: <199409281916.MAA23866@netcom8.netcom.com> Perry E. Metzger wrote: > Timothy C. May says: > > Much more important to the survivability of Iraqi C-Cubed I was their > > use of Banyan-type networks. Links could be cut by bombs, SEAL > > sappers, etc., and then the network would reconfigure and "heal." > > This was in fact perfectly normal internet technology. I design > networks like that all the time. > > > Several U.S. companies supplied the technology, according to reports > > in EE Times, etc., and export laws may be changed as a result. > > > > (No matter, as plenty of other countries supply similar network > > topology software. The Internet is in many countries....) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Which is precisely why I mentioned this. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From adam at bwh.harvard.edu Wed Sep 28 12:29:23 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Wed, 28 Sep 94 12:29:23 PDT Subject: Viacrypt PGP for Windows Message-ID: <199409281928.PAA01932@bwface.bwh.harvard.edu> I just got (snail) mail from Viacrypt announcing 2.7 for windows. $124.98, now shipping. Includes a "dll for certain Key mgmt functions" a windows shll, and 2.7 for Dos for crypto functions. This flyer also announces a mid-October ship date for 2.7 for the macintosh. Supports Apple events and Applescript. Contains online documentation, and will encrypt/decrypt and sign the contents of the clipboard. Same price. Viacrypt is 602 944 0773, or viacrypt at acm.org. Adam From dps at kafka.atinc.com Wed Sep 28 13:41:12 1994 From: dps at kafka.atinc.com (Doug Shapter) Date: Wed, 28 Sep 94 13:41:12 PDT Subject: No Subject Message-ID: <9409281641.ZM13022@kafka.atinc.com> A few months ago, Matthew Blaze posted a note to sci.crypt announcing a filesystem encryption system. Does anyone have a pointer to it. Thanks. -- Doug Shapter dps at kafka.atinc.com finger dps at kryten.atinc.com for PGP public key From cme at tis.com Wed Sep 28 13:52:11 1994 From: cme at tis.com (Carl Ellison) Date: Wed, 28 Sep 94 13:52:11 PDT Subject: TIS, SKE, & CyberCash Inc. In-Reply-To: <199409281937.MAA20241@comsec.com> Message-ID: <9409282051.AA16847@tis.com> >From: wfgodot at iquest.com (Michael Pierson) >Date: Tue, 27 Sep 1994 19:05:54 -0600 > (E) shall preserve the functional ability of the government > to interpret, in a timely manner, electronic information > that has been obtained pursuant to an electronic surveillance > permitted by law; This really bothers me. If the government today has a functional ability to interpret in a timely fashion information it has obtained, that is purely an accident (that the communicating parties chose not to encrypt) and the pure accident is likely to remain (because they will continue so to choose). However, the government has been trying to establish an enforceable right to succeed at gathering intelligence by surveillance and it has never been granted that right and should never be. Giving it a right to tap deals with gov't actions (permitting tapping). Giving it a right to understand what it taps deals with citizen actions (prohibiting encryption). Citizens have always had a right to try to keep a secret from the gov't and on this one point, we should not yield one micron. There should be *no* move at all toward establishing a right of the gov't to understand what it taps. Sorry -- I realize I'm preaching to the choir -- but this is *the key issue* to me and I wanted to push it. - Carl From mccoy at io.com Wed Sep 28 13:53:15 1994 From: mccoy at io.com (Jim McCoy) Date: Wed, 28 Sep 94 13:53:15 PDT Subject: Mandatory email verification In-Reply-To: <9409280832.ZM12030@kafka.atinc.com> Message-ID: <199409282052.PAA18770@pentagon.io.com> > From: dps at kafka.atinc.com (Doug Shapter) > > Its my understanding that to be truly useful on multi-user > systems, digital signatures require some user input (eg, PGP > requires entering a pass phrase). Not really. The system I was sketching out would not require the user to enter any information at all, the sendmail daemon would handle everything and have the key for that mail server held internally. The purpose would not be to say that "User X" did or did not sign a message, but to say _with reasonable assurance_ that the message either came from someone logged in as userx at foo.com (there are other alternatives, like the mail server being hacked, etc.) The purpose of such a system would not be to link mail messages to any real person or identity, but to link it to an account on the sending host (and mostly to link it to the sending host.) Thus someone who just did a telnet to port 25 and forged off a mail message would not be able to generate the necessary site signature to pull off the charade unless they managed to actually hack _into_ the mail server. Bouncing messages off a smtp port would no longer be enough to work. In actual practice the keys would not need to be monstrously huge and one could probably get by with a public key small enough to fit into a TXT record in the DNS system. It would be easier to break in to the system than crack a 512 bit key... The mail system would not be signing the messages for you, it would just do a hash of a few choice lines from the header and sign those with the mail system key. It would not try to say that any particular person sent a mail message but would instead say "to the best of my knowledge this message came from my system and was sent by someone accessing account userx" and no more. This would probably be enough to cut mail forgery through smtp by 90% among sites using the system. jim From die at pig.die.com Wed Sep 28 13:56:47 1994 From: die at pig.die.com (Dave Emery) Date: Wed, 28 Sep 94 13:56:47 PDT Subject: Mandatory email verification In-Reply-To: <199409281332.GAA11124@python> Message-ID: <9409282054.AA01959@pig.die.com> > > All this system does is provide some reasonable protection for users against > mail forgery originating from their own machine. My experiments with > port 25 show that a telnet connection from a remote machine to port 25 > causes the remote machine's address to appear in the ESMTP headers. However, > mail sent from a local connection to port 25 can't be readily distinguished > from mail sent via "normal" mail programs (mail, elm, pine, etc.). On the > systems I've examined, I can enter a user's login through port 25 and sendmail > will affix his real identity from /etc/passwd just as though that user had > sent the mail. For instance, a user can forge mail from root on their own > machine. I don't know about you, but that's something that concerns me. > It's entirely possible that someone impersonating root could send email to > a user to change his password as a "system test", giving the bad guy access > to someone else's account. Admittedly, this is a pretty benign example, but > the potential for real damage is there. The last time I hacked a mailer (elm 2.4 to be specific) I seem to remember that it invoced sendmail as a process rather than connecting to it via port 25 to send mail. It would seem that one could hack sendmail so as not to accept non sendmail connections to port 25 from the local machine (it clearly knows from the socket info structures who is connected on the other end of the socket) or perhaps to refuse to accept user id from a port 25 connection on the local machine (instead indicating the origen of the mail as user "sendmail25" or something similar). The later approach could be refined by adding a header line to the mail indicating it came from port 25 rather than rejecting it - then all you would have to do is make sure that the legitimate mailers were configured to invoke sendmail as a process rather than via port 25, and the appearence of the warning header line would be a red flag that something irregular happened in the creation of the mail. It might be necessary to hack the permanent sendmail process listening on port 25 to accept mail from other spawned sendmail processes via a memory to memory transfer (most unixes support this these days) or via some other port than 25, or with an additional step of passing the process id so it could check the UID of the process sending it the mail to authenticate the sender. [I am writing this in a typically airheaded manner this afternoon without looking at the sendmail source I have on the machine so I am a little vague about how sendmail spawned talks to sendmail permanent to send mail, but whatever technique is used here ought to be subject to a pass the process ID or pass a magic cookie (hash of process ID and sendmail version perhaps?) and the process id approach]. Thus one need not bother with message signing at all, or if one wanted to use it, could use it only to authenticate one sendmail process on your local machine to another. From sw at smds.com Wed Sep 28 13:57:36 1994 From: sw at smds.com (Steve E. Witham) Date: Wed, 28 Sep 94 13:57:36 PDT Subject: FABIO META: cartoon transcript Message-ID: <9409282022.AA06368@smds.com> "Fox Trot," by Bill Amend, for Wed, Sept. 28, 1994: Computer: WELCOME TO COMPUNET. YOU HAVE 65,031 WAITING MESSAGES. Kid: [pause with pensive expression] Maybe setting my username to "Fabio" wasn't such a hot idea. Computer: DIANE at NASA.GOV WISHES TO CHAT. LUCILLE at OSU.EDU WISHES TO CHAT. JOYCE at UPS.COM WISHES TO CHAT. ... --Steve From sandfort at crl.com Wed Sep 28 14:03:44 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Wed, 28 Sep 94 14:03:44 PDT Subject: IN H.O.T. WATER Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, How exciting! My first anti-fan, Rishab Aiyer Ghosh wrote: Sandy's H.E.A.T was hard enough on my poor 'D' key; I hope ... yada, yada, yada ... While I agree that "Beach Clash" *is* too far afield (sorry, David), I have a serious and a *seemingly* not-so-serious reason for "reviewing" Acapulco H.E.A.T. MY SERIOUS REASON--The world does not see cryptography and related privacy technologies as do the Cypherpunks. Most folks "learn" about crypto from popular culture (e.g., TV and movies) and, to a lesser extent, the popular press. When we try to persuade others to support strong crypto, we have to know what *they* know (and don't know), if we are to be effective. MY REAL REASON--Cypherpunks is not just a mailing list. It is a wired community of people with strong, commonly held beliefs concerning privacy. The problem is, the intensity of our beliefs and the ultimate seriousness of what's at stake, can lead to a negative, siege mentality. I believe there is a place, in every community of fellow travelers, for humor and humanity. That's one of the reasons that physical meeting are so important. If you've been to one, you know that it isn't all strategy and tactics; there is also fellowship. After a Cypherpunks meeting, many attendees go out for dinner together. In California, we even--god forbid--"bond." (Not valid in Arizona, Kansas, Kentucky or where prohibited by law. Your mileage may differ. If pain persists, consult a physician.) Acapulco H.E.A.T., with dubious crypto and suspect technology, has become an inside joke for Cypherpunks. When we watch it, we see things the average person misses. This is something we share, and something that helps create the lighter side of Cypherpunk culture. S a n d y P.S. I'm serious. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From jya at pipeline.com Wed Sep 28 14:16:45 1994 From: jya at pipeline.com (John Young) Date: Wed, 28 Sep 94 14:16:45 PDT Subject: NYT on TLA Rot Message-ID: <199409282116.RAA03438@pipe1.pipeline.com> Today's NY Times has front page article and editorial on a congressional study to be done on the need for the CIA and reassessment of eleven other intelligence agencies. Says funds for the study were included in recent $28 billlion package for intelligence. One excerpt: "Throughout the cold war, the nation needed a great intelligence service, and by and large, it got one," said Allen Goodman, a former CIA official and dean of the School of Foreign Service at Georgetown University. "But from about 1985 onward nobody's been able to say if they are good or bad, and from 1990 onward nobody's been able to say exactly why we need them." End excerpt. Bet many "national threats" are in the offing. Email available for the NYT-impaired. John From hfinney at shell.portal.com Wed Sep 28 14:18:10 1994 From: hfinney at shell.portal.com (Hal) Date: Wed, 28 Sep 94 14:18:10 PDT Subject: Digicash Palo Alto Message-ID: <199409282117.OAA06769@jobe.shell.portal.com> Just browsing www.digicash.com, I see a relatively new web page with some info on various employees. They also mentioned that there is a U.S. office, DigiCash Inc 701 Welch Road, Suite 323 Palo Alto, CA 94304 USA tel +1-415 321 0300 fax +1-415 321 0322 Bay area CP's might want to check this out (unless it is already common knowledge). (I notice Chaum has his own picture and initials on the DigiCash coins in the graphics!) Hal From pstemari at bismark.cbis.com Wed Sep 28 14:26:46 1994 From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) Date: Wed, 28 Sep 94 14:26:46 PDT Subject: 3DES Message-ID: <9409282126.AA00174@focis.sda.cbis.COM> Quick question. There's a brief mention in Applied Cryptography that triple DES uses: Eabc(x) = Ea(Db(Ec(x))) as opposed to: Eabc(x) = Ea(Eb(Ec(x))) in order to preserve some symmetry properties. Can anyone give a better explanation? From pstemari at bismark.cbis.com Wed Sep 28 14:28:50 1994 From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) Date: Wed, 28 Sep 94 14:28:50 PDT Subject: groups Message-ID: <9409282128.AA00184@focis.sda.cbis.COM> Another quick question. Frequently when discussing a cypher the question of whether it is a group arises. In the absence of further definition, is it safe to assume that the set of elements for this group is the cyphers with each possible key and that the operation for this group is composition? Paul From karn at qualcomm.com Wed Sep 28 15:00:52 1994 From: karn at qualcomm.com (Phil Karn) Date: Wed, 28 Sep 94 15:00:52 PDT Subject: 3DES In-Reply-To: <9409282126.AA00174@focis.sda.cbis.COM> Message-ID: <199409282201.PAA07492@servo.qualcomm.com> >Quick question. There's a brief mention in Applied Cryptography that >triple DES uses: Eabc(x) = Ea(Db(Ec(x))) >as opposed to: > Eabc(x) = Ea(Eb(Ec(x))) >in order to preserve some symmetry properties. Can anyone give a >better explanation? This should probably be in a FAQ somewhere. As I understand it, the intent is to build 3DES chips that can be backward compatible with single DES by simply setting all three keys to the same value. Naturally, nobody would be stupid enough to do single DES in this way in a software implementation, but it doesn't really cost anything extra when operating in 3DES mode either. DES decryption is the same as encryption with a reversed key schedule, so the work factor for both ciphering and attacking should be the same. Question to the group: are there any precise standards for how 3DES keys are specified? Also, a 3DES verification suite similar to NIST's suite for single DES would be very nice. Phil From jim at acm.org Wed Sep 28 15:04:44 1994 From: jim at acm.org (Jim Gillogly) Date: Wed, 28 Sep 94 15:04:44 PDT Subject: 3DES In-Reply-To: <9409282126.AA00174@focis.sda.cbis.COM> Message-ID: <9409282204.AA01197@mycroft.rand.org> > pstemari at bismark.cbis.com (Paul J. Ste. Marie) writes: > triple DES uses: > Eabc(x) = Ea(Db(Ec(x))) > as opposed to: > Eabc(x) = Ea(Eb(Ec(x))) > in order to preserve some symmetry properties. Can anyone give a > better explanation? OK -- if you want to retain compatibility with old 56-bit DES chips in your same network, you can set a = b = c and get: Eaaa(x) = Ea(Da(Ea(x))) using the first form, which reduces to Ea(x), or a single 56-bit DES encryption instead of the 168 bits your TripleDES chip can handle. The second form doesn't have this property or any other useful property other than standalone security, since DES isn't a group. Jim Gillogly Highday, 7 Winterfilth S.R. 1994, 22:03 From minow at apple.com Wed Sep 28 15:07:00 1994 From: minow at apple.com (Martin Minow) Date: Wed, 28 Sep 94 15:07:00 PDT Subject: new rules: filing electronic tax returns Message-ID: <9409282206.AA22934@apple.com> In an note to Cypherpunks, LaurenN at wri.org notes that the IRS will require fingerprints (and other information) for people filing tax returns electronically. My understanding is that this refers to professional tax preparers. Note that individuals are currently filing "electronically" by sending their return to an agency, such as the MacInTax people. The problem the IRS faced, as I understand it from a brief report on NPR, is that there was a lot of fraud going around -- people filing bogus returns with refunds, then disappearing with the money. LaurenN also wondered why CPA's and lawyers are exempt -- I would imagine that this is because their identity is known through their professional licensing. Just my speculation. Martin Minow minow at apple.com From mccoy at io.com Wed Sep 28 15:31:29 1994 From: mccoy at io.com (Jim McCoy) Date: Wed, 28 Sep 94 15:31:29 PDT Subject: 3DES In-Reply-To: <9409282126.AA00174@focis.sda.cbis.COM> Message-ID: <199409282231.RAA05505@pentagon.io.com> > From: pstemari at bismark.cbis.com (Paul J. Ste. Marie) > > Quick question. There's a brief mention in Applied Cryptography that > triple DES uses: > > Eabc(x) = Ea(Db(Ec(x))) > > as opposed to: > > Eabc(x) = Ea(Eb(Ec(x))) > > in order to preserve some symmetry properties. Can anyone give a > better explanation? If a=b=c, a=b, or b=c then the first operation is Ea(Da(Ea(x))) which is just Ea(x). This method allows one to support 56bit (single DES) and 168bit (triple DES) keys on the same function, basically making the system backward compatible with those just using DES. jim From rms at gnu.ai.mit.edu Wed Sep 28 15:35:30 1994 From: rms at gnu.ai.mit.edu (Richard Stallman) Date: Wed, 28 Sep 94 15:35:30 PDT Subject: Comic relief from patents Message-ID: <9409282235.AA14319@mole.gnu.ai.mit.edu> Lots of patents are so absurd they would be funny, if they weren't so dangerous. Being sued for patent infringement isn't funny. If you think there may be a problem with the system of software patents, I hope you will read the League for Programming Freedom position papers. You can find them on ftp.uu.net in /doc/lpf. The principal position papers are look-and-feel.text and patents.text. If you decide you agree with the LPF position, please join. Joining is easy and doesn't take much of your time. You can find a membership form in the file lpf.join. From GRABOW_GEOFFREY at tandem.com Wed Sep 28 16:46:48 1994 From: GRABOW_GEOFFREY at tandem.com (GRABOW_GEOFFREY at tandem.com) Date: Wed, 28 Sep 94 16:46:48 PDT Subject: 3DES Message-ID: <199409281646.AA14137@comm.Tandem.COM> >Quick question. There's a brief mention in Applied Cryptography that >triple DES uses: > > Eabc(x) = Ea(Db(Ec(x))) > >as opposed to: > > Eabc(x) = Ea(Eb(Ec(x))) > >in order to preserve some symmetry properties. Can anyone give a >better explanation? I thought it goes like this: Eab(x) = Ea(Db(Ea(x))) Anyone? G.C.G. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Geoffrey C. Grabow | "What we demand are rigidly defined | | Oyster Bay, New York | areas of doubt and uncertainty!" | | | -------------------- | | grabow_geoffrey at tandem.com | Clipper, SkipJack & Digital Telephony | | | JUST SAY NO!!! | |----------------------------------------------------------------------| |PGP 2.6 fingerprint = AA 9E 35 12 F8 93 72 8D 1C E5 D5 BC 74 BE 49 D3| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From chen at intuit.com Wed Sep 28 17:25:05 1994 From: chen at intuit.com (Mark Chen) Date: Wed, 28 Sep 94 17:25:05 PDT Subject: Quantum Cryptography Biblio. Message-ID: <9409290024.AA05260@doom.intuit.com> As an addendum to the bibliography that Tim Cole posted, there are three good papers in the July 1993 edition of _Physical Review A_ (vol. 48 no. 1): "Information-theoretic limits to quantum cryptography" by Stephen M. Barnett and Simon J.D. Phoenix, "Quantum cryptography without conjugate coding" by Simon J.D. Phoenix, and "Quantum computers and intractable (NP-complete) computing problems" by Vladimir Cerny. - Mark - -- Mark Chen chen at netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D From dps at kryten.Atinc.COM Wed Sep 28 19:17:42 1994 From: dps at kryten.Atinc.COM (Doug Shapter) Date: Wed, 28 Sep 94 19:17:42 PDT Subject: More quantum references. Message-ID: <199409290217.WAA23291@kryten.atinc.com> This appeared on sci.crypt.research, so many on the list may have already seen it. For those that haven't (thanks and credit to Tim Cole) : As one reply to the thread on Quantum Cryptography, I have put together this bibliography of what I could find on the subject about 1 year ago. If there are other references that are not included here, I, and I suspect other readers of this group, would be very interested in those references. Anyway, here is the list: 1. Blow, K.J., S.J.D. Phoenix, On a fundamental theorem of quantum cryptography, Jnl. of Modern Optics, Vol. 40, No. 1 (Jan. 93),pp 33-6. 2. Brassard, G., C.H. Bennett, Quantum Cryptography, Lecture Notes in Computer Science, Vol.325, 1988, pp. 79-90. 3. Bennett, C.H., G. Brassard and N.D. Mermin, Quantum Cryptography without Bell's Theorem, Physiacl Review Letters, Vol. 68, No. 5 (3 Feb. 92), pp. 557-9. 4. Bennett, C.H., Quantum Cryptography Using Any To Nonorthogonal States, Physical Reveiew Letters, Vol. 68, No. 21 (25 May 92), pp. 3121-4. 5. Bennett, C.H., Quantum Cryptography: Uncertainty in the Service of Privacy, Science, Vol. 257, (7 August 92), pp. 752-3. 6. Ekert, A.K., J.G. Rarity, P.R. Tapster and G. M. Palma, Practical Quantum Cryptography Based on Two-Photon Interferometry,Physical Review Letters, Vol. 69, No. 9 (31 August 92), pp. 1293-5. 7. Werner, M.J. and G. J. Milburn, Eavesdropping using quantum nondemolition measurements, Physical Review A, Vol. 47, No. 1 (January 1993), pp. 639-41. 8. Stewart, I., Schrodingers Catflap, Nature, Vol. 353, (3 October 1991), pp. 384-5. 9. Bennett, C.H., G. Brassard and A. K. Ekert, Quantum Cryptography, Scientific American, October 1992, pp. 50-57. 10. Ekert, A.K.,Quantum Cryptography based on Bell's Theorem, Physical Review Letters, Vol. 67, No. 6 (5 August 91), pp. 661-3. 11. Bennett, C.H., F. Bessette, G. Brassard, L. Savalle and J. Smolin, Experimental Quantum Cryptography, Proceedings of Eurocrypt '90, also in Journal of Cryptology, Vol. 5, No. 1 (1992), pp. 3-28. 12. Bennett, C.H., G. Brassard, C. Crepeau and M-H. Skubiszewska, Practical Quantum Oblivious Transfer, Proceedings of Crypto '91. 13. Bennett, C.H., and G. Brassard, The Dawn of a new era for quantum cryptography: The experimental prototype is working !, SIGACT News, Vol. 20, No. 4 (Fall 1989), pp. 78-82. I hope this is a help to those of you just getting started. Many of the articles have their own bibliographies, but htese were the articles that I could find in my files. Again, I hope this helps. Tim Cole. Doug. From hughes at ah.com Wed Sep 28 20:37:29 1994 From: hughes at ah.com (Eric Hughes) Date: Wed, 28 Sep 94 20:37:29 PDT Subject: groups In-Reply-To: <9409282128.AA00184@focis.sda.cbis.COM> Message-ID: <9409290302.AA28900@ah.com> Frequently when discussing a cypher the question of whether it is a group arises. In the absence of further definition, is it safe to assume that the set of elements for this group is the cyphers with each possible key and that the operation for this group is composition? Yes, this is exactly how what this "is X a group" mean when applied to ciphers. It's an attempt to get a handle on just how much extra scrambling happens under composition, i.e. double, triple, multiple encryptions. The useful question is, however, not whether it's actually a group, but just how close to a group is it? If it were only lacking one element, it wouldn't be a group, but double encryption would be statistically speaking a waste of effort for such a hypothetical cipher. The work on DES showed that DES is very far away from being a group. There are interesting questions about the semigroup that DES encryptions generates. Does it contain the identity, i.e. does it even generate a group? Put yet another way, does some combination of encryption (not decryption) operations eventually generate the identity function? If so, how long is the shortest such combination? The goal is to estimate the size of the keyspace for a theoretical exhaustive search attack. The result is a greatest lower bound on the keyspace entropy. These techniques are not really well developed. I expect that these issues will lead to some extremely interesting developments in mathematics. In analogy I point out the stochastic stability theorem for vector fields. It turns out that strictly topological classification of vector fields doesn't work for a variety of reasons. But add a small amount of "diffusion" to the flows and you get a really nice classification theorem in terms of Morse functions and elementary catastrophes. (See Chapter Two of Casti's _Reality Rules_.) For groups the situations seems similar. You've got a situation where a small deletion removes huge amounts of structure, which, nevertheless, the stochastic version has. In fact these two areas may be connected, by considering discrete and finite subgroups of these flow and turning the diffusion into a discrete Markov process. Eric From s009amf at discover.wright.edu Wed Sep 28 22:23:51 1994 From: s009amf at discover.wright.edu (Aron Freed) Date: Wed, 28 Sep 94 22:23:51 PDT Subject: IN H.O.T. WATER In-Reply-To: Message-ID: On Wed, 28 Sep 1994, Sandy Sandfort wrote: > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > SANDY SANDFORT > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . > > C'punks, > > How exciting! My first anti-fan, Rishab Aiyer Ghosh wrote: > > Sandy's H.E.A.T was hard enough on my poor 'D' key; I > hope ... yada, yada, yada ... > > While I agree that "Beach Clash" *is* too far afield (sorry, > David), I have a serious and a *seemingly* not-so-serious > reason for "reviewing" Acapulco H.E.A.T. > > MY SERIOUS REASON--The world does not see cryptography and > related privacy technologies as do the Cypherpunks. Most folks > "learn" about crypto from popular culture (e.g., TV and movies) > and, to a lesser extent, the popular press. When we try to > persuade others to support strong crypto, we have to know what > *they* know (and don't know), if we are to be effective. > > MY REAL REASON--Cypherpunks is not just a mailing list. It is a > wired community of people with strong, commonly held beliefs > concerning privacy. The problem is, the intensity of our beliefs > and the ultimate seriousness of what's at stake, can lead to a > negative, siege mentality. I believe there is a place, in every > community of fellow travelers, for humor and humanity. That's > one of the reasons that physical meeting are so important. If > you've been to one, you know that it isn't all strategy and > tactics; there is also fellowship. After a Cypherpunks meeting, > many attendees go out for dinner together. In California, we > even--god forbid--"bond." (Not valid in Arizona, Kansas, > Kentucky or where prohibited by law. Your mileage may differ. > If pain persists, consult a physician.) > > Acapulco H.E.A.T., with dubious crypto and suspect technology, > has become an inside joke for Cypherpunks. When we watch it, we > see things the average person misses. This is something we > share, and something that helps create the lighter side of > Cypherpunk culture. > > > S a n d y > > P.S. I'm serious. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > Well for me as a Daytonian living in the Midwest, I can hardly make the journey out to SF every month. Maybe we could branch out Cypherpunk groups as a SIG in different cities, so each city or region could have a physical meeting once in a while. IT's so crazy it might work... ~!@#$%^&*~!@#$%^&~!@#$%^~!@#$%~!@#$%%@#$%^~!@#$~!@#$%~!@#$%~!@#$%~!@#$%~!@! | A(a)ron M. Freed | It is naive to believe people are honest. | | s009amf at discover.wright.edu | It is naive to believe programmers are | | (513)276-3817 (voice) | honest. It is even more naive to believe | | (513)276-4158 (data/fax) | the government is honest. Down with Big | | | Brother. | |_____________________________|___________________________________________| From nobody at shell.portal.com Wed Sep 28 22:35:30 1994 From: nobody at shell.portal.com (nobody at shell.portal.com) Date: Wed, 28 Sep 94 22:35:30 PDT Subject: What is the PGP key for WIEN ? Message-ID: <199409290535.WAA23408@jobe.shell.portal.com> Where can I find the key for the WIEN remailer? It's not on the chaos gopher go or on soda From merriman at metronet.com Wed Sep 28 22:47:56 1994 From: merriman at metronet.com (David K. Merriman) Date: Wed, 28 Sep 94 22:47:56 PDT Subject: Cypherpunkspeople Message-ID: <199409290547.AA13246@metronet.com> >| A(a)ron M. Freed s009amf at discover.wright.edu > >Well for me as a Daytonian living in the Midwest, I can hardly make the >journey out to SF every month. Maybe we could branch out Cypherpunk >groups as a SIG in different cities, so each city or region could have a >physical meeting once in a while. IT's so crazy it might work... > > Oo! Oo! Cue time for keysigning(s)! Works for me - anybody in the DFW area (other than me, that is :-) Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From blancw at pylon.com Wed Sep 28 23:14:00 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Wed, 28 Sep 94 23:14:00 PDT Subject: H.O.T. WATER (Cold on Rishab) Message-ID: <199409290614.XAA18709@deepthought.pylon.com> >From Sandy Sandfort: Acapulco H.E.A.T., with dubious crypto and suspect technology, has become an inside joke for Cypherpunks. When we watch it, we see things the average person misses. This is something we share, and something that helps create the lighter side of Cypherpunk culture. ...................................................... Yeah, Rishab. What about all that social-cyberspatial-culture philosophy stuff you write. Surely you see a relation here to the concepts of tribal and cyberspatial society? Blanc From tcmay at netcom.com Thu Sep 29 00:33:29 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 29 Sep 94 00:33:29 PDT Subject: Cypherpunks meetings in other cities In-Reply-To: Message-ID: <199409290733.AAA00433@netcom10.netcom.com> Aron Freed wrote: > Well for me as a Daytonian living in the Midwest, I can hardly make the > journey out to SF every month. Maybe we could branch out Cypherpunk > groups as a SIG in different cities, so each city or region could have a > physical meeting once in a while. IT's so crazy it might work... > FYI, there have been some meetings/gatherings in cities other than the Bay Area. Some that I recall: * Boston/Cambridge. Had at least two, including audio links to other sites. Derek Atkins may know more. * Washington D.C./Northern Virginia. Ditto. Paul Ferguson and Pat Farrell may know more. * San Diego. Has been linked up a couple of times. Contact Phil Karn. * Denver/Colorado. Had at least one meeting, maybe two. * Seattle. May have had a meeting. * L.A. I attended one meeting down there. * NYC has a party put on by Eric Hughes and Matt Blaze when Eric visited, but is not having other meetings, so far as I know (come on Perry, Duncan, Dave, and Sandy!). If I left your site out, don't get angry, get vocal! I've said it in many posts, mostly a year or more ago, and I'll say it here: * if you want to meet, meet. Call a meeting and see who shows up. * the Bay Area group has had about 24 meetings, each attended by an average of 30 people (a couple had >50), and yet our population level that we draw from is about 10 million, comparable to several other large urban areas. Thus, there's no reason other areas can't get at least a dozen or so folks. (I live 50 miles south of the meeting site, Eric Blossom lives 70 miles north, and many others live an average of 40 miles away (SF, Berkeley, Oakland, etc.). So no one can claim we meet because we're all close...we're as spread out as the Denver-Fort Collins-Colorado Springs folks are, for example.) * So, just plan an informal gathering in your area. "Why isn't there a sub-list to discuss this?" you may ask. Well, there is! It exists, but is moribund (like most sub-lists, for Schelling point reasons). --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From j.hastings6 at genie.geis.com Thu Sep 29 04:11:32 1994 From: j.hastings6 at genie.geis.com (j.hastings6 at genie.geis.com) Date: Thu, 29 Sep 94 04:11:32 PDT Subject: Fortress/Little Bro Message-ID: <199409291111.AA051537074@relay2.geis.com> -----BEGIN PGP SIGNED MESSAGE----- FORTRESS remailers should be disguised in some way: "DBN announced solemnly that it was everyone's duty to turn in all computers and radios to the authorities for the duration of the Emergency. Not many were impressed by this pronouncement unless you counted laughter. I'd hate to be on the side trying to confiscate everything. That cactus might be a combination photovoltaic cell and radio antenna with green chlorophyll-enriched paint. Or it might just be a cactus. Maybe that flag pole is a hidden shortwave antenna. Should we tear down our own flag? That car engine, vacuum cleaner, hospital centrifuge, or those countless damned white-noise decoys might be unauthorized spread-spectrum radio transmitters. Or not. The bitter end had come, but the Feds wouldn�t back down..." Another Little Brother problem: "Consumers wanted businesses to 'get it' concerning their preferences, without any effort on their part. But they insisted on absolute individual privacy. A method of scanning the face was devised that could evaluate and report the emotional state of the viewers, without disclosing the identity of any particular viewer, via a blind-audit protocol. This compromise was accepted by most broadcast receiver customers. It was not generally known that the biggest consumer of collective emotional data was the Department of National Security. The data was purchased under a number of marketing research company names, then transmitted directly to DNS in real time, making it the most important tool DNS had for "the manufacturing of consent." A Presidential speech was broadcast, and the sum of the viewer reactions was received. The speech program was adaptive, so statements evoking the most positive response were generated, if they fell within the policy constraints set by the Directorate of the Department." Excerpts from "Revolution Is My Hobby" by me. Kent - j.hastings6 at genie.geis.com Ham packet AX.25: WA6ZFY @ WB6YMH.#SOCA.CA.USA.NA -----BEGIN PGP SIGNATURE----- Version: 2.3 iQCVAgUBLoo7/DQYUX1dU7vxAQHYlQP/Sq2eIcPOFzae5L+IFu/sKLc7ssGAE18T bWuAIOOGVWwhT4GAgnxDnYiJjn2Azt9pCeTLpe4ppPQ88SS3hX9fkg4cNWF3rRd1 gKRn7w7cwBwPZhJuvHEMUno/KFsEizFYFzLSEISp4DETp2TWpkowh65RB/RRGFM+ RMiAR2s2bNw= =VRH0 -----END PGP SIGNATURE----- From frissell at panix.com Thu Sep 29 05:41:13 1994 From: frissell at panix.com (Duncan Frissell) Date: Thu, 29 Sep 94 05:41:13 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread? Message-ID: <199409291241.AA11195@panix.com> At 12:11 PM 9/28/94 -0700, Timothy C. May wrote: >Alice switches to 15,000-bit moduli....the how much longer does it >take the Shor machine to do its thing? (Even if polynomial, what >factor?) > >I won't speculate further. The numbers are indeterminate, even to >Shor, I suspect. > >In any case, nothing for Cypherpunks to worry about in our lifetimes >(certainly not in my lifetime, and probably not in the lifetime of our >youngest members). It's easier to make an omlette out of eggs than to make eggs out of an omlette so encryption should remain well ahead of decryption. This differs from the popular view that decryption would eventually win the "war" with the encryption and devise a way of defeating *any* possible code/cipher. This "fact" was expressed in Edgar Rice Burroughs' Mars stories where he said that the Martians didn't use codes much because they were vulnerable. See also Sneakers in which we have a "black box" decyption device that can break any code. Also the guy who confronted me at the London conference last year and said "they broke the satellite movie coding system so why can't they break PGP?" I wonder where this idea comes from. DCF "Who was shocked, shocked by the end title sequence in Sneakers which features a newsreader describing how good commie liberals like the Robert Redford and Dan Ackroyd characters are using their decoding device to steal money from the Republican National Committee and transfer it to Greenpeace and all the usual suspects. Looks like those guys don't believe in democracy. That sort of thing is worse than the Watergate break in." From ravage at bga.com Thu Sep 29 06:14:17 1994 From: ravage at bga.com (Jim choate) Date: Thu, 29 Sep 94 06:14:17 PDT Subject: BATF info... Message-ID: <199409291314.IAA04983@zoom.bga.com> BATF now has a site located at: atf.ustreas.gov It contains the crime bill and quite a few other tid bits... From ravage at bga.com Thu Sep 29 06:14:58 1994 From: ravage at bga.com (Jim choate) Date: Thu, 29 Sep 94 06:14:58 PDT Subject: (n!)modx ... Message-ID: <199409291314.IAA05006@zoom.bga.com> The nth derivative of x^n is n! ... From die at pig.die.com Thu Sep 29 06:57:26 1994 From: die at pig.die.com (Dave Emery) Date: Thu, 29 Sep 94 06:57:26 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread? In-Reply-To: <199409291241.AA11195@panix.com> Message-ID: <9409291355.AA02056@pig.die.com> > Duncan Frissel writes > This differs from the popular view that decryption would eventually win the > "war" with the encryption and devise a way of defeating *any* possible > code/cipher. This "fact" was expressed in Edgar Rice Burroughs' Mars > stories where he said that the Martians didn't use codes much because they > were vulnerable. See also Sneakers in which we have a "black box" decyption > device that can break any code. Also the guy who confronted me at the > London conference last year and said "they broke the satellite movie coding > system so why can't they break PGP?" > > I wonder where this idea comes from. > Casually looking at the history of the past 100 years or so of cryptanalysis, particularly what has been recently revealed recently about US/British triumphs in World War II, shows a number of startling successes against what were thought (and even now seem to ordinary minds) to be intractable ciphers. It is not very hard to see why popular mythology, which usually lags the cutting edge of science by at least several years and even sometimes several decades emphasizes decryption. After all, decryption seems to have been winning the last time we were allowed to have a look. It is also true that a quirk of human nature that probably has a lot to do with the origin of religion tends to mythologize to vast, even epic status those who can do something that ordinary people can't. And this hero/god dieification often involves the myth of unlimited power, which in the case of crypto means the ability to break any cipher. It will take a while before appreciation of the fundemental revolution represented by number theory based ciphers sinks in. Even the simple understanding that there exist unbreakable ciphers right now that anyone with a floppy disk drive can implement is too advanced to sink in very far. But probably the worst myth is the notion that most practical crypto systems were actually intended by their creators to be unbreakable. And of course nobody out there understands that satellite TV pirates have yet to break any cipher at all (at least as far as I know as someone who follows this technology). All the current triumphs have been based on exploiting holes (mostly involving cloning) in the key distribution and management in an environment where your enemy both necessarily has the complete cipher device and several copies of known to work keys. Dave Emery From stuarth at netcom.com Thu Sep 29 07:13:06 1994 From: stuarth at netcom.com (Stuart Haber) Date: Thu, 29 Sep 94 07:13:06 PDT Subject: quantum-factoring talk at Columbia Univ. tomorrow Message-ID: <199409291412.HAA03234@netcom17.netcom.com> Some cyherpunks readers who know their cryptography might be curious to see Rabin's talk as well as Peter Shor's. If you need directions by email you can send me private email (stuarth at netcom.com). ========================================================================== THE 24th THEORY DAY at Columbia University SPONSORED BY THE DEPARTMENT OF COMPUTER SCIENCE FRIDAY, SEPTEMBER 30, 1994 10:00 PROFESSOR MICHAEL RABIN Harvard University and Hebrew University "A New Paradigm for Hashing Data into Memory, and Applications" 11:00 DR DAVID KARGER AT&T Bell Laboratories "Approximate Graph Coloring by Semidefinite Programming" 2:00 PROFESSOR TOM LEIGHTON MIT "Multicommodity Flow: A Survey of recent results and algorithms" 3:00 DR PETER SHOR AT&T Bell Laboratories "Can Quantum Mechanics Help in Factoring Large Numbers?" Coffee will be available at 9:30AM. All lectures will be in the auditorium of the Schapiro Center for Engineering and Physical Sciences Research. This building is adjacent to the Mudd Building and entrance is from the campus. The lectures are free and open to the public. Call (212) 939-7000 for more information. Theory Day is supported in part by a grant from the National Science Foundation. From dps at kafka.atinc.com Thu Sep 29 07:32:09 1994 From: dps at kafka.atinc.com (Doug Shapter) Date: Thu, 29 Sep 94 07:32:09 PDT Subject: (n!)modx ... In-Reply-To: <199409291314.IAA05006@zoom.bga.com> Message-ID: <9409291032.ZM15296@kafka.atinc.com> On Sep 29, 8:14am, Jim choate wrote: > Subject: (n!)modx ... > > The nth derivative of x^n is n! ... > > >-- End of excerpt from Jim choate Maybe, I'm late on this thread, but don't you mean nth derivative of x^n is (n!)x... -- Doug Shapter dps at kafka.atinc.com finger dps at kryten.atinc.com for PGP public key From sandfort at crl.com Thu Sep 29 07:45:21 1994 From: sandfort at crl.com (Sandy Sandfort) Date: Thu, 29 Sep 94 07:45:21 PDT Subject: REGIONAL MEETING Message-ID: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SANDY SANDFORT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C'punks, I've been having Cypherpunks-physical-meetings withdrawal since leaving the SF Bay Area. Unfortunately, I wasn't able to conjure up a venue nor enough folks for the Cypherpunks anniversary last month. For October, however, I've gotten a firm offer of the NYC living room of a local Cypherpunk (Hero of the Revolution). I also have compiled a list of a dozen and a half current C'punks and interested fellow travellers. Unless some problem comes up, we'll be getting together on the 8th of October at noon or so. If you are interested in attending, and we *haven't* communicated already, drop we some e-mail. Also, if you know anyone who might want to be on the Cypherpunks list, give me their contact info so I can invite them. We'll have ever so much fun. S a n d y ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From dps at kafka.atinc.com Thu Sep 29 07:52:15 1994 From: dps at kafka.atinc.com (Doug Shapter) Date: Thu, 29 Sep 94 07:52:15 PDT Subject: (n!)modx ... In-Reply-To: <199409291314.IAA05006@zoom.bga.com> Message-ID: <9409291052.ZM15374@kafka.atinc.com> Jim, Ack, sorry about my differential dyslexia, you are right the nth derivative of x^n is n!. My apolgies. -- Doug Shapter dps at kafka.atinc.com finger dps at kryten.atinc.com for PGP public key From cme at tis.com Thu Sep 29 08:04:43 1994 From: cme at tis.com (Carl Ellison) Date: Thu, 29 Sep 94 08:04:43 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread on sci.crypt? In-Reply-To: <199409290052.RAA20821@comsec.com> Message-ID: <9409291504.AA02322@tis.com> >Date: Wed, 28 Sep 1994 11:21:45 -0700 >From: doug at OpenMind.com (Doug Cutrell) >I won't argue whether Shor's work will be implemented or not within any >given time period, but I thought that one of the most important properties >of it is that once (and if) achieved, the resources required to factor >increasingly large moduli lengths go up only polynomially, not >exponentially. The real roadblock might be that there are limits to how many bits there can be in a register. NIST's recent Quantum Computation conference included discussion of the expected lifetime of a computation (what fraction of a second the computation would have to complete in before the internal state space goes incoherent). The more bits are bound together, the shorter the lifetime of those bits, according to one result. However, the more bits you have the longer the computation has to be. This suggests that any given Quantum Computer technology point will lead to a maximum state size (likely in a small number of bits) for a given application. Trouble is, I'm not a quantum physicist, so my understanding of this is superficial. Any real physicists out there? - Carl From ravage at bga.com Thu Sep 29 09:03:40 1994 From: ravage at bga.com (Jim choate) Date: Thu, 29 Sep 94 09:03:40 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread on sci.crypt? In-Reply-To: <9409291504.AA02322@tis.com> Message-ID: <199409291603.LAA14728@zoom.bga.com> > > The real roadblock might be that there are limits to how many bits there > can be in a register. NIST's recent Quantum Computation conference > included discussion of the expected lifetime of a computation (what > fraction of a second the computation would have to complete in before the > internal state space goes incoherent). The more bits are bound together, > the shorter the lifetime of those bits, according to one result. However, > the more bits you have the longer the computation has to be. This suggests > that any given Quantum Computer technology point will lead to a maximum > state size (likely in a small number of bits) for a given application. > Something that might be relevant here is that relationship between energy and lifetime for virtual particle generation. When a virtual particle is generated it can have a random amount of energy. However, the larger the energy level is the shorter its lifetime is. It is related to Plank's Constant in a relationship that I don't have on hand, but should be in most quantum texts. From rishab at dxm.ernet.in Thu Sep 29 09:16:24 1994 From: rishab at dxm.ernet.in (rishab at dxm.ernet.in) Date: Thu, 29 Sep 94 09:16:24 PDT Subject: IN H.O.T. WATER Message-ID: Sandy Sandfort > negative, siege mentality. I believe there is a place, in every > community of fellow travelers, for humor and humanity. That's > Acapulco H.E.A.T., with dubious crypto and suspect technology, > has become an inside joke for Cypherpunks. When we watch it, we > see things the average person misses. This is something we > share, and something that helps create the lighter side of > Cypherpunk culture. Absolutely. ;-) You notice that I don't post 'please stop that' every time you come up with another H.E.A.T. bulletin. But more than one TV serial would be a bit much. Luckily David has assured me that his was only for one episode. He doesn't plan to do more, but others, as he says, are welcome! ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab at dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA From remailer-admin at chaos.bsu.edu Thu Sep 29 10:22:01 1994 From: remailer-admin at chaos.bsu.edu (Anonymous) Date: Thu, 29 Sep 94 10:22:01 PDT Subject: What is the PGP key for WIEN ? In-Reply-To: <199409290535.WAA23408@jobe.shell.portal.com> Message-ID: <199409291722.MAA02341@chaos.bsu.edu> nobody at shell.portal.com wrote: > Where can I find the key for the WIEN remailer? It's not on the chaos gopher > go > > or on soda Did you try finger remailer-pgp-keys at chaos.bsu.edu? From tcmay at netcom.com Thu Sep 29 10:58:16 1994 From: tcmay at netcom.com (Timothy C. May) Date: Thu, 29 Sep 94 10:58:16 PDT Subject: Will all codes and ciphers be broken? In-Reply-To: <9409291355.AA02056@pig.die.com> Message-ID: <199409291753.KAA25657@netcom12.netcom.com> Duncan Frissell and Dave Emery have commented on the popular notion that all codes and ciphers will "eventually" be broken. Dave Emery wrote: > Casually looking at the history of the past 100 years or so of > cryptanalysis, particularly what has been recently revealed recently > about US/British triumphs in World War II, shows a number of startling > successes against what were thought (and even now seem to ordinary > minds) to be intractable ciphers. It is not very hard to see why > popular mythology, which usually lags the cutting edge of science by at > least several years and even sometimes several decades emphasizes > decryption. After all, decryption seems to have been winning the last > time we were allowed to have a look. On the other hand, Bamford pointed out in 1982 (in "The Puzzle Palace") that no significant Soviet cipher had been broken _directly_ for at least a decade, as near as he and other experts could tell (there are clearly uncertainties in what the NSA was able to do, but this wa Bamford's best estimate). Ditto for the Soviets not having broken U.S. ciphers in at least as long a time. What code and cipher breaking had occurred had generally happened through HUMINT sources, as with the Walker spy ring (which sold old code books, allowing earlier traffic to be reconstructed). Black bag jobs, bugging of buildings, etc. And I have no idea what crypto material Aldrich Ames transferred. > It will take a while before appreciation of the fundemental > revolution represented by number theory based ciphers sinks in. Even > the simple understanding that there exist unbreakable ciphers right now > that anyone with a floppy disk drive can implement is too advanced to > sink in very far. I agree. Even Tom Clancy mythologizes crypto and usually gets it wrong. ... > as someone who follows this technology). All the current triumphs have > been based on exploiting holes (mostly involving cloning) in the > key distribution and management in an environment where your enemy > both necessarily has the complete cipher device and several copies > of known to work keys. Exactly. In fact, at the last physical Cypherpunks meeting I arrived a few minutes late, in the midst of a debate about whether noise sources from audio inputs were "random enough" to defy cryptanalysis by the NSA. After listening for a while I had to speak up: In the history of modern cryptanalysis is there _any_ evidence that a single message has been broken because of something like this? I speculated that any slight reductions of entropy, thus allowing slight increases in the ability to predict the bits, are dwarfed by many orders of magnitude by more practical concerns. For example, the proliferation of keystroke capture utilities which capture and store all keystrokes entered for later retrieval. (I acknowledge the importance of high entropy noise sources, I just question the nit-picking about it when such much more tractable attacks exist.) --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay at netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo at toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay From bakerw at butler.sidewinder.com Thu Sep 29 11:24:50 1994 From: bakerw at butler.sidewinder.com (Bill Baker) Date: Thu, 29 Sep 94 11:24:50 PDT Subject: Think you're a hacker, eh? Message-ID: <199409291822.NAA00793@butler.sidewinder.com> Well, the only thing the pseudohackers seem to be able to do is forge-cancel postings that make them feel bad. So here it is again, with some extra data at the bottom. mjr at tis.com (Marcus J Ranum) writes: > > Sidewinder: > > Internet Security That Strikes Back > > Security software that strikes back? This sounds > cool. Is it like tcp_wrappers with the -retaliate option? > > :) > > mjr. No, it's actually Type Enforcement with the -patented option. :) :) Anybody wanting to bang into it for real can take a run at sidewinder.com (199.199.22.1 for the DNS-impaired). If we configured it with the product-level LOCKout I&A then nobody would get in far enough to bump into Sidewinder's defense in depth. So we left the door open a crack by allowing password-based logins (and what *are* those passwords? Well, hackerfolk, that's for us to know and you to find out). We particularly await the net.chatterers from the dank lowlands, who we invite to slip out of their wooden shoes, clear the pot fumes from their heads and show that xs4all can walk the walk as well as talk the talk. And of course we'd love to encounter Chaos Club (aka the Milli Vanilli of the Internet). Do hope that they can find time between press conferences to rememeber how its done. And our thanks to the uninvited visitors to sidewinder.com who helped us debug in the last couple of weeks. Pity that you can't enjoy the munged gifs of solar eclipses that we set up under hotcha file names as much as we enjoyed tracking your downloads. The breakin attempts were pretty pathetic (we thought the folks from oz were better than that, actually). Sorry to inform you that all that stuff you sniffed and saw was bogus. NetAdapts don't exist, nobody uses a STU-III to login on Internet, and the progress reports were a figment of our imagination. Hope you enjoyed the play as much as we enjoyed putting it on. Now please stay away and leave room in the log files for the next bunch of suckers. ---------------------- begin additional data ------------- Well, it's been pretty quiet here at the old secure site. Seems the vaunted hackers are real good at sniffing reusable passwords from bilgewater.edu and clueless.com but they're not so brave when it comes to running up against a real system. The official announcement is on Oct 11th, which is when we take sidewinder.com off the net. So, you self-proclaimed wizard hackers, you have until then to get to the machine which is on the other side of sidewinder.com. After that we play for keeps, and start putting you out of business one Sidewinder site at a time. So come on, wizzies, make our day. Or be forever exposed for what you are, a bunch of self-promoters who do the net.equivalent of snatching purses from old ladies and then crow about what a tough bunch of outlaws you are. Personal invitations have been sent to sexlessbe4all and the Chaos Chickenheart Club. The rest of you know who and what you are. able baker (bakerw at sidewinder.com) From hart at chaos.bsu.edu Thu Sep 29 11:44:28 1994 From: hart at chaos.bsu.edu (Jim Hart) Date: Thu, 29 Sep 94 11:44:28 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread on sci.crypt? In-Reply-To: <199409281757.KAA13989@netcom8.netcom.com> Message-ID: <199409291844.NAA10028@chaos.bsu.edu> An important question that arises out of this -- do there exist one way trapdoor functions that are not in BQP, the class of problems solved in polynomial time by a quantum computer. In other words, we need a function where the forward direction and trapdoor inverse are in P, but the normal inverse is harder than factorization and discrete logarithm, which are in BQP. If so, then public key cryptography can persist into the era of the quantym computer; such P/non-BQP trapdoor inverses would be the next genration of public key. Jim Hart hart at chaos.bsu.edu From macorp!moonlight!ken at uu4.psi.com Thu Sep 29 12:53:25 1994 From: macorp!moonlight!ken at uu4.psi.com (Ken Landaiche) Date: Thu, 29 Sep 94 12:53:25 PDT Subject: Fortress Remailers Message-ID: <9409291909.AA03784@moonlight.noname> Could one set up a virtual remailer that floated around a set of news groups? The active remailer would pass an encrypted token to a randomly chosen member of the set which would become the remailer for the next interval. A compromized member of the set might then eat the token, rendering th remailer inoperative, but maybe that could be overcome. Although I don't have much more than a layman's grasp of cryptography my basic thought is to consider the set of potential mailers the way one would consider some known element in a cryptographic scheme, such as a randomly accessed lookup table, so that if a cracker couldn't determine the next element in the table, she couldn't determine where the remailer would be next, either. From merriman at metronet.com Thu Sep 29 14:50:23 1994 From: merriman at metronet.com (David K. Merriman) Date: Thu, 29 Sep 94 14:50:23 PDT Subject: Electronic Revolution and Guerilla Warfare? Message-ID: <199409292149.AA06255@metronet.com> What with the governments of several nations around the world starting to get a bit heavy-handed with their populaces, I was wondering how a modern-day revolution could take place in a crypto-repressive society, and how the citizenry could sufficiently rattle/displace such a government so as to regain control over their destinies. For the purpose of discussion, I'd like to propose the following "environmental variables": > majority of the population unable/unwilling to do more than complain. > minority of the population not sure of how to fight the process, but willing to support those that do know. > some number (small) of those capable of crypto or other electronic mayhem depart the country in a short period bridging the implementation of repressive government controls and laws. > There are varying permutations of the crypto/electronic-capable, and the force-capable (ie, hackers-only to bomb-makers-only, and anything in between). > said government uses all means at it's disposal to try and apprehend those attempting to resist, as well as intercept communications, prevent damage to it's infrastructure and physical entities. > at the start of government "hostilities", all intra-national anon remailers are seized or shut down, and access to international ones is *heavily* monitored or blocked (yeah, I know, but we're gaming here!). > national identity medium (card, wristband, etc) in place and mandatory. > travel, currency, and information transfer restrictions (ie, no more "How to build a Backpack Nuke" or "How to hack the Tax Gestapo central computers" books :-) What problems would those willing to fight such government oppression be likely to face? How to deal with those problems? How to organize and exchange personnel/information? How to not get caught? How to avoid detection? What means/methods of, um, dissonance against such a government would be more/less effective? Under what various permutations of electronic/physical bushwhacking would the process be successful or not? Duration? Other than the obvious crypto/cyber/military disciplines, what other professions or specialized knowledge would be useful under what conditions? What blatantly obvious thing(s) have I left out? Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From amanda at intercon.com Thu Sep 29 14:58:22 1994 From: amanda at intercon.com (Amanda Walker) Date: Thu, 29 Sep 94 14:58:22 PDT Subject: Will all codes and ciphers be broken? Message-ID: <9409291640.AA27125@elfbook.intercon.com> > What code and cipher breaking had occurred had generally happened > through HUMINT sources, as with the Walker spy ring (which sold old > code books, allowing earlier traffic to be reconstructed). Black bag > jobs, bugging of buildings, etc. And I have no idea what crypto > material Aldrich Ames transferred. Indeed. The situation is analogous when it comes to other areas (such as financial fraud, corporate espionage, and so forth). A modern cipher is not going to be the weak point of most cryptosystems, unless it is intentionally crippled (cf. export restrictions to <= 40 bit keys for DES & RC4). The (publically known) "codebreaking successes" (outside of contrived academic exercises) of recent decades have not involved cryptanalysis at all. This point is also lost to most people in the Clipper debate. Too many people, I feel, are focussed upon back doors in Skipjack. This seems to me to be missing the point. Skipjack could be a perfectly good block cipher, perhaps a Lucifer/DES-style product cipher with more rounds and bigger boxes. The point of Clipper is that it would institutionalize *non-cryptanalytic* intelligence gathering capabilities. It's the digital wiretap initiative wrapped in a large red herring. The actual cipher is completely incidental. At this point in history, humans are much easier to subvert than ciphers are. Amanda Walker InterCon Systems Corporation From dmandl at panix.com Thu Sep 29 16:01:03 1994 From: dmandl at panix.com (David Mandl) Date: Thu, 29 Sep 94 16:01:03 PDT Subject: REGIONAL MEETING Message-ID: <199409292300.AA08567@panix.com> Not a good time for me, I'm afraid. I'm on the radio at that hour every Saturday (and I don't get back to the city till 3 or so). Actually, I'm missing my show that day anyway because I'm going away for the weekend. Would it be possible to do it some Sunday instead (though not the 9th, of course), or a weeknight? If not, I'll catch the next meeting, I guess (unless it's on a Saturday afternoon). Would Sunday the 16th be OK for this meeting, or do folks not want to wait that long? --Dave. P.S.: My apartment would also be available for future meetings if it's needed. At 7:43 AM 9/29/94 -0700, Sandy Sandfort wrote: >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > SANDY SANDFORT > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . > >C'punks, > >I've been having Cypherpunks-physical-meetings withdrawal since >leaving the SF Bay Area. Unfortunately, I wasn't able to conjure >up a venue nor enough folks for the Cypherpunks anniversary last >month. For October, however, I've gotten a firm offer of the NYC >living room of a local Cypherpunk (Hero of the Revolution). I >also have compiled a list of a dozen and a half current C'punks >and interested fellow travellers. Unless some problem comes up, >we'll be getting together on the 8th of October at noon or so. > >If you are interested in attending, and we *haven't* communicated >already, drop we some e-mail. Also, if you know anyone who might >want to be on the Cypherpunks list, give me their contact info so >I can invite them. > >We'll have ever so much fun. > > > S a n d y > >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- Dave Mandl dmandl at panix.com From mimir at io.com Thu Sep 29 18:26:00 1994 From: mimir at io.com (Al Billings) Date: Thu, 29 Sep 94 18:26:00 PDT Subject: Cypherpunks meetings in other cities In-Reply-To: <199409290733.AAA00433@netcom10.netcom.com> Message-ID: On Thu, 29 Sep 1994, Timothy C. May wrote: > FYI, there have been some meetings/gatherings in cities other than the > Bay Area. Some that I recall: > > * Seattle. May have had a meeting. We had one (which I was at) and there might have been a second. For some reason, there hasn't been any follow-up in the last six or more months to them. Wes thu hal, Al Billings From jamesd at netcom.com Thu Sep 29 18:46:34 1994 From: jamesd at netcom.com (James A. Donald) Date: Thu, 29 Sep 94 18:46:34 PDT Subject: Anyone seen the 'quantum cryptanalysis' thread on sci.crypt? In-Reply-To: <9409280734.AA12090@toad.com> Message-ID: <199409300131.SAA05403@netcom8.netcom.com> Sherry Mayo writes > Detractors of the proposed technique say problems of noise and sensitivity > to mechanical defects are insurmountable and the technique could never work. > > I was wondering if anyone here has any comment. After reading the New Scientist > > I was wondering if anyone here had any views (informed or otherwise :-) My ill informed back of the envelope guestimate is that current art is a factor of one hundred from building a proof of principle quantum computer, a factor of one thousand from building a quantum computer that does something interesting, and a factor of ten thousand from building a quantum computer that does something that is actually useful. Art is improving at (very roughly) a factor of two every four years. These estimates may well be rather optimistic, but they are not totally ridiculous. -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd at netcom.com From dcwill at ee.unr.edu Thu Sep 29 20:15:48 1994 From: dcwill at ee.unr.edu (Dr. D.C. Williams) Date: Thu, 29 Sep 94 20:15:48 PDT Subject: PGP hole Message-ID: <199409300313.UAA15242@python> FWIW, it seems that a hole has been discovered in PGP 2.6.1, 2.7, 2.6, 2.3a, and most likely earlier versions as well. Apparently, it is possible to insert cleartext within a signed message and still receive a good sig message upon verification. Interested parties are referred to alt.security. pgp for a rather lengthy thread on this subject. I haven't seen anything on the cp list yet and thought those who don't read news regularly might find this information to be useful. I can forward the entire thread via email upon request. =D.C. Williams From dcwill at ee.unr.edu Thu Sep 29 20:42:46 1994 From: dcwill at ee.unr.edu (Dr. D.C. Williams) Date: Thu, 29 Sep 94 20:42:46 PDT Subject: PGP hole In-Reply-To: Message-ID: <199409300340.UAA15324@python> > If you would, please send perhaps a breif "digest" of the thread. (Or > the entire thing, if that's easier.) The whole thread is much too long to post (and besides, it has nothing to do with bikinis or Fabio ;-) ). The gist of the problem seems to be that a signed cleartext message can be altered by adding spoofed text right after the BEGIN PGP SIGNED MESSAGE line. If the spoofed text is separated from the original text by a blank line or even a tab, PGP reports that the signature is good in spite of the added text. Apparently, the output file is a faithful version of the original message, but users who don't check that file might believe that the spoofed text was a part of the original message. I have not personally tried this yet, but the thread is full of comments from people who have, including some people who originally didn't believe it but later confirmed the existence of the problem themselves. The bug seems to be present in all versions (even the ViaCrypt versions have this problem). It has been reported as a bug to the MIT pgp-keepers. Caveat emptor. =D.C. Williams From blancw at pylon.com Thu Sep 29 22:07:51 1994 From: blancw at pylon.com (blancw at pylon.com) Date: Thu, 29 Sep 94 22:07:51 PDT Subject: Cypherpunks meetings in other cities Message-ID: <199409300508.WAA06603@deepthought.pylon.com> Responding to msg by Al Billings: > FYI, there have been some meetings/gatherings in >cities other than the >> Bay Area. Some that I recall: >> * Seattle. May have had a meeting. We had one (which I was at) and there might have been a second. For some reason, there hasn't been any follow-up in the last six or more months to them. ..................................................... There was a second meeting - I set it up, sent out several notices, received around 11 replies, then only 4 people showed up (2 were co-workers from MS). Maybe it's because it was a rare sunny day and everyone decided to go sailing, I don't know, but I decided there was not enough interest for me to continue making all the effort it took to get people to meet. Blanc From genie at gate.net Thu Sep 29 23:25:32 1994 From: genie at gate.net (Breakdown) Date: Thu, 29 Sep 94 23:25:32 PDT Subject: cancelling a message Message-ID: Hello to all Cypherpunk subscribers. Someone in here recently mentioned cancelling a post on USENET. It's been put to my knowledge that this is possible, but I have never known what it actually means and how it is done. Whose messages can I cancel(anyone's on the whole worldwide I-net or?) and how do I cancel them? If it helps any, I use the Tin Pl12 newsreader. Any replies are welcome. Please fill me in on this one. Thank you. Martin p.s. Hey Amanda(Walker)! :-) I didn't know you were on this list too. L8r. -- Finger for a PGP key Send PGP preferrably. PEACE - Live it or rest *IN* it... From nobody at vox.xs4all.nl Fri Sep 30 00:08:45 1994 From: nobody at vox.xs4all.nl (An0nYm0Us UsEr) Date: Fri, 30 Sep 94 00:08:45 PDT Subject: PGP sig bug is real Message-ID: <199409300708.AA14369@xs1.xs4all.nl> -----BEGIN PGP SIGNED MESSAGE----- The PGP signature bug is real. I have verified it in the 2.6 versions for both the mac and unix. If you check the sig on this message, it will pass, but the text you see will not contain the first paragraph of this message. It was added after the message was signed. A fix was posted to alt.security.pgp. The sig on that message (not by me) should pass. - -----BEGIN PGP SIGNED MESSAGE----- If anyone want to make a change to their PGP sources to cover the clear-sign hole in PGP before a new release of PGP, here is the change I made: in armor.c, look for the function dpem_file() around line 914. Look for the following code after the literal string "----BEGIN PGP SIGNED MESSAGE-----", (around line 967): /* Skip header lines until a blank is hit */ do { ++infile_line; status = skipline(in); } while (status != 0); replace this code with: ++infile_line; status = skipline(in); /* read only one blank line */ Robert - -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAgUBLomtrx0UusL1b5lxAQHg8QP/ehlKF/SjA61SISmvLvZngY/j8dxGt/cl MjgYE5nJOFwZeYqwPuZ5QNDSDLP08t8AQ+RB07XENVv6B5TfyI+GIULEHYYjay18 r28LRjW1veiHrlnD7V/FCSj0fVKO9cVzrPAm1a/oFeaAeeS6iHeDbQTwdepghgvn g8al1/SOErk= =3EGc - -----END PGP SIGNATURE----- -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLou1gayHUAO76TvRAQGuMgP+OsKh/Ptlo9SSufNuMaGzcvp0CnlSlXj0 UH8TiaOsVVpvwJqotTBLkoDv4r04uWRT/zNl7a0BvBWQE5F1nM8g/cj2nMC7CIQL yudmTBx8Grb50j07bcEVC6hyHsu5gTk5c9Bq+k1Z6vqcZyf1QWu+RoDTSsXUhomD Nwl2PV0Ie1g= =jJgf -----END PGP SIGNATURE----- From bogus at no.return.address Fri Sep 30 01:42:43 1994 From: bogus at no.return.address (Underdog) Date: Fri, 30 Sep 94 01:42:43 PDT Subject: PGP signature bug (oops) Message-ID: <199409300842.EAA05698@ducie.cs.umass.edu> -----BEGIN PGP SIGNED MESSAGE----- From grendel at netaxs.com Fri Sep 30 02:11:20 1994 From: grendel at netaxs.com (Michael Handler) Date: Fri, 30 Sep 94 02:11:20 PDT Subject: cancelling a message In-Reply-To: Message-ID: On Fri, 30 Sep 1994, Breakdown wrote: > Someone in here recently mentioned cancelling a post on USENET. It's been > put to my knowledge that this is possible, but I have never known what it > actually means and how it is done. Whose messages can I cancel(anyone's > on the whole worldwide I-net or?) and how do I cancel them? If it helps > any, I use the Tin Pl12 newsreader. Any replies are welcome. Please fill > me in on this one. Thank you. In Tin, it's really easy. Manipulate Tin until your post that you wish to cancel is the currently viewed one. Hit "D", then "d" (case IS important). This will release a control cancel message, which propagates much like your original article. At most sites, as soon as they recieve the control cancel message, they will delete your article. If you do this early on, chances are the control cancel message kill all copies of your article before your article propagates too far. The problem is that some Usenet sites have stopped processing cancels, because cancels have been misused to censor postings on the basis of content. So, there is a small chance that your article will survive on some sites, but usually nothing to worry about. mike -- Michael Handler PGP public key available 1984: We're Behind Schedule Civil Liberty Through Complex Mathematics From barrett at daisy.ee.und.ac.za Fri Sep 30 02:25:02 1994 From: barrett at daisy.ee.und.ac.za (Alan Barrett) Date: Fri, 30 Sep 94 02:25:02 PDT Subject: PGP hole In-Reply-To: <199409300340.UAA15324@python> Message-ID: > The bug seems to be present in all versions (even the ViaCrypt versions > have this problem). It has been reported as a bug to the MIT pgp-keepers. The "bug" looks like a deliberate design decision to me. Everything from the "--- BEGIN PGP" line to the first blank line is ignored, and is not considered part of the signed message. There's a comment in the source code (file armor.c in the versions I checked), saying "Skip header after BEGIN line". --apb (Alan Barrett) From grendel at netaxs.com Fri Sep 30 02:44:19 1994 From: grendel at netaxs.com (Michael Handler) Date: Fri, 30 Sep 94 02:44:19 PDT Subject: PGP hole In-Reply-To: Message-ID: On Fri, 30 Sep 1994, Alan Barrett wrote: > > The bug seems to be present in all versions (even the ViaCrypt versions > > have this problem). It has been reported as a bug to the MIT pgp-keepers. > > The "bug" looks like a deliberate design decision to me. Everything from > the "--- BEGIN PGP" line to the first blank line is ignored, and is not > considered part of the signed message. There's a comment in the source > code (file armor.c in the versions I checked), saying "Skip header after > BEGIN line". Yes, this was a deliberate design decision, most probably so the same code could be used to parse --- BEGIN PGP ENCRYPTED MESSAGE --- and --- BEGIN PGP SIGNATURE ---. However, this is a _huge_ security hole, as it allows the nearly-undetectable modification of PGP-signed messages. Mike -- Michael Handler PGP public key available 1984: We're Behind Schedule Civil Liberty Through Complex Mathematics From barrett at daisy.ee.und.ac.za Fri Sep 30 02:56:16 1994 From: barrett at daisy.ee.und.ac.za (Alan Barrett) Date: Fri, 30 Sep 94 02:56:16 PDT Subject: PGP hole In-Reply-To: Message-ID: > Yes, this was a deliberate design decision, most probably so the > same code could be used to parse --- BEGIN PGP ENCRYPTED MESSAGE --- and > --- BEGIN PGP SIGNATURE ---. However, this is a _huge_ security hole, as > it allows the nearly-undetectable modification of PGP-signed messages. It's nowhere near undetectable. When you ask pgp to check the signature, pgp writes the signed message to a file (or to stdout), and that output does not include the {header/junk/extra stuff} between the BEGIN line and the blank line. I don't like this bug/feature, but I don't see it as a serious security problem for users who are aware of it. I do think it could be a problem for users who are not aware of it, and who incorrectly assume that the "good signature" message means that the {header/junk/extra stuff} was part of the signed material. --apb (Alan Barrett) From danisch at ira.uka.de Fri Sep 30 03:03:21 1994 From: danisch at ira.uka.de (Hadmut Danisch) Date: Fri, 30 Sep 94 03:03:21 PDT Subject: PGP hole Message-ID: > 2.3a, and most likely earlier versions as well. Apparently, it is possible > to insert cleartext within a signed message and still receive a good sig > message upon verification. Interested parties are referred to alt.security. > pgp for a rather lengthy thread on this subject. I haven't seen anything I think this was posted as a bug of 2.3 long time ago to alt.security.pgp. I thought the bug was already fixed... Hadmut From usura at xs4all.nl Fri Sep 30 03:27:21 1994 From: usura at xs4all.nl (Alex de Joode) Date: Fri, 30 Sep 94 03:27:21 PDT Subject: cancelling a message Message-ID: <199409301026.AA29567@xs1.xs4all.nl> In article you did write: : Someone in here recently mentioned cancelling a post on USENET. It's been : put to my knowledge that this is possible, but I have never known what it : actually means and how it is done. Whose messages can I cancel(anyone's : on the whole worldwide I-net or?) and how do I cancel them? If it helps : any, I use the Tin Pl12 newsreader. Any replies are welcome. Please fill : me in on this one. Thank you. Check the control newsgroup for the exact format of canceld messages, you can fake a cancelmessage the same way as faking a post: use inews. (in a Unix Environment) -- ____ Alex de Joode \ /__ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- \/ / "It's dangerous to be right when the government is wrong." \/ --Voltaire --finger usura at xs4all.nl for PGPpublicKEY-- From mimir at io.com Fri Sep 30 04:47:38 1994 From: mimir at io.com (Al Billings) Date: Fri, 30 Sep 94 04:47:38 PDT Subject: Bill of Rights Message-ID: Something that was forwarded to me... ---------- Forwarded message ---------- From: pod at lists.acs.ohio-state.edu Subject: POD E-Mail Bill of Rights Date: Tue, 20 Sep 1994 14:55:05 -0400 Subject: POD E-Mail Bill of Rights I'm enclosing a document put together by Frank Connolly at American University that is the most carefully articulated document establishing networking protocol I have come across. David Way ================ TEXT OF THE BILL FOLLOWS =============================== PREAMBLE In order to protect the rights and recognize the responsibilities of individuals and institutions, we, the members of the educational community, propose this Bill of Rights and Responsibilities for the Electronic Community of Learners. These principles are based on a recognition that the electronic community is a complex subsystem of the educational community founded on the values espoused by that community. As new technology modifies the system and further empowers individuals, new values and responsibilities will change this culture. As technology assumes an integral role in education and lifelong learning, technological empowerment of individuals and organizations becomes a requirement and right for students, faculty, staff, and institutions, bringing with it new levels of responsibility that individuals and institutions have to themselves and to other members of the educational community. ARTICLE I: INDIVIDUAL RIGHTS The original Bill of Rights explicitly recognized that all individuals have certain fundamental rights as members of the national community. In the same way, the citizens of the electronic community of learners have fundamental rights that empower them. Section 1. A citizen's access to computing and information resources shall not be denied or removed without just cause. Section 2. The right to access includes the right to appropriate training and tools required to effect access. Section 3. All citizens shall have the right to be informed about personal information that is being and has been collected about them, and have the right to review and correct that information,. Personal information about a citizen shall not be used for other than the expressed purpose of its collection without the explicit permission of that citizen. Section 4. The constitutional concept of freedom of speech applies to citizens of electronic communities. Section 5. All citizens of the electronic community of learners have ownership rights over their own intellectual works. ARTICLE II: INDIVIDUAL RESPONSIBILITIES Just as certain rights are given to each citizen of the electronic community of learners, each citizen is held accountable for his or her actions. The interplay of rights and responsibilities within each individual and within the community engenders the trust and intellectual freedom that form the heart of our society. This trust and freedom are grounded on each person's developing the skills necessary to be an active and contributing citizen of the electronic community. These skills include an awareness and knowledge about information technology and the uses of information and an understanding of the roles in the electronic community of learners. Section 1. It shall be each citizen's personal responsibility to actively pursue needed resources: to recognize when information is needed, and to be able to find, evaluate, and effectively use information. Section 2. It shall be each citizen's personal responsibility to recognize (attribute) and honor the intellectual property of others. Section 3. Since the electronic community of learners is based upon the integrity and authenticity of information, it shall be each citizen's personal responsibility to be aware of the potential for and possible effects of manipulating electronic information: to understand the fungible nature of electronic information; and to verify the integrity and authenticity, and assure the security of information that he or she compiles or uses. Section 4. Each citizen, as a member of the electronic community of learners, is responsible to all other citizens in that community: to respect and value the rights of privacy for all; to recognize and respect the diversity of the population and opinion in the community; to behave ethically; and to comply with legal restrictions regarding the use of information resources. Section 5. Each citizen, as a member of the electronic community of learners, is responsible to the community as a whole to understand what information technology resources are available, to recognize that the members of the community share them, and to refrain from acts that waste resources or prevent others from using them. ARTICLE III: RIGHTS OF EDUCATIONAL INSTITUTIONS Educational institutions have legal standing similar to that of individuals. Our society depends upon educational institutions to educate our citizens and advance the development of knowledge. However, in order to survive, educational institutions must attract financial and human resources. Therefore, society must grant these institutions the rights to the electronic resources and information necessary to accomplish their goals. Section 1. The access of an educational institutions to computing and information resources shall not be denied or removed without just cause. Section 2. Educational institutions in the electronic community of learners have ownership rights over the intellectual works they create. Section 3. Each educational institution has the authority to allocate resources in accordance with its unique institutional mission. ARTICLE IV: INSTITUTIONAL RESPONSIBILITIES Just as certain rights are assured to educational institutions in the electronic community of learners, so too each is held accountable for the appropriate exercise of those rights to foster the values of society and to carry out each institution's mission. This interplay of rights and responsibilities within the community fosters the creation and maintenance of an environment wherein trust and intellectual freedom are the foundation for individual and institutional growth and success. Section 1. The institutional members of the electronic community of learners have a responsibility to provide all members of their community with legally acquired computer resources (hardware, software, networks, data bases, etc.) in all instances where access to or use of the resources is an integral part of active participation in the electronic community of learners. Section 2. Institutions have a responsibility to develop, implement, and maintain security procedures to insure the integrity of individual and institutional files. Section 3. The institution shall treat electronically stored information as confidential. The institution shall treat all personal files as confidential, examining or disclosing the contents only when authorized by the owner of the information, approved by the appropriate institutional official, or required by local, state or federal law. Section 4. Institutions in the electronic community of learners shall train and support faculty, staff, and students to effectively use information technology. Training includes skills to use the resources, to be aware of the existence of data repositories and techniques for using them, and to understand the ethical and legal uses of the resources. August 1993 ************************************************************************ * * * Frank Connolly The American University * * FRANK at America .EDU 119 Clark Hall * * (202) 885-3164 Washington, D.C 20016 * * * **************************************** ******************************* David G. Way dgw2 at cornell.edu 14 East Ave. Ithaca, NY 14853 (607) 255-2663 ========================= ED ======================= Ed Gillen NYS Education Department Office of Human Resources Management Room 528 EB 89 Washington Avenue Albany, NY 12234 (518) 474-1032 (518) 486-5631 FAX BITNET: egillen%sedofis at sed.bitnet INTERNET: egillen%sedofis at vm1.nysed.gov From merriman at metronet.com Fri Sep 30 05:03:21 1994 From: merriman at metronet.com (David K. Merriman) Date: Fri, 30 Sep 94 05:03:21 PDT Subject: Bumper sticker Message-ID: <199409301202.AA19594@metronet.com> For those interested, here's a .gif copy of the bumper sticker that I came up with, as a test for the bumper sticker stock from Williams & Macias. I *was* going to just go ahead and ftp it to the berkeley site (probably still will), but it turned out small enough that I didn't figure folks would mind _too_ much if I posted it, as well. Printing it at 300 dpi resolution on a laser printer (landscape) results in a "life size" image. If there's any interest, I might check into having some *real* bumper stickers like this made up :-) [ Section: 1/1 File: attstikr.gif Encoder: Wincode v1.4 ] Original Input File Size: 18101 begin 644 attstikr.gif M1TE&.#=A807*`8```````/___RP`````807*`0`"_HR/JHJ:JKK*VNKZ"ALK.TM; M:WN+FZN[R]OK^PN\"3!,7&Q\C)Q<',S<[/P,[:<,P#-M?8TU=A7V, M$TYN35N>#8AN_*VWOMP>+_ at .;T&?+G/_?JX?V"]OYQ_`@7OT4;-GD%V^A.3X MW?/WD.`<@1(KTC%8 at 6&R_A@:PSFD!Q&D13 at 41YIL@W%"1V4O5E[[N$]=Q)-L M2M*\:29E!)ZYHNG'6TCY'DX:I:E4!UJP+ M9SJ`ZC0%6'%2M]XQRU4+6JYKT[*8NF!L5!5RZ\6"6]"K6Z5Z]R)HZQ<%WK]U M\0DN?%#6X#R``T=IC!2RXQ&+`R">>^)R4'1#A4[N(AEGZ,\?*E\V;$)SV;YY M19)6RSKPZ-<<3/^K7!KQYG*=.=/.,OMD\-\8%I<<+D&U8N1&8Q.'PKQB].?) ML;)V#D(Y40;;,WK\0:R#;;M<%'[%[H7:P<06IQ-T3YVI==>$Z9-(^-<`9OL) M_KKOY(\0@/J9E\%@YF364`DOQ84>!`+6QUN!W\$0'A+DZ8"92MBAEEI8X!&( M8(8<-5B??@#&&@%^`OG'GV7\:EJDEB0T\>6"5,7*9 M'9@\+OAB;&2JJ4&-WB4)(97GN22E7C[^F*.8=W84)WU->IEEFPQ)*.";-QX@ MXII)+BJ?H)`BBENDW4WJJ)^Y:HI!KZ MJI(_L6HG4*=&5.F84.4YTZ!+%LHH3[S.J&BH1JHX_FR0P!Y[XZJPFAJFI*TB MZ:F"NYI9+;:+PDD1G+H"6JIKJ2;J;+3E_CJM97*9VZ>MX9Z&[)_74HMKN<&B MFRZS>+*+J;KD`KDGK1.NU0^T]*XD,)JC-?6EL);.>G"H)`IT+L29>C;NM/#) M6G&_^K+)\5 at 14UEFH/"2I>V\#IZ,,J7&AAQKG0R//.&S+]_;;L"?[F,PS/`F MG.W#OO4LK\/WJ=PI6#1S6>EMDHD,=$,9>[RQS1X+C6;2,?M;5\H)@NPRR\-X MC?2W8H_][LTR9ZVUTF2SC7.K];J;-LM8_[PTN&^_=&C>>GEL?=[T.4 M)QNZX&>[NB[L)YN.,):8?^PVZ*?I_OG=@7M^-GNHJXW[ZIMV3#S7:K?NNL6B M!R^\SZ7SOONMR2M?L]6+4W]Z\9M[#Y3Q.XO-_?2^_UY^[.>C+R3[X+M_>>_2 M5[^^T?4K%W_W[]-M^\(:GSF[^^4*>*]+G_,R%\"ZB>](S$/@ZHJE.?U%S7P. MQ%_S!B?`[1V. at NT[X/`P>$&\A9!^&P1A"B`IZP=@I$ MX0 at YF#\+LI!_VN,A#.UWP^]ACW@:#%L#H+XA)WV#,9*C&)3,R= M_A/AUT,15K%E612B!X at F.R$"\(A;])8+FYA"'/X0C5!LU`>[%[P,1 at F"-*RA M%M.HPS+^[8I4?&,?VVB3.,Z0A%W\XQKK.,4\PFA91I3<&=&&1Q;IB5!%9%U, M$E=(-AXR'9@$9)2&^#U!#E*,JGHBOVP8235N$I&IU*0?7>G)'HFRE95(7G. MZ'DS+`P]ID,G.KI`,E.AU$S3;!`ZJ>L\");Z+*DR7>I/N<53C\U$UC!7&M/4 M);2BJ.EH2C_Z,FG>$ZA!G6DBG7G1Z$GTIS at M:$YO1M3E08Z6%K4>0(]:(:IJ M5*4,S"?C?(@7KJ)TK!2E'1?+B-6S+I6(3V4E3]4:59 at VM9]SI=,T-[ M!.UEA2E9OIKRL8V*+%G9_HK;>7[5IIAB;&.3&S/'$I=#IJ7<76U[V[WJ5+M; M.ZP$7YM9C&921-6%)G0#.]OH3G6\2-4MYH`+5><^3KH$E*I\2^I;@IY7?-TRY5D@,%:V].5U[S'W2=KV?M9"&MVL["UYX&+FV`>#MB'^=69 M22LK6K?"U\%]W6_0>#M8[N(WPWL2)V5IJV+\=GB.+'[PEM*;XNV.^+DQMNY] M^8MB+V[TLQLVT8(A6V/J)IG(Z]TL9[^H2KK&-[@O+F:!#?QC_U99Q[L-J'B' MS-DL>['(^K7RE7>)8Q^;6,$7QC"5F_O at I-;W at 4M&T9'=W&`2YWG%309SA#M8 M_DLIY_B_6^YM?V&\9RUS>='*G>Z79_QH2+OHSF4NM%N#S&#A`GC-&FXSEGN< M6A"O<\+A#7.=+9SF3#-:SY;F6U)*.+:XC35]=ASJ[FTXT=C4-YS?SNM%G=JTM*TSL8I.:TK\]]F(YW>(^ M9W1%KA2TFD$M8#.'6-6]7O6N76U&99,WVNCFL+:1[6T at .WK2GNZVF-F<:G8C MNME=EK>]_9QM,BLYX$@&][P=3N-7CSK;4.ZCN9=-<'?'>]T(_G?#I:U>8&=6 MV,.^-5V]G;)39WR/W]X MXQPW9T,'+D4G6]N.[VZZP)'>;I7+L]-1A_I\@_["2\N:YC)6N,LO7G6K._WI M^BYZ5>]M:Z#O.'D>1_G:0^YL(0^]X&9_*]D M'[//TQ[IN1/>WEY'\]OA[O>Q6VZDL*8XPA]M=Y at SFZEQYU_F^TY,>(M<\$97 M5N3O>/FE;WWQ-R\LWBL=>%B3G,(_MVS$.__=XYW>\%AG^5`/+V%^JU/Q-4=[ M\)E;8FA/&??ESK?MLT[Y:L=`DV'OH2?[[C ME2]VR1NYW^>G]RQ7+V/`_HU_V^Q'-?,#[7R=(Y[@SH80-X;@X(>N['>12(<1:(2O!7 at -X%>1?(8V#W@&0T M?Q37=JWG>ECD?Q^X@:F7>/)7?0DH?1GX?QTX=1X"@3(7 at CEX>W3W5L*W>35( M at ZSF:T.H?H9D[T'1$V8=DXX87JWA%'H9XGUH@\N'@.W'>DBH@&?W at X`'ASM(@.D&/6BX MA51(?=$W at QAH&$681_?V at A(X at 3ZH1F+8/[7"@]O'=DQ(>V+AAA'VA89(=4&X M_H<-F'1[%W])"(7?QHF:IXD6EW^(MT>/"(;;$HFS)HB'=H3MI8J=Z'8^^$A: M&(`F5XH5*(2YIXCAQWB7B'R/UX9L:(2H!XK=9X"_N(F$^(RO"#]B^&2ZE(C+ M&(K3I8M*MXKC9HG$&&M;&(/%B(OFMXU2N(N`J':G2(NZIX%7-XYR2(23B(S" MJ$I7"(RD1S2RU8O/)HV&1HWJR(6L2'14=8X9=6FQ6'>2V&A'Y(@PF#7L^&G0 M>(O_>(WN.(>?])#IR)%I6(G<>&+XF(_:-XIJZ)&=58O[F(KB&)+!R(SZ"$EZ M6'Q:0I)K6(_`^(F(Z(6"!F2`4F2W0B1Y9B%:]250ZF5LKB( M+50CF6B18WB7]8"6<2F39BTF7[4 at AFO)^44F697F: M2DD9*TF5UZ>07&F8.VDMY5>3?UB;>VF:N%EQ)+.9NR=^1IF:;1F:;[F64HF( MZ_B.LRB#79%;C1F4/&=_DRF`'(B'U].'B)F86P2;?4F0L7>'3QAZ1763%4EM M"[F=I<:=P:F;ZWDTX^E,_B4HF\<9G^HI;IDIFG*BE^JIF_G9G2QHG3FYFM'1 M++V9G+Y8GO;Y<7&X@'#9F=D)6^=IG/JIG_S9GIQ9C4;)CPH*GKZ)@LR9:TN1 MG]!)?\4YFQIJ>0`:H#8F,=WEF,[8H=B8C`9JB at 5:G=G(4Y at UGR+:H-)YD;O) MH0'3HF[9A'UG/4WHB8:EBX*>R'%&>94H5\):4,V<4\*I:() MH_;XGNXYD8]9I5="D>LW?4Q&H at U#H[\)A?'Y>3'JI3UXH#>(@ADJIA&ZGT3J MI+*<1"I^#::-%ZJ9,NG-ZRJ-&*J at KZJ!UR*5>]D-9RIV`VJB:*:24.:L) M1YNT]JB'RGM[FI[]J:C&UJ9LJ:-:.IR+>J2#&*N0ZI\S&JGSN*R)FJE\"%$@ MY92>.JJM7FJMI>8R\BIHE^J-?.JBZ"G#]&*?LRF'E M-S'KZJURN:OV*JWI.JF/>97XVJ-C2JF8E:WZNJ^,JJKP2IZ7":?Q&JY3>JGO M&B\46I_T*:K$VJU-.JZT>K$[>JV5!YD4FZ82"JI]"9SMQ*+A^!2P*JZG2K#& MVK$'2Z[1FK"_:JN%VII(%:1J::YXFJ(M"ZP[:YK#_DJRQ^:KW5>RO^>NT2BI M,7JF M3"NK"ONBS6BH-7NV0HNG.2NS70NV!CLB+I9+8?N4-JFMZ#FT8^NC6)B;=+NU2QMKJ>H3*CMKAZ5LNYPVNIFLNQM;J\J`NS)TNO1=FZX7JNE at NZN0N//IN\I=NV!HB\E&NG MNFNZI+NQX#NQU3!`'_NY_NL)F- at YN@7+MFOKN]VKF";[OA&+N\>+O%E[K_>K MMF::M`GJOW"+M_KGL>:+O3H[P,U+LZ8:O_3[&(>XE#=7O'9;K0C:N_-[N at WL MP%[[M=]5P6;[K;UJN^-+G+$;OMF[P/S[NQX\N0+ ML at PJD'ZKO0S,N\KZP*N:NO/$N%UXN*Z;P at J\PBRLM"K,O!WSB\2H M6;%.?'#ZZ\..96 at F*52R[(VW/,L3K,C>S*U-\@H.\'HH;+++,T" M/)8%_;'H_$NE.=!5"=*!V9+N[*2Y;-/\BM.1J3/6_DC35(J5*;G+0=U:8-S* MKNS+=CG/`8W'.DR-6F>6N?+/)?V7VCS2]AO%4LQ2.8W)R?:\=./30JW08PF2 M0WV=A+S/1TVX`@DL)XVU^5S6YBP_<6R%4WW5W4JMS*9!W7'QVPG3O73OW5R^+6#LW-5,W09PW)?J+4B4VA=`V`$!W-%GW$ MFFVC at AV11$W9$HW8ISV3+/VT:=W8,6W0=SV2D5W&B&O:LBW+:RW6HUW0E,O9 M_'R]9DV'?!V*G;W'*PB at MZW:;:V,A0W8+IRW>RW;18S9]>G(&9L-'>W7@]M+ MS?W3E;W856QEQFQ1WLVI_B8-W%'M5,EMV<[=D(&-U(*Y24;]VII]T*,-T.&, MS%DL$MH]M=K,E%@;>(3=SL>]U>0M=.G]N*`MW=P-RS`=WUBMX*+-I:SMA/3= MX!$>V["M>@^MWYF\N12#WNXTT[#]V-?JG,#YVTPCSG1\C1D>W(8UW`[.R]_Q MD*$U-YPRXY2=T9>'X<,=X)5*O[0-U_FMQ^PIE*ZYW=^=UWEIY$B>N&?)X!;: MTEOMV=[BU2Z]WTZQD5,^H""6Y7[YY`CWXU:NX2TMWD2\U!\.L5;\5V"RWN$M MX!W.Y'3NAWBMYJ1M%_/JXF at NTH$L=<,5Y4W=Y9"]T`4IZ+=\"ME)Y/3L M_N$&!,>M1,):CM]L;>>L&NE0;N`9TIQ%BN;33=T:>^EW[:%I.[?C7':J3L5" MK=>%B-JEK at K)#`EY7K1`8.9@&>I%!^F/B\M'*.0IG><[[:J3CM*[SM1W>UHA M2VV2G.G'SI,82\YR'A\TD>NA/)TTWARI1AVV;B&T+BL( MW.3$G>V"?=D;7NWQ/II_O at N/+N\7`>!6?>_[G at AA;@OVSN\DD>\-'?`%KPC^ M7 at L`;_`U,?`EOO`//P^)7N_G"_%DH.0.7_$9WQJZ#0P*K_%E3_)7T?`BG_(M/Q$<'PPH[_*@L?(%//,WC^_R_OT,,H_SP%'SP-OS0?\& M2^X,/"_TX/#SSGOT2^\&^OX*1L_T$4SP!1[U56_U5X_U6:_U6\_U7>_U7P_V M82_V8T_V96_V9X_V::_V:\_V;>_V;P_W<2_W:_W>\_W?>_W M?P_X at 2_X@T_XA6_XAX_XB:_XB\_XC>_XCP_YD2_YDT_YE6_YEX_YF:_YF\_Y MG>_YGP_ZH2_ZHT_ZI6_ZIX_Z at T#LJ<_ZK5_U)N_ZL2_[TH`P687L4E#?LZ_[ MNQ\0U[[;YG[L3G_FMPO?@SX7M\_[R:_Q._[[RXGMOH_!VSWAOP[['-[JPS_) M$H_;Z/[!-J_\8P_]UN_\_KH>Y-&N\]N_[NI]S<'/J-X]_12>_J-.\=]_],PO M_B1-_M4O_UX>_C2N_P00`U.7V]E$.>FS%].(>4<:/+SQ"WU_<7./BSD'34 M!K;*!W8UM[76%GGF%F0:FG6H6EA[F[O;^QM\DUBZ]!@YF6?Y)%OMV9J]!1[K M_OH=L9(^/%]_G[_?7[^<+#[FSJ'3H1-GN)#U`!4;29)@3`DO MA1"M$$V at RHE"ES(L.C-G5*E3J59U-G`E&I\_ at 6X=UY(I-JA'$;XH2]9IO+$E MTUIU^Q9N7+D\Q235:I=K5[P[T2H]%!:FT9,NU\YK6_'P7,6+&3?NR!^Z!*MAC8DA()S/%+`)PD\*.29U[*]T MFVOO;W7MW^_/NNFE9.3%S^?/NKT*VY``==C[SWX M0E/P0-CDPP_"""6L*L#6ENO,O]<`1&Z_ZMI9T+#V+!SP-^<>:G#"%%5<<:,* M.[R0MPS+^RX/]PI\"L6?QJMQ1!=?]'$'$UD
    TWW$W_=?967!/%UU.$";X8XP at -9K55&R7^E]Z/0:;UV+PJMEC9 M8U.N-U]],WX9YN'N9=E8D6=E.&!FU34YXIDG;EA>FF,>FFC&-A;V"2U1#KE8 MCA5&5V>7F5[0*'^E9FODHK7>>JJC[4UZQZ97%AMILL'-.9T#>?:89:N75;IC M_J[EGIM"L[UFV^RS1\89ZK1WAACOO-U6>1YG`"7!A0#L9^O+70`?"X6[TJ]IHO at 6\V8D+<@:LG.5^AC9N*>^! M(10A]H8%P/\A$&1\"Y[P"DB\_OG/=^:+8>_K%Z5E2C$S*WQ.\YLH^1]".?R+B^.[J1<(2\H,-(A,CTR3",@'SD M)259RA&6JI)*O.0@@[A%$GYNCHD\(AME:$E%1LV&IM1E^+8D2CO>\I>SI.,= MA3A$6'IRD4O0X;`^"I2 M&,$TIM<$:E#C24Q7OA)E.[UI+2'JS$;*LZA9-:KTD-K4DYKTJS7E*$_#NM!D M2=6:4^CH6+&)58EV5:MQ'5A/<(K)'X[K,D^%*C`S1%:F>I6F8E6J>N`H5\-6 MBZYP!>M?[2HT;9:3A>_JZU2Q6E6WCK*GA]6LP):CV,7^-*UJ;:M3]RC4_:$5 M_K"@]2MC!2M:'!5VL[%]5&>MVEH5C#:SCUVI:9LVV=!2$;>!_2Q;L9-+V1ZW M4;2][&^!NUK6-K:+>JUAMGR;6M52UJWC9*X4D=M=SHK'L\.5*4D?VLK2QK%" M,G+N>(/[7)\2EYN0]>Y\W54F27#QKIPR+VPY&2SU;A<,01.C=I/J6OH>N%?V M[>_D,*/;NO(68?\M\&T%#$@"6Q>^"-9PLO*8NZ\U;HR)?)\9XY=[#=[O MD"%,O1,#.]+![S&QOHR:6S[YTKV\,9FH'V]JS)G:QW7ML M92?;V-^6MUO"?>XXV]A'F7%LK M,[#?4#9#MB-Z88E/_.`9_E^,-\6]2G+GV]P*AV9=.N8M/1>C^7KG*CBQKJ80<(X#I>4DPW'.S%W=B%M@["K at _\ MZ\B>`S&";)@#V(862<*[NPQE/;NTMRGD3[%]Y.AZ>\!K77@()ES7 M?L\?X(-.]9B_\=>5MRGBCZ[XD].9S]@.A;.OC7+)6W0D:F=PU8F>^;B/E?-` M"=CBTZQZQ^L/\J0_?0A3;_M!,YSP+XZLP6*?Q]E_WN%H_C?YZAGYW8^O]P\7 M_OJJ6W]UK+\T7I-Z$.V7_WJ=RR'A?'?]\[46'>E;?N@@+[KWSUQ\D&X?^6FO M,.C7$'[GDY^7;AK^ZB__M/%/'8O<#_:.KX/6S]&^K\2`3ORL#__HQB&N[_=J M)?@B+?#:+U*TCP`3:.8.T.G`K_ETKP$G#]-VKLNH3_W^#P`'<)8PT/,*$`7] MK?LPP?Y`,`3O1_\:+P)5!NWD;IZ."GVX*@/W1M\N[@)X80;#KP;%YP8KD+$& MS^IXC at E%KU6`<(6X3_0 at D`+-2@'O+PEK9P1),`<=:P)-3_-44/96$&JL<-UP M,`N-X`CKJ0OS;P-A\`HY\+EV\-T at 10#9B at H-30V[_FW_;N\JB(<+XQ"=YI`. MUY`(BU#YNL_B]HVCQN0"TS#^>/"J+/'QMI` %YAE#=%+'TZA#@&"\4`=$# M):/DLH\279`!&Q$4,^$-%9`3E\<3%Q#N;/$6/_$5'Q$2!RL5CRAG_K#N?*\- M]?`!%S$79Q%Q#!#`QB#T1-$.O8X7FPX*?M$@@K$2\W#4.C`!"7$3E=$+7Q`9 M^R[EO*X43?$\=$?FQ'CY'$><9$4=7$8Z:`<*&E;T(8 at G9&PQ-$@ MV:$0%Q+U\O$9T3$="U+ at _N!N&L$P(^-&(&UH(Q^2&`_2&&\P)$62:YB1VRIR M)U$R)2=2(B.R_DK!R5H2)K,1`2DN^?Y"$Q42)Y?1(RG2)WN2(_51&FN1&I.@ M*-%!(Y&2&Y52_@:1\F[R*8M&)Q/1)*6R*DLR+5=R&V_+?XSRZF*2$3N2)(>R M*>&P+`_G+,>Q`:P2*/WR+\LQ,)ER(.*2*P?2*\TQ!;6Q&U>'+/L2,('2+=^R"Q"S/`:(+M.@!X6/-G+/*24S)Z,R**$1+7DR&E42*[-2"SP3 M%4!S,9-QUY:R-/-2%E%3;BA3+2V3*H7S-34S-EDR&6 at S:6P3'@4Q,X72-Z-S M_B8QM/:&TS_744#O"R*!QDK[ M8$;74TL5E$NEY4P?H4@!-$`C[B?QY4T'%$LQ=$VE_K--/\Q+'5%).;-!B30W MLPLK$W1/%Q(\:Y0X!?-*GY,UJ11'99!0X]1,_S12_Q$_$S5#%]5',747`U50 MG71,4ZWB#E54.549/954OU/F%K47C[%.+[4YLW16A732[DL2=A5<]DY5\T0U M&35,^_-$(354HU1**2](;114];,Q-]6[='57=74#[JY7>Y5,?Q4O&Y)8)[5, M^7-9P558A]4.%"P_&?!.LQ5%PS*V8D%:K?4]W]5=Y75:M;4FV=58Q75<+?1( M%0I1+U%6+77(TO5>U=2PJ/5:WW7OW%4$X!5AU=5>HU!.D=,ZE0=$\75=S8\M M!9%@TS1%BRI>&Y9A$[9A_A?V84_V6B-68C-54_=Q5"Z6.CTV^C;VQ3HV1VV5 MHG at 5[W3V$:B59ZNU6GT66X%V6O%496435TW5XW#N07&6/4>T6\US0D6S.COK MO026"7"SCQ26:TN67NNU9XL66^FU9(\6:9TU6<$)5II63]F/E>CT;%EV/L-B M3!]5FMX3"WQU9Q=6;W5V*"H`<"/B[OS6;*M61OM5Y>"O'W4T0@,6:SFV65^B M;M'4G$(V;!.V7L?66OD67HDV<[LV90N79OE59K]*<3WC7P$V72?642GW7&=B M_M5'9L+>R1"*&%W%K%6H-%TF3%V+G-EAG]WF]EGG/5W.G-UQ] M]W<33TC:PTC%M-*HUWB+EVZ35WU%$E;W-=V(U_CBMUS;'0KE1/ZMX%C=H&]-8([*781^![W=X)IM((9.(#GEW[IK(`3%W]93FSC M%6PM%WK-5H/!MS!#V($?V(/!5()'>.`.>-Y4F&AWV%>%5G0U>(,EU'M=V&[% M`80'&%]M>")Q6-*X]G/-MX<=5HJ55UN!F(C1MG?-%12.&(DE.(A=-U\EMX3_ M;G-I0W='EG-'MGG7^(E#MXH5>&HY>(BO^'8B4U)?_CB+JY>&+7ARG0ATU1B* MR?2/>3AZH1=ERS=W`;F,W_ at NM_>"W9:)M]B.XY at Q.YB"\_A0QICWR'9L4UB* M$5F-/U>4SR9]USB0479>(Q:(*5GJ8C62)?D;+1F/;Q6+OWAI7AF at XH&0#QF5 M%[F-T?AA at 3:- at SEW"_F3PW=-5YF5-1:2Z]8()]F6DY:6];5U;UF3'8B-%SEM M;I>74;F;2_F75YA3E3F:$?&*]9A28QF3H56)O[2:O5BK!+EH>15.A=:>!U>0 MC[EL$Y6?X7B/OW!49UB@`WJ: MD]B@,QFA,PZ%P=EV0_F3_O>TGY=9-<\92'=!G669=0&::E_W?C?ZZ5(9I(U9 M>I,9HB,:6>]XI-/6 at Z`Y:D]ZG?G8F3-XGU7YIG_::8,ZIPM64WP:IX'ZHE^Z MCS%X58\:J0TVC`%X]`:ZBRM9I<'XJZT9IJFZ"W?ZG:&58BG:$U):J=TYK0WU MFI\:J_T,D"^7GNE9FU?4K,]ZEAM7B.O8HJ,:K=MY^7!9WKYYF*>8DYM7KZU: ML#^V4/\:L"6[K>76I=&9KY$WKG'-FT_YHWEY<\6931W[L:6V?1T73*9TCGF. ML#/5L&D'F9UGE]'7B<^8F&=:835TK[NZK^=4M8&!JPE::TN;=+-:JH>:%D?9 M_I3S.K0;.K;_]GSM>KFS&7=!6J87>TM)^[(M^Q0INQ>"F[=76J[!NK*[";EM M)Y_U%I_Q5F1!@V_!]KUW]J[Q-ELAUKX#%[KO.XKW.[V?VS=WN[R+U7F4E1O` M^ZKI\ZU!S84#'&._Z[-I6[G)]KH]N90]VZ.S6;IIV\(YF:RWX9^'5+M]NY57 MVU9;&Q1?>W-R6QP at W+FA.+%?_(]%N\,]'+(MDG';59A+$[J;@)3!+S+DN[C; M3+]QN[E!.<)9W+]GW!?F69I_H<&5W%X7^\B-?*&+',KYX9);I):OG,N1'+2I M')&[7,S'7)*P^\*EW(W)7,W7W(P4FJ95G,WC7,[G_IS.Z_RP[1S/\US/U2*1 M#WG/_QS0?U/ORK>>.]G0J3C0$UW1ZV2ZO[R_>=BZ%UW2)]TB->*ZG;NSSUS# M*9W3.]T-BSS));G%JYR_-WS3:]K34UW5!X6;O=S5JQO-+_UYISS&%7O3B=RV MT_P?(&!>1;FE89F[5UW8'="'U[O/>WR0"SW#\7EO2WUW[WEOH9UP,U>^=_AG MZ5O7Q9)]_3G(3_O&AQW<$>O+T[@E'MPL,)V4.UK6:QW&7QW#_1S$`=&I&9R: MP]W>7R;4CZ2S4QG6;]W1(3W?;U8XN3ANY_K>#QZY<%WA9YO*T=@PUXW@$WRI M$9[B$][4-;W":)BL>Y(O,NF/=S!%="\M,K?V76T.>Y1.:X>'\ MX0TLY4E\Y5O>YL=Y\SK>D6O^YGN>1_]WWL.[MWV>Z#4,NZ7;DPO=H47<`H/^ MP+>\7=P:6'^]Z,$]G_G=T;/^=K?5#`WQJG^Y[I][+:]ZK?&9Q6> MUB^>L1&2)&:>YI-ZML2;J:,NR_-A+=->> M[AUEZ$]>P,\^[W4"L_E>WS_[E\D`U#-?\/.:Y&W]T-M>XVM=D>$^[IW^Z?>^ M_,2^NQ]?[\U>U`77\#.-\ONAOPM?W?%:VC/]W3T?KYW]S5\^D($_D0&>](4+ M_NQ0?^Y=GR&;G.LC'QS('MB['?EG_QL&/YS-?>31O>$;W=]'/?LQGOMC/V/K MG:ANO59?ZTM<_JIW\.]MHV=W,7_G??=7OA'7^"'7O4)(#:D M+O<>C'(&9QG->O/N/QB*(UE&%YJ8JY<"+!Q_EUR#[BOA-M_[/S`H'!*+QB.R MHU)5R7NA6#@[CS8X3&W-8TEIL)G=/K\+C"OG'I MC^^^&I^.(&"AX2%BHN(BHU*CT107V:156"6EY.4EQ%,-WH[(9]MGPYW;(VJJ M":D<)V%3*8?%28K2+)U#RVU)9T9N#"AMK2IQL?$Q_G*R\K+&4V68%Y:EY($F M=10K2F#<3'8L+S>S>&/V1/`P!?JKK[;K7W6[^?K at +_P[;#/ZZCQL?/WH/Q[Q MM at 5D]V!*JWX)A>61P2;4/5\2&2X<9_$BQD)8,$WK:*TC-F\%;84C*;(A"3P9 M5^HI1Z]=,(JW^+T,J.]*1(4T<3[D6:^GNS,I2^ZX:7`G.*3RA.;SES.GSW]0 M:QJ5^6V at 3J!1M;+LZG7EIFO0P&P,:R:7-X)K=)U,,_34U[A$7%IE1=6N+*PW MJXI:"E2=VZ!HU#+-VC==R7UP]ZA$#)-03'MOE!Z^BR'FO*IR-W/NK+'M2,:) MCX+N%:*QY]0P:O$%;;DR_NEO6P,;1CF[<-VZ![7B[;:X;>RUBA<[1JT[#U/< MDF+=;;L$N;M*GW?73+ MQ^_1/5_8M=_1I^/GUZ^>VV#SD2?=@/_]EIYFYBFXH`\<2?/@&&;]$-YT[377 M'WZ$1<8 at A_]1AQU[!,)6G'L#Z2,2A@*6R)^%YV2XG''>L2AB@#12:-J+!C:7 MH5$)=O at CD*Y$F`E9"`V9!29D;'?*<_9M^-HN-4+49)#FL9;>APU%)M2%4/;R MRHDH6J6B;"?)>%^.9NZ7%IF9W;@7<&WV&.>'7E9YYX+.<#'66`X>6061?`KT M_AV5X$E)(IQ*-54 at GME=^128D9JHJ'H"TFBC at 51YN4N6F3H)69IB`M0;C".^ MF:BH.A[*(ZK=->K91ZF5522M5!CI432YXEK&DK at 5NNBA&-+WY*<^OKH98)R6 M6J:DPV(I;$*@.C7M5,%)^P>QB([D8IB3/FNM6W-2JRRWXY*;+'S8KM,LIZUR M=:Q<2W2!D+SX?,%)-7L^LV^@I^6+I)&1R&M%)//.6[`6<@0,32<+%RRP>*;X M^JNVB@[898N4PML5N at 5AQNZ*RH+;\+52=2MR7@>:&UK%7)7[#LBN&OJ3NU?5 MW-/'Z4:Y;L?G>KLR;=]N[)6?M#QML,,$,6YYOP[3>R_3D`B>,;^9. M*ZPOZ9V;+CGFH.]I0]=>RZEWW6EC3':PCU^']D(YWZVXS%\[Z6-[WLX]_KW/'51 M;WC)`Q'P"*<]!49/@@QT_M8$,RB]ZR$P at 1A$'.Z4YSC_C:-JL3J&^>;GOCZ5 M[WPF7)_X6,`9$X.8Q2L"46Q;Y.(%D\A#9BC)45,K7?S(1Z2K%2UB MPWD2#8LH1J+LT(D%'&,/0U at WY!714OS[G2`ZR+81OFZ02+3A`Q/)MT[)\4Q2 M?&3Q-%B]+_KQ@%W\DB`-N<0[XK&3BRC+TK(&0SZ%CWZKH9)_["C&+,7B?CH< MFR>5044M?E&3DR1DG515J1O",G:JW)\J%5B1(%QK*:Q$#.YRI7+R3AA)1NU)!F4JE$!\JQ/H[4F#55,4LOUA)3[N1? MV'99SCH2,W;T7&0C%QFB/V[ME\VGH>Z'Y M5G>OM^PO1L1;I3G[.+->,C05Z\0D,P=*T(WN!A2#FQ'MW)8CDKKLH[8D%4N; MZ$_`A52C?B,H1V_83(1&4J$=_6E+GK$,BHFSD-\,VQV[9%&@%N.CSLOG3='Y M*#Y`LZC)F^E2+RI,[+&)GT?=ZB5W6M67RK208H7F\YBJ5J82-8Y9-:I,:_?6 MM3(BK/7$X@=7Z:'!C-655[TH,(5)3*YF5*M3"B$8_O,:Q5L"%';V7&8[1916 MNG+L52T4915"B;Y!!7:N\RPK4E5Z(<]2%A%VA:I!\L)K5 at UM/S];0+D^ MU[B`N"19CPEUV!QA?+>'2 MNG8X86=:N#3-5BVY\H.A>HW)R>J25DWV'"=H[1O4R+*WIC>=+2N5@\[#)O5X MX&RI%;,;X`LG>(\-5JQ\N;M8#)L3NV^CCH+)03Z$?>]S9QP?C*F&7+&8)7Q< M*RII(ZS0[\X3P8Y-\75?_G3>$$.VOCHNZ8XLS.'8*GE-6((BD3M,8?(^-;7M MY2U.Q375^4939(^A,I"AT$872A07\%`:FI?[)Q5B[:%L+N.-?_7:Q_X8O`@: M;77#+&8AOU>UW3WR<).\6P&[\;VPK0B4M2O<#5M9FCAT<)9=VV41_Y/2BO;8 M9(RLYR*,><:=9^.(T7F,27GCCJ?)GU?#HE,Z,WC0D M^`QI/R/2UJ'=E$A3BDA#IQ>"&1[H;8>>S0>IH:#>;-]H(+ZZ% MP,;_*A=^S`6P"U?(;:9!C,8E+H6EZ#R'5_]VV&J^H M`WS%N-R:DS&-5^W?D;_OE+&&Y5Q/KM0X4KSB]IZVM+E\:WT7B-_$\_>#BPU6 M!R>[BX/M\ZYY#O1[2[?.+4<"^$99<#]X&N/=#ODTG*[FITM,Y8Y+N=5;P_*C M3VB?C5XX+<%,\V#9W(XX%Z_./?SU:"]=V03',J^C'':'OQWNF93WO+F^G1=_ M)7[F!C5F2YGNC50]ZTG$NN%1EF.]=WV?;H_YHI?^:T`#^]^'/ON$X5A;WO:\ M at S^7],/E'GJ&DQ[A8%^VXA?/^+7Z/8;?)B4:8\\K_E at GWH&(KWW$[[EZ&3I^ MZ*>7/.6#C^PFHYWS^>9'HBD:[_?._/^OSC1]THMMY]WH/-]9$+77^KI#V MN&>RG-?R)KQ;'^G<0>WCF^E5Y7L9TNZ.J_O37N7TEU?^N7QF]*6??X4SV]+L M'Z+JE9\`[L&,64+E`,/W55CX2=CYR=L`/%5T67N$1_IK@%$X@?!$?>534EBUA\6D4"&I>$D8A&@;2G7T9 M%0[?':Y=3Y'@#]Z@&-(;JYW;N)592&SA\'2A&J;*&8;A'UI at 0`V#%"[BQ$E) M(A;6Y17;;<63\_V>[MF9$':5$QHA\DP,5?&4&3I@(U;KB67Q<9:T1N;WBJ4$=FDGT?8-E>)1;6G%'C-P80))J8)/Z9+M4: MWAECL-F:3R$8,FI9.0+ADS6C,R;<%T;C*?J8.3:(X&'6?67"?K79(#Y4TV%? M_D057F#)8W74(O+U8P`&9`?R423J%`A&6#"&(SMRX'@Q(J%L7DAZ'\;H([[Q MHX&!X?YEBS):Y`P4H*EY#N7T"]<,">H(BNRY&C>:CE@@%^KPI$D.(W@)(_BI MS$I6'TP.)3/:X3_*(;8Q(,I59#R^(U..H-WDXSTZ(MB at USZ*(DMN2U*J(STN MY:`@I,?!GC8R)%NB45JVI4+&I<4%7IP])#Y6B$3*(%R9I2Q"2CK>';14)29V MY%W6I=C9Y?I)01SZFLDA)B[>'!Y&'TV85`KB%B_QY7&AVZIYW-6HVT!JYO;1 MI=3!XD**)B-:X56*I7/-8@]F(F9"#CRFQ++X4FX9_AVAZ>`\UJ81]1\Y=>+Z M$:&Q)&-K/N(>UID5E>!T.>9KRH+LJ65"MI%,[N1G/F=T:J9UVEA?NJ8\DA\F M6MTB+B=X(D,N)@-1GM-5\A-R^E\/?HI[`:8GAB<<^!=G9J.2#%[[("2JS21I MNME:?IM04I1O;J=1<676?2=\'BB"#LU&BN=6)NA$7*?6_(L9D%SK">)\BEQ/ M at MM/XB:V<><9$JAW at J&#CBB)`LF"HA!5EBC5-95#85QG7MS1P*4KFM(YYF9W M8B"!S>*'JBB/]JBL$!]YYIF/EH??$4P:Y:0VN1A-9 at Z3&J9V&B7DY92.BNB0 M5JF59L2)&H.07NF=A&8K_KX9]CDID'KDW&7B%NXHEZ:IFC;5F*)H@*ZI16XI MB"Y?K[WC=Z4HG.:IGKI.(:TB+,2N8KOVZX/,3ZKF)UW*Y<7.:L%F;,1RG<)VJ136W6V: MWZ"J:YM^['+29S<2[#;.J,$*(L:^:&E"Z,N>ILK25:K1ZT[5&:-(V:;B::H8*Y;CV"=(2[4]MR-#V2GGF&G:1[,_Z0=9^ MTLE:+4SZ:HP>I(NZ*[BA;P-)B*ZBY:M*(JT]RG*`0KI(N[38ZI^#.;0WV:2'^*=`2G9GV MK:!J+BJ8(AN&;>56TW+Q5P%FIL!2Z(7*I;!2[*N5_FY'T:WGVBWH MS at 7I)H+H?F3ORBZHCFNG&>O&":_EVN/M"B3FUE43ZB;.VL[OUJG:(6^>%EST M6F_97NX'9:=MYAP9/6_)MMQ&!J_VGB_Z4A;M.J6-/J14U2&F\:;>".?,%0X" M9J^,C(H63F+=IJ\GS>^V1FZ&4BTV!>O3,B[EP*N2-Z?:VA!MP,XA+]/?!]OBVP:E_;%FSK MPBQ::BA_/BH+=U)BW&(Q,B96&=`"M6,H&EDI:ETDE=,H3B8=4A-ESEHJR:EX M&7$.9>0#Q^NN4*[K9JP"_M\L[&8Q%G]K#OL/'=UB,SX7_"Z:$'\E$2=E+F7E M!'HA^U)O/FWE4C5H!4HQ,%&Q_]+P%P^LVX*J;Q],KQ,EYPWJZ4#:X7'>N'5T+8B85EQ.CQ'O^QISW=I`HRU1'OX,UP(1NR M at NJ//Y**&8/><50A_4I>*_?L&Z\*#UMR!8\&2N9->E)PWH8QJZF/XQ+OQG(< M,3=PF2ES'S=G*JMRH^QP+?/'*Y_>I:1Q2C(QCZ&&+2LR&Z?=)=L/2FGR-4B?-JP()LM:6X;]P'L^4`S#\%A'-/=!^^0T,DO<48>+6^S-&?2Q>2R M_B*%C8^UV8YKW`O9JISI[>SBO=E0^%OK]M?QO<% M:C9X*[5NCZ1Q$[5O>S=PJJ9V6^!CGW=CS[9ZJR*E%CB/*K8/0N7?_E$["C1V MT_5_KUQ^]S8DFS20LO?R47>`Z^%>D[8AMW97C_(,H[(V4BW?(3AL,_*"0V]] M`_=D)4X-M_W5+PW9G\YC?]SCP/X75?> M1^//9`EXE5^V>BL M=`^XF!NZCR/Z5,>R/'DXJ at _Z'NO"5P]S<-Z;,[Z=8(IW!HM?R(Y#,=ST?RZ MIL=V9O^0-_-OK/&BJ!=ULE?+LI]ZL]?OF-L?O,,XBMW&9%]U'ZZY11\MADHN M_J\W,Q=_L;@?,KF#>9 at KYD@G9HD]>W"_-7^7,*,3.$B.<%'\Z8+.X.;8(TB608?>W9_=L6_>W&K^D6V^F37 M.WR[=,?ON([3>;B'M=J&?, at 7+WZE?)T?O-?JMY5#EQ_6D"S/?-`38XY+.]#; M-\[3^\VC.Y__/*%7/93KNCR_N:57.M/2M-(3Z]N7.[/G>1B.7(3*+W_EQ8[[+=_X'YBZ9 at WCU\OSD`[X&#['=K[TQ+W.MG_*2BYIG M=E_LDU"PN_V at 1_QW6W;\YF[=5_V[Z7O7\[.\;WW.AW^FKH?3D_[TK__USG[3 MW_BUXWY$5'ZL9__HP]^0W[+N.7SV1_O@$T!\3`-N_Y?@1#-6ZW`&RG\P%$>R M-$\T55>V=5]XD>^]W]@4+CB-!1%QH:CM#`I3H@*>0E,C9(I-*JE MDI#[OQ.]&&?'Q M27/(S&OV=O=W>,[9V%T[W5/6^E>UTGO\$7VI<,$J!2T/,V,(E9T!&*S at L(<& M%2D\F&\?OV8.^T6,U]'C1QB7+%$*-VED(Y%&'"4RJ<[E,I`Q90($4 MP_AK=J*5JYL:<^ID2&OC/VE$)RK=(VQA3Z,%9T7]IW2@"66Y[`D=FI1 at PA!# ML4&M6=9L.;39T(7K)LZMMDB1FHX#1_?(6;QY]>Y-=E'B4GI/P?H%%CCH4:1> M_K\*9NB59\:(8Q1C[#DU++$REAOBT7K**1O-BRM>_D6Z-%_4\+RMIK226Z62 ME5ZV3EW;]NW4OICZ`Q8\'B)@^JY7G8F%R[CLWV9'GX\>7;Y`R<-]/D^(N*ETH8>%.N MG@//M]$<"[`TQ4;[RZ<#JQHP.0)_8[`^[A;23C"L!*S0N^#F\U`0.DQR;[;V M6#LI1+@^5'%%%H.HSSG((EQ&-PX3.PR?Q[[CK[L*]U,N1APY at B@\Z9JCD"HW M(FR!QLYX[-'"(<=[4,H+86KQ2A[4T[(U$=$[1[9L_K`4=UDU7Z[3*6VP30C,:T*C;C5<[&X4*2E%V15=/^V(=UM$-Y]446GRC*@>2 M=.C*-%^``Q8XTG3/8A35_KI]$D!BY6TR4(B!5/)60^.=T%!WS M>H%MF(N!2\XP691-5GEEVI9;=KG=B>>#]V)"]V1TWH4I'CG1&NE]^6>@@Q9Z M:*(!EK%@H]DM>FFFFW;Z::BC+BMFEI66^FJLL]9Z:ZZ[MIG)EG_U>FRRRS;[ M;+0YS37LFM-V^VVXXY9[;G;`_OE:NO/6>V^^^_:;YIG_%GQPP at LW_'#$$U=\ M<<8;=_QQR".7?'+**[?\.235WYYYIMW_GGHHY=^ +>NJKM_[ZWPL``#L` ` end [ Section: 1/1 File: attstikr.gif Encoder: Wincode v1.4 ] - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From jonathan at memex.com Fri Sep 30 07:32:33 1994 From: jonathan at memex.com (Jonathan Adams) Date: Fri, 30 Sep 94 07:32:33 PDT Subject: PGP hole Message-ID: <199409301410.HAA12750@mailhost.memex.com> Alan Barret wrote to Cypherpunks: > > Yes, this was a deliberate design decision, most probably > > so the same code could be used to parse --- BEGIN PGP > > ENCRYPTED MESSAGE --- and --- BEGIN PGP SIGNATURE ---. However, > > this is a _huge_ security hole, as it allows the nearly-undetectable > > modification of PGP-signed messages. > > It's nowhere near undetectable. When you ask pgp to check the > signature, pgp writes the signed message to a file (or to stdout), > and that output does not include the {header/junk/extra stuff} > between the BEGIN line and the blank line. The problem is, if you are using an interface to PGP, most of the time they use PGP in batchmode to check the signature, and they don't let you see the output. This means people go "Check the signature", PGP says "Good signature found", and they think that it has never been modified. This is a security hole. Not everyone uses PGP to do everything from the command line. Plus, using lines with only a tab in them, it's possible to add seperated paragraphs and "normal-looking" text. > I don't like this bug/feature, but I don't see it as a serious > security problem for users who are aware of it. I do think it > could be a problem for users who are not aware of it, and who > incorrectly assume that the "good signature" message means that > the {header/junk/extra stuff} was part of the signed material. > > --apb (Alan Barrett) Here's an example: -----BEGIN PGP SIGNED MESSAGE----- Note that this paragraph was added *AFTER* this message was digitally signed. Note also that the line above this paragraph contains *1* tab. Using this, it's possible to add as much stuff to the beginning of a clearsigned message as you want, with it looking completely natural, and checking fine. This *IS* a security hole. This para was also added later. Test message My public key follows, after this signed message: -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLowcCDidu+MSuAG5AQFpgQP7B1K5uKAQBEdmAxuNGJAvl97GWYlU9miv HbBQbkPo5C6BsbaJvbzxplZE2YN98bWO2IhMOJdNfywaCuWnQFJGcRcZiGvDqyqc 0vQj0qhy37KPBp1CjrEf76neCjyOL4bWtz+BrF9tru8O7olGv61fGASpkpjL46Zg bFtb8UP0kV4= =D3M0 -----END PGP SIGNATURE----- -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCVAy5s+KsAAAEEAMp5v1Q/6kqmN3ZFejiBrK1rAgCH0jM/QUHXSbf2wkCCeE4g Slzp93pIhez6EJasdJFdp/QafO3nTKFjZ9ZZTClnPeMFjlATuJoA/gLsPuoRgRxv 2n9UWkw1eNg8cprfdK/C4oO53Sd4DxrctBHW1enVFMB4TeuLqzidu+MSuAG5AEYg AAAAAAAAAAO0J0pvbmF0aGFuIFcuIEFkYW1zIDxqb25hZGFtc0BuZXRjb20uY29t PokAdQMFEC5s+Qw2D9BFC0YeTQEBETAC/1+fw55S1hMBCv5vMOlGlbVSYcaf9QFz 6RnJG4hDXzVPii/PxZf9w5sXraZr39a/OW09sMPdszLlyPfR8zsihd4j4qCnLAjI v16XKU1ft85DEHjpwQFhWnYNCFSeGX5VU4kAlQMFEC5s+O84nbvjErgBuQEBXRYD /Ave3Uoc3GRfv/995Yz0RQDUmi4JRzo749dVtXBatODo1vr2209+fHVGu+IZtRx2 WCUKY9YSQr95XJuqxFsfBpdQ6pAyxov5kfecrE2uDrBqlQBCs4IAnMnZeE5FD1Cd d28qEO2sKAimqJjtcJNvYOr7aL2AFKjXqP1B+wD3Lnn+ =Cqf1 -----END PGP PUBLIC KEY BLOCK----- From adam at bwh.harvard.edu Fri Sep 30 08:21:46 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Fri, 30 Sep 94 08:21:46 PDT Subject: Bill of Rights In-Reply-To: Message-ID: <199409301517.LAA09805@spl.bwh.harvard.edu> | I'm enclosing a document put together by Frank Connolly at American | University that is the most carefully articulated document establishing | networking protocol I have come across. | | David Way | | ================ TEXT OF THE BILL FOLLOWS =============================== | | PREAMBLE | | In order to protect the rights and recognize the responsibilities of | individuals and institutions, we, the members of the | educational community, propose this Bill of Rights and | Responsibilities for the Electronic Community of Learners. | These principles are based on a recognition that the electronic | community is a complex subsystem of the educational | community founded on the values espoused by that community. The electronic community comes from many sources, including military and hacker communities. It can easily be argued that DARPA & hacker built bbses created the electronic community before the 'educational community' ever got involved. | ARTICLE I: INDIVIDUAL RIGHTS | | The original Bill of Rights explicitly recognized that all | individuals have certain fundamental rights as members of the | national community. In the same way, the citizens of the | electronic community of learners have fundamental rights that | empower them. | | Section 1. | A citizen's access to computing and information resources shall | not be denied or removed without just cause. What is just cause? Can I demand access to the CrayCo NSA machine? Thats a computing resource I'd be able to do useful & interesting medical research with. | Section 2. | The right to access includes the right to appropriate training and | tools required to effect access. Who pays for this right? A modem tax? | Section 3. | All citizens shall have the right to be informed about personal | information that is being and has been collected about them, and | have the right to review and correct that information,. Personal | information about a citizen shall not be used for other than the | expressed purpose of its collection without the explicit | permission of that citizen. | | Section 4. | The constitutional concept of freedom of speech applies to | citizens of electronic communities. What about non-citizens? Inteligent agents? | Section 5. | All citizens of the electronic community of learners have | ownership rights over their own intellectual works. So the workers who build & maintain this system have no rights, as they are not members of the 'community of learners?' Anyway, the document as a whole was far, far too interested in creating and maintaining the status quo through legalisms. I'm much more interested in allowing the network to generate and regulate itself the way that the net has been doing for the past while. I'd counterpropose the following ammendment to ensure this. "Congress shall make no law regulating or controlling the content or use of privately held means of communications, nor monopolizing or nationalizing a privatly constructed or owned communications system. This ammendment shall explicitly apply to the governments of each of the several states." Adam From pjm at gasco.com Fri Sep 30 09:48:03 1994 From: pjm at gasco.com (Patrick J. May) Date: Fri, 30 Sep 94 09:48:03 PDT Subject: OOPSLA meeting (was: Cypherpunks meetings in other cities) Message-ID: -----BEGIN PGP SIGNED MESSAGE----- While we're on this topic, is anyone else going to be in Portland, OR for OOPSLA '94 (October 23-26)? Send me email if you're interested in a key signing party or a chat over a beer or two. - ------------------------------------------------------------------------ A contract programmer is always intense. Patrick May pjm at gasco.com (public key available from servers) -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLoxBCxByYwhWPvz1AQFU0QP/c7GnvFukhpXLbBwLDzAzBev71T9Yw5sT gO0HXC8OEz/eK/KPLNe6Sz7YVPBN2n+uv4H9q8OPvrGBS1Z43Wi+RTZOX0/XCzpD xCsxR9FDYe7fRxf8wsHPJpiYbo6Y2a6fkWJrof1Cu/rjT0SgOQU3WrtZCsYw0Zy5 NSoOgIAkUzo= =vWBm -----END PGP SIGNATURE----- From paul at poboy.b17c.ingr.com Fri Sep 30 11:06:21 1994 From: paul at poboy.b17c.ingr.com (Paul Robichaux) Date: Fri, 30 Sep 94 11:06:21 PDT Subject: [job] Mac internals Programmer Message-ID: <199409301808.AA06732@poboy.b17c.ingr.com> >Path: b17news!news.ingr.com!uunet!news.delphi.com!peaktech >From: peaktech at delphi.com (Paul Stuker) >Newsgroups: misc.jobs.contract >Subject: Mac Internals Programmer >Date: 27 Sep 1994 12:22:26 GMT >Organization: Delphi Internet Services Corporation >Lines: 24 >Message-ID: <9409270821591.DLITE.peaktech at delphi.com> >NNTP-Posting-Host: bos1c.delphi.com >X-To: Paul Stuker Peak Technical Services, Inc. Peak provides a full spectrum of computer, business and engineering related technical services professionals to companies ranging from the Fortune 500 to small local clients. Peak offers professional positions that provide a combination of excelent career opportunity and highly competitive compensation and benefit packages. ************************************************************************ My client has an immediate opening for software developers to build Device Drivers for Macintosh System 7. Experience with Cryptography, Security and System Internals are a big plus. This is a contract position located in central Florida with a proposed duration of 3 months plus. ************************************************************************ Paul Stuker PEAKTECH at delphi.com Peak Technical Services, Inc. 841 or 412-825-3900 Fax 412-825-3339 -- Paul Robichaux, KD4JZG | Demand that your elected reps support the perobich at ingr.com | Constitution, the whole Constitution, and Not speaking for Intergraph. | nothing but the Constitution. ### http://www.intergraph.com ### From hayden at krypton.mankato.msus.edu Fri Sep 30 11:36:22 1994 From: hayden at krypton.mankato.msus.edu (Robert A. Hayden) Date: Fri, 30 Sep 94 11:36:22 PDT Subject: AT&T "You Will" Sticker in Postscript Message-ID: Here's a uuencoded/gzipped version of the sticker posted earlier, but this on is in Postscript for easy printing. Enjoy (it's about 20k). --- begin 600 attstikr.ps.gz M'XL("$!7C"X" V%T='-T:6MR+G!S .U]6Z\D.8[>.W]%^J$7-C#3$XI[M)^\ ML^N%'[QH>.?-,!9Q[3Z8ZCJ%.J=F>K#8_^Z0 at E0P%+I&9/7TVM- =9[,C!3% MCQ1%413US7_Z_E]^^]^FUV'^;?YM]OC'[__EO\L_X)MO_O[UR\?IY>,/?__Z M\W?Y_[]]?-WC__Q4__#_#_['U[&/ZX?_^'E_O/_TT?WQ?W\$WCW]X>?OTH?_+HW^,KQ]> M/S]>9!/?/AY_^''>_GZ\O#VF[:%Y>KQ\Q.=>/ZX__O[U[?UM_/SRZ?WQIY?Y MS_/GM\?ZU:?/+Q_?Y=_O/_;OC[O/7]Z/ MC?=OCQ\^]W]Y&_L/\[=K[WXW?%F6^?.C$OGC[7UM]8?'-"_KQW]YGQ_B\)%J M_5\_]>,?Y_='87SUTZ?/\]O;R^M'XT>2&/WF^,VGEY_G#V^/IF[YQ_"[?WCY M/(_OO__0O[U]KWX'_P:/QS?RW^.?UE;Z!WOBL37]K7[B^_YS_],LH?GNH3YX M/#[/T[?XYP^?Y_DCO1D^?)GI[P_SQQ_>?_SN\?'+3\.*QNORP.[]]/+QRXKX MQUE^]O[CBN4FF__\^NE]Y;;_\%^(]OCE\^=5Y,O+A_EQ@&K5G.G'^6=D\M/K M)_E/_H"!ECU^>%\_DIP^'K_;>O&OV(5" ?-X_+M^@)-2 at CJ36!N7C=):_&FM,_/M XBJP#2=\Z.TO;^_S3]/+^/[8 M%'8;8'_\^/KGCSM^KQ^^_/3Q[?'Y]<]OCU9]]+_5__>OLD>&GZB'/LX_K!_) M/]6G_T?]_]\>)UV57/$*/DC?WI9_W^PGFJ\;8,UUG*(KV4Y M+#9#1-L,SM1J,FZ8"JF+W[_-7Z97GRZR)V[HXDIU7AT#];+^?_W=.LMNHORI M__25YI& B'[WNBQOI!KK_FSK M$BF1#R^K[FV3[_OK'^>/2C"_0])D0/ !^AA?SIHEE0F_9,L.BQ\@'W3Y +^L MEWDR"/_1O$P; WXO$S4T;@&P*E*:'O_\^+O'7Q[OG_N/;Q]Z:<.^/7RQ.P/2 M>"KDB.>_4PQJ_9;TOGMDOS5Z(W[+^K,/!FVFY$_^UY>/F\7]QX_CZS3+B(&V M8JJ)?WYE'U$CJS+:A\X/;_V?YM0A]#.??MGG?S%'U<\,KJ]+16%_P10HZ=CI M*.TT2*4UK^1ZJP4F7+,=U;BT_//MQ]<_ M?Y+#A0^DPSC:@EI0M:M?TQ4 at BJ9YE%4+ C+((5/_P:+^@TPLRS/^_;_7T)AE M>6-KJ%[AZ[(557K ^">R3.3K]\7V?;^L[^M,-.,*O:BVAXIY_UO^$\7VD'KM MU]\OYH_Y;\'QXWQ]'=/]MMC:4Y<7ZX_["CV5O MU\_S3OX6$G\\;03S- at +LN=L_TPU(=E=IYHVKYQ!H8%A_V/L:H-^#HP&)F91: M'<9N^ST8#4C at YK6!*K8!^CW<;8!^3PV)[34O+S;4HM2R%*P1?+_^2%%7O1-;[]=G-UA:V2O #V3+ZVO6;PUF*\5<-C1L MG\L?B!H;'+#!:F,WGR2[:T.EY']]H.BW'B at 34B'_]::4RMC-&Q[ZO4 "BWR/ M0T3B5)3;JQP.:W?5J)8_5(!K++"'Y0Z%(ES SKLT"V) $&4#U=:@9EU^OB(G MALUBJL_%]IP:(IKW?GN5T"A** 3"B'HBA2-9%BA!]7Z6/5K8!]/ZP(0-MO;/ M,K]4A):S0:'%F#RR8=I2:UT4,)OL1(6L at -+(:5I#@SZ96(%6ESSO1H MPAXIA2P,/4&L-/BE ZL*U87LD4(]PQ]63#KR at 8XPP(&=[9]+]5"SC^S (R% M:M-HW6"YO5>@MOB:8X,GK(# 0OW)&5;#-L\)L?=4:K3&"FV89#T7U","D; J ML<%BFX(.X)M8*6$ 4ZR"_;!BTJFWZ5MK/#Y'G\NAHGJD,)F.+"C6IN-[W6## M"-4,HZ-B6;"2$T/)%#;?S(W$JD ,1\T4E6,D MM@[D-4I-?J"D43!L>@-D$QMJ4 T5V+%0+"XHA8(U(+"GV0:!G!1RP0B1-Z)Y M'=@/:VPP1XWND&#->M2:]LB&2<,4$J*[G[V'W3N4GJNM6#"P0-)M?N1% J2EC M3QB,F]\HP9?O#VI!8Z]E&!X&;D0/ M*D4M=F_%R6I+4I.>ZX *B1-C4>R>K>H9.5>FFO0<(U/,G$64FI5%=.+E1+J- M_ at 9[U.\LZ@?IAR:+]394=A9I]!(LXNH at P_='%@GLT=J$&(9U::@(4(_V'DV6%[P!YSECD'!5T>GP6BRS'U)=#(T MRQ(C[1.V#!N:OVI\W]A9U_Y31=.1 P-!J\D&&VC9+,(@V<#.V(/-/J-*+U9A M1#UD#>@&&\*,>E2S*;EC8NYB,22'O62O',0:/^<85 at 84-7HC!Q#%T>VEE:03 M0Q)N7K=*K&.OE<5HB-1#:K1D-L;=LQ5@;/[0TE&E'"WW"O(I02!9L4.+7 M6(*QH..&RUC@"39KG+"LF3/J!Y.Q7#$6-994.9_76->O*R;U*#N&F=,5$Q)&N?&JL*0= M#)L]NJ:8$ !36'K4; $H'<*OS9!&2#%KPR\Z890TREU8@@?,,44Q(764N[ $ M!YC)BHE+4:WJ-BE%*29%."N>W at LP,:, MPP$S,$';,5.1JMZ"V!L GX+R#%3#;8^_X at IFA,K4E at 75A3V MT0K&1K?&:MCVNOU8V>Q1:P]EY-[!#'&SQ0$K3-FS&[;J+E:P)U-XL2(W>7%A M!:9B7<4*T at S: 2NQ920< P at .%\^)5;6'\-5^OXZ,BDBLZFT-D at N;\;<.PE2L M(."%1& EMZK%'!E <&)%<>\&"*P+6!7;'OC98YO.#<5C!5<#!B96QJYH:&)T M8:5LMM[D;A(Q$KAY_NO#:,*EJ*!LGJ=AU.(0B<1()6%TOQA&=8(MUQ at US _Z MJV TX1[WU\?(9L.CQEJ)8KR#D9S7=.XGV:,$GLS%RRH'H$*,H?0+# MJPAAE3EV_"I(=:R"\IS;)A48Q9^.VA7,0.+ at G5&QD$(LRYB>S6( M66GZV;4[:J,QFUAF2Q6YJ'%BAF=*SIBYHL6/#%")!M4U+)X5<$,R, at 5K[$T_""FDZ[AZ%U)B25ZNSG*O$ M.'9MFA$35#KPU3)0!>9G.Q759B%]K%0.3*M?TD(>06694=:,2SH 3)GO&>I2HJ^$'-&#N( M4#RQGV.[/V4'!R^D*EY,BIY#\:HY!K,KLX at 5,[@[6&.2=)(,'J3/'H297()F M= A,;1WVSW)KHA0N9NOPECMS)XW1BAULX.5X]C//KF(&5P?IDT/UA[D_:89U M8 at 9VA3M@-IQ/;5PS;#GN80^6Y"];UEA>>Y+BZQC#9B2?7L,LPK#)O25=. at 0G MAS.&$ (QE,!$&/)#IY4-Q%@,8W(BHC"$NX.5G)W2&/S:> -NR,.$%> M^XX+U0G8U7S05G>]$O"[=(2=8G6T'8!C)P_LX)WSUJS8G4[4U1;%*XWT#DN] M$=V0S1O1!P=FMJ5C"Y6=$IDBSZV=L!NVJA_;\7Q@$?/.$XW1V1A&KE]C&[3F MN<=8[&J>H6D[B>DX$:7TKC82YFJPA.!=!RB]V($=/#J7[1JL!674%1RCD9_4 M10JT;=&F8F0V9,.H9#LU%1,2Y=9DC>60*=\FL[UO=O&[,9KWD^$NO3I at 5%#: MT,C.91='3 K3*Z%C0[/I_M IGP7#A0T[N][X#G2;0P8,EK @%?L^+JQA!Q- MR)I.HDAF"4^;312LFS:I:);,B at .3BR7D8,(".%3-P[434PB#I8F-@)'GC(98 MFBP!**P\L'$$ 9:H1$'A8 at EWY5O8=V2B62+I3EQ(X&&I->I'<)8&3!K40@(+ M2V;)"Q]+#=NHL^W34I&$ TL+$I at L>I>9RRS:P>N9G6*9!GEOLD0)B MK6!EC9RLL:)3ZGV_LTHLJK&)]9!V%DDA,PN+O5%ZI]Z-?MXP[$IBK3$JZ,^S at ZA4, MDV'7'U%8*GL=XMFY40:K9J5!"U:TC)Z?L:Y6 at S7KLMHH6M88[X>]DI=."J/Z M6J3 -7CTA*KH%>Y$.+W+I<^+%, M4H9[EKT)"1B8..JPJ:%0,HUG?O>0HW\D:@<&,Q9/K'8IZ6**M*Z;4+\&C&<+ M<5X!: SH3-9L0+#L]NFP%A&8W*ZVPUJ69EU:?$F!YH7\E%/?+T?62"&%>0I:H)=:\/*@BSVAX%"U ML<(:FH+V70?<@:F.K,ERJ=.";,Q8S!0K?M9ZF0%8[;3: BDR!*U>\5AP3M'/ M'E]S%G 9]RJ758,-2<"R_+C<5&7EV(C/R /)-N=*OM=5B$>L>SRBMLH/6VZ; M6WIZ53OK8F,^"X^%5(F,7 MV?"JY>,(D0^O8VH2OF?_5O7\U]W0.&YVR-I0B14[S1\-'7IE&%ZET5^A,W9J M:*BP'$'%:D..6$N\0Y^HQ9R1O3$8C 2NR])!,H,9]H#!:R>3WG_<03 0F&=>DH\ MF7(BT*+'3P1:*A<*D2Q at 5>$2]>G, 1 at LM'M!4BS?"RT>XC#C5&%+1\H! A,>X,; 1]&2"!;&$8U,_HF M1G3TY4 at A0 O$B!.JA:833982",@,:J1A0.%, $=H1'-14E8; T[[6BW83 0 at F+MFR4&- at M,W at G0F!0:O<'G"P1H8EAUV#\ M2%L^%TL4Q',2 at A"E6$(0HA1!:.!FQ,>2X4RX-;O%C=QI+[>_4XHE!!$LM?L6 MM&:I-0F!A1*O;M[%$5*:G0T^2HS0 at C%<*R'?H.WV37"-G9,0."BU>['R.$(0 MHA1+"/R45/@PWZOGNPG!-99T"I8F! %*#2N3[B7$!RWE/O0)+&E"D, 2$4+6 MCH3 at +DM\T'HIG0G)\&%>LV+E$]OQBV5)8\=ZN$T&X*"4LP=#A ;:[V]]E'86 M3X0&]KUWT*)FZYIB7D(0HA1'2-#]:U9*+NRLA&R#%B\%VBC%$@*#4KLKH),E M*R%(9,E)"!R49G1&8[!3*1"0P-*$^[-60A"B%$L(&*4:P4MBBC)((@(M"*H$8C&1V M6!LB< >C8GM>#% E!B%(L(;C+4HKX,8/3 M3P at LE 0FO,5B1^FPT2Q1LFG."-44H; X6B7NCJID!4R DU<\TTW5^N;J&J^> MEI^4<+S26K"+[64/*/_?V^,*;Q?R=]G>XP)9+7C^41IE%V%(I;Q?TW,#95$E@'RB["/O QB7HD;(/['P_TQ"F[ ,;EYAY$0DV)SQL M[Z^!;25L QOO8-%CJ>*4KX(=PS)=Y)9&V0=VM_G3>1E#V47X"MA6PK\(V$DL M<[!KU&PLKT\!\*\'-D5K#H0AE?(5L*V47813P;;%;!LR(^1X-U\#;"=E%^%G M at 6W=\C$ITTF[7Q[L*,H^/SN6+!;G9ZJ0K&1 M%&Q.#<-53%C#4SH$ MG_BKV-]OQ\XF2T\:([^-]V3:],FK1Z)GM 2C+(S#@L)X3H#9Q;6'54(/>SP( M/@444D[;AQX)Q_L,V!]V01/:,_[DY*"16OSP$SBTB/)?[UX^._V\BKR3'^![![9!X-_ MO"1)5!&].[R/,6P1PT1-V?5LL$4'F/+C@:9B9&SU>ZK,)E78V:+PO'?<.7L( M#E9R_WLE(,Y)"^QD2G$\X^=GQ>!DN3I!>JR&_N1/Z)&8[1Z<-&Q^C1:>F?;00[Q at 0IWIDUV5V?,+)NL([&GG MZ6%I&VNQUM#:<_ / =5U#"2HGA=;#R7(LC,%;GINFNWH^C0:CX:DXY_X\ M<@!;S2V$\9'L5;/!WMKKJF+LR2F[:"+9"UK(6.EXOXBQ O \I8J?I*VY-4 4"SFA%,\F A[O' M#4\533W@"'8 at 96$7U=P8JPX0\#Y,Y[1T#=P8/>*?>]?]*1H=:D@!BW76I-TI MERT;K!(V8&VXKE*;&L^:GTH4>;X_BS]&(3-7< '2%?$$@\JS at 4W1XG!@2W9S M85. L>[(+:(/+7 at RCA%7LLA)0+%(&PR3=- at QO:7$^C4%!L,5J[Y9=O"9DPX>IZJ(L)@I$Z05Y 9[NFR50%0=K7)=+I6U MV55/3WM?CY)<&(9A2ST#[)HLA[*Z?67#>E;MR=VVGA63;06)/I \O2(+N$A' M6+ V2;_CAC3' > MU4H:-?:PW"+%4C=5L7,L at BM!/?80+'KB&_W.J0LNSO6DX;B<*&H,^TAIR;![ MB95A!>F31X_$Y#+^6<(DS"T_H-"9 at +GA@/!19MQFW MPA:J+UPQ6$<(MO(-D^M#>575TL0,!4B MT'!^PSUVKR#9K#!@\J2T(8!#1?1'1Z*@,=698VPK"JN\$1W>JA*D9-T\N+/>/QE_A at -U M65:FK+ X-T5%Y])%#)X1/(@(^Z at JGK(7Z[Q7%UOU7%TW\Y;G?R7(8JLQ6 at P^ MC++[-LE:^52[+K%+BMRD*Z &E5E6!WD2MON'F&L3GC139?E6A"K/OL:$B&X6/ K99G!%E\2CNS.\75[HRC)TT>XQ> ,1SP M-CS5\+RQ>JKQ7]F>L_C9LN2%NH,ET*#<,79++8O-[3-G'8MFJUL$.KSRB_5H M0$N at UB.#N48!RTTF(KN0JY5HV.1>@+VW<.RNW"N2=]"HUW'O>CTXPOBQZ1[Q MPR304-[N)UJYTAZ '^6.#=A9H=FWJHVM9Q&35_M4]SAQ]T^S+K?%N.D8\)H4 MF63IE.+DBT2XTO"PI'-XFPRR:YN7F9D7F!)C^^6"=3$!\(SN$$/E) &5F;K9 M2%W 94JHI"5[9<&$2^ZTIA6!#-;0'MO!/[(YF$F#.669Y4U%OYNE$;7NO]R0 M9[3G5$%FQEN_2KRE"JM9CC/8!ZD*N(R&R)<8A;RSKO5N^22?BX#$K%X1DZ*7 M.BEF,"=9 #>8)]MOQU!5Q=#&;'-5+ at D0GB,.A;$++L-10]=M[ZVXR6/%K"85JC':W$ P/7 E%L\U-=PJVJ@:,SJNXQQ$,2&H=Z M9U?]$(\49;A\R/ (8Z8N%8!MJT*>))0?B)IMD->XAW0VN>JP0%PZK,B>M,'B MP$85>L'"Y0H2+%DL+P2T8Y)OVUTJ*M/C>\*D1XRPAI9Z;6FL]1M&^H$2[7>' MER>V1ZQ4PYB;+8U=+M#/5 at D1>)/P%ET&Y5_"4#0P)8E=HJ (&O#7NO!0 6"=1X=V;'M)@DA_$!^;VR#G0! MW at C[SJ8">L9T(+RKAZ)]&=9DR?"<2(9WLF3HG&948]SZ at W+OX;:%NJ56V?-N MX>)J*',,$75\H\'=T(8)8$(S81& [WC&H5Z,'X0<8,V;"KA 2Z:_=;K-1O1K0$%=Z8*_G. M>J8&)_X=[+-[:[,&F-G,<&#B[:\BVQ5.L=_BY_5^ '._7I44$LM:9Q/CGSYO MV;6RN'3G(V%H<-!."[M).6?7R)2[R*VL4Z' TUCCO-- at 1='K&Y9K@^6!72HM M*G89.5V].[!JC!6RU& DJ][K(>TLTE67T]VSQQ!8?A:Q^($/0*8:)*D"XV\U M3JP:/T"^%P;@N-\KKN_$;O"UV at KE:66M,# E#YV>@4/<1$H\X F1T9/'EF=X MQW.&-ID ION/73^* MT2'%F4W9G4V*'".L)7*08FY_U83UY^0>+Q;WU]07O&,\,X?126J\@9Q9 at B'B MO6:M8*:B,_*+7;-).^ZNAD([[L'( M:!'X@;='8HL$"VQ(".9QQ&AZ3U49; ;+U/3"6! 61[41 DQ5OZKIYEC+C?>N MGIXT'4Q5-U@@31]3[%$HR]>["PA7SH7&9D3E5TSOW;2AKV;\5?@&]]%$]K4T MNSN!TP6>APJPE?8[4[N47)RQ97B+NE5&JXDGU[)\T];KUF^D#O=2K,M M&D[N3S;O04VU*WJ<#:YJ.)S=E&L:3 at HYW]5PB!@"H^&(]HO>(+QU%EN4XW9QEUL^Y-/%'S(;%(=SBE]X?,-8\1? **2*__!\I/A5P*[W M68)G941=2= 5),D:7V?<(GA_IH\K7I- M4HAG1Z-_=DAJQ$V7P-C;4JYP](O\IJEUKM=PG7:0S'QGK$4GR\&>H2IJ)I$< M=T1I/[*F#3FTFB?!@"$9VR0YLR"Y2S #WC 0)QF?8"!L!07UQ"L08$<7Q?$ M'.VP*]Q,O#IF$11><$&3.5ZTN5 "!^P.7I"HR?/N?Q_Q at K,&=U4$/O.^,:X< MC $,ZBGZE+'MV &>@0^WV3'XT-:]59]@QV?"391Z\IQ?BRJE$EFZ0,<&.B8$ M/4$ZI>$0AG6"]$HC5A at 0.[I#P@"626"31K_;'S6X,Y=S>O,<9%II\(RY,CV^ MCDQB#:56N23E,R>G84,)*.5=?,^FJM<@"_C6'6&+''SC$6R-+@?&W2]30)E1Q-9H,D9I7%\%1-:@-WIVK3AXS1&UN/G'H4 MJS=38.%7Q=R\9-6WIU9C3$T\R?9RH;NU (O89\_L4;+RO-J]YQ>Y*KG#M MJ:'8U>ZH5;)P,1\B^6ZQ"(L at J,BTCCIT=R0(S_"QS0C[K8$+UPV^DN!\U68[ M PF01>;-.M;[6*9?C36][LH8>[BO M1M<J/1\MTGD1M MXP+8Z::,G4GGAY.$P;85+[ EMD?@E7_M8 at JR0,M)$@L[9]R at R]K]8I$'7 ^20_7M.-R=U>+[)&MX&UHT^!R MU?.8O>S[!^%I4[S%HJ7+7KQ4[XYFK.Y!Q=2"3TT"SGJADU &/KKQ\VZON:43 M=RH4OU4_:GR 5VQH?.H!(?V at T7WU$'SJ62W!,A"5>>#WL=9I,?B6RQ37+VG?5J?GI448ZN8 MU^:R0_4QW8/KF53H*;\2APSN^*7L&=W>%,]#YT7N7)L2?1+J=BD5L>?:4K4A M6L9G>)N>DJK2/P at H8(/5EPJ'H1LQ[[UFH?J,;L*9+=6%6NR9F;79AB+L8D_J M.E2H3H6\6DY9F>[,/V>:E(,7D"HFW,F8%A8]TCROA96'&W85_ at B)$OD/G"#]>RSEICOI5V!Y:Z=$ZE>T:(]?85 MSM'E,)Y1'S+U]L6X"P&O'(4U&XI7.JSB)5,^L:!@CCHG].;!&+$5354;&U?, MGU:$I9PQ+SCLP4S?E/.120UY&[YS_]K7NQ(L-CN#'4ZAHIVZ'M* USAR75'7 MS&+T3]UVQJ69I_3(,USR,I6U/#7#Y:LMUU.#+16"KY?KU9ZMJL%G-[_T/0-_ M_7ZJ @FZ99E8R"3H^OWBA4MH(JV!P#*P&G&OS8<5?EZ4MNGH=!U:EG"73^KJ M,7C+>>&OHZ$';,=J(>*ILD) >^VQ!E:I]R4MSR0T%E4GN#C66[3O;,!>QL M9/AA1U69!E9=3VQ^43Z[H !L! _?ME3/&"](%*/1&)W*H'JL)>'(;SQI+;A0 M6><@?G GF\Y02#J3;99T4+:F1=>/"M^9E[GU9DT6FS:'\FNM=6ORO0!@4M&R M0V#<=4ZVBNC)J2&11=ZV$&K(-M=7Z$B5J (+.NGE^?*;+>QS)2,JJOR5YXJ0 M]/QLD9!6'7TV*RG[,'E]YG B3G<89HZ4CV#-NH"]#M=%@EB%B^U1B**KX2*5 MM1"KT56KGG6_B%6JXFHDXJN64$TN[A):-64W$RN?EC)\NI]V+.]:@5^T\FE4 M[#8U&3[J$HY;+!H-*?\($PB:V=B6IOUKC"?I>]@ZTQF]%;6!2"6,NJ,N3SBV MX/P>KL:+4 at -1T9(#AZ0*]LHDE6- K\+HLHK at ++Z(5O(P20G6>4&'+&WGP3EL M( +<*/#A0FS-)7XEM?RZU$:]\$LQ_+;/*Q,CWZZ?B%V*QF"1^?P!R*YOJ5ZZ M5_2R&3$Y CYA^O4BQ&,]LG5LR7ADBTC^W*AKX4UX94RE?BV4E)NQ!O MR-1R7KBD9TJM]$M/)YS2L&F)".#(C_&QS=-0I_A1%NGM9S[U"#64IP2B7(/2 M56_&]7 S!'<:(:Z$%-X@]>91FR[1BMB=K3OW7598HW\I1 M%$V0;1XRI2$A@$L*Z[^G[:^%L&F87ND3=09+Y6+WK=O>HT=Z\V3:*>C4F(K] ML,3-X1:?/1"$(\5NM&!%$=#1:)Q*A2V4Q-P;U4ZHF$1E; 17=G:WW4# ;"AY M>7V]=5\](&\/+,Z]Z_#9O<%C]* ML8XU*]!)B\0=X\/M9[S$C'-%R0IRJ;%#ARA*1TIZNQ'F^3;;H0(X MCQNEF'11*[OM3)]*F(ZG#U2(M4NY84"DAEB?DI\=XV1%IU8](XGJ4[_:(]MH$779W58\$ MO\A-/5@;M=8&(__OI#=,;6K4(WTZC.L-71)HTYOH]+/4H.^M at .:MY--;=XI' M^Y>.'BE]*6WZXE(7L.B+Q?'49T9RXQ2+OO at .//K!;F$T)TS*:]_5 ]WCK'UF M/N17N0PXN3C'LPHI73H)99N6R(D0W;ZGK_3#O&RS,]3"-"<#./2#W_[F4H]R MOW!Q5TCTE_5Q&--\C*$(( 26YK'GV$_34>7X0?ZLAD0L:[$_+)GX,YOXT8FP MBI]7\)YBQ,^\D&OBK[+S#9VFUSK$C/ZK]?R>OK^65"0HRL^^6_">-T2KGE/. M_\36'-PWR)B:Z />47H2LA*^681=#WJZ"+?+CM>L#&#H2?*H#RV.8QI*JJ13 M?8T>>?TH""<,M&; Q3RVGQM+T6S)K'?T^=3BU)!I1JQ'S;1/_/VW-QPF[FW,J7:[.#HO[PH-B?(_*Y3"G<7 MQ0%[I/2G#]BA4WF'6_I#Z at .>@HE1^D/J Q'ZXRAZK_1G_JLMCD-2_ ^P.*Z. MP90D/5*-=\_0(W,^*QQ'AKZ*'N%\)K)GI%;=.M_O3)>-G=FV@"+H27IC6E^X*K>F&H#:?9'X#ZVOB"H,FUV%>?%JAVMVH8E!,#D%]UY ML818,$-80 at 28"Q-S[ZAAQR_ at XON-8@KX1$9%HJU&% _4\1O?4G3J<"?4>$>G MP()#YZCN9=BBP\5N&:[7IB5FO6%1#0T)I&-"%R8=(8&;XTQ# O&8B#(F_^AV M#21XAG7TY1_%3 "G]+. Z\*3"DWUV*M7 9-*=V>H #O$?6O:!H_)2%&+_!GG MLB^E>E[*8TM*VHE)AS5SM;A:Z(0FLR0/N\@]32W 8RY&MF41M* 09RX4-ZU/ M+< R+5=75@%PT^L7"8,VKL&KMWCZS,A1+PRU&(Y7IAW48B;7+W46H?*/SYQ% MM!^9I\XBP7S(J)/.SYA%@ID;=Q)TG0TY*/IF$2K0=9A%!-V%<4D=GNUH[?H0 MKPZ4G*L"H"+E!(LWQ at V6G:Q+6V/@*;I57>U1'G8:=+4]!GI>\QSVRZ,^'C&JGSQTO(=+I1U MNGQ6-*JG=.JP28S3:K&3U ,GH:QBM\8'KHY^&O59RNB?4DWM4];]?]6%'S_+ MWD M%(@4MV#A(.L at AZOB-J4-5\5M2AN8N)? Z4+?>?>K3= -#5HEI3HQ/]LI MI:@PA\]"5KA7LAR_/]SH=;"0II1R1\,S.]O?XLF?U3>:VU MC2AO-E22)\7+ MU=6&KA8'[)C[,P*3U&@Y=H>+F,,-7]9Q!^<3&-[Q5F?'RQ46HZ'3)6UH7JT2 MM=VRI^XY=HKTP at F6J-WA.W=GV YX]]U^I>S)0NJC+AEJ<*1E%%%C3>+4.'*/ MZ2J#B;8X\/($7;J + at BB,Q$=$P2^SOW7"-99]XX2LWP5\)35<;J!R04\74Q2 M>=;]44-#XE*P"A\,>$5P at MT!51>SN8 WC1H!/\6>\8N>EFY6]52 J_M;(+-? M9)<,.!AGT#UA5%&Z@&8^I+HA#TLVJRH+>&C0JN%D:I:[F77!>+8OTIX?3+<0YQ2+H\D4SI at GA,L9H= [0E4K$#C3U2E]DUV .ZC*Q%%7"8DJ6^4B7& M%YS*>4,I42RV9AE:E@!V6&57QN17(\ <\ D_=VDVO^E43X9=()'P( !@HI[Q M%4_+:P%0MDKG$(#2=,#ZZ[&FX\I^OP)TS.QW1=5L+UO=U$0QMBA &9["\$XZ M\ !JB]9P2=*EP+DLQD37[_5T_9FQ0^RPU(;R#*8UZL=QL.*G+%)2IG9A"\F3WR8$/70 <4QSX4/4= M)X=*]JS">Q"*?4=44!TM/5W/[A[P?SF6XE&'X NC$K/28KQ'55;(XYA139;C]VM# P[2MK#<(( W"BD:*,73]Q.>SC"_N/;/T5#O* F>W-#3>G2K 8H;$#^.:;/WSN7S[,G^'_ ECQ_:U8F0$ end ____ Robert A. Hayden <=> hayden at krypton.mankato.msus.edu \ /__ -=-=-=-=- <=> -=-=-=-=- \/ / Finger for Geek Code Info <=> I do not necessarily speak for the \/ Finger for PGP Public Key <=> City of Mankato or anyone else -=-=-=-=-=-=-=- (GEEK CODE 2.1) GJ/CM d- H-- s-:++>s-:+ g+ p? au+ a- w++ v* C++(++++) UL++++$ P+>++ L++$ 3- E---- N+++ K+++ W M+ V-- -po+(---)>$ Y++ t+ 5+++ j R+++$ G- tv+ b+ D+ B--- e+>++(*) u** h* f r-->+++ !n y++** From macorp!moonlight!ken at uu4.psi.com Fri Sep 30 11:46:50 1994 From: macorp!moonlight!ken at uu4.psi.com (Ken Landaiche) Date: Fri, 30 Sep 94 11:46:50 PDT Subject: Mandatory Email verification Message-ID: <9409301808.AA04195@moonlight.noname> I've been vaguely following the thread, which seems to be attempting to close a loophole in port 25. Assuming you succeeded, wouldn't a clever demon hacker simply find another way to forge messages? I have seen that any system a human can devise, another human can eventually break. This leads me to believe that eventually we will have to begin acting on our honor, and provide severe consequences for dishonorable behavior. I haven't finished working out what "honor" means in this social context. Ken From mccoy at io.com Fri Sep 30 12:43:37 1994 From: mccoy at io.com (Jim McCoy) Date: Fri, 30 Sep 94 12:43:37 PDT Subject: Mandatory Email verification In-Reply-To: <9409301808.AA04195@moonlight.noname> Message-ID: <199409301943.OAA18710@pentagon.io.com> Ken Landaiche: > > I've been vaguely following the thread, which seems to be attempting to > close a loophole in port 25. Assuming you succeeded, wouldn't a clever > demon hacker simply find another way to forge messages? Probably. The only thing this would do is make forging a mail message a non-trivial operation. It in no way makes forging an email message impossible, it just makes it a little bit harder than telneting to the smtp port. > This > leads me to believe that eventually we will have to begin acting on our > honor, and provide severe consequences for dishonorable behavior. Like what? When identity is "weak" then honor has no meaning... jim From LAURENN%smtpgate at earth.wri.org Fri Sep 30 13:12:00 1994 From: LAURENN%smtpgate at earth.wri.org (LAURENN%smtpgate at earth.wri.org) Date: Fri, 30 Sep 94 13:12:00 PDT Subject: Cypherpunks meetings in other cities (S Message-ID: <9409301619.aa00008@earth.wri.org> Greetings... Adam and I would love to join y'all in New York on October 8, but we'll be in Boulder, Colorado celebrating my 25th birthday. Anyone up for lunch at Old Chicago's on Pearl Street mall on Saturday, October 8? If memory serves, they have a great view and more beers to sample than most any other location in the Mid-West. -- LaurenN at wri.org P.S. Adam will still be reachable at adam at bwh.harvard.edu, but I'll be receiving mail at lnowlin at igc.apc.org from Oct.6-11. I won't be able rlogin to laurenn at wri.org. From gnu Fri Sep 30 13:24:25 1994 From: gnu (gnu) Date: Fri, 30 Sep 94 13:24:25 PDT Subject: RC4 In-Reply-To: Message-ID: <9409302023.AA21690@toad.com> > SECRET FORMULA POSTED TO INTERNET > The RSA encryption software RC4 owned by RSA Data Security, Inc., has been > anonymously and illegally posted to electronic bulletin boards on the > Internet, perhaps compromising the software's long-term effectiveness. (New > York Times 9/17/94 p.17) There was nothing obviously illegal about the posting, as far as I can tell from the outside. In private conversations over the years with Jim Bidzos, President of RSA Data Security, he told me that RC4 was held as a trade secret by RSA. When I pressed him about why, rather than patenting it and revealing the algorithm to the public, he said it was a "business decision". Revelation or publication of a trade secret is not illegal; trade secrets are protected by contracts, not laws. At worst, RSA has the right to sue somebody who signed a contract with RSA, if such a company disclosed RSA's source code. But it's more likely that the revelation was done by someone who never had a contract with RSA, by reverse-engineering from widely available object code. In that case, RSA is unlikely to have a legal leg to stand on. U.S. case law on reverse-engineering is spotty but tends to support the right to examine copyrighted software in order to glean uncopyrightable information (such as algorithms or interface definitions) from it. And there's no evidence that the reverse- engineering even happened under U.S. law; most countries are more permissive. Since RC4 was deliberately marketed as an "exportable" encryption algorithm, there are plenty of copies in countries all over the world. RSA would know whether the posted code's indentation style, block structure, variable names, and lack of comments matched their own source code, indicating that a source-code nondisclosure contract may have been violated. But they aren't saying, which probably means it didn't match. The lawyer-letter that RSA sent to the net was mere bluster, similar to other threatening letters that RSA has sent over the years. The revelation of RC4 could help, or hurt, its long-term effectiveness. RSA has always claimed that RC4 was secure if sufficiently long keys are used, and its inventor, Ron Rivest, is well known for building good ciphers. Revelation may actually encourage the use of the algorithm, if public scrutiny reveals its true strength. This could bring not only further fame to Ron Rivest, but also fortune to RSA, which owns a fast, copyrighted implementation of RC4, and has plenty of experience at selling cryptography to businesses. RSA is not used to operating like an ordinary software publisher, forced to actually compete with potential competitors rather than clubbing them with lawsuits. But it will have to learn that trick soon anyway. Its main patent will expire over the next decade, it never had international rights anyway, and it's squabbling with Cylink, its ex-partner in monopoly control of U.S. public key crypto. I think the company has a potential to leverage the customer base and cash flow from its patent into a strong competitive position in an open market. John Gilmore From nobody at jpunix.com Fri Sep 30 14:10:15 1994 From: nobody at jpunix.com (Anonymous) Date: Fri, 30 Sep 94 14:10:15 PDT Subject: Bill of Rights In-Reply-To: Message-ID: <199409302109.QAA11746@jpunix.com> > I'm enclosing a document put together by Frank Connolly at American > University that is the most carefully articulated document establishing > networking protocol I have come across. ... > The original Bill of Rights explicitly recognized that all > individuals have certain fundamental rights as members of > the national community. In the same way, the citizens of the > electronic community of learners have fundamental rights that > empower them. > > Section 1. > A citizen's access to computing and information resources shall > not be denied or removed without just cause. The government shall provide for the construction of the Information Super-Highway at taxpayer expense. > Section 2. > The right to access includes the right to appropriate training and > tools required to effect access. The government shall provide free computers to the public, and for related training and educational programs, and for the creation, support, and maintenance of a beauracracy to support the above, all at taxpayer expense. > Section 3. > All citizens shall have the right to be informed about personal > information that is being and has been collected about them, and > have the right to review and correct that information,. Personal > information about a citizen shall not be used for other than the > expressed purpose of its collection without the explicit > permission of that citizen. Privacy shall be violated to protect privacy. > Section 4. > The constitutional concept of freedom of speech applies to > citizens of electronic communities. Void where prohibited, taxed, licensed, or export controlled. > Section 5. > All citizens of the electronic community of learners have > ownership rights over their own intellectual works. The SPA shall have the right to perform searches and seizures of private property, without permission, when such action is necessary to further the War on Software Piracy. > > ARTICLE II: INDIVIDUAL RESPONSIBILITIES > I refuse to waste my time reading the rest of this socialist garbage... From adam at bwh.harvard.edu Fri Sep 30 15:44:51 1994 From: adam at bwh.harvard.edu (Adam Shostack) Date: Fri, 30 Sep 94 15:44:51 PDT Subject: Electronic Revolution and Guerilla Warfare? Message-ID: <199409302244.SAA27768@freud.bwh.harvard.edu> David K. Merriman wrote: | > national identity medium (card, wristband, etc) in place and mandatory. | > travel, currency, and information transfer restrictions (ie, no more "How | to build a Backpack Nuke" or "How to hack the Tax Gestapo central | computers" books :-) Under these conditions, all that can be done is sustain heavy casualties while waging guerrilla warfare. Hope that truth, justice & the american way will prevail, but don't expect to live to see it happen. If the government really is monitoring everything, using van eck etc, fighting is very difficult. The US army has learned to bring massive force on a relatively precise point. The US army is not good at dealing with small bands of highly mobile snipers, guerrillas, etc. Witness Bosnia, where we won't even venture, v. Iraq. The Iraqis had a large tank force, were fighting in the open, and got their butts kicked. The Bosnians make good use of cover, use small, 'easily' transportable weapons (topping out at 120mm mortars, which are barely carryable by one person in good shape. 80 is better). Most of the Northeast would be good terrain, as would the Rockies. The midwest, which is where the facists in Gov't are probably from, is too flat & open for unconventional warfare. | What problems would those willing to fight such government oppression be | likely to face? How to deal with those problems? How to organize and | exchange personnel/information? How to not get caught? How to avoid | detection? What means/methods of, um, dissonance against such a government | would be more/less effective? Under what various permutations of | electronic/physical bushwhacking would the process be successful or not? | Duration? Other than the obvious crypto/cyber/military disciplines, what | other professions or specialized knowledge would be useful under what | conditions? What blatantly obvious thing(s) have I left out? Exchange of information would have to be limited; read up on direction finding hardware. You would want small groups working to disrupt & demoralize those who are being oppressive. You would want to use HFREF guns, EMPT bombs, cable cutting, jamming, and lots of other EW that most people know very little about. Check out Winn Schwartau's Information Warfare for a primer. The main skill you have left out is oration/propaganda. Its the Patrick Henrys and Sam Adams who made the revolution happen. Without them, Washington wouldn't have had volunteers for his army. Note that this is a tough area to work in today. There are so many people trying skillfully to manipulate opinion that its tough to come across well. Cypherpunks write memes! Adam From merriman at metronet.com Fri Sep 30 16:31:30 1994 From: merriman at metronet.com (David K. Merriman) Date: Fri, 30 Sep 94 16:31:30 PDT Subject: Electronic Revolution and Guerilla Warfare? Message-ID: <199409302330.AA12249@metronet.com> > Under these conditions, all that can be done is sustain heavy >casualties while waging guerrilla warfare. Hope that truth, justice & >the american way will prevail, but don't expect to live to see it >happen. If the government really is monitoring everything, using van >eck etc, fighting is very difficult. The US army has learned to bring >massive force on a relatively precise point. The US army is not good >at dealing with small bands of highly mobile snipers, guerrillas, etc. >Witness Bosnia, where we won't even venture, v. Iraq. The Iraqis had >a large tank force, were fighting in the open, and got their butts >kicked. > > The Bosnians make good use of cover, use small, 'easily' >transportable weapons (topping out at 120mm mortars, which are barely >carryable by one person in good shape. 80 is better). Most of the >Northeast would be good terrain, as would the Rockies. The midwest, >which is where the facists in Gov't are probably from, is too flat & >open for unconventional warfare. > You're right about the mountainous areas being fairly easy to guerrilla from; ditto the *major* urban areas due to their population densities. We've got borders that couldn't be effectively closed - and held that way - without an expenditure that would surely break any government over the long run. Relatively minor urban areas (say, under half-million population) would be fairly easily monitored and controlled. >| What problems would those willing to fight such government oppression be >| likely to face? How to deal with those problems? How to organize and >| exchange personnel/information? How to not get caught? How to avoid >| detection? What means/methods of, um, dissonance against such a government >| would be more/less effective? Under what various permutations of >| electronic/physical bushwhacking would the process be successful or not? >| Duration? Other than the obvious crypto/cyber/military disciplines, what >| other professions or specialized knowledge would be useful under what >| conditions? What blatantly obvious thing(s) have I left out? > > Exchange of information would have to be limited; read up on >direction finding hardware. You would want small groups working to >disrupt & demoralize those who are being oppressive. > > You would want to use HFREF guns, EMPT bombs, cable cutting, >jamming, and lots of other EW that most people know very little about. >Check out Winn Schwartau's Information Warfare for a primer. > Communications would be a pure bitch without some kind of web-of-trust similar to PGP's. Ditto personnel or other underground transfers. The first few years of the movement would see incredible caualties, either by way of death or captures, until the participants learned that it was "for-real". Acts of violence and sabotage would be sparse at first, because that kind of knowledge isn't particularly needed or wanted these days. In a large country, and as large as such a government would have to be, simple physical sabotage and destruction wouldn't cut it. There would *have* to be people working on the command/control/communications side, logistics, etc, as well: getting some phreak to go in an turn the local Baby Bell substation's circuit into a pretzel, for example; or hacking an order for supplies so as to leave out something important, but not *critical*, so as to irritate/demoralize. As many miles of train track as we have in this country, and considering how much of our food and raw materials still travel by rail, it wouldn't be terribly difficult to randomly de-spike some of the rail and wait for a train to catch it wrong - particularly on a curve. Killing of low- and mid-level government officials (the upper level ones would have some degree of security/protection) would become a new "sport" - one has to wonder how many folks would be willing to be tax collectors if the survival rate for them was, say, 6 months. If the military got dragged in to helping the government (almost a necessity) it wouldn't take long before Billy Bob from Lubbock caught on that the same kind of harm he was causing Mrs. O'leary in Chicago was probably happening to *his* momma by someone from Seattle. > The main skill you have left out is oration/propaganda. Its >the Patrick Henrys and Sam Adams who made the revolution happen. >Without them, Washington wouldn't have had volunteers for his army. >Note that this is a tough area to work in today. There are so many >people trying skillfully to manipulate opinion that its tough to come >across well. > As noted, propaganda/PR would become *very* important - I doubt such a government could maintain any kind of pretense that things weren't going wrong for them. Key though, would have to be honesty on the part of the revolutionists - they wouldn't be likely to win friends and influence enemies if they lied as badly, and often, as such a government would have to. Other skills/occupations that I've thought of that would help would be things like engineers (who would know better how to take down a bridge than a civil engineer?), burglar alarm folks (obvious reasons), and so on - in short, the kinds of folks that have to deal with abstract concepts in a creative way. Most valuable of all would be the folks that had as much diverse theoretical knowledge as possible, with practical experience to temper it. Someone with military experience and knowledge of computer systems, crypto, electricity/electronics, mechanical/civil engineering, chemistry (at least, "practical" kind, like home-brew ordnance), military tactics and strategy, logistics, communications, planning and organization, medicine (say, knowing how much Jimson weed juice to add to a 5-gallon coffee urn to make a guard force bonkers), and of course, a healthy dose of suspicion/paranoia. Someone with all these attributes, plus a taste for action/adventure/war/crime stories and a good memory for their details, would likely be worth his/her weight in C-4. Dave Merriman - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From joshua at dee.retix.com Fri Sep 30 17:01:35 1994 From: joshua at dee.retix.com (joshua geller) Date: Fri, 30 Sep 94 17:01:35 PDT Subject: Electronic Revolution and Guerilla Warfare? In-Reply-To: <199409302244.SAA27768@freud.bwh.harvard.edu> Message-ID: <199410010002.RAA04860@sleepy.retix.com> > The Bosnians make good use of cover, use small, 'easily' > transportable weapons (topping out at 120mm mortars, which are barely > carryable by one person in good shape. 80 is better). have you ever seen a 120mm mortar up close? I worked with 4.2" mortars in the army, and it took a squad to carry one around. josh From tcmay at netcom.com Fri Sep 30 19:59:01 1994 From: tcmay at netcom.com (Timothy C. May) Date: Fri, 30 Sep 94 19:59:01 PDT Subject: The NII Witch's Cauldron Message-ID: <199410010240.TAA09110@netcom10.netcom.com> This messages makes some good points about scary provisions being discussed for the "NII" National Information Infrastructure. I had not see the language included about "Developing electronic cash systems that would maintain the privacy of individuals from merchants and banks, but would allow law enforcement to trace the flow of the electronic cash, given proper court orders." Mix this in with Digital Telephony, Software Key Escrow (GAK), the deals being cut with the telecom suppliers, the weird goings on between RSADSI and Cylink, the surge in talk about national ID cards (immigration, jobs, Cuba, etc.), and you get a strange brew indeed. --Tim Newsgroups: comp.org.cpsr.talk,comp.org.eff.talk,misc.legal.computing From: mkj at world.std.com Subject: Check out IITF.DOC.GOV Message-ID: Organization: The World Public Access UNIX, Brookline, MA Date: Fri, 30 Sep 1994 20:26:37 GMT Everybody knows that Al Gore is hot on this "National Information Infrastructure" thing. What many people may not fully appreciate -- or at least, what I'm just discovering myself -- is the sheer enormity of the disaster going on as we speak, under the banner of the "Information Infrastructure Task Force" (IITF). If you haven't already done so, I highly recommend an enlightening browse on the iitf.doc.gov site (ftp & gopher at standard ports, http at port 70). ^^^^^^^^^^^^ (NOTE: Individuals in fragile health should always consult a physician before exposing themselves to detailed information about their government's activities. Have you ever felt like an ant in the path of a steamroller? YOU WILL ...) Although I've barely scratched the surface, I've already run across a number of items which might be of interest to folks here. The DOE, for instance, reports that they are working on "Developing electronic cash systems that would maintain the privacy of individuals from merchants and banks, but would allow law enforcement to trace the flow of the electronic cash, given proper court orders." Other spectacularly dubious achievements include the report of the Privacy Working Group, which never once acknowledges any individual right to privacy, and in fact devotes most of their report to various ways to increase the "willingness" of the public to divulge personal data; and the draft report of the Intellectual Property Working Group, which with a straight face characterizes most current Internet activity as illegal, and then goes on to outlaw the rest of it, while blandly noting that the public will require "education" in these matters. Also, of course, there are any number of hints of NII projects involving various intelligence agencies. Enjoy. --- mkj From roy at sendai.cybrspc.mn.org Fri Sep 30 20:01:47 1994 From: roy at sendai.cybrspc.mn.org (Roy M. Silvernail) Date: Fri, 30 Sep 94 20:01:47 PDT Subject: US Should Forbid Export of Digital Wiretap Technology (fwd) In-Reply-To: Message-ID: <940930.193922.2e6.rusnews.w165w@sendai.cybrspc.mn.org> -----BEGIN PGP SIGNED MESSAGE----- comp.society.privacy yields the following from crawford at scipp.ucsc.edu (Mike Crawford). I _think_ it's black humor, but the moderator of c.s.p seems to have accepted it at face value. The United States Congress is considering bills to require telephone equipment manufacturers to make their equipment easy to wiretap. While the Digital Telephony bills (H.R 4922 and S. 2375) may concern to Americans who worry that the government will overstep its legal authority to tap phone calls, it presents a truly horrifying prospect to the citizens of many other countries. Many countries, perhaps most countries, make no pretense of guaranteeing their citizens due process. In such countries, equipment that met the standards required by this bill would be a powerful weapon of political repression. Further, even democratic governments may use such equipment to spy on the offices of American companies doing business in their countries. I suggest that the bill be amended, so that in the event that it does pass, to require strict export controls over equipment that is "wiretap ready". At the very least, wiretap-ready equipment should be controlled as rigorously as the export of military weapons. I assert that the controls should be tighter - we should only allow export to countries that have legal protections that are at least as rigorous as required in the US, and also that really enforce such laws. Further, we should require evidence of long-term stability to avoid the possibility that a democratic government will be overthrown by a totalitarian regime that will then use our technology to evil ends. Wiretap ready equipment could even destabilize democratic governments, if the governments are unable to prevent political opponents or insurgents from covertly using the wiretapping system. Such export rules should be closely monitored by Congress. History shows that the administrative branch often bends the rules to favor foreign policy convenience over human rights. For example, the Reagan and Bush administrations routinely refused political asylum to citizens of El Salvador, even when such refugees had credible reason to fear murder at the hands of the death squads. A possible solution would be for Congress to authorize export to particular countries for only a year or two at a time. Each year the relevant committee could take testimony from the State department, business groups, and international human rights organizations, and pass a bill to allow export to the qualifying countries. Consider that high-tech wiretaps are in some ways more dangerous than bullets or bombs. Once a bomb has exploded, it is not dangerous anymore. A national phone system with built-in monitoring system would last for many years, even outlasting the governments and corporations that originally installed them. If America really stands for liberty, we will take great care before unleashing this weapon on the world. If you agree with me, call or fax your Senators and Representatives. Suggest they introduce this amendment. I also suggest that special attention be paid to such people as Nancy Pelosi (D-CA), who leads Congress in the effort to hold the People's Republic of China, and other legislators with an interest in the human rights climate in other countries. A list of Senate fax and phone numbers follows, copied from a previous post made by EPIC. [I have placed that list in the CPD Archives, it has been posted here once already. MODERATOR] - -- Mike Crawford crawford at scipp.ucsc.edu - -- Roy M. Silvernail -- roy at sendai.cybrspc.mn.org "I'm a family man, model citizen." -- Warren Zevon -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBLoywfRvikii9febJAQFUhgP/f7bXMRHZFiePSw7GSMTZrS33es3Mhi4P KWlIHrrDdwKfkGRb6oPau95g8zugUGB2g1VP1yVQKU1Kl9Hm7H0RJQ8/b5Vz6rwq XlAN1sB9tBwRHgW0vHNvup3I0jD5CEQ0/NUPecHs1XPraFKbf9C/3hacDODqdIOi TXwP3pSMsUI= =V0UF -----END PGP SIGNATURE----- From bogus at no.return.address Fri Sep 30 21:35:32 1994 From: bogus at no.return.address (Underdog) Date: Fri, 30 Sep 94 21:35:32 PDT Subject: Technical Remailer Analysis. Message-ID: <199410010435.AAA10221@ducie.cs.umass.edu> -----BEGIN PGP SIGNED MESSAGE----- Yow, I have been trying to send this for a week! BTW, yes I am using the bug to add this note. From: Louis Cypher (Elswhere) In this message I will analyze message reordering in remailers, and traffic analysis in remailer webs. Remailers which immediately resend incoming messages provide no security against an attacker who is able to watch all traffic to and from the remailer. Two proposals have been suggested to solve this problem, latency and reordering. In recent discussions, the consensus was that message reordering was superior to (and the actual intent of) latency. Reordering is not sufficient, a form of latency is required to make it effective. In this analysis, I assume that the reordering is accomplished by keeping a group of n messages at the remailer, and sending a random one whenever a new message comes. This is superior to simply waiting for n messages to arrive, then sending them all at once (I will show this later). The attack on the reordering remailer is simple. The attacker sends a stream of marked messages through the remailer. After the waiting messages have been flushed out, any incoming real message will be flushed out of the remailer before more arrive, allowing it to be uniquely identified coming and going. The defense against this is to only check the group and send excess messages after a time delay. This delay should be the typical time for n real messages to arrive. A mixing of approximately n messages is ensured by this process. If there is no attack, then the mixing is not quite as good as keeping a group of 2n messages. Here is the math on the reordering schemes: 1) Wait for n messages, then mix and send them all. The message is known to be one of those 10 (duh). 2) Keep a group of n messages. Send one of the n+1 when a new one arrives. The message could be any message ever sent after arrival. That is not useful. How many messages does it take before we are 90% sure that the message has been sent? prob that the message has not been sent after x messages is (n/n+1)^x Prob that it has been sent = 1 - (n/n+1)^x Messages till 90% prob: x=ln(.1)/ln(n/n+1) For n=10, x=24, which is much better then 10 for scheme 1. 3) Accumulate b messages, then send a of them (Scheme 2 is a=1, b=n) x = ln(.1)/(ln(a) - ln(b)) This gives the largest x for a=1. In my example of how to defend against the flood attack, a=n, b=2n x = 33 This is misleading, because it will introduce twice the delay as scheme 2. Given the same delay, a=n/2, b=n, one finds that x=16.6 That is better than batching, but not as good as scheme 2. The smaller x is worth it, because a reordering of at least some minimum number of messages is ensured. Some writer proposed changing n randomly to protect against this attack. Obviously that would not work. The attack will consist of many many more than n messages. The second issue for consideration is: Given a web of perfect remailers, how easy is it to identify corespondents? Tim has been asking this one for a while. I assume that there is sufficient traffic through all remailers that any message entering the web could be any message leaving the web. This can be achieved, even with light traffic, by sending fake messages through the web to bit buckets. While they do not improve the security of the web as a whole, they help ensure that no tracking of messages within the web is possible, forcing it to be treated as a black box. I assume that no correspondents are remailers themselves, and that all communications are random (random times with random people). This assumtion that all communications are uniformly distributed is terrible but.... This analysis only applies to indistinguishable messages. Each standard packet size can be thought of as having its own black box (a good argument for message splitting and having only one packet size). To simplify the problem, I am going to treat the web as though it were clock driven. Some number of messages enter and leave the web each "tick" with no messages staying in the web between ticks. This is a reasonable approximation, with the "tick" being the mean time of passage through the web. Define "f" as the fraction of remailer using population sending a message in a given tick. This is also the probability that any individual will send a message in a given tick. The probability of a given pair of corespondents in a given tick is f^2 The probability of a pair of corespondents occurring m times in n ticks is m p= 1 - Sum [(f^2)^i (1 - f^2)^(n-i) n! / (i! (n-i)!)] i=0 Lets put some numbers in there. If people send 1 message per day on average, and one tick is 30 min., then f=1/48. If you watch the web for a month you will see 1440 ticks. If the chance probability of your sending m messages to your co-conspirator is too small then you have been nabbed. The condition for that is: p << (1/population) The results for m=0 to 12 (using the above numbers) are: m = 0 p = 4.64811E-1 m = 1 p = 1.30173E-1 m = 2 p = 2.56257E-2 m = 3 p = 3.86587E-3 m = 4 p = 4.71498E-4 m = 5 p = 4.81967E-5 m = 6 p = 4.23687E-6 m = 7 p = 3.26538E-7 m = 8 p = 2.23961E-8 m = 9 p = 1.38336E-9 m = 10 p = 7.77044E-11 m = 11 p = 4.00273E-12 m = 12 p = 1.91774E-13 So, for a remailer using population of 10,000 you had better send less than 5 messages per month to your accomplice. This only gets worse the longer you keep it up. You can not send 4 per month, month after month. So, that is enough typing for one night. I hope this will staunch the RC4 legality debate for a few seconds. Summoned from Elsewhere: Louis Cypher Here is my key: - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6 mQCcAy52rloAAAEEAK2NyOHpG+yHmhbhu1wFmH7JpDUEs2q6VtYBoiQHhrbr/Duj cva9huWHP8OFWGWIRYQXGVNdYQTENqZ84C6uTtMZad2THzU6OWCKhC6GUTnzea9c kNKWj/BFI9n1461r7/y03nyZkoRT91QscQ+9vKNfDFqNy/I5W6yHUAO76TvRAICA AAAAAAAAAAAAAAAAAAADtBhMb3VpcyBDeXBoZXIgPEVsc2V3aGVyZT6JAJUDBRAu dq6UrIdQA7vpO9EBAf4YBACDO08fVgfsIU25rweXiNFUDZlj/ShOok6NPfXp7v4A w1AOzG+abIWd6w3Hl/bwLzN/7d3VwEj4MlPrsr3mVPWc2UhrV/KZ729Kyrlui1Xw 1nzWorHUGTfNtlmPcbSQkojKFpid5EcHJgtOI/fEnSQcvkux5IBtBWB1VoWGrj8l +w== =c18C - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: 2.6 iQCVAwUBLopED6yHUAO76TvRAQHotwQAlkXA9esn+OjVM1hrl5qcWL+MpfNEtmn6 dn5Y8vKmyu/CJUddI+8UHmeMFAQrKczIRAetJHfN3+Vz+NARqafskpmAUDJAdCZ3 ON6G45ERrecgb6MvbFSwzKa5+80ksysVVa3Ql74Vi0cYf4x04OUblpVBPLPKgaUP GyD3E0EOWY0= =BGnr -----END PGP SIGNATURE----- From merriman at metronet.com Fri Sep 30 22:23:18 1994 From: merriman at metronet.com (David K. Merriman) Date: Fri, 30 Sep 94 22:23:18 PDT Subject: Friendly, neighborhood NSA... Message-ID: <199410010522.AA01650@metronet.com> iiti.doc.gov /pub/newitems/ii_inventory/app_projs/library ================================================== IITF APPLICATIONS PROJECT INVENTORY APPLICATION AREA: Adv. Network Tech. Education Libraries STATUS: PILOT DESCRIPTIVE DATA: PROJECT: Digital Librarian LEAD AGENCY/ORGANIZATION: NSA CONTACT NAME: Norma Davila PHONE #: 301/688-7353 LEVEL OF EFFORT: START DATE: ongoing COMPLETION DATE: DESCRIPTION OF PROJECT: The "Digital Librarian" links together the libraries where information of any type (books, texts, pictures, audio, video, multi-media, etc.) is stored to the librarians who assist the users in navigating through these storehouses of knowledge. This project brings these ideas to the desktop by allowing a user to gain access to any number of information sources, independent of the originating development of the sources. The information sources can be anything from databases to online reference materials to online training materials. The user interacts with these sources through one common interface. In addition, this project enhances textual material searches by providing a hypertext link capability for a user to navigate a document in a more meaningful way. Instead of just paging through a document one page at a time, the system can bring the user to the place in the document where the information is located. In the future, natural language and artificial intelligence techniques will be exercised to increase user efficiency in searching through the library storehouses of knowledge. KEY PRIVATE SECTOR ACTORS: ORGANIZATION NAME: CONTACT: TELEPHONE #: ==================================================================== Out of the kindness of it's heart, the NSA is going to build us all a nice, new, improved WWW! Isn't that just *too* kind of them? I wonder why I have this feeling I'd better not turn my back on them..... - - - - - - - - - - - - - - - - - - - - - - - - - - Finger merriman at metronet.com for PGP/RIPEM public keys and fingerprints. Unencrypted Email may be ignored without notice to sender. PGP preferred. Remember: It is not enough to _obey_ Big Brother; you must also learn to *love* Big Brother. From warrior at infinet.com Fri Sep 30 22:59:21 1994 From: warrior at infinet.com (David M. Harvey I) Date: Fri, 30 Sep 94 22:59:21 PDT Subject: Remailer Traffice Analysis Message-ID: Why not do what the government does, in addition to coding messages, they split one message over different frequencies in a certain order. So you not only have to have the ability to decode the message, but you must have all the parts in the right order to get the intelligence of the message. Instead of frequencies use different remailers. Apply this to remailers, develope a program like premail 2.0 to not only get the keys for the month, this part may be accessed by a password, then have the program to split the message into enough parts that no meaningful intelligence is obtained from one part, encrypt the parts, and sent them out using reordering and latency. Example: type a message, xsplit the message, encrypt the various parts of the message, use a password to access the secret remailer to get the remailer keys, then send the encrypted message out in the order obtained from the remailer keys best remailers in order. The recepient would get the parts of the message over 24 hours, and would have to get the remailer keys order from the secret remailer by password, reorganize the parts in order, add them together and decrypt the public key or one time pad message. Being a remailer yourself would provide additional security thru obscurity. Reordering and latency would apply as well. Stealth might be overkill, but who would question a vacation portfolio? Dave ___ **************************************************************************** |No Guts, No Glory, No Honor, No Victory, Pillage, Plunder, and Take Heads!| **************************************************************************** | Dave M. Harvey PGP 2.61 Public Key available. | | PO Box 151311 Finger warrior at infinet.com.us | | Columbus, OH 43215-8311 dharvey at freenet.columbus.oh.us | =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-== From TJHARDIN at delphi.com Fri Sep 30 23:09:33 1994 From: TJHARDIN at delphi.com (TJHARDIN at delphi.com) Date: Fri, 30 Sep 94 23:09:33 PDT Subject: AT&T YOU WILL Bumper sticker in EPS Message-ID: <01HHQT7OMQAA8X8FL7@delphi.com> Hey C'punks! Dave's At&T bumper stickers are great. I have slightly modified the design by making the "Death Star" logo larger & in the original color for those with color capability. (Should work fine in B&W also) I have also redone the type in Post Script 1 vector format. My slightly reworked bumper sticker artwork is available in 2 vector formats that I just uploaded to cypherpunks. ATTEPS.UUE 8k is an EPS file that is zipped & uuencoded. ATTPDF.UUE 13.7k is in the new Adobe Acrobat format, also zipped & uue'd. If you need them by E-mail, I'll be glad to comply. I can probably convert to most grafix formats & can send zips, zoos, gz's, &tars either UUE or PGP ascii armour. Enjoy & help get this Meme into circulation tjh -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.1 mQCNAy5tm24AAAEEAMTqBpL8rXHa085jxPocmGyE4Yw/osA5ivNivgHsNEtdTdAR qxGo3R8ExzvaL5t2wdqJNknp7G9VJSvjRqTdxduyXNtnI+iVT1qxTmnb52MKI4zT iWn9dK2P/paunhd9JMrLQ7lDQlRNpfYbixXXw5fm9DBG9hYFiS9p7753ypzRAAUR tCdULiBKLiBIYXJkaW4gMi42MSA8dGpoYXJkaW5AZGVscGhpLmNvbT4= =5/S1 -----END PGP PUBLIC KEY BLOCK-----